Enhanced Sentinel One integration for auto-syncing access and threat data

What’s new?

Scrut now supports a deeper integration with SentinelOne, automatically syncing:

• User access data for Access Reviews

• Endpoint threat data for the Vulnerability Module

Why does it matter?

Manual uploads and disconnected data make threat response and access reviews inefficient. With this update, you gain real-time visibility across both access and endpoint risks — improving audit readiness and accelerating mitigation.

How it works:

• Set up the SentinelOne API integration once, and Scrut takes care of the rest.

• Auto-fetches user access data into the Access Review module, such as:

  • User name

  • Email/Account identifier

  • Assigned roles

  • MFA status

• Pulls threats from SentinelOne and creates corresponding vulnerabilities in Scrut's Vulnerability Management module with:

  • Threat name (used as vulnerability name)

  • Status and severity

  • Owner email (matched via HRMS, if available)

Need help?

Your Customer Success Manager is always ready to help if you need assistance.
Explore all recent product updates → View now