Skip to main content

Overview

DSALTA connects to SentinelOne using read-only API access to collect compliance evidence automatically. DSALTA syncs the users in your SentinelOne management console (for access reviews) and application CVE risks. Data syncs every 24 hours and feeds into your Data Library modules.
Read-only access. DSALTA never modifies, creates, or deletes resources in your SentinelOne account.

How to Connect

SentinelOne connects with an API token and your Console URL — there’s no app to install.
1

Generate an API token

Log in to your SentinelOne management console and go to Settings → API Token. Generate a token for a user that can read console users and application risks.
2

Find your Console URL

Your Console URL is the address you use to reach SentinelOne, for example https://your-instance.sentinelone.net.
3

Connect

In the DSALTA sidebar, go to Integrations, find SentinelOne, and click Connect. Paste your API token and Console URL into the secure window and submit.
4

Finish

DSALTA runs an initial sync — usually a few minutes — after which the compliance checks below activate.

Automated Compliance Checks

Each check below runs automatically every 24 hours. Click any check for step-by-step remediation guidance.

Troubleshooting

Re-authenticate from Integrations → SentinelOne → Reconnect. This can happen if the API token was revoked or rotated in the SentinelOne console.
Confirm the API token is still valid and the Console URL is correct, then trigger a manual sync from the integration settings.