SentinelOne has achieved unprecedented actionable threat coverage in SE Labs Breach Response testing.
- No attack could progress far enough to the point at which the testers could start hacking through the targets
- Zero false positive results
SentinelOne was tested against a range of hacking attacks designed to compromise systems and penetrate target networks, including its ability to:
- Detect highly targeted attacks
- Protect against the actions of highly targeted attacks
- Provide remediation to damage and other risks posed by the threats
- Handle legitimate applications and other objects
The report summarises: "SentinelOne performed admirably, providing complete detection and protection coverage against all attacks, while allowing all legitimate applications to operate. This is an exceptional result in a challenging test"
In all cases, SentinelOne prevented the attacks from moving beyond the earliest stages of the attack chain.
Simon Edwards, CEO, SE Labs, commented:
"No test is more revealing in how vendor solutions respond to the sophistication of attacks seen in the wild today ... The fact that we were not able to find a single hole in SentinelOne is an incredible testament to the breadth of coverage and efficacy of its Extended Detection and Response (XDR) platform."
The product detected and protected fully against all of the threats
SentinelOne was assessed at handling each logical stage of an attack:
In conclusion, this SE Labs test exposed SentinelOne to a diverse set of exploits, file-less attacks and malware attachments, comprising the widest range of threats in any currently available public test.
Unprecedented results show future performance potential
All of these attack types have been witnessed in recent real-world attacks but for this test, new files were used. This demonstrates that SentinelOne's results are indiciative of potential future performance, rather than just a compliance check that the product can detect old attacks.
SentinelOne detected and protected fully against all of the threats. In every case the threats were unable to move beyond the earliest stages of the attach chain, meaning that as soon as the target systems were exposed to the threats, the attacks were detected immediately and blocked.
"... not one attack could progress far enough to the point at which the testers could start hacking through the targets. Sometimes products are overly aggressive and detect everything, including threats and legitimate objects. In this test SentinelOne generated no such false positive results, which is as hoped. SentinelOne wins a AAA award for its excellent performance."