All Collections
Integrations
How Tos
How to integrate SentinelOne with SuperOps.ai?
How to integrate SentinelOne with SuperOps.ai?
Manish Balaji avatar
Written by Manish Balaji
Updated over a week ago

Keeping their client’s network safe is arguably the most important responsibility of an MSP. But it’s exhausting to manually manage the deployment of antivirus software for all the endpoints you manage. It only gets harder with the hybrid workforce of today.

What you need is a combination of a powerful antivirus that can keep your systems safe and a robust RMM that can take care of the deployment. That’s exactly what SuperOps.ai and SentinelOne can do for you.

Efficiently manage threats, response, and remediation by remotely auto-deploying SentinelOne on your client’s assets and keeping their network protected from online risks at all times.

What is SentinelOne?

SentinelOne is a powerful antivirus and endpoint protection software with a host of modules to fight against various cybersecurity risks. It is powered by AI to detect and monitor security breaches and threats to safeguard your IT environment. On-site installation of SentinelOne is available for Windows and Mac systems.

Configuring the SuperOps.ai integration

  • Go to Settings > Marketplace and scroll down and click on SentinelOne.

  • To connect with your existing SentinelOne account, you will need the access URL of your SentinelOne management console and your SentinelOne Admin’s API token.

  • Once the connection is successful, your SentinelOne toggle button should be automatically enabled.


👉🏻 Sidebar: Getting SentinelOne Admin’s API token

  • Go to your SentinelOne management console, and click on Settings > Users.

  • Click on the Admin user from whom you have to generate the API token and click the Options button on their pop-up.

  • Select Generate API token and copy it to enter it during the configuration process.


Mapping clients between SuperOps.ai and SentinelOne

After connecting your SentinelOne account, you must map your clients from SuperOps.ai to their respective sites in SentinelOne.

Note: Sites in SentinelOne are referred to as clients in SuperOps.ai.

Here’s how:

  1. Create a new site in SentinelOne using the client name from SuperOps.ai if there is no site in SentinelOne yet. Just click on the Create box on the left, and your client from SuperOps.ai will be added as a new site in SentinelOne.

2. If the site already exists in SentinelOne, select it from the drop-down menu under the "Clients in SentinelOne" column against the client you want to map it to in SuperOps.ai.

3. If you don’t want to map a SuperOps.ai client to a SentinelOne site, click the Ignore box on the right.

4. Once you have completed matching your clients, click on Import to begin your importing process. We will actively show the progress of this import process in the form of a status report. From the status report, you can see how many clients are created, imported, ignored, and didn’t go through the import as errors.

5. After you've successfully mapped and imported all your clients, enable SentinelOne at the policy level to deploy SentinelOne agents for your assets.

You can set this by going to Settings > Asset management > Policy management > Asset class > Antivirus. You can know more about how to set these policies here.

Note: The SentinelOne agent is installed only on endpoints controlled by the given SentinelOne Admin and on clients that have been successfully mapped with SentinelOne set as their antivirus policy.

Now, you can see the antivirus in action on the Asset Summary page.

  • To do that, go to Modules > Assets and click on any asset from the list.

  • In the antivirus tab, you can see the status of the antivirus.

  • To check when an asset was last scanned for viruses and how many threats were detected by SentinelOne, click More info on the Anti-virus card on the Assets Summary page.

  • Click on the More info option on the anti-virus tab and click the Actions drop-down button. This will let you perform the following actions on the SentinelOne agent from SuperOps.ai.

    1. Full Disk Scan

    2. Abort Scan

    3. Uninstall the SentinelOne Agent

  • You can also see these actions by clicking the Actions drop-down button from the Asset summary page.

Other related articles:

Did this answer your question?