About SentinelOne
SentinelOne is a global cybersecurity company recognized as a leader in autonomous AI-powered endpoint protection, detection, and response, trusted by enterprises worldwide to defend against advanced threats across endpoints, cloud workloads, and identity environments. With a platform built for speed, scale, and autonomy, SentinelOne delivers security outcomes without relying on human latency in the detection and response loop. Teams looking to integrate with SentinelOne or build a SentinelOne integration can use Synqly to access normalized endpoint detection, threat intelligence, and incident data through a standardized security connector.
About the SentinelOne Singularity™ Endpoint Integration
SentinelOne Singularity™ Endpoint is SentinelOne’s AI-powered endpoint protection and response platform, delivering autonomous threat prevention, detection, and response across endpoints without relying on human latency in the threat response cycle. As Synqly’s EDR provider, SentinelOne Singularity Endpoint enables security platforms to access normalized endpoint detection data, threat alerts, and device telemetry through a standardized connector. Integrate with SentinelOne Singularity Endpoint to route AI-driven endpoint threat data into your SIEM, SOAR, or security operations platform, and enable automated response actions without managing SentinelOne’s API directly.
Integration Use Cases
Create IOCs
Creates a list of iocs that match the stix input for the EDR source.
Create Threat Note
Creates a note for a threat.
Delete IOCs
Deletes a list of iocs that match the input of ids in the query param
Get Endpoint
Gets a single endpoint assets matching the UID from the token-linked EDR source.
Get Threat Notes
Returns a list of notes for a threat.
Quarantine Endpoints
Connect or disconnect one or more endpoints assets to the network, allowing or disallowing connections.
Query Alerts
Returns a list of alerts that match the query from the token-linked EDR source.
Query Applications
Returns a list of applications matching the query from the token-linked EDR source.
Query EDR Events
Returns a list of EDR events that match the query from the token-linked EDR source.
Query Endpoints
Returns a list of endpoint assets matching the query from the token-linked EDR source.
Query IOCs
Returns a list of iocs that match the query from the token-linked EDR source.
Query Threat Events
Returns a list of threats that match the query from the token-linked EDR source.