A research team at SentinelOne’s partner, Aon (Stroz Friedberg) published research this week that discussed a local bypass technique that had the potential to impact SentinelOne’s Windows agent. These researchers first contacted SentinelOne in mid-January 2025 to share the issue. Upon being contacted by Stroz’s researchers, we immediately issued an update that prevents such techniques and communicated guidance to all of our customers regarding the new Local Upgrade Authorization toggle switch and how to protect against this type of local bypass attempt.

As Stroz themselves have reported, the technique described in the research requires an attacker to have a local administrator account on the machine they’re attempting to compromise and access to a SentinelOne-signed installer. Stroz’s researchers tested SentinelOne’s new local upgrade feature and noted its effectiveness in their blog, stating, “Stroz Friedberg performed preliminary testing surrounding this feature and was unable to perform the EDR bypass as previously described above once this option was enabled.”

SentinelOne also shared Stroz’s research with prominent EDR vendors, as the technique is one that could be applied against other endpoint protection products. While such local access poses similar threats to anti-tampering for these EDR products, at large, Stroz went on to say that they have no “knowledge of any EDR vendor, including SentinelOne, that is currently impacted by this attack when their product is properly configured.”

It’s important to note a few additional points that were not fully covered in Stroz’s original blog post.

1. We have multiple ways to protect customers from this type of bypass.
   1. The local agent passphrase is enabled by default to prevent unauthorized agent uninstalls and can also be enabled to protect against unauthorized agent upgrades.
   2. We also offer a Local Upgrade Authorization feature to ensure upgrades are authenticated through the SentinelOne console, which is the recommended method to protect against this bypass. SentinelOne customers can access information about this feature here (password-protected site).
2. If a customer has enabled 1a or 1b, they are fully protected from this bypass.
3. This local upgrade protection configuration is not enabled by default for existing customers to ensure continuity of operations with existing deployment and upgrade workflows, notably in third-party tools, such as System Center Configuration Manager.

Additional steps we’re taking to help customers protect against this technique:

• Today, we are further upgrading these security measures by enabling the Local Update Authorization feature by default for all new customers.
• Additionally, we have updated customer communications reinforcing the guidance sent in January.

We’d like to thank the team at Stroz Friedberg for their partnership in helping to protect customers from this type of technique.