Pentest - We Totally Missed It! - Don't Trust Any EDR Blindly and Others

A penetration test was conducted in a client's environment, generating several alerts from Sentinel One indicating lateral movement behavior across all hosts. The alerts were marked as mitigated and remediated, leading to their closure. Subsequently, the client sent an email indicating poor coverage and a poor approach to response engineering.