The Nexus SDK is an embeddable malware detection technology that uses SentinelOne’s predictive models to classify files as good or bad without using signatures or a cloud lookup. The classification is extremely fast (milliseconds) and can be embedded in network appliances, cloud services, file servers and other applications. The Nexus SDK also provides information and verbosity about various indicators that are prevalent in the file to explain the classification. For example, an executable may be classified as bad due to high entropy or if it has the ability to replace the GINA (WinLogon) credential collector.
- SentinelOne – Extending Windows Defender ATP to MacOS and Linux
- Aerohive – HiveManager Requirements for Device Deployment