Skip to content

Interpres Application - SentinelOne Singularity

  • Type: Endpoint
  • Vendor: SentinelOne

This app integrates with SentinelOne Singularity to get Assets, Telemetry, Detection, and Alerts.

Vendor setup

  1. Go to Users tab - Service Users.
  2. Create New Service User with the following settings:
    • Role: Viewer
    • Access Level: Account
  3. Copy API Token.

App Configuration

App Parameters:

  • Base URL: URL to your SentinelOne Management Console.
  • API Token: API Token from Vendor Setup.
  • Verify Server Cert: If enabled Interpres will verify the SSL certificate.
  • Proxy: A valid proxy server and port. This should of the form 'http[s]://:'

App Validation

Check there is connectivity (green light) in the integration created.

Implemented Actions

  • Get Detections: Gets all the detections/rules from SentinelOne Singularity Platform.

  • Get Alerts: Gets alerts from the SentinelOne Singularity Platform.

  • Get Available Telemetry: Gets telemetry gather by SentinelOne by checking the policy each site (Only one SentinelOne site will be used, contact Interpres to add more sites).

  • Get Assets: Gets all assets with the SentinelOne agent.