New SentinelOne RSO aims at automated incident response management

Get a free Techzine subscription!

With the introduction of Remote Script Orchestration (RSO), SentinelOne allows companies to run large-scale remote response and recovery actions for endpoints in an automated manner. According to SentinelOne, RSO saves time and money throughout organizations’ responses to potential breaches.

SentinelOne RSO promises to combine workflows for IT and security operations into a single, automated solution for remotely delivering responses to all devices within a corporate network, regardless of what operating system these devices are running on.

How it works

According to SentinelOne, RSO enables IT and security administrators to send scripts to single, hundreds or millions of devices, thereby responding to current and future cyberattacks at machine speed. Security teams can write custom scripts or opt for pre-built scripts provided through RSO’s library. SentinelOne develops these scripts to perform various tasks, ranging from incident response to forensics and IT management.

According to SentinelOne, a combination of RSO and its Storyline Active Response (STAR) tool enables administrators to benefit from automated workflows that take incident response time to the next level.

SentinelOne states that RSO is the only remote orchestration platform that acts as both an EPP, EDR and XDR platform. Moreover, RSO supports all three major operating systems: macOS, Windows and Linux.

Tip: SentinelOne is the flight recorder for endpoint protection