Its just an edr solution with bells and whistles. Edr is just endpoint detection and response. It does more but it also takes a person to setup. More on reddit.com

To ensure that heavy but trusted applications run as fast as they can, you need to create a Path exclusion in Interoperability mode. If you are a direct customer, I highly recommend checking out our Onboarding Hub in the Customer Portal and enrolling in the Foundations course at SentinelOne University. For MSSP customers, the Getting Started section in the Console Help is a great resource. If you are not yet a customer, feel free to explore our product tours, watch our demos, or schedule a call with one of our Solution Engineers. https://www.sentinelone.com/tour/ https://www.youtube.com/@Sentinelone-inc/videos https://www.sentinelone.com/request-demo/ More on reddit.com

The applications you’re referring to are unique in the respect that the anti-cheat components and behavior of executables is generally unique to non-commercial software. As a result, SentinelOne’s heuristics and detection mechanisms are not finely tuned for such applications. The approach isn’t scorched earth, but rather, business-focused. From a customer perspective, I manage over 300 companies’ SentinelOne sites, with 90% requiring zero exclusions or tuning. We have thousands of applications (and unfortunately many versions of each), some of which isn’t commercial software, and the issue you’re referring to is very uncommon for us. If your EDR isn’t hooking, monitoring behavior (even in trusted apps), gathering logs and telemetry on a consistent basis (which isn’t ‘invasive’, but comprehensive) then it isn’t an effective EDR. More on reddit.com

if you haven't yet, demo purple. game changer and runs circles around copilot for writing queries. haven't played with Charlotte yet but purple is a fantastic rollout.

More on reddit.com