Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
SentinelOne Singularity XDR
FIN-280
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 09:03
Verified
What It Detects
An endpoint has not communicated with the SentinelOne management console in over 30 days AND has unresolved threats in its threat list. This means known threats were detected but the asset went dark before remediation could be completed or verified. The threats have been sitting unresolved for at least 30 days with no visibility into whether they have escalated, spread laterally, or resulted in data exfiltration. This is a potential active compromise on an unmonitored asset.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Last Time Seen
older_than_days
30
Threat List
not_empty
Remediation
×
×
×
×
×
×
+ Add item
Why It Matters
×
×
×
×
+ Add item
Save Changes
Export Lucidum