Protecting Customer Data with Industry Standards and Best Practices
SentinelOne goes beyond just offering advanced endpoint protection solutions; the company is committed to safeguarding all customer data processed through their solutions in line with industry standards and best practices. This dedication is evident in the comprehensive security measures put in place by SentinelOne's dedicated security team.
Comprehensive Security Measures
The internal information security program at SentinelOne covers a wide array of areas, including high-quality network security, application security, identity and access controls, change management, vulnerability management, third-party penetration testing, log/event management, vendor risk management, physical security, endpoint security, governance, risk, and compliance, people/HR security, disaster recovery, among others. This holistic approach ensures that every aspect of information security is meticulously managed and protected.
External Auditing and Certifications for Information Security
To maintain the highest level of information security, SentinelOne engages reputable third-party auditors to assess its practices annually under the SSAE 18 SOC 2 audit. Additionally, the company has obtained the FedRAMP moderate designation, allowing U.S. federal government customers to benefit from SentinelOne's cutting-edge endpoint security solutions. This certification underscores SentinelOne's commitment to being a trusted partner in enhancing national security and efficiency.
Customer Responsibility in Security Practices
SentinelOne emphasizes the importance of customers establishing robust security practices, especially when it comes to maintaining solution access credentials. This includes implementing strong account passwords and restricting access to authorized personnel. In the event of any account credential compromise, customers are urged to notify SentinelOne immediately for prompt action and resolution.