Microsoft Defender vs SentinelOne

2021. Microsoft launches Defender for Business



Microsoft has introduced Microsoft Defender for Business, a new easy-to-use and cost-effective endpoint security solution that's specially built to bring enterprise-grade endpoint security to businesses with up to 300 employees. Defender for Business elevates security from traditional antivirus to next-generation protection, endpoint detection and response, threat and vulnerability management, and more. It offers simplified configuration and management with intelligent, automated investigation and remediation. Defender for Business helps you to protect against cybersecurity threats including malware and ransomware across Windows, macOS, iOS, and Android devices. It's available as a standalone offering costing $3 per user per month.


2021. SentinelOne to acquire high-speed logging startup Scalyr for $155M



SentinelOne, a late-stage security startup that helps customers make sense of security data using AI and machine learning, has acquired high-speed logging startup Scalyr for $155M. SentinelOne sorts through oodles of data to help customers understand their security posture, and having a tool that enables engineers to iterate rapidly in the data, and get to the root of the problem, is going to be extremely valuable for them. The company sees Scalyr as a product they can integrate into the platform, but also one which will remain a standalone


2020. AI-based endpoint security solution SentinelOne gets $267M



SentinelOne, which has built a machine learning-based solution Singularity, has closed $267 million in funding. SentinelOne works across the entire edge of the network to monitor and secure laptops, phones, containerised applications and the many other devices and services connected to a network. While SentinelOne has a lot of competitors — they include Microsoft, CrowdStrike, Kaspersky, McAfee and Symantec — it is also a strong player in the market. Relying on the advances of AI and with roots in the Israeli cyberintelligence community, its platform is built around the idea of working automatically not just to detect endpoints and their vulnerabilities, but to apply behavioral models, and various modes of protection, detection and response in one go.


2020. SentinelOne raises $200M for its AI-based endpoint security platform



SentinelOne, which provides a machine learning-based solution for monitoring and securing laptops, phones, containerised applications and the many other devices and services connected to a network - has picked up $200 million. The proliferation of devices and the expanding network are the biggest issues today and it is getting very hard to monitor not just what your network looks like but what your attackers are looking for. This is where an AI-based solution like SentinelOne’s comes into play. The company has roots in the Israeli cyberintelligence community but is based out of Mountain View, and its platform is built around the idea of working automatically not just to detect endpoints and their vulnerabilities, but to apply behavioral models, and various modes of protection, detection and response in one go — in a product that it calls its Singularity Platform that works across the entire edge of the network. SentinelOne is by no means the only company working in the space of endpoint protection. Others in the space include Microsoft, CrowdStrike, Kaspersky, McAfee, Symantec and many others.


2016. Microsoft released Windows Defender Advanced Threat Protection


Windows already ships with built-in antivirus called Windows Defender. Currently, it’s a defensive program that looks at websites and downloads to try and stop you from getting hacked. Unfortunately, in the day and age of social engineering and spear-phishing, antivirus needs to be a little more proactive. The new cloud service Windows Defender Advanced Threat Protection is supposed to be that protection for large, company-wide networks. WDATP move the focus from monitoring individual files to the machine’s behaviour as a whole—rather than searching for the actual virus, it keeps an eye on symptoms. If your machine starts connecting to weird ports or executing unusual PowerShell commands—behavior that’s out of the ordinary for the vast majority of users—WDAPT will flag it to administrators, providing an overview of current and past behavior for admins to look at. Microsoft’s also trying to take advantage of the vast Windows install base to kickstart its antivirus program. Millions of suspicious files found on machines worldwide will be run on the cloud, building a giant centralized database of malicious files, but also malicious behavior.