New Certified Integrations Support Alert Ingestion, Enrichment and Autonomous Containment and Remediation Actions
Syncurity, a market leader in Security Orchestration, Automation and Response (SOAR), and SentinelOne, the autonomous endpoint protection company, announced a strategic partnership and technology integration of the SentinelOne autonomous endpoint protection console with the Syncurity IR-Flow SOAR Platform. The joint solution will enable customers to accelerate alert triage and automatically orchestrate response to threats across all endpoints.
Syncurity and SentinelOne enable customers to accelerate alert triage and automatically orchestrate response to threats across all endpoints.
SentinelOne is the only next-gen solution that autonomously defends every endpoint against any type of attack, at all stages in the threat lifecycle. Through this integration, customers will be able to ingest threat and incident data directly from SentinelOne into the IR-Flow SOAR Platform to identify and triage suspicious activity. Importantly, they can combine this data with data from other IT and security solutions to provide security analysts with more accurate identification and risk assessment of advanced attacks.
In addition, the Syncurity IR-Flow SOAR Platform can quarantine and remediate any compromised endpoints using the SentinelOne API. The IR-Flow patent-pending Triage Scoring Engine, dynamically assesses risk as information from different IT and security tools are evaluated via automated API actions. The Syncurity IR-Flow Platform identifies high-risk alerts, and validates automatically or through guided analyst interactions which situations should be escalated to a security incident, and then orchestrates actions needed to contain and remediate across the enterprise. These actions include changing user passwords, sending email verifications, restarting and scanning hosts, getting device and/or user information, and enabling or disabling two-factor authentication. They can also generate and list reports, list processes, get files and list applications on a host. The actions can be automated or directed through ticketing system integrations, such as the recently announced ServiceNow app.
“Strategic partnerships of this nature represent the future of the security market – combining autonomous endpoint protection with powerful SIEM capabilities to speed incident response, while helping customers contextualize how they’re mitigating risk,” said Daniel Bernard, VP Business & Corporate Development, SentinelOne. “This integration will enable customers to see the true story of what’s happening across their network and endpoints, while knowing that they’re fully protected against today’s most devastating threats.”
“The integration of SentinelOne and the Syncurity IR-Flow SOAR Platform pair’s two surging leaders in their respective markets to enable our joint customers to more quickly identify, assess and take action against ever-changing cyber risks,” said John Jolly, CEO, Syncurity. “The combination of the orchestration and automation along with IR-Flow’s robust case management means customers can more effectively measure and optimize their security stack.”