One of our use cases is that we wanted some type of visibility into our vulnerabilities and insight into our endpoints.

Ranger really helps us because, even though we're a smaller team of security professionals, it gives us a good eyes-on-glass approach. And if there is a known vulnerability, we can automatically see that without having to spend more time looking at it. In the past, we would do all of this manually. We would have to go into our systems and see which IP address is coming from the outside world and see the IP address, workstation, current version, hostname, MAC address, et cetera. Now, we can easily see that in the report that we get every day.

We used Rapid7, but Singularity has certainly helped reduce alerts. We have a threshold set in Singularity so that if one of our critical devices is vulnerable, we get automated email alerts. The alerts tell us what we need to look at in terms of logs and the like, and they help us automate some of our internal processes.

Personally, it has saved me a lot of time, about one-third of my day. And our mean time to detect has been reduced by anywhere from 45 minutes to an hour. But our mean time to respond has been pretty much about the same. I'm logging into SentinelOne every day and I see what's going on. If there is anything that needs to be talked about with our sysadmin team to get patches rolled out, we have a meeting about it every week. SentinelOne, overall, has brought our organizational risk down by at least 35 to 40 percent.

It helps us with our compliance efforts too, especially for auditing. If someone asks, "Do you have a list of all your endpoints?" we can definitely say "yes." And if they ask, "How is it categorized, by IP address, workstation, or OS?" we can see it's on this particular network and it's made by that manufacturer.

With Ranger, we can see the device inventory, the networks, how many workstations we have that it's scanning, how many printers, how many mobile and IoT devices, and servers.

It identifies what applications are vulnerable. If I go to the applications, such as Adobe Photoshop or Adobe Reader, I can see our current list of vulnerabilities: How many are vulnerable and how many need to be updated with patching. One of the most valuable aspects is the ease of finding specific vulnerabilities.

About every month, when I go into SentinelOne, if there is a vulnerability that we know about, I search for that vulnerability—for example, Adobe. There are different versions of Adobe, but I'm not able to compile them into one report. I have to create separate reports for those versions. Some of the reporting could be improved a little bit. I wish all Adobe products could be included together, or that you could mix and match Adobe with some other software or video player.

We have used SentinelOne for the last year and a half, and we're pretty happy with it.

I haven't had any issues with the platform. There hasn't been any crashing or lagging. Everything seems to be current. Overall, it's pretty seamless and I get really good results with it. I include it in my routine every morning and afternoon. I review the SentinelOne reports to see what vulnerabilities have been detected.

It is definitely scalable. You can really expand it and, for us, that is huge. As our organization grows, we will likely look at acquisitions, and, with those acquisitions, we will definitely get the other company's devices deployed through SentinelOne. It will allow us to grow and have their devices in the SentinelOne console as well, and have visibility.

I have contacted their support for a vulnerability issue, and they were able to help out with that. They told me how to get it remediated and what scan to perform.

It has helped us consolidate our security solutions. At one point, we had Rapid7 and SentinelOne. However, we realized we could take what Rapid7 has and consolidate it into one platform. At a high level, they're almost the same tool, but SentinelOne has a few more features and functionalities.

Also, we could see how many operating systems we have in our current environment through the standard image system we had. But now, we can see that through SentinelOne. That has been a key takeaway because we can see how many Windows, Linux, Apple, and Android devices we have.

In addition to Rapid7, we were looking at CrowdStrike for our endpoint detection, and at Sophos as well. Clearly, SentinelOne was the best for us.

SentinelOne is definitely a leader in the marketplace because it has a lot of features to offer. There are some pretty good integrations with it as well, and there are things you can change in the settings and how it's deployed.

The quality of the solution is great. I don't have any complaints other than that small reporting issue I mentioned. In terms of maturity, Singularity is one of the top-notch eyes-on-glass solutions that you can have, especially as it relates to your endpoints and vulnerabilities. It gives you that technical deep dive into what the vulnerability is, what workstation it's on, and whether there are any other endpoints affected.

There are some integrations that we could possibly use, but we haven't used any. There is one with KnowBe4 that we are looking to use.

As for maintenance, I don't have to do any in my role, but it does require some, such as upgrading versions.

If you're looking for a solution like SentinelOne, and you're looking to get an eyes-on-glass approach for your endpoint devices and your vulnerability management program, this could be one of your top solutions. Overall, I'm happy with it and my team is very happy with it. Our scans are fully automated and that is never an issue for us. It offers a lot of capabilities, expansion, and growth. If your company is looking to grow, it's definitely all there for you. You get a really good report on your devices and your networks.

My company uses SentinelOne Singularity Complete for general endpoint security. The solution is excellent at solving problems many other vendors don't solve properly. My company runs on multiple platforms and software in various environments. My company is a Microsoft company with Azure AD and many Windows computers, and SentinelOne Singularity Complete is terrific for that. The company also has MacBooks, Linux machines, and clusters of Linux containers with various distros and types. SentinelOne Singularity Complete is surprisingly good at supporting the platforms, and the enterprise needs my company has.

The best feature of SentinelOne Singularity Complete is that you don't need to configure a lot with it because it provides an unmatched layer of protection out of the box.

Implementing SentinelOne Singularity Complete is a competitive bid process. As part of the competitive bid process, SentinelOne Singularity Complete stands alone. I work for an enterprise, and the company has old software. CrowdStrike Falcon Pro is a great competitor of SentinelOne Singularity Complete, but CrowdStrike Falcon Pro doesn't fit my company's needs because of its very aggressive deportation policy. If you ever run any software not in the standard manufacturer support or some support package, Crowdstrike cuts you off from updates. In real life, that doesn't work because my company builds software. Some of the company's cluster apps run on Red Hat 7, old Linux kernel, CentOS, or other distros around that era. My company has significant old technologies that it needs to secure.

A pro of SentinelOne Singularity Complete is the approach that it knows isn't the best, but it will still give you the best it has.

I also find that SentinelOne Singularity Complete gives a significant layer of security on top of SD-WAN, mandatory access control, and general information management, which is very helpful.

In assessing the solution's interoperability with other Sentinel One solutions and third-party tools, my company started utilizing Scalar and has a history of using Scalar and other providers. SentinelOne acquired Scalar, an enterprise log management platform, which is very good for the price. Scalar may not be the best platform in the world, but it's very good for the price. SentinelOne, having acquired Scalar, has gone and built an excellent integration for all logging so that you can get the SIEM logs into the Scalar pipeline and run it through a general log analysis platform, so it's unmatched.

In general, I'm pleased with the ability of SentinelOne Singularity Complete to ingest and correlate across my company's security solutions, especially with its price point. I only found very few antivirus or EDR solutions that can compete with SentinelOne Singularity Complete, but I generally prefer working with the solution because of its interoperability.

Another reason why I like the solution is because it works. It doesn't require an Internet connection. The remediation is automated, and the alerting function is excellent. Support for the platform is also great, including multi-tenancy, role-based access control, and automated deployments.

I don't have much bad feedback about SentinelOne Singularity Complete, while in contrast, I've been quite disappointed by many technical aspects of other antivirus solutions, such as the Deep Instinct Antivirus. As for MSP machines, I used to work at MSP and had many problems. I also find the CrowdStrike sales representative incredibly annoying.

I find that SentinelOne Singularity Complete works pretty well for what I want, and it always hits the right price point and options that suit my company's general, overall security platform and management of that platform.

The Ranger functionality of SentinelOne Singularity Complete works well in providing network and asset visibility, especially as my company is a Microsoft Azure AD company at the core, so most of the company's Mac and Windows endpoints are managed, and monitoring the cloud ID and posture is essential. However, I don't need to check it daily because the solution manages itself well. SentinelOne Singularity Complete works very well for active directory management and posture matching.

I appreciate that the solution can consume at an API level, but I don't care as much whether it runs an agent or doesn't because I can automate agent deployment to the fleet. If the agent works, then great. An agentless solution is suitable for old platforms that don't have the most up-to-date technologies. Whenever you try to run an agent on various environments, it might not be the ideal platform for that agent so you could run into unexpected problems. Being agentless makes SentinelOne Singularity Complete better, but I wouldn't be upset if it were a good and solid agent-based solution.

In terms of how significantly the solution helped reduce alerts depends on how many alerts my company was paying attention to before and how many alerts it is paying attention to now. I'm unsure about that because one reason for implementing the SentinelOne Singularity Complete stack at the company has been to increase the security footprint and security posture. My company might have had several useless alerts before and maybe fewer alerts now, but did the company pay more attention to the alerts now? I'm unsure if the alert reduction or paying more attention to the alerts makes a difference.

About SentinelOne Singularity Complete helping to free up staff for other projects and tasks, that isn't easy to tell, as I have a team of four, and some of the work changed upon implementation. For example, instead of fighting with specific agent installs or trying to figure out how to get logs into another system, some of that workload is reduced, but now my team may be paying more attention and uses the same amount of time for alerts, remediations, or other more important aspects, so it is possible that the amount of time spent after the SentinelOne Singularity Complete implementation wasn't really reduced. That would depend on your perspective.

As to SentinelOne Singularity Complete helping the company reduce the mean time to detect, my company didn't record the mean time to detect before implementing the solution. I feel that it is effective, but right now, I don't have a basis of comparison that allows me to point to that periodically says my company reduced the meantime to detect or that it was increased by some percentage.

SentinelOne Singularity Complete has been very effective in helping reduce organizational risk for my company, especially regarding budgetary footprint. The solution has been very effective at what it does and has helped reduce the company's cyber insurance premium. My company is a SOC 2-certified institute and has to go through an annual compliance process with auditors, so going through and being able to explain and show how the company has automated and deployed solutions and minimized its risk profile has been very helpful.

The company I work with now spends slightly less than it did and gets more value from SentinelOne Singularity Complete. Though the cost may not be that different from others, the value provided by the solution is very different. In the past, my company had several decentralized alerts and platforms. Still, after implementing SentinelOne Singularity Complete, the solution could bring and tie them together through an automated platform. It works, and when it comes to enterprise security, for every company you work for, you're not the one who built that network or solution. You have no idea what's going on, so your ability to maintain control relies on understanding the threat surface and how to control it, which SentinelOne Singularity Complete is good at.

My background is in Linux administration, and I've gone through several security tools over the years. I built out mandatory access controls and messy Linux policies. I've worked with a lot of different companies over time. SentinelOne Singularity Complete supports Linux systems really well, which is crucial because I work for a company that builds software with an ecosystem of applications, cluster apps, and containers on Linux.

Some other solutions were stuck a decade ago, particularly running Windows and .NET and other affordable systems, and though I love Windows and Mac, those are user endpoints, and endpoints extend beyond user endpoints, for example, endpoints include servers and the full scope of internet-connected devices in a company.

If you're trying to implement a zero-trust framework and a system resilient to failure across a Swiss cheese layer of multiple problems. In that case, finding one solution capable of dealing with that kind of threat is complicated. You look at Microsoft Defender, and Microsoft has improved its security over the last decade. Obviously, Microsoft still has ways to go, given that it still keeps losing its signing keys. Still, the reality is that, similar to Windows and Azure, Microsoft has improved its security footprint. Microsoft Defender went from being a joke of a product to a very viable solution. That's great, but I can't run that on Mac, and I can't run that on Linux clusters.

Looking at CrowdStrike Falcon Pro, it is a great product. It has a very annoying sales team, but it is excellent. The problem in enterprise, however, is that sometimes, you have to run old technology, and when you cut off the solution from working on old technology, that's not helpful and makes everything worse, so I appreciate the aspect of SentinelOne Singularity Complete supporting even the old technology my company is on, which is a significant differentiator that is very useful about the platform.

When you think of Carbon Black and VMware, each platform is good, works quite well on Mac and Windows, and has some capabilities, but the level is not the same as SentinelOne Singularity Complete. SentinelOne Singularity Complete can be a stand-alone product versus other products.

If you're running a decent company, you should be able to invest in security and be willing to spend whatever it takes to have a very competent solution. Since I control the budget, SentinelOne Singularity Complete provides more value for the dollars spent and a more cohesive structure than what you can get from other solutions.

I'm unsure if SentinelOne Singularity Complete is amazingly the best, but it's the best overall product because it fits my company's needs. I work for a SaaS building enterprise company that does financial transactions, which has public internet-facing applications that get constantly attacked. If I can't run a comprehensive security product across all systems, I'd have to look in three different places, which means I lose some of that robust information. I lose some of that ability to correlate threats and figure out what's happening, and so do automated platforms. An automated platform can lose the ability to correlate the different events it doesn't know about, and this is where SentinelOne Singularity Complete really shines. It's a cohesive, widespread solution that's great in various aspects.

In terms of being innovative, SentinelOne Singularity Complete is quite innovative. I grew up with the internet and have seen different generations of security products and ideas. When SentinelOne Singularity Complete came to market, it was significantly different than the other solutions. SentinelOne could either be acquired or build very useful products, taking interoperability between different products to a level you won't find in other companies.

With how my company uses SentinelOne Singularity Complete and the Scalar platform for all its servers, the company logs into Scalar and runs alerts and rejects, flags alerts, and also gets to ingest all SIEM logs from SentinelOne Singularity Complete into Scalar, and then gets automated alerts. This means that my company gets multiple layers of visibility across its stack and analysis pipeline. My company then gets to log push to S3 after the hot tier access is over, which means it gets to retain all security alerts and problems for up to seven years, just in case, which is essential for a financial services company like the one I work for. Doing that is much more complex with other solutions versus SentinelOne Singularity Complete, so I chose it because, currently, it is the best.

I care about aspects that other people don't care about, such as supporting old Linux distros and being able to run the solution in some weird cloud environments easily. I care about SentinelOne Singularity Complete working with my company's log analysis platform, which makes the process easier.

It's difficult to pinpoint areas for improvement in SentinelOne Singularity Complete because I always like to see certain aspects. Still, if I look into the EDR solution itself, I don't have many negative thoughts about it, as it is very good.

If something could be improved in the solution, I'd say better pricing, as I'd always take better pricing. I would appreciate lower pricing. The lower the pricing, the easier it is for me to sell it. A solution with lower pricing tends to sell itself at some point.

Building a more advanced "if this, then that" logic in SentinelOne Singularity Complete, in terms of when to cold shutdown, particularly when it detects a threat, would isolate it from the network, could be an improvement. There could be a better way of saying "yes" or "no" to doing an action or specific actions unless it's one of the exceptions on your list. Having an additional logic layer could improve the solution, mainly because I run multiple systems with different layers. For example, if I'm running a very important server with this agent, and that server gets infected, I may not necessarily be sure that I want to shut it down right away. Maybe I want to isolate some of the connectivity but not do the entire security remediation automatedly or curtail network access type of activity.

If I could have a more advanced control layer where I could say, "Hey, I want to do that on almost every system, but these systems are so important, and they have to keep running, so maybe if there is a problem, you can do these things instead," then that would make SentinelOne Singularity Complete better.

We've been onboarding SentinelOne Singularity Complete as our primary EDR solution this year.

We implemented Scalar last year as the first step, and then it became a natural step to move as we wanted to have all of our logs flow into our general login analysis platform so that we could build and consume our own software platform. We build many SaaS apps, and we have about a thousand web servers facing the Internet, so what better way to analyze all of these than to get our internal logs, such as browser, local events, and all of the data into one place and one data plane?

Stability-wise, I haven't run into many problems with SentinelOne Singularity Complete, except for one case where the agent was short-cycle restarting, but that was due to some problems I caused. I can't really complain about that.

I wouldn't say I liked the SELinux policy that you force out over Ansible configurations, which naturally conflicted with the SentinelOne Singularity Complete agent. Still, once that got flagged and tagged, it was fine.

Overall, I'm satisfied with the stability of the solution, which was why my company implemented it.

SentinelOne Singularity Complete is a scalable solution, which is another reason my company chose it.

I don't contact technical support very often, but when I have, I haven't been disappointed. For example, the Scalar data center team has provided excellent technical support whenever I've asked for help with query matching strings and building RigX, so I'm very happy.

I found the technical support for SentinelOne Singularity Complete very good, and I'd probably reach out to the support team with more questions, which the team would probably answer.

My rating for technical support is nine out of ten.

Previously, we used Microsoft Defender, but I also used SentinelOne Singularity Complete in a former company. I like it a lot, and that's part of why my company uses SentinelOne Singularity Complete now.

Deploying SentinelOne Singularity Complete didn't take long for a small global company like ours. My company has offices in the US, Canada, France, and India, and working between different locales took more time, but generally, the process didn't take very long, as it only took about two weeks.

SentinelOne Singularity Complete is a commercial solution that I found easy to implement, which is another reason my company paid for a commercial solution.

Myself and two other people were involved in the deployment.

In terms of getting ROI from SentinelOne Singularity Complete, some factors must be considered. There is a requirement for a few layers to start with. My company has to spend some money just as a baseline.

One requirement is to be SOC 2 compliant, which means an auditor will come in and ask about the company's antivirus software, whether it's running an EDR, including analyzing logs.

Another player is the cyber risk insurance, as the company tries to get the premiums as low as possible and takes security as seriously as possible, by demonstrating to insurance partners that the company is a very low risk in terms of threats becoming problems.

In terms of cost-effectiveness, mainly based on adjustments to your premium, which either raises or lowers the price, SentinelOne Singularity Complete is quite effective.

SentinelOne Singularity Complete is aggressively priced compared to smaller solutions. Still, in the past, as I worked for a SentinelOne reseller partner that deployed SentinelOne solutions to a lot of different customers, I was able to appreciate its capabilities and full features, which is part of the reason my company has implemented SentinelOne Singularity Complete.

The solution is a bit cheaper than CrowdStrike Falcon Pro and more expensive than smaller solutions. Still, it has a pretty reasonable pricing point, as I appreciate the flexibility SentinelOne Singularity Complete offers. I haven't been disappointed with its pricing because I'm more of a "not everything cheaper is better" person. It's not better if it makes the worst product.

I'm very satisfied with SentinelOne Singularity Complete, especially its price because I've worked with various companies. Yet, I found that no one provides a really good solution for the price except for SentinelOne.

When I started at this company, an MSP recommended a legacy type of antivirus, and I felt it was not up to par with what SentinelOne Singularity Complete provides. SentinelOne Singularity Complete is an excellent enterprise product with an excellent price point that's hard to argue with in terms of results and efficiency per dollar spent, so it's a no-brainer.

My company is mainly a cloud-based company. Very few solutions in the company have been deployed on-premises.

SentinelOne Singularity Complete is managed across different layers and all verticals, such as the web, firewall, etc.

Between two hundred to two thousand five hundred people use SentinelOne Singularity Complete within the company.

My rating for SentinelOne Singularity Complete overall is a nine out of ten. I don't give tens because there's always room for improvement, but the solution is pretty good.

We use SentinelOne Singularity Complete for its end-to-end detection and response capabilities.

We started using SentinelOne Singularity Complete because I wanted to eliminate a number of our existing first-generation tools, which were designed primarily for on-premises use cases. I wanted to move to our new set of tools, which were designed predominantly for cloud deployment and cloud infrastructure. There were two primary drivers for this decision: to reduce complexity and cost and to move to a solution that was specifically designed for our new architecture.

One of the main reasons we bought SentinelOne was for its integration capabilities. We don't have a standalone tool to supplement our overall security architecture. This includes our security data link, analytics layer, and intelligence capabilities. So that was really one of the primary reasons.

SentinelOne Singularity Complete excels at ingesting and correlating data across the security solutions that it has visibility into.

It has helped consolidate two of our security solutions.

SentinelOne Singularity Complete has helped our organization by boosting our confidence in our ability to detect and respond to the broadest range of threats, reducing noise in our security operations capability and resulting in fewer false positives than ever before.

It helped reduce our alerts by around 60 percent per day. SentinelOne Singularity Complete helped free up 20 percent of our staff's time to work on other projects.

Although I do not have data to support the claim, SentinelOne Singularity Complete should reduce MTTD. SentinelOne Singularity Complete has reduced our MTTR. It has saved us around 18 percent of our costs.

I find two features particularly valuable. First, deployment is much simpler than with other solutions with similar capabilities. Second, the fidelity of the detections is excellent. We have had very few false positives or false negatives, which allows our analysts to focus on their work instead of dealing with noise.

SentinelOne plans to integrate its endpoint agents, but the process is slow. The company has multiple agents with different functions, such as the ED Ranger, and each agent has different actual clients. Combining the endpoint agents would be a good step.

The endpoint firewall capability is fairly primitive and basic. It does not use objects and different device types to create a single object that can be easily managed. There is a significant amount of work to be done on the firewall side.

I have been using SentinelOne Singularity Complete for almost seven months.

SentinelOne Singularity Complete is stable.

SentinelOne Singularity Complete is scalable.

Technical support has been excellent so far.

We previously used Tanium and Symantec, two separate sets of tools. Tanium is a first-generation tool that is not specifically designed for the cloud. It requires a significant amount of manual effort to configure and manage, rather than automate these tasks. Symantec does its job, but we are essentially buying two tools to do what SentinelOne Singularity Complete can do on its own. Therefore, the switch to SentinelOne is primarily a cost-saving measure.

The initial deployment was straightforward. The entire deployment took 16 weeks, with eight weeks spent deploying the endpoints and eight weeks spent deploying the service. A total of 20 people were required for the deployment.

We are beginning to see a return on investment in SentinelOne Singularity Complete due to the reduced number of alerts in the operations center and the high-fidelity data.

After negotiations, the pricing was found to be fair.

I would rate SentinelOne Singularity Complete an eight out of ten.

SentinelOne Singularity Complete is a really mature product and seems to be focused on enhancing core capability and not getting distracted by other stuff.

SentinelOne Singularity Complete is deployed across our entire estate. We have around 10,000 endpoints.

It requires maintenance, such as builds, policies, and other related tasks. We have a team of four responsible for maintenance and another three people for day-to-day operations.

They have stepped up as a strategic security partner.

I recommend organizations do a proper proof of concept with the SentinelOne Singularity Complete in their environment using their tools and their people.

SentinelOne Singularity Complete is the best antivirus available, and it also provides a vigilant service, so I don't need to keep an eye on the portal. Someone else monitors my antiviruses and all the threats out there for me.

SentinelOne Singularity Complete helped us address the missed viruses and potential ransomware attacks from a single location for our security needs.

The interoperability with other SentinelOne solutions and third-party tools is good. We have integrated it with Mimecast.

SentinelOne Singularity Complete ingested all the data from Mimecast and displayed it in a single location.

It has helped consolidate our security solutions in one place.

It has helped our organization improve its visibility by allowing us to see which users are risky, which machines are at risk, and which machines are outdated.

SentinelOne Singularity Complete has helped reduce the number of alerts. In addition, we use Vigilance to hide all alerts, so we don't see any of them.

We have freed up 30 percent of our staff time. As the only person in the IT department, I can now focus on other tasks. SentinelOne Singularity Complete is like having an extra pair of hands.

It has reduced our MTTD by up to 80 percent depending on the time of day.

SentinelOne Singularity Complete has reduced our MTTR. We have an SLA with Vigilance, and they respond quickly to alerts.

SentinelOne Singularity Complete has reduced our organizational risk by 40 percent.

The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive.

The adware and pop-up blockers have room for improvement.

I have been using SentinelOne Singularity Complete for six years.

SentinelOne Singularity Complete is stable. The portal has never been down. We occasionally have an agent fall off the network, but this is usually due to the latest version of Windows being installed on an old agent, which causes it to stop working. However, this is very rare.

As a growing company, I'm glad that the SentinelOne Singularity Complete portal will show more and more devices, but I'm not particularly concerned about that because I've paid for Vigilance service. I'm confident that we're covered no matter how many threats or issues arise.

Technical support is quick and provides great documentation to explain issues and remove agents.

I previously used McAfee and it often caused our machines to blue screen and crash. SentinelOne, on the other hand, is a stable agent. If we install the latest agent on our machines, it will not affect their performance or speed. Many other agents can have adverse effects on our machines, but SentinelOne will not.

SentinelOne Singularity Complete is a next-generation antivirus that is far more innovative than McAfee. One of its selling points is that it constantly improves and looks for new threats, while McAfee has not changed significantly in years.

The initial deployment was straightforward. SentinelOne provides easy-to-follow well-documented instructions. I completed the deployment myself within half an hour.

SentinelOne Singularity Complete has protected us against infected machines, resulting in a 20 percent return on investment.

SentinelOne Singularity Complete is fairly priced. After discussing the per-user cost, we found it to be acceptable for the functionality it offers, and we are happy with the protection it provides.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is deployed across all departments and devices, and everything is in Intune. When anything is deployed to Intune, antivirus is applied first. It is mandatory on all devices. We have 270 endpoints.

No maintenance is required on our end.

SentinelOne, as a strategic security partner, meets all the requirements for being the solution to our cyber risk on devices, which is essential for us to know that we are safe.

I chose SentinelOne Singularity Complete at a previous company and sold it to the company I am with now. It is very easy to do a proof of concept and see everything that is missing from other solutions. I recommend SentinelOne Singularity Complete.

We use it as an Enterprise EDR solution for threat detection, anti-malware, and security investigations.

SentinelOne Singularity Complete has greatly enhanced our security posture. We feel that our endpoints are more secure. We are in the know of what is happening within our company from a security perspective. We are confident in the ability to detect untrue positives. It has also helped us in achieving industry certifications such as SOC 2.

SentinelOne Singularity Complete has absolutely helped reduce our organization's mean time to detect. There has also been an impact on our mean time to respond. With the integrations that we have set up with Splunk and other products, we are able to respond to incidents as soon as they alert us.

We have a couple of integrations with it. They are alright. I am not blown away by its integration capability.

SentinelOne Singularity Complete has not helped reduce alerts. If anything, we create more alerts with it. We are able to fine-tune the product to reduce noise and alerts, but without it, we would not have any alerts. It is the piece of software that provides that alerting capability for us.

SentinelOne Singularity Complete has not helped free up staff. In a way, it creates work for us, but that is the purpose of the product.

The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features.

There should be Terraform support for console administration. Dynamic tagging would be also useful.

The auto-upgrade capability should be improved.

I have been using SentinelOne Singularity Complete for two years at this company. My company has been using it longer than that.

Its stability is pretty good. I like the stability of their agent.

It is extremely scalable.

Their technical support is pretty good. I would rate them an eight out of ten.

I was not here when they bought this solution, but I know why we bought the tool. We replaced another EDR solution, and then we used it as our enterprise EDR solution for ransomware prevention, threat hunting, and security investigations. We were using CrowdStrike previously. SentinelOne Singularity Complete also saved us money. It is very competitive compared to CrowdStrike.

I have used a couple of EDR solutions. SentinelOne Singularity Complete is less mature than CrowdStrike, but it is definitely one of the top players in the industry.

SentinelOne Singularity Complete has not helped reduce our organizational risk. It is about the same as CrowdStrike in this aspect.

We have it on our laptops and the cloud, so our setup is hybrid. I am in charge of deployment, and it is as simple or complex as any other solution.

It requires maintenance on our end.

We have a team, but I do most of the work. I am in charge of it.

It is hard to define the ROI. It does not save us money, but it prevents security breaches. In the grand scheme of things, it is definitely worth investing in.

Its pricing is competitive.

It has competitive pricing and great support. It is a complete solution.

As a strategic security partner, they collaborate with us quite a bit on our overall posture. They constantly have webinars and education sessions for us to deepen our security knowledge and how to use their product. They have assisted us on various PoCs for different offerings that they have and different services they offer. They help us to understand how each of those components integrates into our overall security posture. We did a PoC of the Ranger functionality.

I would rate SentinelOne Singularity Complete a seven out of ten.

We use it for our endpoints. It is installed on all of our servers and desktops. It is a replacement for the AV platforms that we used to have.

Overall, the product monitors what is happening on your machines. It monitors incoming mail and web addresses that your browsers are trying to access. It looks for suspicious activity that may occur on your desktop or on your server and generates alerts based on the type of activity. It might find a malicious file that you downloaded. Like a virus scanner, it would scan something. It might find something that it suspects to be malicious. It will look at that item and go to its own threat intelligence sources to see if it is a known threat. If it is a known threat, it will either block it or do something to it based on how you have pre-configured it. If it suspects something to be a threat but does not have any reference, meaning that it is an unknown threat, then depending on what it detects or how that thing may behave, it would either alert you or suppress or isolate it. It can do a number of things. It depends on the inner workings of the product itself, but our use cases are to protect our endpoints. It is a replacement for our AV, but it is a whole level above what AV used to be. It is the evolution of AV.

We had three different AV platforms in our organization. There was no central way to manage them. We had no complete visibility. From one part of our organization, we had no visibility into another part of our organization. By putting this platform in, we now have one view of the entire organization. We can look at threats as they span our organization. Threats could potentially be moving around. We can detect if they are spreading to other parts. We could not do any of that before.

Singularity Complete has a much better detection engine. It detects a lot more than an AV can. AV is pretty much finished. There would not be AV anymore.

In terms of interoperability, we do not have any other SentinelOne solution. This was our first one. There is not a lot of interoperability between endpoints and everything else. The only interoperability that is useful for us right now is the log data that it provides to our SIEM. It allows us to do correlative analysis between different areas. If we have a threat that could be going from endpoints to internet devices, such as switches, or places where the EDR system is not installed, it becomes valuable when we are sharing data from the EDR and our other systems, and we have a tool that analyzes all that data to look for threats that may span in our entire environment. I do not see the interoperability being a problem with our other tools, and I am sure it would not be an issue amongst SentinelOne's own tools as well, but I do not have any data points on that yet.

Singularity Complete has helped big time to reduce our alerts. In fact, that was my concern with it. I was concerned that we are not seeing too many alerts anymore. I had a meeting with them recently, and I mentioned to them that I feel that we should be getting more alerts. They are going to take a look at our platform to make sure it is working fine, but it seems to be doing a great job of dealing with the alerts in an automated fashion. I became a little bit suspicious that it might be doing too good of a job, so we are just having them double-check. It is just me making sure all my I's are dotted, and my T's are crossed. As a security person, I do not like to have questions out there, but otherwise, it is doing a great job.

It has freed up our time. It takes a lot less time to investigate things. It takes care of a lot of things for us. It has offloaded 30% to 50% of some of the work that we had to do in the past. It allowed us to work and focus more on higher-priority items.

It has absolutely reduced the mean time to detect. It has probably reduced the time to detect by 75% because we just did not have some of these capabilities before.

Singularity Complete has also reduced our mean time to respond but not as much as the mean time to detect. It does a lot of resolution of issues for us. It has probably improved that by 30% to 50% because it does a lot of that automatically, but it frees up our time. We can resolve the stuff that needs our personal assistance a lot quicker because we have more tools and capabilities at our disposal through SentinelOne than we had before.

Singularity Complete has saved us costs big time. We have eliminated three different vendors and the associated maintenance of those platforms. We needed more people and resources to manage three different things, but now, we do everything with just a couple of folks. Our time savings are about 50%.

It has helped reduce our organizational risk because we can detect more things that are hitting us. I cannot give a number on that, but it has definitely reduced our risk exposure. From a pure security standpoint, our risk frame point used to be flagged as red. We were missing a lot of things, and now, it is green.

The single pane of glass is probably the most valuable. That is a big one. We could see everything from one view.

The automatic detection and response is great. It takes care of a lot of alerts that it generates before they even cross our desks, which is great.

It has advanced detection capabilities. It has the ability to go and look for known threats that are in the environment. Its ability to detect even unknown threats and any suspicious activity is great. We are very happy with it.

It is not so much on the Singularity platform itself, but they have their own built-in SIEM that is included with it. That needs to evolve a little bit. It is relatively basic in its capabilities. They have potential there for a great product and a needed product too. Having some kind of SIEM capability with the endpoint solution will save me from buying a bigger SIEM or buying another one. I could just use the one that comes with my endpoint solution.

From the looks of it, it does pretty much what we need, but it could do more. It would be nice if it had some newer features that other players have. They would have a good market advantage if they were offering SIEM as a part of it. They kind of do that, but it is not something they are promoting. We just stumbled on it, so you can use it for doing other things as well, not just endpoint incident and event collection.

We installed it in January, and we were doing a gradual ramp-up over three months. It has been up and running for about four months now. It is completely up and running.

We have not had any issues. The performance seems good.

It seems very scalable. We have not run into any issues. We pushed it over about 2,000 endpoints. It performs the exact same way it has been.

I have not personally contacted them, but my team has contacted them. Especially during deployment, they were very helpful. They helped us to get it done. The feedback I got was positive.

We had three different AV platforms. We eliminated McAfee, Defender, and ESET. Singularity Complete does everything better than these because it has got capabilities that these products did not even have. The biggest thing for us is the single pane of glass, so we can see right down to the machine. It is great at machine isolation, and it has better detection and mitigation capabilities than any of these products. It does a lot of it behind the scenes. A lot of it is automated and does not require us to do anything.

It is a cloud solution with local installs at the endpoints, so everything is cloud.

I manage security for the organization. I was not doing the deployment, but I was a part of the deployment team, the meetings, and the decisions when we were going to do different things. I was not pushing the software to anybody's desktop but my team was.

It was not a difficult installation. Based on the feedback that we got, it was pretty straightforward. It went over relatively smoothly.

It does not require any maintenance. It is cloud-based, so we do not have to do much to it. The endpoints will update themselves periodically, so there is not much for us from a maintenance standpoint. It does not have a lot for us to do.

We acquired our SentinelOne implementation through a reseller. We used the reseller's help, but we did almost 90% of it ourselves. They helped us manage the project piece and provided expertise and guidance. Between SentinelOne and the vendor itself, we got it done, but we did 90% of the heavy lifting.

There were probably four or five people between all of our locations, but most of it was done remotely. There was no need to touch individual desktops. We were able to push most of it out.

SentinelOne was half the price of CrowdStrike.

We looked at all the big ones, such as CrowdStrike. That is the first one that comes to mind. We even looked at Microsoft Defender and Sentinel. We looked at a few other solutions out there. We had an IBM demo there, but I do not remember what theirs was called. Bitdefender was another one that we looked at.

We went to Singularity Complete for the feature set. They did not have a robust feature set the way CrowdStrike does, but they had everything that we needed. CrowdStrike had even more advanced features, but SentinelOne's pricing was half of what CrowdStrike sells for. It was a pretty easy decision for us to go with SentinelOne. They were much better than the other players that we looked at. It came down to between SentinelOne and CrowdStrike, and the pricing made all the difference. They also seemed pretty easy to deal with, whereas with CrowdStrike, it felt like they were doing us a favor. When we talked to them, I just did not get a great sense of them, but price was one of the main things. CrowdStrike's price was double of SentinelOne's price.

I would advise a couple of things. If you are using a reseller to buy this and install it for you, have a good reseller that you can call upon for support and help manage the project. The other thing that I would probably suggest is to negotiate your education up front and not after the fact. It does not come with a lot of training. They even charge for the online university, so you should probably negotiate that as a part of the negotiation process before you sign a deal. Other than that, it is good.

I would rate Singularity Complete a nine out of ten. For my use case, it is definitely a nine.

First and foremost, we use SentinelOne Singularity Complete for endpoint detection and response in our company. We do not have any antivirus anymore. We have SentinelOne for the endpoint detection, response, and defense mechanism. This is our primary use case.

We also have other use cases. I work predominantly in vulnerability management. I sometimes work in the SOC. For vulnerability management, we use it in a number of different ways. We sometimes use it to see which applications and versions are running on systems. We use it for an inventory of applications. We do not use it for vulnerability detection. We have another tool for that, which I believe is more dedicated to technical vulnerabilities. I know there has been some investment in this area, but at the moment, we are not using it for that.

We also use it for running scripts and automating tasks on systems. In fact, I have been doing a lot of that recently. They have developed their automation and remote ops part, which has been fantastic for us. I have been updating a lot of applications using the scripts that I have deployed with SentinelOne. I love that part of the tool. It makes life a lot easier.

I sometimes also use it to determine where we may not have other pieces of software on systems. For example, we use a vulnerability tool that runs on an agent. I can use SentinelOne to see whether all of the systems on which we have SentinelOne also have our vulnerability tool agent. If a system does not have it, we can deploy a script from SentinelOne to add the agent.

We also use Ranger, so we can identify other systems on our network that do not necessarily have SentinelOne agents. That can be quite useful sometimes. Because of Ranger, we have seen a lot of systems that we did not already know about.

As a part of the endpoint detection response, we ingest logs through our central SIEM. We have a hybrid Security Operations Center. The first line is done by a third party. They have access to the SIEM, and all of the SentinelOne data is ingested into that. When there is an incident or when SentinelOne detects an incident, it gets flagged to the Security Operations Center, and then we start to investigate that incident. Most of the time, if it is a SentinelOne-related incident, we will log in to SentinelOne and use it to investigate the incident. We look at the logs on the endpoint and try to establish whether it is a genuine incident or a false positive, what happened on the system, and why we are getting these alerts.

We use the Ranger functionality. It provides network and asset visibility. It is quite important for us. If we did not have another tool that is doing similar, it would have been extremely important, but we do have a vulnerability management tool that is very similar. It is quite good that it does that automatically out of the box, whereas we have to configure our vulnerability scanning solution to do something like this. The ability to have visibility of the network where we do not necessarily have SentinelOne deployed is very important.

Ranger requires no new agents, hardware, or network changes. This is important for us. It has an advantage over our vulnerability management tool because we have to deploy scanners with our vulnerability management tool, whereas we do not have to deploy anything for SentinelOne Ranger, so in that way, it is a better solution in helping us.

Ranger is very effective in helping to prevent vulnerable devices from becoming compromised. For example, we used Ranger and identified some systems in our data center that we could just log on to. It was not very difficult to get on to those devices. Therefore, it would not have been difficult for anyone else to get on those devices. We did not necessarily have the permission to do so, but we found a way to do that. We managed to get those devices secured, and therefore, increase the security of our systems. That kicked off from Ranger, and that is a good use case.

Singularity Complete has helped free up our staff for other projects and tasks. For example, with automation, I have been able to patch some of our systems, which has freed up time for our help desk team. They do not have to patch some of the systems. It has also been helpful for deploying some of our agents for our other tools. If we deploy through SentinelOne using the script, that frees up our team's time.

Singularity Complete has helped reduce our organizational risk. The previous solution we had was signature-based, so for endpoint detection, it has to know a certain kind of attack before it can detect it or even block it. Because Singularity Complete is more looking at the behavior of running processes and how these processes interact with other processes on the system, it has helped to reduce the risk. We are not relying on static detection signatures. We have got real-time detection. Singularity Complete can detect things that may be the first-ever attack in the world, and we get notified about it. It does reduce the risk.

I work in vulnerability management, and for me, at the moment, its automation is most valuable. For the SOC team, incident visibility would be most valuable, but for me, it is automation.

In automation, if we could schedule when we run the task and on which systems we want to run the task, it would improve automation.

I have been using this solution for two and a half years. I have been using it since I joined this company.

We have not had any issues with it. It has always worked for me.

It is quite scalable. I do not see anything holding it back in that regard.

My impression of SentinelOne as a strategic security partner is very positive.

In terms of support, for a lot of support requirements, I go through the engineering team. They are very knowledgeable about Singularity Complete, but I did contact SentinelOne's support team recently in July. There was a particular vulnerability that Microsoft had already caught. Microsoft Defender had a setting that would automatically block the vulnerability. I raised the question to SentinelOne support asking whether SentinelOne has the same ability to block the vulnerability. It took me a few times to get them to understand what I was asking, and they could not confirm 100% that it was blocked. They just said that their solution does block vulnerability attempts, but they did not specifically do this particular one. Unfortunately, that interaction was not entirely positive. Overall, I would rate them a seven out of ten.

My company had an endpoint solution previously, but I was not with this company before they had Singularity Complete. They already had Singularity Complete when I got here. It was replacing the previous endpoint solution, so I cannot say whether Singularity Complete reduced our alerts or mean time to detect than the previous solution.

I was not involved in its initial deployment. I am with the engineering team. I have deployed SentinelOne on some systems, so I know the process, but I was not involved in deploying it or rolling it out company-wide.

It is in the cloud, but we have SentinelOne agents deployed on our systems. These agents report the data back to the cloud, which gives us the ability to see all of that data.

In terms of maintenance, the team that maintains it performs agent updates. They can be pushed automatically, but our engineering team has decided to not push the updates automatically because they could potentially break something or may not be fully compatible with a current version of, for example, macOS. There is some maintenance in that regard. There is also maintenance in terms of relieving some aged SentinelOne nodes. We might remove those. I would not necessarily call it maintenance, but when we set up particular alerts, we may maintain those alerts based on our requirements at the time. It may be the vulnerability being escalated in the wild, or we might want to set up some sort of detection that can basically detect or indicate any compromise. We maintain all of those rules.

I do not know much about the pricing. What I do know is that the person who negotiates most of the pricing is quite a hard bargainer. In that regard, he often says that he managed to get a very good deal. When we first looked at replacing our old system with Singularity Complete, its price was definitely a big factor. Back then, Singularity Complete was fairly new to the marketplace. We got quite a good deal as an early adopter. They have honored that and respected that we were an early adopter, and I feel we are still getting a very good price.

It is definitely worth considering. It is definitely up there with the best of them now. A few years ago, it probably was not. It was in the early stages, but now, it gives us everything that we need today. They invest heavily in the platform. That is important as well. If you buy it today, in a year or two, you will get a lot more features for your money.

It is quite mature now. Over the two and a half years that I have been using it, there have been numerous feature enhancements. As a basic endpoint detection response, it is very mature, and it now has other features, such as the Ranger functionality and automation, on top of it. It is a very mature offering now.

When it comes to integrations, I do not know about any tools that I have used with Singularity Complete. We just bought Wiz.io for our company, and I understand that SentinelOne links to Wiz.io. I have not personally used it, but I will be using it soon. From what I understand, it is going to be quite useful because if we detect an incident or an alert on a cloud system that Wiz.io manages and has visibility of, we can then get more information about that cloud system. For example, it could say, "We detected that this vulnerability attempt has been made, or one of the exploit attempts has been made on your system." We then get all of this information from Wiz.io which says, "Actually, the system is not vulnerable to that vulnerability." At that point, we would think that we do not need to worry as much, but we are going to see the investigations.

In terms of its ability to ingest and correlate across our security solution, we do not necessarily ingest into Singularity Complete, but we ingest Singularity Complete into our central SIEM. It is very difficult to ingest data into that SIEM.

Overall, I would rate SentinelOne Singularity Complete an eight out of ten.

We use SentinelOne Singularity Complete for the EDR piece, and we have it installed everywhere.

Singularity Complete works well with other SentinelOne solutions. We must make sure to whitelist the right binary with other tools, and that is all.

The ability to ingest and correlate data across our security operations is good. We can send all of the events to our SIEM system, or we can use Singularity Complete's built-in SIEM functionality. I believe the retention period is 14 days by default, but we purchased the additional package that allows us to store data for longer.

Ranger is a great tool that lets us see what's on our network which is extremely important. It pings other devices on the network and tells us what kind of devices they are. We're big fans of Ranger!

Ranger does not require any new agents, hardware, or network changes. It automatically starts mapping out the network, which is great for us.

Ranger helps prevent vulnerable devices from becoming compromised by alerting us to their presence. This allows us to proactively install SentinelOne on these devices, which is a very helpful tool.

SentinelOne Singularity Complete has helped improve our organization by preventing hacks and providing us with visibility into our devices through the Deep Visibility plugin that we have enabled.

It has reduced the number of alerts we receive by 80 percent. We spent the first six months tuning the workflow of different admins and users, and after that, we only received alerts that required action.

It has helped free up our staff to work on other projects and tasks. They now only receive actionable alerts, without any false positives, which saves them a few hours per week.

Singularity Complete has reduced our MTTD by 40 percent.

Singularity Complete has helped reduce our MTTR. We are alerted right away and we can access the dashboard and respond from there quickly.

I like the centralized management with the web dashboard. It allows me to quickly view incidents and see what's happening in a well-organized way. I can also easily query different points.

SentinelOne should include Ranger Pro out of the box with Singularity Complete.

I have been using SentinelOne Singularity Complete for one and a half years.

We have run SentinelOne Singularity Complete on many different machines without any stability issues.

SentinelOne Singularity Complete is scalable.

We've had nothing but fantastic things to say about the support. Our technical account manager is great, and the support staff has been very helpful. We've also been onboarded with SentinelOne Singularity Complete, and everyone from the account manager all the way down to the support engineer has been excellent.

We replaced Symantec Endpoint Security Complete with SentinelOne Singularity Complete to improve our security posture because Symantec was outdated.

The initial setup was straightforward and required six people for deployment, which took a few weeks to complete. Some teams took a little longer to figure out their deployment, but we deployed the whole system enterprise-wide within a month or two.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is a mature solution.

We have deployed SentinelOne Singularity Complete across multiple locations, departments, and operating systems, including Windows, Linux, and Mac. We have around one thousand endpoints.

The only maintenance required is the package updates that are released to keep the solution up to date. The cloud version is automatically updated by SentinelOne support, which manages it. The agents themselves must be updated manually which I do by clicking on them.

I recommend completing a POC to ensure SentinelOne Singularity Complete is a good fit before moving forward.

We use SentinelOne Singularity Complete to protect our environment.

SentinelOne Singularity Complete has helped us reduce the number of alerts we receive. I was attacked three times, and each time I received an alert. There were a lot of good features in SentinelOne that we were not aware of until we contacted them after we were hacked. SentinelOne took the role of fast response protection and took action.

SentinelOne Singularity Complete has freed up our staff's time to work on other tasks and projects. I made many changes to my department this year, including migrating all of my servers from on-premises to the cloud. With Singularity Complete, I was able to protect my cloud servers immediately and shut down my on-premises. I was also able to receive notifications of changes to IP addresses and users, which are common changes that occur during a migration. Sentinel was able to alert me every time there was a change.

In terms of service, SentinelOne has very great service. They respond immediately as soon as we open a ticket. I got attacked last year, and they were able to help me resolve my issues. So I got a fast response. Of course, we paid for it, but in terms of professionalism and support, they were extremely professional, and they have a lot of professional people working for them.

The most valuable feature is the quick response to attacks.

The SentinelOne portal is not user-friendly, which is one of its drawbacks. We have to search for options to disable and enable protection. We have to go through it on our own to find the options we need to add or remove notifications. SentinelOne did not tell us about these options until we encountered problems and had to contact them. We were not well informed. When we first implemented the solution all the options were turned off and we did not know that we had to navigate through and turn on what we required.

The MTTD has room for improvement. I was attacked last year and did not receive an alert from SentinelOne Singularity Complete until 24 hours after the attack occurred.

I have been using SentinelOne Singularity Complete for two years.

SentinelOne Singularity Complete is stable and we have not encountered any issues.

I would rate SentinelOne Singularity Complete's scalability an eight out of ten.

We do not have a support package, so we pay per use, which is expensive. However, they are very professional and follow up well. They took charge immediately, found a solution immediately, and blocked the ransomware attack. They also gave us details on what to do next. Two to three days later, they called my department back and followed up with the system administrator to make sure everything was okay. Overall, I am satisfied with their service.

I previously used Microsoft Defender and Sophos. SentinelOne is a much better solution than Defender and has a quicker response time to alerts and attacks than Sophos.

The initial deployment was straightforward. Implementing SentinelOne was not complicated, and more user-friendly than the others.

The deployment was completed by myself and one admin.

i did,it is OkiOk and unfortuantely was not a good experience thats i move to another reseller and it is ESI which also did have a good experience with their sale person at the end.

of course, when it comes to any security solution there is always a good return on this investment especially in our current situation and all the threats that we receive daily and attacks.

SentinelOne Singularity Complete is expensive compared to Microsoft but not Sophos. However, it is worth the price for its quick response and immediate remediation options.

i did evaluate Sophos, i didnt find a big difference but i felt more comfortable with sentinel one.

I would rate SentinelOne Singularity Complete nine out of ten. SentinelOne is one of the best security solutions I have worked with. I would rank it in the top three best platforms for security.

SentinelOne Singularity Complete is an aggressive and accurate security solution.

No maintenance is required except for updates that we push out to all end users.

For organizations that want an aggressive security partner, I recommend SentinelOne Singularity Complete.

Although SentinelOne Singularity Complete is expensive, I have no qualms about investing more money in the security of my department and data. I would definitely recommend SentinelOne Singularity Complete. It gives me peace of mind knowing that my data is safe.