All services have been fully restored and the incident is now resolved. We have validated that all systems are functioning normally. Thank you for your patience throughout this incident.
Posted Feb 02, 2026 - 21:00 UTC
Update
SentinelOne has mitigated the third-party reputation misclassification of hash e89cb8f5b2a05b00e85a1f549b0d1e48d148ccbf. We have manually updated our global reputation feed and issued a fleet-wide allowlist to prevent further detections.
While infrastructure remains healthy, customers may experience temporary console performance degradation and brief false positive alerts as agents check in to receive the update. These symptoms will subside as the allowlist propagation completes. We will continue to monitor the environment for stability and provide updates should this change.
Posted Feb 02, 2026 - 20:21 UTC
Monitoring
SentinelOne is monitoring a global false positive event caused by a third-party reputation feed misclassification of a benign file artifact. This resulted in elevated reputation-based detections, alert activity across multiple regions, and, for some customers, network quarantines where enforcement policies are enabled.
Mitigation actions have been implemented. Teams continue to monitor platform stability and assist customers with any remaining cleanup. Additional updates will be shared if conditions change.
Posted Feb 02, 2026 - 17:10 UTC
This incident affected: Singularity Threat Services (USA (NA1), USA (NA4), Canada (NA3), Germany (EU1), Germany (EU2), Australia (AP2), India (AP3)) and Singularity Operations Center and Management Console (USA (NA1), USA (NA4), Canada (NA3), Germany (EU1), Germany (EU2), Australia (AP2), India (AP3)).