Merging IT and Security Operations Workflows for Advanced Investigations and Response Across Every Enterprise Device
SentinelOne, an autonomous cybersecurity platform company, today announced SentinelOne Remote Script Orchestration (RSO), enabling enterprises to remotely automate custom responses. This new functionality allows both IT and security teams to quickly install, update, or remove software across the enterprise. With Singularity RSO, IT operations teams can simplify response actions and unify policy configuration management at scale. Designed and built in close partnership with some of the world’s leading incident response providers, RSO delivers on SentinelOne’s commitment to a holistic approach to cybersecurity, arming security analysts with the power of technology — to do more at machine speed.
Legacy tools and point products still require people to manually execute commands on each machine across the network individually. The sheer amount of data, devices, and workloads in today’s enterprise environments makes IT and security operations simply too big, too vast, and too fast for humans alone to burden. SentinelOne RSO enables security and IT teams to remotely execute customisable remediation and response actions on the entire estate, across every operating system, enabling rapid containment.
“Enterprise security teams often struggle to triage and remediate incidents at scale,” said Dave Wagner, Senior Vice President in Kroll’s Cyber Risk practice. “We are excited about the capabilities SentinelOne Remote Script Orchestration brings to the table. It readily integrates with our proprietary IR tools to help eliminate time-consuming efforts to collect and consolidate forensics data and rapidly contain attacks, enabling us to minimise adversary impact.”
SentinelOne RSO empowers enterprises to send scripts to one machine, a few hundred machines, or even millions of machines, to respond to present and future cyberattacks at machine speed. Security teams can send custom scripts or select from a large library of pre-built scripts created by SentinelOne to perform a wide range of tasks — ranging from incident response to forensic artifact collection and even IT administration. In combination with SentinelOne’s Storyline Active Response (STAR), analysts benefit from automated workflows that take incident response to the next level.
“Working closely with our customers and incident response partners has provided us with a unique opportunity to revolutionise how security teams succeed. Analysts are often juggling multiple tools and an overwhelming number of tasks, and we are positioned to solve this problem,” said Yonni Shelmerdine, Vice President of XDR Products and Strategy, SentinelOne. “We help our customers and partners deliver IT and cybersecurity responses faster and more efficiently. With RSO, we limit the need for manual, time-intensive tasks and legacy tools, empowering security analysts to uplevel their approach to incident response and forensic collection with speed, scale and simplicity — a step forward for the XDR era.”
SentinelOne RSO is the only remote orchestration solution on the market that, in the same platform as an industry-leading EPP, EDR, and XDR supports macOS, Windows, and Linux environments.