SentinelOne Training | Part 4b - SENTINELS
Вставка
- Опубліковано 30 лип 2024
- SentinelOne Training | Part 4b - SENTINELS
In part 4b of this SentinelOne training course, we cover SENTINELS.
Cybersecurity Mentorship Program!
technologyinterpreters.myshop...
Join this channel to get access to perks:
/ @technologyinterpreter...
Subscribe: ua-cam.com/users/TechInte...
Social Media:
- Discord: / discord
- Twitter: / kwinfosec
- Twitch: / technologyinterpreters
- Instagram: / kwinfosec
- Facebook: / technologyinterpreters - Наука та технологія
Thanks for sharing your knowledge, a video about exclusion is a very good idea, they can be tricky
I really appreciate you taking the time to go over every feature Sentinelone has to offer. I really learned a lot from this playlist
Incredible series. It's much appreciated! This is going to help us go the extra mile.
At around 23:22 of the vid, you explain network quarantine. According to the docs, this feature is not to create a "subnet" for you to be able to quarantine a set of hosts all in one action, but to allow the quarantined hosts to communicate over the network to different services.
"With Network Quarantine, you can configure rules to allow specific network traffic to communicate with quarantined endpoints. By default Agents can only communicate with the Management Console if they are disconnected from the network."
This would come in handy if you have, for instance, a SIEM agent running on an endpoint, and if you quarantine it through S1, you would want it to still send logs to your SEIM.
This is was really awesome to watch. Can you do Crowdstrike as well?
This was really awesome to watch. Can you do Crowdstrike as well?
Maybe one day, but I pay for this stuff out of pocket and it costs a lot.
I am working with SentinelOne for the last 15 days, and I already installed in a few laptops for our customers, how can I allows Chrome Extensions, because the customers needs to work with some Chrome extensions and SentinelOne blocked. I need to allows only for a few devices, how can I do it?
How about viewing a decommissioned list?
He didn't give you a very good definition of containers. He was describing mico-services.
I agree. See below.
What are microservices?
Microservices are individual units of software that combine to provide all of the functions required to run an application. Typically, each microservice handles a discrete type of functionality within an application. For example, one microservice handles logins, another generates the UI, another populates the interface with content specific to each user session and yet another interfaces with the database that stores user data.
What are containers?
Containers are semi-isolated environments in which applications, or parts of applications, can run. Unlike VMs which run entirely separate OSes, containers directly share resources with the OS of the server that hosts the containers. This makes containers more efficient than VMs because each containerized environment does not require a complete guest OS.