SEKOIA.IO already gives you the possibility to plug in with the SentinelOne agent and you will be glad to know that **14 rules specific** to this intake have been added! These rules are a selection of the most interesting events sent by the SentinelOne agent, such as "SentinelOne agent being disabled" or "Suspicious threat detected but not mitigated".  Please note that a rule named "SentinelOne Custom Rule Alert" has an "intermediate" effort and will raise alerts on SEKOIA.IO based on your SentinelOne Custom Rules. Therefore, you might want to tweak that rule depending on your Custom Rules.