SentinelOne can be integrated into Secureframe to automate the evaluation and evidence collection of user endpoint management which is required for compliance frameworks.
Connecting the Integration
To integrate SentinelOne with Secureframe, navigate to Integrations and search for "SentinelOne" on the "Available" page and click "Connect".
On the connection form, provide your API token and Base URL, and click “Start Connection”.
You can now navigate to the “Connected” tab under integrations and you should be able to see your SentinelOne connection. You can control the following actions for your SentinelOne integration through this page:
- Check the connection status
- Run a sync
- Rename the connection
- Archive the connection
- Reconnect
Please note that SentinelOne requires that API keys have an expiration and you will have to reconnect SentinelOne with a new API key when your current one expires.
Asset Inventory
Once the connection is complete, you should now be able to see information related to devices pulled through SentinelOne in the Asset Inventory page.
Test Evaluation
- User endpoint inventory (SentinelOne)
This test evaluates the inventory of production user endpoints managed by SentinelOne is maintained.
- Firewall enforcement for user endpoints (SentinelOne)
This test evaluates that the local firewall cannot be disabled by the user and log continuously on production user endpoints which is enforced via SentinelOne.
Permissions, Fields Pulled, Controls, and Automated Tests
- Click the provided link or navigate to the “Integration” page.
- Select the “Available” tab.
- Search for the integration.
- Click “View Details”.
Comments
0 comments
Article is closed for comments.