What is happening? S1 was deployed as a temporary EDR in response to a security breach earlier this year. Recently, a request for proposal (RFP) process was completed to select a permanent EDR solution. The S1 product from a different solution provider was selected as the result of the RFP. Visit the IST Service Catalogue to learn more about Sentinel One (S1).
What do I need to do? Currently, no action is required. This is a continuation of the same S1 product; however, a different vendor is managing the implementation.
What is the impact? Windows Defender will remain disabled on IST-managed workstations. It is recommended that non-IST-managed machines disable any existing anti-malware, including Windows Defender, if Sentinel One is installed on the machine.
Questions or concerns? Please contact Mike Patterson, Manager Security Operations, email@example.com.