Watch our latest fireside chat with Doug Cahill: Cybersecurity Integrations: The ROI Black Hole

PARTNER

SentinelOne Singularity™ Endpoint

SentinelOne | EDR

About SentinelOne

SentinelOne is a global cybersecurity company recognized as a leader in autonomous AI-powered endpoint protection, detection, and response, trusted by enterprises worldwide to defend against advanced threats across endpoints, cloud workloads, and identity environments. With a platform built for speed, scale, and autonomy, SentinelOne delivers security outcomes without relying on human latency in the detection and response loop. Teams looking to integrate with SentinelOne or build a SentinelOne integration can use Synqly to access normalized endpoint detection, threat intelligence, and incident data through a standardized security connector.

About the SentinelOne Singularity™ Endpoint Integration

SentinelOne Singularity™ Endpoint is SentinelOne’s AI-powered endpoint protection and response platform, delivering autonomous threat prevention, detection, and response across endpoints without relying on human latency in the threat response cycle. As Synqly’s EDR provider, SentinelOne Singularity Endpoint enables security platforms to access normalized endpoint detection data, threat alerts, and device telemetry through a standardized connector. Integrate with SentinelOne Singularity Endpoint to route AI-driven endpoint threat data into your SIEM, SOAR, or security operations platform, and enable automated response actions without managing SentinelOne’s API directly.

Integration Use Cases

gpp_maybe

Create IOCs

Creates a list of iocs that match the stix input for the EDR source.

edit_note

Create Threat Note

Creates a note for a threat.

list_alt_check

Delete IOCs

Deletes a list of iocs that match the input of ids in the query param

computer

Get Endpoint

Gets a single endpoint assets matching the UID from the token-linked EDR source.

note_stack

Get Threat Notes

Returns a list of notes for a threat.

remove_from_queue

Quarantine Endpoints

Connect or disconnect one or more endpoints assets to the network, allowing or disallowing connections.

notifications_active

Query Alerts

Returns a list of alerts that match the query from the token-linked EDR source.

database_search

Query Applications

Returns a list of applications matching the query from the token-linked EDR source.

event_list

Query EDR Events

Returns a list of EDR events that match the query from the token-linked EDR source.

devices

Query Endpoints

Returns a list of endpoint assets matching the query from the token-linked EDR source.

gpp_maybe

Query IOCs

Returns a list of iocs that match the query from the token-linked EDR source.

event_list

Query Threat Events

Returns a list of threats that match the query from the token-linked EDR source.

Integration Resources