The solution provides endpoint protection for all our desktops, laptops, and servers. We also use it for some of the firewalls on the endpoints. We are also doing asset discovery for devices.

Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product. So, we can push SentinelOne onto those devices.

Recently, the vendor took away my ability to create a ticket, mostly because we're in an MSSP environment. It has created a lot of extra hoops to jump through. I recently had a single sign-on issue on the console. I had to go through my MSSP. It took a month and a half to two months to get any resolution on it because my MSSP can't test our single sign-on. They don't have an account in that system. It has been very detrimental to effectively solving issues. I understand that the vendor does not want the clients of the clients submitting tickets. However, when I'm the one who's doing the majority of the work inside of SentinelOne, removing that from my ability has been very inconvenient.

The filtering features of the application management console could be improved. If I search for applications that shouldn't be installed on our endpoints, filtering is not the most straightforward process. Running through the search process takes a lot of time and effort. It would be hugely beneficial if the tool blacklists the applications that are not allowed to be installed. It would help with the management of unapproved applications or malicious applications that might be installed.

The automated agent upgrade system could use a little bit more fine-tuning. The maintenance windows must be a little bit more robust. I have to manually set what agent we're pushing each time we want to change instead of asking the tool to do N-1 for agent upgrades. It's automatic, but it's not quite automatic.

I have been using the solution for two years.

We've had fewer issues with stability recently, mostly because they made some changes to the actual agents. Shadow copies were filling up the drives and causing some crashes. However, the more recent agents have been much more stable, which has been wonderful.

The tool is very scalable. If we use all of our agents, it's very easy to ask the vendor to add more agents to our license. They get that taken care of, which is really nice. It's been very easy to change and modify groups as we need to.

Exclusions have been very straightforward. I would love to see the exclusions to look at the machines in a group and inform us when we have exclusions that are not found in the directories on the machines. It will help with the removal of redundant or unused exclusions. It will remove some of that risk.

I don't have access to create tickets. The vendor removed the ability. I need to talk with our MSSP for support. They sometimes send us support articles that we already have access to. It takes an extra three to four days to get things resolved. In the most recent case, it was a month and a half.

We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.

The initial deployment was pretty straightforward from my perspective. We were able to take the package and deploy it, which made it really easy to get it on all of our endpoints. About ten people were involved in the deployment.

Our MSSP helped us do the deployment. We used the asset management tool Ivanti to push out the agents.

The pricing is packaged in with our MSSP. The cost of endpoint protection is fairly reasonable. Some of the other systems are a little expensive, but there's still value behind them. It's pretty close to what I would expect.

We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.

The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.

We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.

The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.

It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.

We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.

The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.

The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.

The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.

The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.

It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.

It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.

Overall, I rate the solution an eight out of ten.

We use Singularity to protect our staff computers, the hospital network, and virtual machine servers. Singularity helps us ensure our environment is fully protected in light of the increasing cyberattacks hospitals face.

Singularity's Ranger feature provides deep visibility. We implemented some rules, and Ranger scans the system based on the criteria we set. Ranger's ability to scan without agents or network changes is crucial because we want to minimize the number of changes needed on end-user machines. It's an excellent tool for minimizing risk and detecting threats before they disrupt our network.

The solution has decreased the number of alerts we see. We get notifications and email alerts that some user machines are compromised. Singularity does a good job with bad files and data, allowing us to tackle those threats before they become bigger problems.

Singularity has helped free up staff time. For example, it automatically updates virus definitions so we don't need to do that work manually. Singularity pulls the latest virus definitions on its own. It actively monitors our machines without us having to do anything.

It has reduced our mean time to detect by about 70 percent. Singularity has reduced the mean time to respond by roughly 90 percent because we can choose to respond to a threat by rolling back, deleting, or quarantining it. It greatly reduces our overall risk by about 30 percent.

Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked.

The interoperability is solid. We've integrated Google Authenticator with SentinelOne for multifactor authentication, so it works well. We also use Citrix multifactor authentication. It works well with our other systems.

The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load.

I have used Singularity for about a year.

I rate SentinelOne Singularity seven out of 10 for stability. The stability and performance could be better.

Singularity is highly scalable. We can easily cover all our machines with it.

I rate SentinelOne's support seven out of 10. SentinelOne's customer service isn't that great. There's only so much they can do before they just tell you to look at the documentation.

The deployment was straightforward. We worked with a trainer and implementation specialist over at Sentinel. Four people from our team and one from the vendor were involved. After installation, the primary maintenance is ensuring the agents are deployed to the end-user machines.

Singularity is fairly priced.

I rate SentinelOne Singularity Complete eight out of 10. It's a high-quality product compared to what else is on the market. When implementing Singularity, it helps to organize your machines into groups like laptops, servers, and desktops and then push the agent to those groups separately.

We got rid of our previous vendor, and we went with SentinelOne. We basically use it as our AV platform. In other words, it is supposed to be a solution that is next-gen and can detect ransomware and give us the opportunity to roll back if we are attacked.

The organization wanted to take advantage of their rollback feature so that, if we ever did suffer ransomware, that would help us with triage or remedying the issues.

The rollback feature is the most valuable aspect of the solution.

In terms of its ability to ingest and correlate across our security solutions, we're still early on. The implementation team has helped us turn on the XDR feature, however, we haven't utilized it as much as we should. We're still testing the capabilities.

We did a pilot with the Ranger functionality. The organization opted not to purchase it just yet. Long-term, next fiscal year, we may adopt it. It does come at an extra cost. It may be added during the next renewal.

The previous vendor had a lot more features and capabilities under the license. For example, I lost DLP as Sentinel One does not have DLP. By choosing this solution, I created a security gap.

It has not helped us reduce our alerts. In my last solution, I did not get alert fatigue. We are fresh into the implementation and are getting a lot of false positives.

We just went live this past year. I would say we have been using the solution for maybe six to eight months.

The product has been up more than it's been down. We typically do get alerts if there is a maintenance window. That's appreciated. There have been times when we have had issues accessing the console. that tends to get resolved quickly. That said, no one vendor can boast resiliency.

We only have one module or solution from them. We haven't tacked on multiples from a scalability side. However, from a licensing side, it's easy to add extra agents, it's easy.

I've contacted technical support multiple times. The level of satisfaction is 50/50. It depends on who picks up the ticket on their end. If it's a level one help desk versus an engineer will dictate how easily we get an answer or not. If someone is not well-versed on the backend, we'll need to escalate and that takes time.

We previously used Trend Micro. It was cheaper and had more features under license. However, management was looking for cyber security insurance and methodology. Therefore, management decided to go through Sentinel One.

Getting the solution spun up and put into the environment, and getting it set up to where it's working smoothly, was okay in terms of a process. They are like any other vendor trying to give you a white-glove service.

I was involved in the initial setup.

Once we understood the methodology, it was pretty straightforward.

I chose to rely on people who knew how the product worked. I relied on their input and insights. We did procure professional services to really get into training and understanding the solution.

The learning curve continues to be the false positives. I've had to create a new exclusion list from scratch. I'm still going through the process.

New users need to have a work-in period. There will be a period to get all of the little anomalies tweaked out.

There were three of us implementing the solution.

There's no real maintenance to worry about. That's why we purchased the SaaS solution. We do need to update the agent.

I implemented the solution with the assistance of professional services.

Purely from a budget perspective, Sentinel One was more expensive than my previous vendor, plus I lost a lot of features. I can't say that I see cost savings yet while using the solution.

We also piloted CrowdStrike.

I haven't used the solution in conjunction with any other third-party solutions and can't speak to its integration capabilities. We will do that, we just haven't yet.

The solution hasn't freed up any time. It's the same as our old solution.

So far, it has not changed our mean time to detect. However, I have not seen a true positive yet. I would need to see a real threat come into my environment yet. This is true with the mean time to respond. The process is exactly the same. I have it configured so that if anything is critical, I get real-time alerts.

I'd advise new users to hone in on the subject matter experts and grill them during the POC. We were so accustomed to doing workflows a certain way, it was almost like how we had to learn how to walk again when we switched solutions.

I haven't seen Sentinel One's innovation just yet. We have asked for adjustments or features. We're going through a feature request platform and I have yet to see them implement a feature we requested. My previous vendor, Trend Micro, was very willing to implement changes.

You can't just take it back if you don't like it. It's here to stay. There's no going back to the previous vendor. We need to make it work. We want to stay with them at least a good while.

I'd rate the solution eight out of ten.

I would advise new users to understand what workflows they are accustomed to and how their current setup works so that they can ask a lot of questions during the POC. It's important to fully understand Sentinel One's logic to be successful.

We utilize SentinelOne Singularity Complete as an EDR and MDR solution for both our clients and internal operations.

We wanted to offer our clients a next-generation, AI-based antivirus solution for their endpoints, which is why we opted for SentinelOne Singularity Complete.

We incorporate SentinelOne Singularity Complete as a component of our multifaceted cybersecurity approach. Therefore, its capability for integration, as well as its capacity for data ingestion into NXDR, holds great significance for us.

SentinelOne Singularity Complete functions effectively in ingesting and correlating data across all our security solutions. While we employ an additional SOAR for more extensive correlation, SentinelOne Singularity Complete performs exceptionally well at the endpoint.

SentinelOne Singularity Complete is utilized as a component of our Managed Detection and Response service, resulting in a reduction in the number of alerts forwarded to us.

It helps free up our staff to focus on other projects.

SentinelOne has helped reduce our MTTD. It has also helped reduce our MTTR.

SentinelOne Singularity Complete helps our organization save money through pass-through cost savings.

It helps reduce the risk for our organization.

The most valuable feature is the machine learning capability, as opposed to the traditional rule-based antivirus. This is essential for effectively stopping malware attacks.

We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs. There is potential for improvement in the cost aspect.

The area in which I would recommend SentinelOne to continue progressing is focused on enhancing its product. This involves not only internal development but also strategic partnerships similar to the Wiz integration which brings a lot of value.

I have been using SentinelOne Singularity Complete for three years.

It is stable. The downtime has been minimal.

The solution has met all of our scaling requirements.

I previously used ESET and McAfee. We sometimes still use Microsoft Defender for some use cases and we have some clients that still prefer to use CrowdStrike.

The implementation is carried out in collaboration with our partner, ConnectWise. While we handle the agent deployment, they manage all the configurations.

If we weren't using any protective measures, and we were consistently experiencing security breaches, this would result in an exponential level of risk when compared to an alternative solution. Expressing this concept can be quite challenging. How would we even identify if a breach has occurred? Typically, we'd notice something like data encryption taking place.

So, I believe implementing robust cybersecurity measures is an essential aspect of operating in any technology-dependent field today. It's essentially become a fundamental requirement. That's how we perceive its significance in the present day. Therefore, we communicate this necessity to all our clients and that is where the return on investment can be perceived by using SentinelOne Singularity Complete.

The cost of utilizing all the features of SentinelOne Singularity Complete is high.

I rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete EDR and MDR endpoint agent is a fantastic product. We layer that with other solutions as opposed to only using SentinelOne Singularity Complete.

SentinelOne is undoubtedly a market leader, and I believe it offers a comprehensive and excellent solution. It is on par with other next-generation or AI-based antivirus solutions available in the marketplace.

Depending on the organization's current solution, if they are transitioning from a product like ESET, then the approach to antivirus will be completely different. If they are transitioning from CrowdStrike, I believe the change will be less significant. Testing needs to be conducted, but I anticipate that they can observe immediate value from SentinelOne Singularity Complete. Furthermore, I am confident that they can deploy it without significant concerns about increased risk. Personally, I have never been worried about introducing additional risk by using SentinelOne Singularity Complete.

We deploy and manage the product for hundreds of clients.

We are a large global insurance company and we're trying to help proactively find a way for clients not to get breached by ransomware. This product is part of the way we do that.

The range and functionality are great.

The remote script orientation is good.

The level of vigilance is impressive.

Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well.

The solution's ability to ingest and correlate across other security solutions is helpful. It's been very important in terms of how we will move forward with the product. We're in the process of consolidating security solutions right now. Hopefully, it will help us reduce the use of some tool sets. It's helped us automate more and correlate better by bringing in data sets from different areas or systems so that we get a sense of threats. That's been really critical.

It provides increased visibility through Ranger. We don't need new agents or hardware. The ability to look for and find new devices that come onto the network helps us protect more efficiently.

It's been a great product in a couple of ways from my analysis of working on it. They have a great user interface, for example. It's easy to install and easy to support. It's allowing integration from all the different parts of our business and data points. Then there is the breadth of services that are tied into it. The support infrastructure overall has been great.

Singularity can correlate with other data and it helps us put an automated lens around everything to reduce the amount of alerts we'll get.

We can scale with the solution and not have to scale more analysts. It helps us be more efficient.

It has already helped reduce the mean time to detect. The mean time to respond has been okay.

It's also helped us save costs. We're able to deploy a standardized solution that's really well-defined and offers very good training. The ability to scale has been wonderful and it's helped reduce the overall cost of the service we provide.

Singularity helps us reduce organizational risk from a customer perspective.

I'm able to have my analyst view everything from one console, and we have multiple boxes with them, and we have to log into separate consoles to access each of those one boxes. We really need a more centralized view of all of our environments.

The MDM functionality and maturity still need improvement.

I've been using the solution for two years.

I have contacted technical support in the past. They've been very responsive and helped us drive problems to completion. We've had no issues there.

We were using Carbon Black previously. Singularity has been much better about mean time to detect. It's likely 15% to 20% better by comparison.

Carbon Black also didn't operate from a place of integrity.

I was involved in the initial setup and found it to be straightforward. I cannot really how long it took to fully deploy.

We handed the setup internally.

The pricing is great. I don't have any issues with it.

I'd rate the solution eight out of ten.

SentinelOne Singularity Complete serves as our everyday Endpoint Defense solution. We oversee daily detections and manage Sentinels, workstations, and servers. We strive to safeguard our assets and environment, while also defending against malicious processes and files.

We utilize Visions and its services. Visions and SentinelOne Singularity Complete are closely linked because we are now monitoring not only our products, endpoints, and environment, but we have also engaged Visions as a form of Managed Security Services Provider. Another aspect I find particularly valuable is their API. As a result, we've seamlessly integrated this solution with our SIEM system, which is functioning effectively. This is undoubtedly a tool that we employ, both in conjunction with Visions and our SIEM products.

It's capability to ingest and correlate data across our security solutions is impressive. I utilize tools such as Visions and Sentinel whenever I need to access or retrieve any telemetry. These tools, along with the enhanced visibility they provide, enable me to proactively conduct threat intelligence, explore my environment, and query assets generating alerts.

SentinelOne Singularity Complete has assisted us in streamlining our security solutions. We now possess the capability to identify malicious threats, and the system will automatically safeguard the relevant information, quarantine the threats, and revert any alterations made by the threat.

It has effectively defended our environment against numerous malicious actors. With a membership of over ten thousand, the solutions help safeguard their data effectively.

Singularity Complete has helped us reduce the number of alerts we receive by approximately 30 percent. The false positive issue has been addressed by working with Visions. We remediate these issues and then classify them as false positives, rather than repeatedly receiving alerts as in other solutions. As a result, we now experience fewer alerts than initially expected from day one.

It has assisted in releasing our staff to focus on other projects and tasks. Visions reviews all alerts, forwarding only the true positives to my team for investigation and response.

The agents are live, so our Mean Time To Detect is in real-time.

Our mean time to respond is in real-time. If an issue is escalated by Visions, we receive it instantly. Once it's recorded on the disk, it promptly gets escalated to them. They detect it, review the matter, and subsequently escalate it to us. Then, we review it together, all in real time. There is no downtime during which we have to wait.

SentinelOne Singularity Complete certainly reduces costs for our organization, as we need fewer personnel and don't have to involve numerous analysts due to the presence of Visions. It has also decreased our organization's risk by approximately 30 percent.

I appreciate the network control as well as the device control. These two features are truly excellent. I occasionally utilize the custom rules as well.

I would love to see improvement in the integration of SentinelOne Singularity Complete and Visions to better utilize the information we receive.

The browser extension for SentinelOne Hunter is a product designed for monitoring and detecting at a browser level. This library is widely recognized. It should not only detect incidents but also proactively block them within the browser environment. Therefore, I would appreciate seeing the browser extension react more effectively to events, going beyond mere detection.

I have been using SentinelOne Singularity Complete for one year.

I rate the stability of Singularity Complete nine out of ten.

I rate the scalability of Singularity Complete nine out of ten.

We have used technical support a few times, and they were excellent and very competent.

We have seen a return on investment.

The organization assessed Carbon Black but found greater value in SentinelOne Singularity Complete.

I rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is a mature solution that offers a multitude of features and the potential to enhance security within an organization. This presents significant value for security professionals.

We have deployed SentinelOne Singularity Complete across multiple divisions, various business units, and numerous locations spanning Europe, the US, and Japan. As a global organization, Singularity Complete seamlessly integrates with any internet-enabled entity, providing robust agent support upon connection.

Two individuals are responsible for the maintenance tasks, which include updating agents, upgrading policies, and deploying packages.

Having SentinelOne as a strategic security partner is a positive development.

Before assessing Singularity Complete, we need to dedicate a substantial six-month period to thoroughly engage with the product. This entails working with it on a daily basis, comprehending its intricacies, and obtaining full administrative rights to explore and interact with all its features and functionalities.