SentinelOne experienced a minor incident on February 2, 2026 affecting USA (NA1) and USA (NA1) and 1 more component, lasting 3h 49m. The incident has been resolved; the full update timeline is below.
Affected components
Update timeline
- monitoring Feb 02, 2026, 05:10 PM UTC
SentinelOne is monitoring a global false positive event caused by a third-party reputation feed misclassification of a benign file artifact. This resulted in elevated reputation-based detections, alert activity across multiple regions, and, for some customers, network quarantines where enforcement policies are enabled. Mitigation actions have been implemented. Teams continue to monitor platform stability and assist customers with any remaining cleanup. Additional updates will be shared if conditions change.
- monitoring Feb 02, 2026, 08:21 PM UTC
SentinelOne has mitigated the third-party reputation misclassification of hash e89cb8f5b2a05b00e85a1f549b0d1e48d148ccbf. We have manually updated our global reputation feed and issued a fleet-wide allowlist to prevent further detections. While infrastructure remains healthy, customers may experience temporary console performance degradation and brief false positive alerts as agents check in to receive the update. These symptoms will subside as the allowlist propagation completes. We will continue to monitor the environment for stability and provide updates should this change.
- resolved Feb 02, 2026, 09:00 PM UTC
All services have been fully restored and the incident is now resolved. We have validated that all systems are functioning normally. Thank you for your patience throughout this incident.