Autonomous AI Endpoint Security Platform

Cybersecurity that prevents threats at faster speed, greater scale, and higher accuracy than humanly possible

Award Winning Security

gartner icon


  • A Leader in the 2021 Magic Quadrant for Endpoint Protection Platforms
  • Highest Ranked in all Critical Capabilities Report Use Cases


  • No missed detections. 100% visibility
  • Most Analytic Detections 2 yrs running
  • Zero Delays. Zero Config Changes.
peer insights


  • 4.9/5 Rating for Endpoint Protection Platforms and Endpoint Detection and Response Solutions
  • 96% Recommend SentinelOne


Stand Out from the Crowd

Drive risk reduction and efficiency with SentinelOne. Are you ready?

Flexible Architecture
Flexible Architecture
Multi-tenant hierarchy offers customizable sites and groupings for easy enterprise global management. Deploy from the cloud or even on-prem.
Full MDR Capabilities
Full MDR Capabilities
Response + Remediation + Threat Hunting across install base. Average time to remediation is less than 18 minutes.
One Platform
One Platform
No context switches or multiple dashboards in response minimizes delays. One platform and one workflow for EPP, EDR, firewall, device control, kill, quarantine, isolation, app inventory, integrations, and network visibility and control.
Distributed Intelligence
Distributed Intelligence
Pushing AI to the compute edge - device and cloud - enriches the data used to make autonomous decisions minimizing dwell time.
Patented Storyline™ provides analysts proactive real time actionable correlation and context. Response actions are granular, encompassing on-device remediation so endpoints are perpetually clean and operational. Full MITRE integration. 365+ days data retention available.
More Automation
More Automation
AI delivered at machine speed augments human experience. Automated responses reduce workload and minimize time to contain threats.
Always-On Autonomy
Always-On Autonomy
Detection without bandwidth or network dependencies on the endpoint and without prior knowledge of threat reduces dwell time before detection.
Immediate Resolution
Immediate Resolution
The fastest understanding and action with ActiveEDR. 1-Click remediation and rollback utilizing pre-constructed Storyline technology. EDR mark as a threat. This is real-time on-device remediation.


Windows XP,7,8,8.1,10
Mac OSX 10.9.x, 10.10.x, 10.11x, macOS 10.12x macOS 10.13(High Sierra)
CentOS 6.5,7.0,7.2
Red Hat Enterprise Linux 6.5,7.0,7.2
Ubuntu 12.04,14.04,16.04,16.10
OpenSUSE 42.2


Windows Server 2003, 2008, 2008 R2,
2012, 2012 R2, 2016
CentOS 6.5, 7.0, 7.2
Red Hat Enterprise Linux 6.5, 7.0, 7.2
Ubuntu 12.04, 14.04, 16.04, 16.10
SUSE Linux Enterprise Server 12SP1
Oracle Linux 6.5-6.9, 7.0+
Amazon Linux(AMI) 2016.09+, 2017.03+


Citrix XenApp, XenDesktop
Microsoft Hyper-V
Oracle VirtualBox
VMware vSphere
VMware Workstation
VMware Fusion
VMware Horizon

Singularity Platform EDR Packages

Cloud-Native NGAV

Endpoint security bedrock for organizations that want to replace legacy AV or NGAV with an effective EPP that is easy to deploy and manage.

The Suite Features You Need

Made for organizations seeking the best-of-breed cybersecurity with additional suite features.

Consolidating Vital Security Functions

Designed for organizations seeking single-agent enterprise-grade prevention, detection, response and hunting across endpoint, cloud, and IoT coupled with critical automations.

One Agent for Consolidation Efforts

  • Singularity Complete includes full featured enterprise-grade EDR.
  • Complete includes NGAV and behavioral AI to stop known and unknown threats.
  • Complete includes suite features like network control, USB device control, and Bluetooth device control.
  • Complete includes Rogue identification and can be instrumented for full network attack surface protection with Ranger IoT.

Storyline Automates Visibility

  • Storyline creates context in real time at the source: Windows, Mac, Linux, and Kubenetes cloud-native workloads.
  • Storyline enables efficient hypothesis testing leading to fast RCA conclusions.
  • Process re-linking across PID trees and across reboots preserves precious context.
  • S1QL query language enables intuitive searches and hypothesis-based hunting.

ActiveEDR Automates Response

  • ActiveEDR responses are part of the same code base as prevention mechanisms.
  • Resolve threats with 1-Click and without scripting on one, several, or all devices across the entire estate.
  • Mark benign findings as threats for the same real-time automatic, 1-Click remediation.
  • Automated Storyline Active Response (STAR) watchlists keep a constant watch for noteworthy and customizable situations needing a deeper look.
  • Single API with 350+ functions provides a basis for further automation.

Hunter's Toolkit

  • High performance, industry leading historical EDR data retention. 14 to 365 days visibility.
  • Deep Visibility Storyline pivot and hunt by MITRE ATT&CK® technique.
  • Customizable network isolation
  • Secure Remote Shell (full Windows Powershell. Standard Mac & Linux bash).
  • Manual and auto file fetch of malicious and benign files for Windows, Mac, Linux. Optional sandbox integrations for additional dynamic analysis.

NGAV & Behavioral AI Prevention

  • Protects against ransomware, known and unknown malware, trojans, hacking tools, memory exploits, script misuse, bad macros, and living off the land attacks.
  • On-agent Storyline™ tracking builds actionable context in real time.
  • On-agent static AI replaces signatures and predicts malicious files.
  • On-agent Behavioral AI identifies and stops fileless attacks happening within Storylines in real time.
  • Autonomous operation. No cloud reliance for always-on protection.

1-Click Remediation & Recovery

  • Automates threat resolution to reduce administrative workload. Fully automatic; no complicated scripting.
  • Gets users working again fast. Eliminates tedious re-imaging.
  • Autonomous and automatic threat responses trigger protective actions in real-time.
  • Patented 1-Click remediation reverses unauthorized changes.
  • Patented 1-Click rollback for Windows restores any data affected by an attack.

Incident Forensics & Reporting

  • Easy-to-use incident data quickly orients analysts about what happened, when it happened, and who was affected. All information is stored for 365 days.
  • Automatic interpretation is created using industry standard MITRE ATT&CK tactics and techniques mapping and AI indicators for malware prediction.
  • Team workflows including custom annotations, verdict assignment, incident status, incident timelines and attack exploration.
  • Customizable data driven dashboards and built-in reporting standard.
  • Available integrations with Tableau® and Microsoft PowerBI®.

Deep OS & Interoperability Support

  • Singularity agents provide support for the major desktop and server OSes.
  • Resource efficient agents support physical systems, VDI, and cloud service providers.
  • Support for 17 years of Windows releases including EOL versions, macOS’ new “kextless” security model, and 10 major Linux distributions.
  • Anti-tamper mechanisms to prevent agent security interruptions.
  • Powerful, pinpoint agent interoperability controls to ensure maximum security with system stability.