SentinelOne is present in 13 markets with 14 products. SentinelOne has 4293 reviews with an overall average rating of 4.7.
AI Security and Anomaly Detection
AI Security and Anomaly Detection is a market focused on providing runtime protection and monitoring for AI applications, particularly those using generative models like large language models (LLMs). These solutions detect and mitigate risks such as prompt injection, hallucinations, toxicity, biased outputs, data leakage, and performance drift. Delivered as cloud-native modules via APIs or embedded within applications, they offer real-time visibility into content and security anomalies. The market supports compliance with emerging regulations, enables centralized oversight across multiple AI deployments, and helps organizations safeguard their brand and decision-making processes from faulty or malicious AI behavior.
SentinelOne has 1 product in AI Security and Anomaly Detection market
AI Usage Control
AI usage control (AI-UC) is a technology to discover the use of third-party AI and enforce the security policies of an organization. Key capabilities include enforcing granular data-sharing policies, automatically detecting and cataloging all AI tools (including shadow AI), and moderating content by filtering sensitive data in real time. AI-UC defines and enforces usage policies, inspects content for sensitive data, assesses risk, and raises alerts on anomalies. AI-UC is primarily delivered as a cloud-based service and may include multiple local inspection points. Typical users of AI Usage Control (AI-UC) are security, compliance, and IT teams, including CISOs, data privacy officers, and risk managers. Many current discovery tools treat AI applications as any other application. ignoring unique risks and integrations of AI in an organization's environment. AI usage control provides fine-grained categorization and intent-based policies, enabling safe adoption of third-party applications while mitigating security risks.
SentinelOne has 1 product in AI Usage Control market
CPS Protection Platforms
Gartner defines cyber-physical systems (CPS) protection platforms as products that discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT. They do so by analyzing or interacting with industrial/industry-specific protocols and operational network traffic. They understand physical process asset behavior and do not interfere with CPS operations. They can be delivered from the cloud, on-premises or in a hybrid form. Gartner defines CPS as engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and adaptable performance.
SentinelOne has 1 product in CPS Protection Platforms market
Cloud Security Posture Management Tools
Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.
SentinelOne has 1 product in Cloud Security Posture Management Tools market
Cloud-Native Application Protection Platforms
Cloud-native application protection platforms (CNAPPs) are a unified and tightly integrated set of security and compliance capabilities, designed to protect cloud-native infrastructure and applications. CNAPPs incorporate an integrated set of proactive and reactive security capabilities, including artifact scanning, security guardrails, configuration and compliance management, risk detection and prioritization, and behavioral analytics, providing visibility, governance and control from code creation to production runtime. CNAPP solutions use a combination of API integrations with leading cloud platform providers, continuous integration/continuous development (CI/CD) pipeline integrations, and agent and agentless workload integration to offer combined development and runtime security coverage.
SentinelOne has 1 product in Cloud-Native Application Protection Platforms market
Endpoint Protection Platforms
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
SentinelOne has 1 product in Endpoint Protection Platforms market
Extended Detection and Response
Extended detection and response (XDR) delivers security incident detection and automated response capabilities for security infrastructure. XDR integrates threat intelligence and telemetry data from multiple sources with security analytics to provide contextualization and correlation of security alerts. XDR must include native sensors, and can be delivered on-premises or as a SaaS offering. Typically, it is deployed by organizations with smaller security teams.
SentinelOne has 1 product in Extended Detection and Response market
IT Security
IT Security refers to products and services that protect digital systems and data from cyber threats and unauthorized access. This category includes markets that focus on network security, identity management, data protection, and cloud security, enabling organizations to reduce risk, ensure compliance, and operate securely in a digital world.
SentinelOne has 2 products in IT Security market
Identity Threat Detection and Response (ITDR)
Identity Threat Detection and Response (ITDR) refers to a set of security practices and technologies designed to detect, investigate, and respond to threats targeting digital identities within an organization. These threats often involve compromised credentials, privilege escalation, or unauthorized access to sensitive systems. ITDR solutions work by continuously monitoring identity-related activities, analyzing behavior patterns, and identifying anomalies that may indicate malicious intent. Once a threat is detected, ITDR tools help security teams respond quickly by isolating affected accounts, enforcing multi-factor authentication, or initiating automated remediation workflows. As identity becomes a primary attack vector in modern cyber threats, ITDR plays a crucial role in strengthening an organization’s overall security posture.
SentinelOne has 1 product in Identity Threat Detection and Response (ITDR) market
Infrastructure Monitoring Tools
Infrastructure monitoring tools capture the health and resource utilization of IT infrastructure components, no matter where they reside (e.g., in a data center, at the edge, infrastructure as a service [IaaS] or platform as a service [PaaS] in the cloud). This enables I&O leaders to monitor and collate the availability and resource utilization data of physical and virtual entities — including servers, containers, network devices, database instances, hypervisors and storage. These tools collect data in real time and perform historical data analysis or trending of the elements they monitor.
SentinelOne has 1 product in Infrastructure Monitoring Tools market
Managed Detection and Response
Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
SentinelOne has 1 product in Managed Detection and Response market
Mobile Threat Defense (Transitioning to Workspace Security Platforms)
Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.
SentinelOne has 1 product in Mobile Threat Defense (Transitioning to Workspace Security Platforms) market
Security Information and Event Management
Security information and event management (SIEM) is a configurable system of record that collects, aggregates and analyzes security event data from on-premises and cloud environments. SIEM processes security event data for the purposes of threat detection, investigation and response. It natively supports data normalization and offers user-configurable detection content and reporting to orchestrate threat mitigation and satisfy compliance requirements. These solutions are delivered via a SaaS platform or client-hosted on-premises or private cloud. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments. 2. Designing and executing near real-time monitoring and alerting content. 3. Enriching and investigating security events of interest. 4. Supporting manual and automated response actions. 5. Maintaining and reporting on current and historical event data.
SentinelOne has 1 product in Security Information and Event Management market