• Capture Client
• Overview
• Deep Visibility
  • Getting Started
  • Accessing SentinelOne Help
  • Finding Threat Hunt Queries in SentinelOne
• Hunter Chrome Extension
  • Installing SentinelOne Hunter Chrome Extension
  • SentinelOne Hunter Modes
  • Licensing SentinelOne Hunter Chrome Extension
• Network Control
  • Getting Started with Network Control
  • Configurable Network Quarantine
  • Network Status
  • Network Quarantine Operations
• Remote Shell
  • SentinelOne Remote Shell Use Case 1
  • SentinelOne Remote Shell Use Case 2
• Rogues Detection
• Useful References
• SonicWall Support
  • About This Document

Deep Visibility

The Capture Client Deep Visibility Feature powered by SentinelOne, helps you to search across endpoints for all Indicators of Compromise (IOC), adding benign detection data to the EPP data of the core solution.

Data is collected from each device and sent to cloud for storage, deep visibility reporting, and threat hunting. The autonomous agent analyzes the events, processes, and files.

Every element of a story is linked to Storyline. This gives you the full picture of what has happened on a device and reason for it to happen. Thus the Storyline also helps you save time by searching easily to view the full chain of events.

Deep visibility helps users to gain insights into file integrity and data integrity, and monitors traffic at the end of the tunnel, which allows an unprecedented tap into all traffic without the need to decrypt or interfere with the data transport. This empowers users with a rich environment for threat hunting that includes powerful filters and the ability to take containment actions, along with fully automated detection and response.

Default Retention Period for Deep Visibility Data

Default data retention period for Premier is 14 days. However, data retention can be extended on a request basis, with additional cost.