External reviews are not included in the AWS star rating for the product.
We use it for protection and endpoint detection across our entire customer base because we are a managed service provider. It is also for endpoint protection of our internal machines.
We have Linux, Mac, and Windows. It has essentially replaced our antivirus solutions. It is our full endpoint detection. We then work in and partner with our outside XDR and our SOC. We interface SentinelOne identifications and alerts into the SOC so that they can manage those for us.
It is very strong in terms of the ability to ingest and correlate across our security solutions. They have added cloud capabilities. Some of that is through acquisitions, but a lot of it is native. It allows us to bring in data from everywhere, analyze what we need to analyze, and make sure that we are as secure as we can possibly be. When we have SentinelOne running in an environment, it always makes us feel more comfortable. We require it for every one of our customers. They may have a license elsewhere, but regardless of that, we essentially say that if they are coming on and going to be a customer of ours, we are going to remove whatever they have, and they are going to SentinelOne just because it is a far superior product that we have tested and evaluated.
With SentinelOne, we have not consolidated security solutions, but we have reduced our TCO because we do not have to support customers utilizing other endpoint protection solutions. We simply would not work with other solutions. We enforce SentinelOne to be the only endpoint protection solution that is monitored or managed by us. That obviously has helped our TCO in terms of the knowledge base and being able to support and protect our clients, but we have not reduced any applications or vendors that we work with because we stuck with SentinelOne from day one.
We have used the Ranger functionality a little bit. It provides network and asset visibility. It lets us see everything else that may be on the network that we may not already have an idea of. Just by having an agent in the environment, it lets us see additional switches that may have vulnerabilities or new machines that may pop up on the network that we are unaware of. There is a large benefit to that, for sure.
The fact that Ranger requires no new agents, hardware, or network changes is crucial to it being effective because a lot of different solutions out there require you to have something else running on the network to be able to perform the functions of Ranger. However, the way they designed SentinelOne, we can essentially have the regular SentinelOne singularity agent installed on a machine out there and enable the Ranger functionality on the agent. It will then do the work for us. Rather than having an additional appliance or an additional software service running in the environment to capture the information that we are looking for, we get it from Ranger. Ranger can help to prevent vulnerable devices from becoming compromised, but we have not used it this way.
SentinelOne Singularity Complete without a doubt has helped reduce alerts. With the policies that we enable across the board for our customers through SentinelOne Singularity Complete, we can onboard new clients, and as we onboard them, we are able to quickly and easily protect their environment without filtering through a ton of random alerts that are typically false positives when you are onboarding a new customer. That, to me, has been a huge benefit to having SentinelOne and reducing our overhead to manage the new customers that we are bringing on.
SentinelOne Singularity Complete has helped free up our staff for other projects and tasks by reducing the false positives that we get for our existing customers and when we onboard new ones. It obviously allows us some engineering time to be focused elsewhere. We have been able to do more automation and tie in other protection solutions into SentinelOne, such as our XDR with our SOC.
SentinelOne Singularity Complete has reduced our mean time to detect (MTTD) without a doubt. We get alerts regularly from the console that get notified to our SOC and also internally. We are able to respond to those very quickly. In fact, on average, about 90% to 95% of the time, SentinelOne Singularity Complete automatically remediates the solution based on how it is set up with our policies. Therefore, we do not have to do anything other than verify that it was a legitimate threat that was blocked.
Our mean time to respond (MTTR) is a lot faster than what we experienced with other solutions in the near past. It is almost immediate. It sees the process kick off. It remediates it 90% to 95% of the time, and even when it does not remediate it, it alerts us immediately. We are not waiting for a weekly scan or a daily scan that the other solutions typically use because it is all in real-time with the Singularity agent.
SentinelOne Singularity Complete has helped reduce our organizational risk. It is one of those solutions that lets us sleep easier at night when we have it on a machine. Security, in general, is not set-it-and-forget-it. It is not a single layer. You have to have multiple layers. We have other solutions that we partner with SentinelOne to try and make the environment as secure as possible, but SentinelOne is definitely the starting point. It gets us protected, and it makes our lives easier with the device. We feel more confident that the device is secure from everyday end users who do not necessarily know the difference between a fake or a phishing email that has a fake Adobe or Word Document attached to it that they are going to download and try to run. It definitely makes our life easier, and in my role, it helps me sleep a little better at night knowing that all of our machines are protected by that, both internally and across the board of our customers.
The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not. There is always that concern that you protect what you know, but items can be brought into the network that you are unaware of because you are not sitting at every customer location every day or every office every day, so the ability to quickly identify anything new on the network has been a huge benefit to the application. It is something that they have added over time. It has been huge for us.
Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly. It is very effective, and it protects our environment like no other solution that we have ever worked with or tested. It is very strong, but you have to get in and look at the visibility reports and the information in the system, in the console, and on the dashboard to really identify if something is being blocked and causing a performance issue for a customer or on a machine. They have the flexibility there, but it can be a little frustrating at times to find the needle in the haystack until you get used to the console and understand how it works. So, there are times when it can impede the ability of an application. The way I typically look at that is that the application developer or whoever developed the app is probably using some functionality that is not standard, and that is why SentinelOne is effectively not allowing it. The only issue there is that we do not always know that SentinelOne is not allowing it. It could be impeding the traffic for an application or a database connection, but we do not know that initially. It does not flag that as a threat or block anything, so there is no alert.
They have device and network control that they have added over time. It allows you to take over control of the firewall through the network control, and you can block and manage CD-ROMs and USB devices. One thing that I always thought would be beneficial for device control is the ability to enforce encryption on USB and external hard drives. You do not have to have a separate agent to handle any of that even if it is just tying into BitLocker on Windows devices or BitLocker To Go capabilities. To me, that would be a huge benefit to the product so that there is no other application, and you do not have to privately manage BitLocker settings for USB devices or external hard drives.
Lastly, it would be very beneficial to have a solid SentinelOne agent for mobile devices that easily ties into the existing endpoint dashboards. With the proliferation of mobile and email threats that are exploited on mobile devices having a centralized console for managing these endpoints would be crucial in the future.
Between my current organization and prior organization, I have been using SentinelOne for close to 12 years.
We have not had any incidents where we have had to contact them for an emergency. There were no ransomware outbreaks and no major attacks or threats running through our environment, so I have not had to deal with that level of support. Typically, we reached out to their support when we had a question on interoperability or we were seeing some weird effects or an agent upgrade not wanting to push from the dashboard properly. For the most part, their support is pretty strong. The turnaround time is usually pretty good. We had only one ticket that had to be escalated above the initial tier 1 support. They get prioritized based on criticality, and even that ticket was closed within eight calendar days. To me, it was not a critical issue. I did not think it was an issue, but it took eight days. That was well within the expected time frames. I would rate their support a nine out of ten.
In the past, I have used Trend Micro. This was prior to endpoint detection times. It was more than nine years ago. I used Trend Micro, Kaspersky, Norton, and McAfee. I have also used ESET and Malwarebytes. Typically, we were using those in layered approaches. We put ESET and Malwarebytes on the same machine because they served different purposes, but I have not used those in nine or ten years.
By implementing SentinelOne Singularity Complete, we were not necessarily trying to solve a problem. We wanted to try and find a best-of-breed solution that was more effective than legacy AV because legacy AV is based on somebody getting hit by the virus, and then it allows the fingerprint to be used to block hashes, etc. Somebody has to get hit, and then everybody else can benefit from that. That was the old model, and we wanted to go next-gen. We wanted to make sure that we were using something that could be as protective as possible on zero-day outbreaks. After reviewing many of the solutions out there, we felt like SentinelOne was the best of the breed. That is justified year over year, and that is why we have continued to stay with them both in my last organization and this one. When you review different reports that are out there every year, SentinelOne is the leader year after year.
It has helped us save a lot of soft dollar costs. I do not know if they offer it to everybody, but we have the ransomware insurance policy from SentinelOne that provides us a certain amount of reimbursements per endpoint should there actually be a ransomware outbreak. In all our time, we never had to use it because there simply has not been a ransomware outbreak on a single one of the machines that has SentinelOne properly installed on it.
We buy the licensing in bulk. From a pricing standpoint, because we buy in bulk, we get very good pricing. Based on its functionality and capabilities, it is well worth the price. I do not think it is at all expensive based on what you get in the solution. We use the complete up to the core. Our pricing is probably a little bit more than somebody who is on the core. In general, it is well worth what you get for the price you pay.
Overall, I would rate SentinelOne Singularity Complete a nine out of ten.
The primary use case for us is to use the lightweight SentinelOne agent on our endpoints. Our previous vendor's agent was heavier, which caused performance issues when scanning our systems. We were impressed with how lightweight the SentinelOne agent is and how few resources it consumes. We also use it for some of our infrastructure, which includes machines with limited resources. We wanted to find a solution that would not impact the performance of these machines.
SentinelOne Singularity Complete has streamlined the mitigation process and the time it takes to analyze and understand whether I have a true positive or a false positive. This has definitely saved me some time. The rollback feature is also a nice addition. Previously, our old solution would link out to services like VirusTotal, but it was difficult to follow these links to determine if an alert was a true positive or a false positive. For example, an alert might be labeled as a potentially unwanted application, which might not be as critical as a true positive. SentinelOne has made it easier to determine the severity of an alert. I have also noticed that SentinelOne has cut down on the number of false alerts. Our old solution would alert us to things like Chrome browser updates, which would download and make registry changes. With SentinelOne I have only encountered one alert that I didn't need to worry about.
We have definitely saved a lot of time. We had to spend some time setting up the environment correctly, scaling up the protections, and setting any exemptions. After that, the most I need to do is troubleshoot issues that are not related to SentinelOne, such as removing the SentinelOne agent if I need to troubleshoot another issue on an end-user device. Application updates, such as when a new installer is released, are the only other times I need to access SentinelOne, besides when I need to review an incident.
It has helped us reduce our MTTD. We are notified of threats quickly, and being able to see the threat on our dashboard has simplified the process. Once a threat is identified and I am on the screen, I can click once to view the visibility and see if the threat is anywhere else on our network. This is fantastic.
SentinelOne Singularity Complete has helped us reduce our MTTR.
Although it is difficult to quantify the direct financial savings of SentinelOne Singularity Complete, we have saved money indirectly through time saved.
Visibility is one of the most valuable features of SentinelOne Singularity Complete. It does not directly replace a dedicated SIM solution, but it works well for our environment and gives us the visibility into our systems that we need.
I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud. From the notification we can click into the incident to start reviewing, it is just a few clicks. I have all the data in a single pane, and I can pivot to other sources of information, such as VirusTotal, with a single click. I can also hunt for the incident on the network with a single click. This makes things much easier and saves me time from having to review logs.
One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves. This could be done in cloud storage or through our mobile device management platform. When they release a new package, whether it's an early release or a general release, I believe they could provide more value by hosting those packages directly. Currently, when they release a new package, I get notified, which is great. However, I then have to go to the portal, download the package, and replace the package that we have posted on our own cloud storage. This is time-consuming. If they could simply provide me with a link to the latest general release installer, that would be fantastic. Even if the link changes, I would only need to change the URL in our cloud storage. This would save me a lot of time.
I have been using SentinelOne Singularity Complete for five months.
I keep the central tab open in my browser. If I click Sign in instead of being signed in, the page refreshes, and I have to sign in again. I think this was just a session token expiring. I have not experienced any stability issues with SentinelOne Singularity Complete, such as crashing or downtime.
SentinelOne Singularity Complete is scalable to our infrastructure and endpoints. Once we figured out the deployment hurdle for Windows and Mac, we were able to push it out to all of our endpoints without any problems. I can break out devices into different sites and groups, and some of those groups can be dynamic. For example, if I'm looking for a Mac computer versus a Windows computer, I can just click on the group and see all of them there. I can also add tags for anything, such as the OS version or if the person might be a specific risk. These are non-relational attributes and values that we can set, so we can define whatever schema we want. It's fantastic.
The technical support team was quick to answer my question and their answer was precise. I didn't have to go back and forth with them or explain things multiple times. They gave me exactly what I needed.
We previously used BitDefender and Malwarebytes. SentinelOne Singularity Complete was priced similarly, and we felt that it had better support. When we had a support issue, it was answered and resolved quickly. Additionally, the visibility and ability to traverse the logs of all the other devices in our network were invaluable. This allowed us to see if a threat might be present elsewhere in our network. This is what ultimately led us to choose the complete solution over the other SKUs that they offer.
SentinelOne Singularity Complete has a lightweight agent. Additionally, some of our servers are running older operating systems. The agents from our previous vendor did not work well with these older systems. I specifically looked for a new solution that would not be a watered-down solution and would function across our legacy architectures as well as our current modern setup.
Another benefit of the Singularity Complete solution is the increased visibility it provides. We are able to collect data on endpoints that are connecting to specific IP addresses or installing specific files with similar hashes. This allows us to see how far a threat has propagated through the network or if anyone else has it installed. This is something that we could not do with our previous solution.
We use Windows and Mac computers. Deploying SentinelOne on Windows was fairly easy. We were able to do it through our remote management solution. The installation was straightforward and simple. The most difficult part of the process was that the device had to reboot in order for SentinelOne to connect to the visibility service and bring everything online.
Deploying SentinelOne on Mac was a bit different. This is primarily due to the way the macOS operating system works. We need to grant specific privacy permissions to applications in order for them to have full disk access or screen recording capabilities. We found that if we installed SentinelOne on the user profile of a Mac computer, the user's administrator could remove it. This is not ideal, so we had to go back to the drawing board and deploy SentinelOne through our MDM solution.
The biggest headache was that, in order to deploy SentinelOne through MDM so that users did not have to grant privileges to the application, we needed to create a Privacy Preferences Policy Control profile with the specific permissions granted for the SentinelOne bundle ID. We then pushed this profile out to all users. Once we did this, the installation was seamless.
A few colleagues and I completed the implementation in-house.
We have seen a return on investment in the form of time savings. We used to spend more time on incidents, but now we can quickly triage them and move on to other things. This has freed up our time so that we can focus on more important tasks.
We did receive a competitive price for SentinelOne Singularity Complete. However, I believe the retail pricing, or MSRP, is a bit high. I hope we can get the same competitive pricing through our reseller when it comes time to renew. I still believe there are benefits to the solution, even if we had to pay the list price. However, I think they could be more competitive with their upfront pricing.
I would rate SentinelOne Singularity Complete eight out of ten. The room for improvement is to add some additional features, such as Ranger, which they sell separately. I see a lot of value in Ranger, and I wish it was included with the complete purchase.
We do not have any direct plugins for SentinelOne Singularity Complete, such as Ranger. Ranger is an add-on that I believe can be purchased through SentinelOne to expand our visibility. We do not have that, and I wish it was included because there are quite a few nice features that I would hope to see eventually included or trickled down to the complete solution. I feel like those are just a few other cherries on top that would really put this package over the top. One of the struggles I have in a Mac environment is creating a custom application creating the Privacy Preferences Policy Control profile and setting everything correctly so that users do not need to interact with the application when it is pushed to them. SentinelOne has clear documentation and works with a few MDM vendors that have documentation already published. So when we were running a POC for a few of these vendors, it was very easy to get that set up, which is not something I can say for other applications.
SentinelOne Singularity Complete is an intuitive product. I found the getting started guide and active preparation checklist to be very helpful. The checklist is well-documented and comprehensive, and it covers everything from the initial purchase to GoLive. The support team was also able to answer any questions I had about navigating the application. The interface is mature and user-friendly. I have not encountered any major issues so far. Overall, I am very happy with SentinelOne Singularity Complete.
SentinelOne Singularity Complete is definitely valuable as a strategic security partner. SentinelOne Singularity Complete was our top choice, and we are happy with it. I would definitely recommend it to my colleagues if they were looking for a solution for their company.
Maintenance is only required when the vendor releases a new general access version of the installer. I need to download the new version, upload it to our servers, and make sure it deploys successfully to our machines. This is the extent of my maintenance responsibilities. I do not need to directly interact with the application itself.
I would recommend that people evaluating SentinelOne Singularity Complete try it out to see if it is right for their environment. SentinelOne offers a trial that can be set up for their environment. When an organization purchases the product, they will flip a switch and there is no need to set anything else up. This was beneficial for us because we did not have to waste time setting up and deploying the product to a few devices in our environment only to have to do it again after we purchased it. I would also recommend engaging with the resources that SentinelOne provides to get a good understanding of the product. We can tweak the settings and see how it responds to different threats. If organizations have any specific needs, they can talk to an engineer during the trial. This was helpful for us because the engineer was able to make changes to the settings to meet our needs. Overall, I would recommend taking a look at SentinelOne Singularity Complete. I was initially overwhelmed by the different SKU offerings, but I was able to work with sales to find the best package for our needs. The SentinelOne team has been very helpful.
Our visibility and response to a lot of the things that come with an enterprise network have improved. We have users doing multiple things across different platforms. There are applications, servers, endpoints, and certain things that fit in the wild, and it does a really good job protecting all of them.
It has saved time for my team because of what we can do in terms of device control that it provides externally. We have total control.
When it comes to detection, we have email alerts when a threat comes across, so it's pretty quick. And if we have predefined responses to certain threats, then obviously, our response is instantaneous. But in a lot of cases, we like to have our administrators take a look at it and make sure it gets remediated as quickly as possible.
As for security, SentinelOne Singularity puts us in a better place than most solutions. We can look at platform reviews that keep us in the loop regarding what's not considered a good solution.
The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported.
It also has a lot of flexibility with its ability to ingest things.
And the AI feature of the solution is prompt in how it learns a certain network and how it responds to certain things. If you do come across false positives, it's relatively easy to get around them.
There are some obstacles you have to overcome when it comes to whitelisting and the like, but that's true of every XDR platform.
Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved.
We've been using SentinelOne Singularity Complete for about three years.
I would give it an A-plus in stability. A lot of times, when you download a new endpoint protection agent or an AV agent, you might run into a lot of compatibility issues or programs kind of freezing up.
I would give it an A-plus for scalability as well.
Our experience with their technical support has been straightforward and good. We got good, timely responses.
As a strategic partner, they're "the new guy on the block." There is some talk of them being bought out. I have heard some rumors like that. But from what I've seen, SentinelOne is just as good as, or better than, any other security partner out there.
We did use an endpoint protection platform, but I can't comment on which one we used.
I was involved in the whole process of deployment. One thing that wasn't SentinelOne's forte was compatibility with a script for an on-premises software distribution tool. Most of what we did was homegrown to deploy the agents to the machines.
We did it in-house. There were a handful of us involved, probably 10 at least.
I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process.
We looked at a couple of other solutions but, again, I can't disclose more about those.
The speed and user friendliness that this platform offers break down some complex aspects of the security industry, and the solution lays them out in a way that a general user can understand.
Definitely compare and contrast Singularity with other solutions. It depends on what fits best for you, what industry you're in, how mobile your network is.
We use it at our enterprise to protect all of our endpoints. We needed an EDR tool, and this product was one of the top options that we looked at at the time.
We definitely get a lot more insights into incidents. When we get an alert, we can go a lot deeper into the information and investigate.
The deep visibility is really important for us. With it, we can really look deep into some of the incidents.
Singularity's interoperability with other SentinelOne is okay. It does an okay job. We can tie it into some of our other tools.
The solution's ability to ingest and correlate across our security solutions is okay. We can tie it into messaging solutions so that we can get alerts directly rather than logging into the console.
It reduces alerts. There are not a lot fewer false positives. I'm not sure the percentage it has reduced, however in comparison to before, it is definitely less.
The product does save a lot of time and we are able to get to tasks and respond quicker. It's helped reduce our mean time to respond.
It's helped us save costs in some areas. It would be based on hours saved. While the solution itself is a little more expensive, operationally, it helps us reduce costs.
We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it.
The remote console is currently an add-on. Having the remote console without having to pay a huge fee would be ideal. They could reduce the cost a lot.
There was an issue a few months ago where the agent kept getting shut off, however, now there's a newer agent and that's not happening anymore.
I've used the solution for almost two years now.
The stability has gotten better and better over the last two years.
The solution is deployed across 2,000 machines in four properties.
It can scale well. We keep deploying it further and it works.
Technical support does a good job. I've never had to work with support a ton. They do a decent job.
We had previously used a few solutions, including FireEye and Endgame. We left Endgame when they got bought out shortly after we bought them and it felt stagnant.
The deployment was pretty straightforward. We deployed it originally in a reduced state until we had an outline for a majority of machines when we could protect the environment better.
We had two or three staff members who handled the deployment.
There is some maintenance required. We do have to monitor and fix agents and occasionally update the product. There are two to three people who perform occasional maintenance duties.
We set up the product ourselves.
We have witnessed an ROI, although I can't speak to the exact number or percentage.
I don't have any visibility on the pricing.
We did evaluate other options. We looked into CrowdStrike and SentinelOne and maybe one other option, however, it wasn't considered very long. We demoed CrowdStrike and went with SentinelOne as it was more user-friendly and had a better flow. CrowdStrike felt thrown together and was hard to navigate.
SentinelOne's ability to be innovative is good. They've done a good job. Over the last two years, the product has continued to improve, change, and add valuable features.
The quality of the product is good. It feels mature and is well-developed. I don't have any concerns with its technology.
They are a good strategic security partner. They are a growing company and one of the leading EDR tools in the space.
I'd rate the solution nine out of ten. I would recommend it to others.
This is our primary and only EDR in our environment. We have this deployed to corporate workstations and servers, utilizing a variety of operating systems including Windows, macOS, and various Linux distributions. The data ingested into Deep Visibility provides great insight into what is going on in our environment. The XDR capabilities in there almost make you not even need a traditional SIEM anymore. The Identity solutions involing Active Directory security provide great information on our environment for continuously auditing and remediating threats.
SentinelOne's ability to prevent, detect, and respond to threats like ransomware and zero-days without requiring immediate human intervention saves us a lot of time and manpower. We have seen multiple occasions of rogue applications, suspicious downloads, and unauthorized USB drives get flagged and quarantined before anything could happen.
We have gained 2-3x more visibility into our endpoints with the benefits from Deep Visibility. The timelines created from incidents paint a very accurate picture of what happened in a given time window.
The platform has significantly enhanced our security posture through three key areas:
The grouping feature needs improvement. There are many times I've wanted to do blacklisting or exclusions for specific people in a group, however, I don't want to remove them from the group itself. Giving admins the ability to create subgrouping would allow for all parent exclusions to be applied without the need to create all new scopes.
The integration of an MFA push when signing into the admin console. I know this is a small thing but it is much more convenient to accept a push versus scroll through my many 2FA profiles to find the code for SentinelOne's platform.
I've been using the solution about 5 years while being on both an IT support team and Cyber Security team.
They are pretty stable. The company is expanding at a good rate and they are releasing new features to maintain the stability effectively. Downtime on their end has been very minimal.
Technical support is quick and helpful. They do a good job of addressing issues at level one and escalating if needed.
We are at about 98% deployment. There are endpoints that pop up that don't have the agent to get it, however, we're past the deployment phase or past the initial configuration phase. It's all just maintaining and tweaking, and as new features come out, we adjust.
I wasn't here for the initial deployment process. I've done a lot of configurations for new features that they've implemented.
Our team does general maintenance. They do a really good job of giving you the information you need to troubleshoot. Their knowledge base is very helpful to those brand new to the console and even more experienced users of SentinelOne.
The solution seems to be quite innovative. They are coming out with new features every month and continue to roadmap impressive products for the future as well.
This is a great product. If a company is unhappy with its current EDR, SentinelOne is a good choice. They are acquiring a lot of companies and solutions to add to their roster in order to provide a more centralized platform. I look forward to what they will bring in the future.
I'd rate the solution nine out of ten. It's going to be a good one-stop-shop and I enjoy working with them.
We use the solution for antivirus protection. We do know it does more, however, we're trying to just get the antivirus program up and working and functioning at this point.
It's allowed us to really cover all of our endpoints, including servers, Macs, and services. We're hoping to do a kiosk mode in some of these services for our labs and facilities, and we're hoping that SentinelOne can actually do that. We're going to work with them to make sure we can get that rolled out.
The fact that they have a lot of search features is very helpful. We can go into their filters and we can filter out by specific computer name, for example. We can specify if we want Macs or we want Windows computers, or if we want just laptops, or desktops. There's just a lot of versatility as to how we can look up the devices and really drill down.
The interoperability with other SentinelOne solutions and other third-party tools is good. For other third-party tools, I've used other antivirus software that doesn't have this type of interface. This gives you a lot more latitude to control the computer to basically push out updates and monitor what's going on with the endpoints immediately. It really helps with everything that you need to be on top of quickly, and it really helps that we can monitor everything in real-time.
It integrates smoothly with other solutions. We were able to push out the software and the agent to all the endpoints rather easily. There were only a few stragglers who just weren't physically on and weren't getting the endpoint, however, the rollout went pretty smoothly. The few endpoints not covered were ones that weren't turned on or not in use.
My impressions of the solution's ability to ingest and correlate across our security solutions are positive. It works really well.
We like the fact that we actually have a dedicated person at SentinelOne that we can talk with and work with.
It's helped to reduce alerts. The alerts have really gone down. We've actually had a lot of good coverage. There really haven't been that many alerts or issues. They've actually caught a lot of issues and threats before it's even been a problem. It's really helped cut down on the amount of work that we have to do on our end for troubleshooting and the prevention of viruses or phishing attempts.
This solution helped us to free up the time for other projects and tasks for your team members. We just rolled out a new software program, and it allowed us to focus on that more rather than having to deal with virus alerts that come through from our previous virus program. They've really managed it for us and really helped us find more time to work on the projects that we really need to focus on to advance our business rather than worry about threats that are coming through. It's been quite a time saver.
It helped to reduce our organization's mean time to detect. It's got a much nicer interface to work with, and it's really helped to have them as a working partner rather than our previous vendor which was just a little harder to get a hold of and not as easy to work with.
The mean time to respond is much quicker than what we did have.
It has helped to reduce our organizational risks. We save a lot of hours by not having to deal with all the alerts and managing them. It has saved us many hours of work and really helped us focus on what we really are there to do rather than working on the threats that come our way.
The solution does allow us to be innovative. The product has a nice interface and is quite robust in comparison. We like the options and availability and how it allowed us to manage our endpoints.
Using the filters takes a little bit of time to get used to. There are so many. You have to scroll from side to side in the filter section to find them. It's not very user-friendly.
Some of the options they have up top are a bit much. It is a bit daunting. It minimizes, and then you have to click on select filters for it to completely open, and then you've got a scroll to the right or scroll to the left. Even if you maximize your screen from left to right, there are still more filters to scroll through. They're not well laid out.
I haven't used the reporting feature much, however, having a little bit more options in reporting would be helpful.
I started using the solution about six months ago.
The solution is very stable.
We have about 400 endpoints. They are all deployed in one location.
It is a scalable product. If we need to add more endpoints, we can. That said, we have yet to scale.
Technical support has been really good.
We had a current vendor called Carbon Black who did our antivirus software, however, it wasn't it wasn't working as well as we would have liked. So we went with SentinelOne to give us a more complete solution.
There is just a lot of functionality on the end of SentinelOne that we just didn't have with Carbon Black, and it just made a lot more sense to go with this. Even though it was priced a little bit more.
I was involved in the deployment of the solution. The process was very simple. SentinelOne took care of most of it for us.
SentinelOne pushed out the agent for us.
We did not need a lot of resources in terms of staff members. We were involved in the planning yet not too much of the implementation. We're still working on covering the last few machines.
There is some maintenance, however, they are mostly updates and those are pushed out by SentinelOne.
We had a representative from the vendor who helped with the deployment.
I can't speak to the exact numbers in terms of ROI. However, other programs do not have as much support and in that sense, support, along with savings, has provided some form of ROI.
My understanding is the pricing is reasonable.
We evaluated other options as well. We looked at Norton, McAfee, and Avast, which were built-in. We went with this product based on the support we would get and the fact that they were personable and easy to work with. We have a dedicated customer service rep that we can talk with about any issues.
We do not use the Ranger feature at this time. We would need to upgrade if we wanted to use that, apparently. So we just decided not to go with that.
The quality is good. I like the way it works and the amount of options it has. However, it has so many options and functionalities you need to really figure out how it works. It takes care of a lot of things for you. You can just set it and forget it.
They are great as a strategic security partner. They worked closely with us and were good at explaining the layout and how the solution would work. They are very helpful.
I'd recommend the solution for users looking for antivirus or endpoint management. It's got great features for both small and large companies. I'd talk with SentinelOne about a company's individual needs. They are quite flexible.
I'd rate the solution eight out of ten.
I use SentinelOne Singularity Complete for endpoint protection and remediation. It protects all computers in my company and sends real-time alerts about malware, viruses, etc., that may have found a way through all of my company's defenses.
SentinelOne Singularity Complete has benefited my organization through its rapid ability to find new and existing malware that I must act on. As the solution uses AI technology, it's able to find both known and unknown threats.
My organization realized the benefits from SentinelOne Singularity Complete quickly from the time of deployment.
What I found most valuable in SentinelOne Singularity Complete is the ability to connect to the terminal remotely. The solution is pretty handy because it allows my company to do investigations and whatnot, wherever the person may be. After all, I belong to a hybrid organization, which means you never know if someone will be in the office.
It is another tool in the tool belt for looking at some of the files, which means that even if the file is not a virus, you can go in and do some investigation.
SentinelOne Singularity Complete has excellent interoperability with other SentinelOne solutions, including third-party tools. I was pleasantly surprised with how in-depth the APIs go because it's almost integrated with my company's SOAR solution, consolidating all alerts in one place and triangulating more per case. In my company, SentinelOne Singularity Complete is integrated with a third-party tool.
My impression of the ability of SentinelOne Singularity Complete to ingest and correlate data across security solutions is good so far, though right now, my company only set up SentinelOne Singularity Complete. Still, it's good that the integration option exists because, in the future, who knows? My company might do some integration depending on what the timing allows.
My company has not consolidated solutions yet because SentinelOne Singularity Complete is just one of the many tools used within my company. It's a helpful tool, but it's not the only player.
SentinelOne Singularity Complete helped free up staff for other projects and tasks and is time-saving, though I don't have specific data on that.
The tool has also helped reduce my organization's mean time to detect. However, I can't give an approximation just because SentinelOne Singularity Complete is the only solution my organization uses. The tool has also helped reduce my organization's mean time to respond because, together with the SOAR solution, SentinelOne Singularity Complete allows my company to go in and correlate everything to find out where the threat came from, so my company can go in and take the appropriate measures to shut down threats more reliably.
SentinelOne Singularity Complete has helped reduce organizational risk because it's one of the modern architecture tools, which gives more confidence in the detections my company sees. The tool also reduces the number of false positives and false negatives, so my company knows that if the tool shows a hit, then that truly warrants further investigation.
I'd give SentinelOne Singularity Complete an eight out of ten in terms of its ability to innovate because it's very much on par with a few other options out there, though I can't recall the names right now.
SentinelOne is an excellent strategic security partner that quickly incorporates my organization's feedback. My organization hasn't had any problems. If my team is looking for a feature, for example, SentinelOne either edits a roadmap or makes the change pretty quickly if there's bandwidth.
They say there is an investigation function in the interface of SentinelOne Singularity Complete, but it's not absolutely available for use. It's a function I've been looking for, but my company can't use it yet for some reason, so this is an area for improvement.
Another area for improvement in the tool is the larger learning curve that stems from it being full-featured, so there's a more significant learning curve in figuring out the environment versus using a more traditional antivirus. It's a lot more than just installing it on the machines.
The other disadvantage of SentinelOne Singularity Complete is that the agent doesn't auto-update, and my company found it more complicated than usual to get the agent updated and keep it updated.
I've been working with SentinelOne Singularity Complete for six months as an end user.
We didn't have any problems with the stability of SentinelOne Singularity Complete.
For the most part, SentinelOne Singularity Complete is scalable, but with my company's problem with auto-updates, it just means needing to rely on other tools to get new agents pushed out to the endpoints. It would have been better and more scalable if there was a way to update on the directory.
We found the technical support for SentinelOne Singularity Complete one of the best we've ever had to deal with, surprisingly, so we'd rate it as ten out of ten. If we open a ticket, we'll typically get some answers quickly, but for more complex issues, we have standing meetings with them that are set once a week so that they can go more in-depth.
My current organization only uses SentinelOne Singularity Complete, but in my previous organizations, more traditional antivirus was used, like BitDefender, and it was fine.
With SentinelOne Singularity Complete, I'm more confident that it can detect threats better and will miss fewer incidents coming in because of the more modern ways it detects malware.
I was not involved in the entire setup process for SentinelOne Singularity Complete, but it was mostly straightforward. However, getting the agents onto the machines was more complicated than the team would have liked.
The team started with a test machine and then expanded after issues arose, including figuring out how to fix the issues.
We implemented SentinelOne Singularity Complete in-house, with the support of the SentinelOne team, whenever we had questions.
I have seen ROI from SentinelOne Singularity Complete.
I have no information on the pricing or licensing cost for SentinelOne Singularity Complete.
I wasn't involved in evaluating solutions, so I'm unsure if the company evaluated other solutions before choosing SentinelOne Singularity Complete.
The organization I'm working for doesn't use the Ranger function of SentinelOne Singularity Complete. It uses a homegrown solution for network visibility.
I don't believe SentinelOne Singularity Complete has helped reduce alerts within the company, and it's not because it can't but because the SOAR solution handles the alerts and sends the alerts. Still, there is potential to improve the process.
I've not observed cost reduction or money saved from SentinelOne Singularity Complete just because it's such a small aspect in the grand scheme of things. It's tough to put a number on that.
Many people were involved in deploying SentinelOne Singularity Complete for the organization.
I'm the one maintaining the solution, and for my organization, in terms of scale, one person is sufficient to maintain SentinelOne Singularity Complete.
The solution is deployed on three thousand endpoints worldwide on both MacOS and Windows machines, along with an agent on the servers.
I advise others looking into implementing SentinelOne Singularity Complete to be prepared to work with the SentinelOne support team. Implementation is not hard to do, but the support team is there to help with much of the work and is happy to help. My standard advice is to ensure you're also checking out other providers. Just because the solution works for my organization, it doesn't mean it will work for yours. You have to find a solution that checks all the boxes for your organization.
I would rate SentinelOne Singularity Complete as eight out of ten.
We primarily use the solution as an antivirus and also as a network control with built-in policies regarding device control.
The product is a lighter client. Our previous solution ran heavy on the workstations and caused performance issues. This is lightweight and doesn't take up system resources.
You can use the solution right out of the box. It's ready to go with baseline policies and is good to use without any changes. It's only gotten better since we've added custom rules.
It's simple to use and intuitive. It gives you good visibility and shows what is going on.
The product works well with other SentinelOne solutions and third-party tools. It's pretty seamless. They make it pretty easy to integrate with other products and you can pull data pretty easily from the other solutions.
The solution's ability to ingest and correlate across our security solutions is excellent. It has allowed us to blend data from another product we own.
It's helped us consolidate our other security solutions.
The product provides network and asset visibility. The Ranger piece is probably one of the best items. We have other solutions for asset management, yet none is never 100%. With Ranger, we really get that visibility we need. Having Ranger built into one client and being easy to use has been perfect. It helps us prevent vulnerable devices from being compromised. We've discovered a few assets within our organization we were not managing fully and Ranger has helped us secure our environment just that little bit more.
There are fewer complaints from users when scans are running. The previous solution just used up so many resources. This product runs seamlessly in the background and we know it's running since we get triggers on alerts that are legitimate catches. SentinelOne does a good job at detecting. It's reduced our alerts by 25%.
The product has helped to free up our staff for other projects and tasks. It's freed around 50% of their time.
It's reduced our company's mean time to detect by 40% or more. It's also drastically improved the mean time to respond. We don't have to worry about false positives. We know when we get an alert that it's legitimate, and we need to act on it. That's improved by about 40% to 50%
The biggest thing for me in terms of improvements is the online console. There are frequent updates, and sometimes we'll get a little agitated getting signed in. However, on the product itself, I would not recommend any changes.
I've used the solution for a little over a year.
The solution is very stable. Our old solution required babysitting to make sure everything was running correctly.
Pretty much everybody in the company uses the solution. We have 1,300 deployed agents and ten administrators.
The solution is absolutely scalable.
I have not had to use technical support.
We previously used Sophos. The biggest reason for the switch to SentinelOne was the system resources that were used. Whenever it would kick in, I would get tickets related to machine performance.
The console is on the cloud, however, the devices are on-premises. The initial setup was very straightforward. Overall, it was fairly quick. We had more trouble getting the older product uninstalled than SentinelOne installed. We did the implementation slowly based on the business requirements. We deployed it over the course of a month.
The company does a good job with training and keeping its documentation up to date.
It does not require much maintenance. Every now and then we might have one or two false positives.
We've seen a great ROI on the product. Obviously, we're still within our contract. That said, we've definitely seen a ROI. We've had a couple of incidents where something wouldn't have been detected previously.
The solution is fairly priced for what you get.
We're a customer and end-user.
They do an excellent job at remaining innovative - including with their detection engines and everything involved in their product. They are doing an excellent job compared to everyone else.
SentinelOne has not been around for many years - yet the product is ahead of its time.
With any solution, I'd advise doing a proof of concept first. After that, I would not shy away from fully deploying this solution.
I'd rate the solution eight out of ten. The only thing that would improve the product is reducing the online console updates.