Security

SentinelOne EDR migration across ~10,000 endpoints

Supported global migration from Sophos to SentinelOne EDR, covering rollout strategy, policy tuning, deployment support, and uplifted detection and response.

Challenge

Legacy EDR coverage was inconsistent across a global endpoint estate, with limited tuning and weak feedback loops into the detection team.

Approach

Contributed to rollout strategy, deployment support, and policy tuning. Worked with detection engineering to integrate SentinelOne telemetry into the central D&R platform, refine playbooks, and close the loop with threat hunting and incident response.

Results

Approximately 10,000 endpoints migrated to SentinelOne globally
Stronger detection signal feeding the SOC and threat hunting workflows
Improved endpoint posture and response options during incidents

Stack

SentinelOneTheHiveSophos

Next case study

Wiz CSPM rollout and vulnerability management uplift →