SentinelOne Expands Singularity Marketplace with New Integrations for SIEM, SOAR, and Malware Analysis
- 23.06.2022 01:40 pm
SentinelOne, an autonomous cybersecurity platform company, has announced integrations with IBM, Swimlane, and Intezer, increasing use case offerings available via SentinelOne’s Singularity Marketplace. The new integrations cover security information and event management (SIEM), security orchestration, automation and response (SOAR), and malware analysis.
“SentinelOne is committed to helping customers defend themselves from threats in the manner that best fits their workflows,” said Ruby Sharma, Head of Technology Partnerships, SentinelOne. “We continuously partner with leading and innovative cybersecurity vendors to expand the offerings available via the Singularity platform. We are excited about our new integrations with IBM, Swimlane, and Intezer which give customers the optionality they seek in running their cybersecurity programmes.”
Streamlined Detection and Response Workflows with IBM
With a seamless API integration between SentinelOne Singularity XDR and IBM Security® QRadar® SIEM and SOAR, the integration consolidates visibility across SentinelOne managed endpoints, cloud workloads, identities, and additional SOC tools, incorporating SentinelOne context for automated detection and response. SentinelOne filters its context-rich detections through IBM’s QRadar SIEM for correlation, triage, and investigation.
If an alert is deemed actionable in QRadar SIEM, the incident is escalated to QRadar SOAR where security analysts can begin incident remediation and response. The joint solution allows IBM customers to maximise SOC operations through unified investigations, enhanced visibility, and intelligent automation across incident response workflows.
“The Singularity XDR and QRadar integration double down on the commitment to an open ecosystem, simplifying SOC operations and delivering on a modern approach to threat management,” said Robert Dibattista, Director of Product Management, IBM. “We’re excited to see the continued successes of this partnership, and more importantly, the value our clients can derive.”
Multiply SecOps Workforce with Swimlane’s Robust Low-Code Automation
The SentinelOne integration with Swimlane increases visibility and triage accuracy reduces alert fatigue, and accelerates mean-time-to-respond. It leverages SentinelOne Singularity XDR APIs in order for Swimlane to trigger low-code automation playbooks, case management processes, and populate modular dashboards or reports. Swimlane combines SentinelOne’s telemetry sources with human data into a single system of record. This joint solution provides centralised case management, automated incident enrichment, and alert remediation.
“To keep pace with the constantly expanding attack surface, overburdened security teams need solutions that extend their visibility and response capabilities,” said Mike Kay, Sr. Vice President of Business Development, Swimlane. “Swimlane and SentinelOne’s partnership delivers a solution to these challenges by combining SentinelOne’s dynamic endpoint visibility and deep correlation with Swimlane’s low-code automation playbooks, case management, dashboards, and reporting. Together, we are able to help customers reduce silos and gain a system of record that demonstrates the business value of security programmes.”
Accelerate Alert Triage and Automate Malware Analysis with Intezer
SentinelOne and Intezer combine to automatically triage incidents and provide advanced malware analysis verdicts, lessening the load on busy security teams. When SentinelOne detects malicious activity, customers now have the option to automatically share alert data with Intezer for deep analysis. Intezer’s analysis is returned to SentinelOne for consolidated visibility and mitigation.
“Too many teams face challenges hiring and retaining skilled security professionals,” said Itai Tevet, CEO and Co-founder, Intezer.