SentinelOne
Feature availability
Operating systems | WARP mode required | Zero Trust plans |
---|---|---|
macOS, Windows, Linux | WARP with Gateway | All plans |
Cloudflare Zero Trust can check if SentinelOne is running on a device to determine if a request should be allowed to reach a protected resource.
Prerequisites
Before you start, make sure SentinelOne is installed on your machine.
Configure the SentinelOne check
In Zero Trust, go to Settings > WARP Client.
Scroll down to WARP client checks and select Add new.
Select SentinelOne.
You will be prompted for the following information:
- Name: Enter a unique name for this device posture check.
- Operating system: Select your operating system. You will need to configure one posture check per operating system (macOS and Windows currently supported).
- Application Path: Enter the full path to the SentinelOne process to be checked (for example,
c:\program files\SentinelOne\SentinelOne.exe
). - Signing certificate thumbprint (recommended): Enter the thumbprint of the publishing certificate used to sign the binary. This proves the binary came from SentinelOne and is the recommended way to validate the process.
- SHA-256 (optional): Enter a SHA-256 value. This is used to validate the SHA256 signature of the binary and ensures the integrity of the binary file on the device. Note: do not fill out this field unless you strictly control updates to SentinelOne, as this will change between versions.
Next, go to Logs > Posture and verify that the SentinelOne check is returning the expected results.