search
Go to websiteTrust Center

SentinelOne

Configure the action connector for SentinelOne.

In this guide, you'll configure the integration between SentinelOne and Radiant to automatically run containment and remediation actions after endpoint attacks.

chevron-rightbolt-lightning Available actionshashtag

The following actions are available after you set up the SentinelOne action connector. Keep in mind, additional permissions are required.

  • Isolate devices

  • Release devices from isolation

  • Block files

  • Run full disk scan

To be able to add the action connector, you will need to provide Radiant Security with the following values, from the data connector onboarding:

  • API Base URL (console URL). For example: https://usea1-swprd1.sentinelone.net

  • API Token

circle-info

plug If you haven't configured the SentinelOne data connectors yet, check out the SentinelOne EDR guide.

hashtag
Add the action connector in Radiant Security

  1. Log in to Radiant Securityarrow-up-right.

  2. From the navigation menu, select Settings > Action Connectors and click + Add Connector.

  3. Select SentinelOne from the menu and click Credentials.

  4. Add the following values from the previous section:

    • API Base URL (console URL). For example: https://usea1-swprd1.sentinelone.net

    • API Token

  5. Click Add Connector to save the connector configuration.

PreviousProofpointNextSonicWall

Last updated