MDR Host Uninstallation from Stoïk Protect

Overview

You can now uninstall MDR agents directly from Stoïk Protect — whether your endpoints are protected by CrowdStrike or SentinelOne.

This enhancement gives you full control over your MDR lifecycle, from deployment to removal, without needing Stoïk assistance.

Why It Matters

• Autonomy: Manage agent removal directly from Stoïk Protect.
• Security: Maintain proper authorization via MFA and token validation where required.
• Visibility: Keep your endpoint inventory clean and up-to-date with clear host statuses.

How It Works

1. Access the Host List

• In Stoïk Protect, navigate to Endpoints > Hosts.
• Locate the host you want to uninstall.

2. Initiate the Uninstallation

• MFA must have been enabled for at least 2 weeks on your account to create a valid token.
• Click Uninstall Agent from the host’s action menu.

3. Uninstall

The uninstallation process varies according to your provider:

• Uninstallation of CrowdStrike MDR agents requires a manual action with a token
• Uninstallation of SentinelOne MDR agents is fully automated from Stoïk Protect

3. a. Uninstall CrowdStrike Agents

• The CrowdStrike uninstallation token is displayed in the pop-in
• You can follow those instructions to manually uninstall the agent, using this token

3. b. Uninstall SentinelOne Agents

• No token or manual steps are required.
• Stoïk Protect handles the entire removal flow automatically once you confirm the action.

4. Monitor the Progress

• The host’s status updates in real time:
  • Uninstalling while the process runs.
  • Inactive once the agent is fully removed and stops reporting.

Host Statuses