SentinelOne (S1) just destroyed Atera
Comments
-
Hey,
Our team is on this and checking! I'll update when I have some more info, thanks for flagging this.
You're most welcome to share your exclusion how-to with the community for others to learn from :)
SentinalOne offers some KB articles about this as well.0 -
Hey, our security team had a look at this:
We checked in VT and it seems that Sentinel One does not block Atara.
It is worth recommending to the technicians to update to the latest version of Atera and of course check in the settings of the antivirus that it does not block PUA.
0 -
We had the same issue on Friday. more than 400 agents were flagged and network disconnected
We are still dealing with the fallout.
0 -
From our security team:
We are aware that an older Atera agent version (1.8.3.1) is being incorrectly flagged by SentinelOne. We are working with SentinelOne to have this classification removed as soon as possible.
As a workaround, we recommend whitelisting Atera.
If you need assistance, please contact our support team or refer to this Knowledge Base article.1 -
To be fair, all RMM tools are RATS and many are used by ransomware groups.
It's always best practice to exclude, just in case.0 -
This is a bit old at this point but this just happened for my clients today as well. Many dozens of computers incorrectly labelled Atera as malicious. Despite adding exclusions I am still unable to use Atera for remote management.
0 -
I'm seeing this today too 😭😭
... And very often with eset too. Why can't the rmm and Av vendors not fint a way to trust each other??! It's so annoying.
0 -
Heya,
I can confirm that yesterday the S1 issue raised again and was resolved within several hours after they whitelisted us.
Adding the exclusion is still a good practice and recommended.0 -
Same thing happened to us last month and again today, even though whitelisted. What's the real long term solution to this?
0 -
Could you kindly open a ticket with support? I checked with the reelvant team and there is no known issue that resurfaced. Best to go through the help widget in-app (?) button and start from there!
0
Topics
- All Topics
- 41 Getting started
- 25 Read before posting
- 8 Meet and greet
- 245 General
- 67 News and announcements
- 2 Swag
- 1 Roadmap updates
- 80 Resources
- 12 Knowledge Base
- 17 Webinars
- 1 Shared Script Library
- 2 Blog
- 19 Pro Tips
- 27 Got an idea?
- 3 Atera Academy
- 2 ActionAI
- 1 Copilot
- 140 Remote Monitoring and Management
- 84 Remote Monitoring
- 27 Patch Management
- 106 Professional Services Automation
- 65 Helpdesk
- 17 Billing
- 21 Reporting
- 39 Integrations & add-ons
- 21 Integrations
- 11 Add-ons
- 105 Scripting and automations
- 62 Scripts
- 30 Automations