The Singularity Cloud Workload Protection solution improves cloud protection, providing more thorough defense and better visibility across all cloud environments
SentinelOne, provider of a cybersecurity platform with autonomous response capabilities, presented a new integration with AWS Security Hub. Available through SentinelOne's Singularity Marketplace, the new solution filters highly accurate threat intelligence provided by SentinelOne agents running on Amazon Web Services (AWS). This allows companies to effectively defend cloud workloads with centralized information from SentinelOne, AWS services and other security appliances.
“Specializing in compliance management and auto-remediation on AWS, 6pillars recognizes the need to extend security across the cloud,” said Lorenzo Modesto, CEO of 6pillars.io. “As part of our end-to-end anti-ransomware automation strategy, we use Singularity XDR and SentinelOne for AWS Security Hub to centralize visibility and protection of endpoints and workloads in AWS.”
To defend against modern threats, an effective cloud security solution must include runtime protection, detection and response capabilities. SentinelOne's Singularity Cloud Workload Protection includes enterprise-grade protection, Endpoint Detection and Response, and Application Control capabilities to protect cloud applications wherever they are used. Additionally, SentinelOne Linux Sentinel and Windows Server Sentinel provide runtime security for virtual machines (VMs), while Kubernetes Sentinel provides runtime security for managed and self-managed Kubernetes clusters. SentinelOne agents have full visibility into the security of any cloud workload, regardless of the security level adopted.
The SentinelOne integration for AWS Security Hub provides accurate and reliable cyber threat intelligence through SentinelOne agents running on AWS workloads and transmits it to the AWS Security Hub. AWS Security Hub aggregates, organizes, and categorizes security alerts, allowing teams to prioritize and respond effectively to any ongoing threat. The system retrieves results, including metadata, from the SentinelOne console and sends them to the AWS Security Hub, enabling incident investigation directly from AWS Security Hub. SentinelOne incidents are standardized in AWS Security Finding Format (ASFF), eliminating the need to convert or analyze data.
“SentinelOne provides total transparency into everything that happens in an organization's network, at machine speed,” he said David Baldwin, Director of Product Management di SentinelOne. “With this joint solution, we bring our powerful cloud capabilities to AWS Security Hub users and enable organizations to protect their cloud assets using standard tools, responding to threats in a way that best fits their workflows.”
Additional benefits offered by the joint solution include:
- Improved advanced defense features: Joint customers can combine industry-leading protection with the native security posture features offered by AWS.
- Centralized visibility: Users can monitor anomalous behavior within the workflow and detect anomalies.
- Enhanced Investigation: Security teams can investigate ongoing threats by activating detailed analysis of incident metadata with a simple click.
- Ease of use: the simplified configuration of the API integration installs in a few seconds at no additional cost.
For more information about SentinelOne and AWS Security Hub, please visit www.s1.ai/AWS.
