SentinelOne Integration
SentinelOne Singularity provides comprehensive visibility across your environment - giving you the breadth you need to detect malicious activity as soon as it occurs. Cado streamlines forensic analysis to quickly deliver essential historical context and depth to your investigation allowing you to quickly identify the root cause. Combined, the SentinelOne and Cado integration empowers organizations to detect, investigate, and remediate breaches with unmatched speed.
For more information, see the SentinelOne and Cado Security Joint Solution Brief.
To leverage the integration between SentinelOne and Cado, you must have the SentinelOne Remote Script Orchestration feature (RSO) enabled in addition to access to the Cado platform. To get access to the Cado platform contact the Cado Security team here.
Leveraging Cado & SentinelOne Integration
- In the SentinelOne console, navigate to Settings - Users - Service Users - Actions - Create New Service User
- Specify a name, expiration period, and specify the scope for which you want to enable integration
- Copy or download the API Token
- In the Cado platform, navigate to Settings - Integrations - XDR
- Specify the URL of the SentinelOne server and paste in the API key
You can now import data into Cado using the Import from XDR capability