Syncurity Partners with SentinelOne to Accelerate Alert Triage and Orchestrate Automated Incident Response

30 Jan Syncurity Partners with SentinelOne to Accelerate Alert Triage and Orchestrate Automated Incident Response


New Certified Integrations Support Alert Ingestion, Enrichment and Autonomous Containment and Remediation Actions


Bethesda, MD – January 30, 2019 – Syncurity, a market leader in Security Orchestration, Automation and Response (SOAR), and SentinelOne, the autonomous endpoint protection company, today announced a strategic partnership and technology integration of the SentinelOne autonomous endpoint protection console with the Syncurity IR-Flow SOAR Platform. The joint solution will enable customers to accelerate alert triage and automatically orchestrate response to threats across all endpoints.

SentinelOne is the only next-gen solution that autonomously defends every endpoint against any type of attack, at all stages in the threat lifecycle. Through this integration, customers will be able to ingest threat and incident data directly from SentinelOne into the IR-Flow SOAR Platform to identify and triage suspicious activity. Importantly, they can combine this data with data from other IT and security solutions to provide security analysts with more accurate identification and risk assessment of advanced attacks.

In addition, the Syncurity IR-Flow SOAR Platform can quarantine and remediate any compromised endpoints using the SentinelOne API. The IR-Flow patent-pending Triage Scoring Engine, dynamically assesses risk as information from different IT and security tools are evaluated via automated API actions. The Syncurity IR-Flow Platform identifies high-risk alerts, and validates automatically or through guided analyst interactions which situations should be escalated to a security incident, and then orchestrates actions needed to contain and remediate across the enterprise. These actions include changing user passwords, sending email verifications, restarting and scanning hosts, getting device and/or user information, and enabling or disabling two-factor authentication. They can also generate and list reports, list processes, get files and list applications on a host. The actions can be automated or directed through ticketing system integrations, such as the recently announced ServiceNow app.

“Strategic partnerships of this nature represent the future of the security market – combining autonomous endpoint protection with powerful SIEM capabilities to speed incident response, while helping customers contextualize how they’re mitigating risk,” said Daniel Bernard, VP Business & Corporate Development, SentinelOne. “This integration will enable customers to see the true story of what’s happening across their network and endpoints, while knowing that they’re fully protected against today’s most devastating threats.”

“The integration of SentinelOne and the Syncurity IR-Flow SOAR Platform pairs two surging leaders in their respective markets to enable our joint customers to more quickly identify, assess and take action against ever-changing cyber risks,” said John Jolly, CEO, Syncurity. “The combination of the orchestration and automation along with IR-Flow’s robust case management means customers can more effectively measure and optimize their security stack.”

The joint solution will be available through mutual channel partners of SentinelOne and Syncurity, including World Wide Technology and Assurance Data, Inc.

Follow Syncurity

Twitter: @syncurity

About Syncurity

Syncurity™ optimizes and integrates people, process and technology to realize better cybersecurity outcomes. Syncurity’s award-winning and patent-pending IR-Flow® platform accelerates security operations teams by delivering an analyst-centric incident response platform. For more information, visit

To learn more about how Syncurity’s customers are leveraging the IR-Flow platform, please visit

About SentinelOne

SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit or follow us at @SentinelOne, on LinkedIn or Facebook.


Related Information

View Release on Business Wire
SentinelOne and Syncurity IR-Flow SOAR Platform Integration
Watch the SentinelOne and Syncurity IR-Flow, Integration Demonstration
White Paper: Reduce Phishing in the SOC
Ebook: Stop Drowning In Security Alerts
Whitepaper: Addressing Analyst Fatigue In The SOC
Syncurity’s award-winning IR Flow Security Operations and Incident Response Platform
IR-Flow Product Overview Datasheet (pdf)