Secure Tomorrow | SentinelOne
Introduction This article was written to provide best practices to triage possible false positives Alerts in the SentinelOne Management console from a known source. Administrators often see a number of verified/signed alerts that relate to a genuine tooling use by the organisations. Preliminary Requirements To reduce false positives to a minimum, please follow the recommendations... Continue Reading →
SentinelOne recently improved in AI SIEM the Alert Context by adding for each alerts (Third party and also Star alert) its indicators that contains all the raw data from its underlying event. Prerequisites: Sentinelone Singularity Console admin access. Hyperautomation licence. A third party integration with some generated alerts. In the SentinelOne console, go to alert... Continue Reading →
This article will take you through the steps to deploy SentinelOne macOS agent to your enrolled Workspace One macOS. Pre requisites: Admin access to the Workspace One console. macOs device with Sequoia 15+ enrolled into Workspace One. Admin Access to SentinelOne console. Agent deployment. Go to the SentinelOne Console then Agent Management, select the latest... Continue Reading →
This article will take you through the steps to deploy SentinelOne macOS agent to your enrolled Jamf School devices. Pre requisite: Download & Install iMazing Profile Editor --> Used for profile creation that can't be done in Jamf School. Download & Install Composer (As a Jamf Customer go to account.jamf.com -> Products -> Add-Ons) --> Used to... Continue Reading →
1.) Gather your files in one folder with same name. Example (domain.cer, domain.key) 2.)From CMD go to the folder and type: certutil -MergePFX domain.cer domain.key
This steps below describe how to setup Windows 10 Mac Address as a custom attribute in VMware Workspace One. Such settings are required for exemple when leveraging Certificate template and require the Mac Address. Creating the Files to push down: Add MAC Address in registry (Powershell script) $MyMacAddress=(Get-WmiObject Win32_NetworkAdapterConfiguration | where {$_.ipenabled -EQ $true}).Macaddress |... Continue Reading →
This article explains 2 different methods in order to keep an Application running on MacOS Script Code: #!/bin/bash application_name="Notes" osascript -e "do shell script \" if ! (ps aux | grep $application_name | grep -v grep > /dev/null) then Open -a $application_name fi \" with administrator privileges" Custom Attribute Method... Continue Reading →
For Windows Mobile legacy device (Windows Rugged) 1 Over-the-air Migration from SOTI to Workspace One UEM 1.1 Migrating your Windows Mobile legacy devices. 1.1.1 Introduction ACME PTY require to migrate their X scanners from their SOTI legacy tenant running Mobicontrol to their VMware Workspace One UEM Platform in order to decommission the Legacy SOTI tenant... Continue Reading →
This article is going to describe how to "Block" OS upgrades on Samsung devices using Workspace One UEM wherever your device are Android Enterprise or Device Admin. In order to do so, we will need to Blacklist the application process which are responsible to process the Device Firmware upgrade. 1.) Building an App Groups containing... Continue Reading →
When managing an Android Enterprise work managed device, you may want to deploy internal applications (called side-loaded) onto your devices. One of the challenges with internal apps is the possibility to grant permissions of the app on behalf of the user. In order to do so, you will need to prepare the Android code with... Continue Reading →
Dany Leclerc's Blog 