We are pleased to announce that on Sunday February 23^rd during the SentinelOne’s regular scheduled Maintenance Window Endpoint Detection and Response (EDR) will be updated to “S-24.4.5” for the consoles detailed below. This release delivers significant enhancements to the management console.

Excited to share some of the highlights below and please be sure to read the full Release Notes and supporting documentation available on N-able Me

“S-24.4.5” Includes:

“Network Rogues” is Renamed “Unprotected Endpoints”

The “Rogues” Add-on is renamed “Unprotected Endpoints Discovery”.

The main “Rogues” page in the Console is renamed “Unprotected Endpoints”

All other “Rogues” pages in the Console are renamed “Unprotected Endpoints Discovery”.

Exclusion Catalog Updates

Exclusion Catalog now offers the following new applications: Ivanti EPM Engine Base Agent, Rapid7 insight Agent, and Darktrace.

Exclusions for these applications were added or updated: Ivanti EPM Client, Trellix, Cylance, AutoCAD, Autodesk Software, CyberArk products, AWS CloudWtach, iTerm, Microsoft Windows Cluster, Micosoft SQL Server.Singularity™ Operations Center

Improvements for Exclusions Marked as Not Recommended

If you try to create an exclusion that SentinelOne defines as highly unsafe, an error message shows “The exclusion is not allowed” or “The exclusion is not recommended.” Changes in this release:

• The logic for exclusions marked as not recommended is improved for Windows exclusions.
• Exclusions for macOS that are highly unsafe are now also marked as not allowed or not recommended.

Device Control rules for Bluetooth Low Energy

Device Control rules for Bluetooth Low Energy are now available on all Consoles. Device Control Bluetooth Low Energy (BLE) is a Bluetooth communication protocol, which decreases power consumption compared to Bluetooth Classic devices in a similar communication range. You can create Device Control rules to manage BLE devices based on BLE identifiers.

Change in Errors for Failed Logins to the Console

To increase security, when someone attempts to log in to the Management Console, they do not get a detailed message of why the login failed. This is to prevent a potential attacker from getting information from the message. Users see the message: Authentication Failed.

The detailed information about why the login failed will show in the Activity Log and in Syslog notifications as the “Reason.” For example:

• The management user ssouser@example.com failed to log in to the management console with IP Address 192.168.2.2. Reason: SSO auth required.
• The management user ssouser@example.com failed to log in to the management console with IP Address 92.168.2.2. Reason: locked user.

Singularity Operations Center

If you haven’t had a chance yet to catch the “Opt-In” access to the new Singularity Operations Center, I encourage you to check it out. In the new year we will be moving into the new unified interface that simplifies navigation and enhances user workflows. It’s already packed with new enhancements, for instance, continue reading to discover the new Health Center.

To turn it on select your user name top right hand corner of the console, and select ‘My User’  which will allow you to turn on/off the Operations Center.  

Singularity™ Operations Center: Health Center

The new Singularity™ Health Center is a central management interface for operational observability that helps you ensure your organization is protected as expected. The Health Center monitors endpoint protection and asset operational health status and provides immediate visibility into unprotected and partially-protected assets. See if there are any abnormalities related to Agent resource usage, operation and protection state, connectivity, or configuration. Investigate and resolve security and operational issues to strengthen your security posture.

With the Health Dashboard, you can see an overview of the number of Agents in the scope, their VSS Rollback and Anti-Tamper Status, the percentage of Agents with different Agent States, Pending Actions, and more.

See fleet-level data about assets and health indicators in the Health Dashboard

In Inventory, select an asset to see its health indicators, disk space information, and Agent properties. You can run actions to remediate health issues.

The console update release is scheduled for completion within an eight-hour maintenance window and will begin on Sunday February 23^rd  , at 10 am IDT / 9 am UTC +2/ 3 am EDT.  A few important things to note

Consoles scheduled for update include:

• https://usea1-swprd1.sentinelone.net/
• https://usea1-swprd2.sentinelone.net/
• https://usea1-nabl9.sentinelone.net/
• https://euce1-swprd2.sentinelone.net/
• https://euce1-nabl8.sentinelone.net/
• https://apne1-swprd3.sentinelone.net

A few reminders,

• Please be sure to sign up for SentinelOne Partner Portal, subscribed users will have
  • Access to Partner University: Learn how to sell EDR, How to position, how to demo and much more (unlimited license)
  • Access to SentinelOne University Technical Courses: Getting started with SentinelOne, SentinelOne Policy Administrator course and much more (5 free licenses)
  • Access to SentinelOne Asset Library: Sales Decks, Data Sheets, Battlecards, White Papers  and much more..
• Do not forget to check out the full Release Notes under EDR Documentation at N-able U
• Do not forget to check out the full suite of EDR Courses on N-able U we are always adding new details and new courses.
• With EDR’s easy self-enablement please be sure to view your license usage across Control, Complete Licenses and the Billable add ons (such as; Network Discovery and RemoteOps)

As always, feedback is welcome on the release.