Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
SentinelOne Singularity XDR
FIN-279
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 09:03
Verified
What It Detects
An endpoint with a public IP address is running a SentinelOne agent that is not updated to the latest version. Internet-facing assets are the most likely targets for external attacks, and an outdated agent may lack the latest detection signatures, behavioral rules, and engine improvements needed to defend against current threats. This combination of exposure and degraded protection increases the likelihood of a successful compromise.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Agent Updated (True/False)
equals
False
Public IP Address
not_empty
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
×
+ Add item
Save Changes
Export Lucidum