SentinelOne launches Singularity RemoteOps Forensics

New solution combines forensics evidence with real-time telemetry to deliver unified insights into security incidents analysts need to perform investigation and response activities with efficiency and speed.

  • 2 months ago Posted in

Cyber breaches are on the rise, and when it comes to responding to them, time is of the essence. In order to drive swift conclusions, security teams need to identify relevant insights and extract actionable intelligence. It’s a daunting task, but SentinelOne is expanding its forensics capabilities to simplify things. The company today announced the release of Singularity RemoteOps Forensics, a new digital forensics product offering that brings incident response readiness to companies of all sizes, enabling them to execute efficient and streamlined investigation and response activities with unprecedented speed and scale.


“As timelines for reporting and responding to breaches shrink, it is imperative that security teams have advanced forensics capabilities that make investigations faster and more efficient, and with Singularity RemoteOps Forensics, we are delivering them," said Jane Wong, Senior Vice President of Products and Strategy, SentinelOne.


Seamlessly integrated with the SentinelOne Singularity™ Platform and offered as an add-on to Sentinel One’s Endpoint and Cloud Workload Security solutions, RemoteOps Forensics is a fast, efficient, and flexible digital forensics and incident response solution that security teams can use to:


Optimise resources and accelerate Mean Time to Resolution

Perform ad-hoc or conditional trigger-based evidence collection, enabling targeted investigations on one or multiple assets including endpoints and server workloads.

Automate the collection of evidence, such as processes, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, and orchestrate them in less than a minute.

Consolidate evidence into one data pool through the Singularity Security DataLake, correlating SentinelOne and partner data with forensics data in the same search to create a comprehensive picture of an attack, quickly identify the root cause and take measures to mitigate risk.

Analyse collected evidence alongside Endpoint Detection and Response (EDR) data in one console to proactively defend against future threats.

Correlate and analyse integrated data to uncover hidden indicators of compromise, identify advanced attack patterns, and understand the tactics, techniques, and procedures employed by threat actors.


And, fully integrated with the SentinelOne agent, RemoteOps Forensics eliminates the need to deploy and provision multiple tools during investigations, saving organisations both time and resources. The solution also makes investigations more forensically sound, as less changes are made on disk, and SentinelOne employs its anti-tampering capabilities as well as metadata collection capabilities to ensure data integrity is maintained.


“SentinelOne's new forensic capabilities are reinventing incident response by empowering security teams to perform deep investigations in less time without the need for niche expertise or additional tools,” Wong said.

New business metrics for Cisco Cloud Observability enable customers to significantly enhance critical business context when observing the end-to-end flow of modern applications.  
LM Envision extends essential capabilities for teams to scale cloud deployments, deliver high service availability, and control costs.
Full-Stack Observability ecosystem helps customers fulfill their specific observability needs through a unified platform and environment where they can access additional value from observable telemetry.
ControlUp IT Service Management Connector delivers efficiency, automation, and cost reduction for ServiceNow operational workflows with real-time desktop performance metrics.
Kaseya continues its momentum after the announcement of several new capabilities at its sold-out DattoCon hosted in Miami. Kaseya rolled out Kaseya Help Desk Services, which allows the outsourcing of daily IT tickets to improve customers’ profits and reduce their technician churn.
IT leaders seek to consolidate support and services into a single vendor to achieve greater agility, control vulnerabilities, and improve cost efficiency.
Park Place Technologies has appointed Ian Anderson as Senior Director, Channel Sales, EMEA.
Park Place Technologies has acquired Xuper Limited, an IT solutions provider based in Derby, UK.