Schedule Demo

SentinelOne Singularity XDR

Table of Contents

What is SentinelOne Singularity XDR? #

SentinelOne Singularity XDR (formerly SentinelOne) provides detection and response capabilities across multiple security layers, including endpoint, cloud, identity, network, and mobile and provides analytics and automated responses.

Why Should You Use the SentinelOne Singularity XDRConnector? #

The SentinelOne Singularity XDR connector provides visibility into the assets in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies

  • derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Lucidum executes read-only requests to the SentinelOne Singularity REST API and ingests only meta-data about SentinelOne Singularity XDR devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum #

Field

Description

Example

URL

The URL for the SentinelOne API.

https://<sentinelone> domain>/web/api/v2.1

Verify SSL.

For future use.

N/A

Filter Application

SentinelOne assigns a risk level to applications ( low, medium, high, critical). If this toggle is “on”, Lucidum ingests data only from applications that have an assigned risk level

By default, this toggle is “off” and Lucidum ingests data from all applications.

Off

API Token

An API token for a SentinelOne account that has read access to API data.

Source Documentation #

Creating Credentials #

To generate an API token for the Lucidum connector:

  1. Login to the Management Console for SentinelOne as a user with read access to API data.

  2. In the Management Console, click Settings > USERS.

  3. Click your username.

  4. Click the Edit button.

  5. In Edit User > API Token page, click Generate.

    CAUTION: If you see Revoke and Regenerate, you have already generated a token. Do not select Revoke and Regenerate. If you select the Revoke and Regenerate option, scripts that already use that token will not work.

  6. If you click Generate, SentinelOne displays the token string and the date that the token expires.

  7. Click DOWNLOAD to save the API Token.

API Documentation #

https://www.postman.com/api-evangelist/workspace/sentinelone/folder/35240-4612de9e-96ee-4315-befd-17e50f606288

What are your Feelings

@ 2024 Lucidum, Inc.