How to Enable the Addigy Security Suite Integration Powered by SentinelOne

Overview

Addigy’s Security Suite offers advanced, automated protection for macOS environments, seamlessly integrating SentinelOne’s Endpoint Detection and Response (EDR) platform to safeguard devices against modern cyber threats. The integration provides real-time threat detection, automated remediation, and consolidated management within Addigy.

What Is SentinelOne?

SentinelOne is a unified cybersecurity solution leveraging artificial intelligence and machine learning to defend endpoints, cloud workloads, and networked devices from known and unknown threats. Its platform autonomously detects, contains, and remediates attacks—including ransomware, zero-day exploits, and fileless malware—across all major operating systems. SentinelOne’s AI-driven automation reduces manual tasks and accelerates incident response, making it suitable for organizations of any size.

Key Features

• AI-Powered Threat Detection: Real-time identification and prevention of cyber threats using behavioral analytics and machine learning.
• Autonomous Response: Immediate containment and remediation, minimizing manual intervention and reducing risk exposure.
• Vulnerability Management: Scans and prioritizes application and OS vulnerabilities with actionable risk scores.
• Integrated Reporting: Rich dashboards and exportable data to support compliance, audits, and detected threats.
• Scalability: Deploy protection to environments ranging from a few to tens of thousands of devices, with centralized control.

Steps to Enable Threat Detection Powered by SentinelOne

1. Log in to Addigy
   • Access your Addigy account with the correct administrative privileges.
2. Navigate to Integrations
   • Go to Accounts > Integrations > Addigy Add-ons in Addigy.
3. Find the SentinelOne Integration
   • Locate the Threat Detection Powered by SentinelOne tile.
4. Initiate Setup
   • Click the tile and complete the guided setup wizard. Follow all prompts, and confirm the integration as instructed.
   • A SentinelOne tenant account is auto-provisioned during setup. An email invitation will be sent, but onboarding in SentinelOne is not required before proceeding in Addigy. 
   • If you do not receive the email invitation from SentinelOne, you can re-send it by clicking the 'Verify' button next to your email address as shown below.

1.  
2. Launch the Threat Dashboard
   • On completion, select View Threat Dashboard for centralized security management.
3. SentinelOne Deployment via SentinelOne Portal (Optional)
   • For additional details on what can be configured in the Sentinel One Portal, please see Security Suite SentinelOne Deployment.

Deploy SentinelOne Agents

1. In the Threat Dashboard, open the Policies tab.
2. Select policies containing the target macOS devices.
3. Deploy SentinelOne agents to each policy group to activate full protection. Devices will automatically begin receiving protection per the selected policy settings.

Integration Highlights

• Single-Workflow Security: Manage endpoint protection, alerts, and remediation directly within the Addigy dashboard—no separate portals required.
• Automated Actions: Devices can be isolated or remediated automatically, reducing the time to response and limiting incident scope.
• Streamlined Compliance: Built-in reporting and compliance tools simplify evidence gathering for regulatory audits and incident investigations.

FAQs

• Q: Can I disable Threat Protection per device?
  A: Yes, remove the device’s policy assignment and the agent will uninstall at the next policy check-in.
• Q: Will my existing policies and compliance settings change?
  A: No. Your existing configurations remain intact. The Security Suite adds powerful visibility, automation, and real-time protection features on top of your current setup — without disrupting your environment.
• Q: Do I need to upgrade my entire fleet to access the Security Suite and SentinelOne features?
  A: No, you can scope the SentinelOne deployment to a subset of devices by policy.
• Q: Which version of SentinelOne is included?
  A: SentinelOne Singularity Complete with Vigilance (MDR)
• Q: Can I be grandfathered in if I’m already using one or more of these features?
  A: Yes! Any of the security features that you were already using will continue to be available to your account. You would only have to upgrade if you would like to add any of the others.
• Q: Who owns the SentinelOne account provisioned by Addigy?
  A: The customer has their own instance of SentinelOne they can log into at any time.
• Q: Does disabling the SentinelOne integration at the account level remove SentinelOne from Devices?
  A: Yes, on the next policy deployment, we will run an uninstall script and it will uninstall the agent from the device and remove the record from SentinelOne.
• Q: I’ve accidentally enabled Security Bundle, how do I turn this off?
  A: Please reach out and create a support ticket and we will handle it from here. (If they submitted this via support ticket then we need to start the Operation task to disable them)
• Q: Can I have Windows devices in addition to macOS with SentinelOne through Addigy?
  A: ALL SentinelOne enrolled devices (including Windows) are viewable through Addigy, when a device is clicked on to see a threat, if it is an Addigy enrolled Mac, it will give the option to go to GoLive or SentinelOne Console, if it is a Windows device it will open that device directly in the SentinelOne Console. Windows devices that are using SentinelOne EDR & MDR are billed at the same rate as macOS devices.
• Q: Will I be able to contact SentinelOne support directly if I use it through Addigy?
  A: Addigy manages support for any issues that occur, and we are able to involve support contacts with SentinelOne as needed.

Additional Resources

• For troubleshooting or advanced configuration, reach out to Addigy support or consult the Threat Protection documentation.
• To explore integration options or maximize the suite’s capabilities, schedule time with your Account Manager.