# SentinelOne integration ### Create Integration In Rezonate Get your Webhook authentication Rezonate, this can be done via the Integrations Interface or Prelude CLI. Save generate-webhook output to be used in the following steps. To generate the webhook: * Click on the settings button on the top right menu. * Click on the Integration panel in Rezonate and then "New Integration". * Select S1 Integration and click Connect.

* Select a name for the new integration (it can be any name) and click Save. * Take note of the webhook URL, we will use it in the next step.

### Create Webhook Destination in S1

* Select Singularity XDR Webhook, and click Configure. * Click and expand the dropdown menu: * Select the box under **Response Actions**: **Make "Hooks" available as "Manual Response Actions" from Threats** * Select the Name for the configuration. * Select **"Options for triggering" and** Paste the webhook created in Step 1 to the **URL field** * Select POST in **Action,** and choose **Full Threat Details** in **Webhook Request Body** * Insert the following header into the **Headers** ``` {"Content-Type": "application/json"} ``` * Select **Always Send body** * Click **Next** * Select your organization and site in the **Access Level** * Click **Install**. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://kb.rezonate.io/core-integrations/sentinelone-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.