The History of AV (anti-virus)/ EDR technology

Started out with First Generation, old legacy AV solutions. These were people powered (so inefficient and not scalable as IT teams would patch vulnerabilities manually, etc…) These were designed for a different working environment - one that is not as complex and advanced as it is now. 

We then moved on to Second Generation AV and EDR, with cloud-based monitoring. This was a  newer version of defense that gave you more information about attacks, much more quickly. However, the reliance on ‘reactive response’ meant that it could still take several hours, to a day, to write the signatures needed to stop the identified attack happening on all the other machines across the world -still too long and complex a  process - still not quick enough. 

What makes SentinelOne Different? 

Define what SentinelOne is: SentinelOne | Autonomous AI Endpoint Security Platform | s1.ai

SentinelOne is a third generation EDR/ XDR solution that doesn’t rely on the cloud. The key difference being that SentinelOne is completely automated and can identify and remediate threats within seconds.SentinelOne can sit looking after your machines all day, everyday. Looks at the behaviour on the endpoint, identifies malicious  behaviour and remediates on the endpoint within seconds. 

It is a technology that scales to people - the automation aspect shrinks mean time to respond & recovery. The automated AI capabilities means that SentienlOne becomes an effective front line defense. 

Key Features: 

100% Ransomware Prevention Record 

SentinelOne has a 100% record when it comes to stopping ransomware in its tracks. S1 has never let ransomware through - there’s no way ransomware can get past it. With SentinelOne in place, cyber disasters like WannaCry would never have happened. 

Storyline Feature

The Storyline feature contextualizes everything that’s happening in real time. Will trigger responses if needed. Everything in SentinelOne is designed to take away the time it takes the SOC team to respond to stuff because it’s doing it all for you. 

Could see an attempted ransomware attack happening in real time - the files being targeted, where it’s trying to go. Can keep an eye on attempted lateral movement. 

Observing every process on the machine all day = instantaneous protection 

Could be managed easily by a very small tech team. Gives much more visibility 

It gives you a lot more information than other products give you. Highly detailed information about everything that’s going on. 

Remediation and Instant Roll Back: 

The instant rollback and recovery feature (1-click recovery) can save security teams a lot of time. If, for instance, you SentinelOne alongside your current EDR solution, in detect-only mode, you could see if anything got through in real time and act on it immediately. 

Ranger and Network Visibility 

Looks at every IoT device on the network and canl tell you if it's secure. Tells you everything that’s on the network (even unexpected household items) - other, unprotected machines - whole potential attack surface. 

S1 will run pretty much on anything,  doesn’t matter how old the machine is - ranger would pick up any unprotected machines which would reduce the risk of ransomware significantly, even with old machines (like the ones used in the NHS, for example) 

XDR - extended detection and response - means that SentinelOne can extend its responses to other vendor platforms 

It has  open APIs - can use SentinelOne well alongside other solutions easily - integrates well with other technologies. 

Long Data Retention - you can look back at data from  year ago, etc, to see what happened, how things have progressed, make comparisons, etc… 

The Core of IT V4
Jan 23 2025

The CISO’s Reality: Ransomware Defence in 2025’s Threat Landscape

The modern CISO faces a ransomware landscape that bears little resemblance to the threats of years past. Gone are the days of simple file encryption and opportunistic...
Jan 16 2025

Advanced Threat Actor TTPs and Strategic Defence: A CISO’s Perspective on the UK Threat Landscape

The sophistication of threat actors targeting UK enterprises has evolved significantly, with particular emphasis on living-off-the-land (LotL) techniques and...
Dec 02 2024

The Rise of Fake Crypto Apps: Malware Masquerading as Money-Making Tools

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Nov 18 2024

Meta’s $91 Million Fine: What It Means for Businesses Everywhere

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Oct 23 2024

BOG OFF AI, You Will Never Be Able to Replicate My Highly Muddled Mind

By Kelly Allen 10 years ago, when I started my career in cybersecurity, it was Machine learning, and now everyone seems to be talking about AI. But I have to say, I am...
Oct 08 2024

The Rising Tide of Cyber Threats: Recent Cybersecurity Incidents and Their Implications

In the sprawling digital landscape of the 21st century, cybersecurity is like the weather—constantly changing, often unpredictable, and occasionally downright...
An AI generated image of a woman with short hair wearing a suit and pink glasses
Oct 08 2024

Bridging the Divide: Addressing the Gender Gap in Cybersecurity for a More Efficient and Innovative Future

The cybersecurity industry, a digital battleground where hackers, ethical or otherwise, clash with an ever-evolving array of defences, should be a diverse and inclusive...
Sep 24 2024

The Chronicles of Cyberland: A Tale of Cybersecurity Resilience

Welcome to Cyberland, a place where the terrain is shaped not by mountains and rivers but by data streams, firewalls, and encryption algorithms. It's a whimsical world,...
Sep 11 2024

Unmasking the Threat: The Real Story Behind the CrowdStrike Incident

In the fast-paced world of cybersecurity, the devil is truly in the details. This was obvious in the recent CrowdStrike incident that had many business owners and IT...
Jun 27 2024

How Hackers Could Influence the UK Election

Cybersecurity Issues Linked with the Upcoming UK Election As the UK gears up for its upcoming election, the importance of cybersecurity has never been more important....

Trusted by CISOs and IT teams at over 150 organisations