We bought the product for endpoint protection and platform use, where we have two environments: one is the endpoint with laptops, desktops, and VDI environment, and the other is our server environment. We are using CrowdStrike for the server environment, while for the desktops and VDI environment, we are using SentinelOne, Singularity Platform.

The benefits from the product include that Singularity Platform provides complete end-to-end visibility on our malware protection and our ransomware protection across our desktops, endpoints, and thin clients and VDI environments, allowing us to control zero-day protection across our environment. There is no need to do any signature patch or anything; we only updated the sensor and fine-tuned the policy here and there during the implementation. We focus on prevention and detection instead of only detection, and we do quarantining as well, leading to complete end-to-end protection across our desktops, laptops, and thin clients and VDI environments.

The real-time personalization feature provides protection against zero-day attacks. Real-time monitoring is very much available in Singularity Platform because once the agent is up to date, it protects critical assets across our network against malicious attacks. Malicious attacks pose a big challenge as if someone downloads malicious files, we face risks. Once an EXE file with vulnerabilities is detected during installation, it will be quarantined, indicating how effective real-time functions are in those scenarios.

From an operational perspective, the customizable dashboards are easy to use, but I face concerns with the alerts from the email ticketing system. We receive alerts for every event, such as USB access attempts, which can create unnecessary noise. We fine-tuned the alert mechanism after implementing the solution to reduce this noise.

The alerting mechanism could be improved in Singularity Platform as I want to fine-tune the alerts based on the specific environment. Each environment has different requirements, such as IoT or manufacturing, and we must adapt our policies accordingly.

I have been using the product for the past two years.

I see no particular areas of improvement for the product because, having used both SentinelOne and CrowdStrike, I find SentinelOne to be good as it performs its functions without requiring much manpower after deployment. The automation helps a lot, and once implemented, we face no further issues regarding stability or scalability; everything works absolutely fine.

Singularity Platform is scalable and stable, with no issues on that part.

The tech support from SentinelOne is great.

The installation process is quite easy, with no significant issues encountered.

We can achieve ROI in about nine months rather than one year. We save approximately 20%.

Singularity Platform is very affordable compared to other options.

I would say both SentinelOne and CrowdStrike are equally good, at a 50/50 assessment between them.

The impact of Singularity Platform on our supply chain processes is significant, as supply chain processes are a real headache for the complete organization. Whenever we face any supply chain challenges, we ensure that all end-user and end patch management are updated. We must ensure that particular patches do not have zero-day vulnerabilities or critical vulnerabilities. Ensuring proper IT hygiene is a challenge as well, as some users may not be using the latest patches or may have to stick to legacy applications that prevent upgrades. Protecting our networks and systems is crucial, especially when considering that older operating system versions may not be supported. The challenge in supply chain management is significant.

We use the fraud detection feature for financial services, where we provide financial applications and solutions to our customers. It helps with risk management as it comes with a complete structured approach whenever we implement Singularity Platform. We must ensure that the systems or agents are properly implemented in a tested environment. We first identify risks and then respond. Sometimes we only detect malware files, and depending on the use case, we do our risk assessment and develop a risk methodology to put policies in place based on whether we are using Windows, Linux, or legacy systems.

Regarding the implementation issue, moving from traditional signature-based antivirus solutions to an EDR solution means the new solution must do complete scanning on the initial implementation. However, EDR functions only when incidents occur, which is a change from the previous method used by typical antivirus solutions that scan all files. It is a challenge to explain this shift in expectations, but EDR only reacts when necessary, unlike traditional tools.

I believe Singularity Platform is perfectly fine overall. Some issues with report functionalities and latency are present in other solutions, but not here. The moment we implemented it, everything was clear. It is an excellent, robust tool for protecting our endpoints.

One small example of a challenge I faced is related to connecting my log management part, specifically SIEM. I encountered some issues with parsing when connecting SentinelOne to QRadar for log management.

I would rate this review a 9.

For the major use cases for the client, I would mention EDR.

I have worked and implemented Purple AI. While we were in India, it is more about data privacy as a protection law which has been implemented. Purple AI is collecting all the information which needs to be evaluated and correlate this entire data and segregate and disseminate into different roles and privileges. We have utilized that. These are the mechanisms which are very new into the Indian market and customers and their team members created it and accepted it as well. That is one of the major reasons to sell SentinelOne Singularity Complete.

However, we have not implemented the SecOps feature in major installation as of now.

SentinelOne Singularity Complete helps to reduce alerts by almost fifteen to twenty percent. The false alert activation is much more effective in SentinelOne Singularity Complete in competition with all the comparative tools.

It helps to free up my people and staff for other projects. It depends on a project-to-project and team-to-team basis, but it really helps. I would estimate between thirty to fifty percent.

SentinelOne Singularity Complete helps to reduce MTTD by about twenty to thirty percent.

For MTTR, it is almost another way for between fifteen to twenty percent.

As a reseller and user, I would say that SentinelOne Singularity Complete is better than its competition. I have evaluated Palo Alto, Trellix, and CrowdStrike as well. SentinelOne EDR is much better than all of them. The capability and technical capabilities are superior. It is efficient and faster detection.

For ingestion and correlation across security solutions, the agent is quite heavier when compared to other competition. The agent has to be light-weighted. That is one of the drawbacks for the competition. They have to work quite a lot.

I have been selling the product for three and a half years.

As for stability, there are no issues. It is stable.

As for scalability, it is acceptable. The scalability depends entirely on how much security is required for it. It is easy to scale that.

I would say technical support from SentinelOne is excellent. Everyone in SentinelOne is known to us for the last many years.

I would rate support eight point five out of ten. One point five has been removed just because many times it has been delayed or the support has not been available due to vacation. That should be a challenge. Ten out of ten would not even be given to AWS.

SentinelOne stands out and is the best product among those, especially in India. There was a recent strike incident with Microsoft, and SentinelOne's approach is much better and much more effective.

It is easy to deploy. The deployment model depends on the type of organization. If it is government, then it has to be on-premises. If it is more like an enterprise and BFSI, that can be over the cloud. In India, it has to be done with the intent. It can be into the SentinelOne cloud with an instance in India, or whether it has to be AWS or Azure, they are acceptable in any format.

There is a chance to buy this product through AWS Marketplace, the CPPO. I did that previously.

It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the pricing.

I do sell SentinelOne Singularity Complete.

I am a Chief Security Officer for Technocentric.

I have been selling this product for the last three and a half years.

I have been involved in this domain for twenty-five years.

I would give SentinelOne Singularity Complete a rating of nine out of ten.

I have worked with Singularity Platform, and I'm well-versed with Cloud Security, but I have not worked with the AI CM. Singularity Platform comprises three things: Identity Security, Endpoint Security, and Cloud Security. The platform has multiple products including Singularity Identity, Singularity Complete, and the AI-powered Singularity XDR. I have experience with Singularity Identity, Singularity Endpoint, and Singularity Complete products, and we will continue to work because we have more opportunities on this.

Purple AI provides features and functionalities that have been asked for by customers, and we have given those functionalities to them using Singularity Platform.

When we manage Identity Security and Endpoint Security, it's from a single console. We get data and visibility on everything happening in our environment and how it is related. We can integrate many other solutions such as Fortinet firewalls and Palo Alto firewalls. Singularity Platform provides a marketplace with many kinds of integrations with mail security solutions and firewall solutions that are very helpful for customers from the XDR point of view. We haven't used the SIM as of now, and we have not given the AI SIM to customers, but we have evaluated the product. To my knowledge, I think it's good, but when it comes to use cases, we will be able to tell how it exactly addresses the client's requirements, how it gives alerts, and how it stores data on correlation time. We need to implement it in the client's environment in order to get proper feedback.

These were the features and functionalities which have been asked for by customers, and we have provided those functionalities to them using Singularity Platform.

For the past three years, after Corona, we have started using Singularity Platform.

During the time of attacks, if there is any data loss, we were able to easily roll back those attacks and retrieve that data for the client with a single click. That's how Singularity Platform works for endpoint security. When it comes to Identity Detection and Response, it also gives much more visibility on what identities are weak. It scans all usernames and passwords in the Active Directory or Azure Directory. If you have Azure Directory, integrating with the Identity Security or Posture Management solution allows us to find out what users are in a vulnerable state and all the users to which they might have received five to ten attempts. If those kinds of attempts are received, that particular user account will be locked. We were able to write these kinds of rules from Singularity Identity itself. When it comes to threat intelligence, Singularity Platform holds its own threat intelligence data lake, and they have introduced Purple AI, which is very useful for us when dealing with attacks.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

Singularity Platform has an easy-to-use console. When it comes to customization, it has some options, but I wouldn't say it is very customizable. If you are asking if this is fully customizable, I would say it is partially customizable, not fully customizable. In some places, I can understand from a security background that they have kept those features considering security. However, it lacks customization and could enable much more than that.

Even though Singularity Platform has multiple integrations with multiple solutions, it still needs more because competitive vendors such as CrowdStrike and Trend Micro provide more integrations than SentinelOne.

The first thing I would say about the negative side of Singularity Platform is that it lacks some customization and integrations compared to competitors. We can integrate Fortinet and Palo Alto, which are big players, but there are many other small companies. Even Zoho is a significant player in our market, but there are no integrations for Zoho.

For the past three years, after Corona, we have started using Singularity Platform.

In SentinelOne, we have not received reports regarding outages. Until now, we have not experienced any issues regarding stability. The product is pretty stable, and even if the agent is offline, it will handle the threats. This is pretty solid and stable.

Singularity Platform has flexible licenses, and it is also easily scalable.

The technical support from SentinelOne is very good.

One of our customers had an attack and they were using CrowdStrike. We proposed the SentinelOne alternative solution, and we were able to manage to get some details about the attack and present it to the customer.

This is a straightforward approach. Singularity Platform provides pretty much everything that is easy to configure, even by a fresher. If a fresher has basic experience in configuring endpoint security, they would be able to handle SentinelOne. The console and the configuration part are that easy, but for an endpoint security specialist, an understanding of how threat vectors evolve and how they are attacked is necessary. The console view and everything, even writing queries in the XDR, are pretty simple.

Singularity Platform is hybrid and has both on-prem deployment as well as SaaS deployment. However, when it comes to the implementation or deployment part, they recommend cloud. We have done only cloud because even from the SentinelOne team, they tell us that they do not recommend on-prem. I will say that the cloud version is better since we haven't done any on-prem deployments, and I don't believe they recommend that for customers.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

It's average. It's not cheap, but not expensive—average cost and quite affordable.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

My remarks are purely based on feedback from my clients.

The key unique selling points for SentinelOne are its patented rollback option and offline protection. Even when an agent is offline, we are still able to protect it. There are some protection events happening even when the agent is offline, which is not available with most vendors that expect the agents to be online. That's a good thing about SentinelOne. Additionally, we have not received any complaints regarding performance issues. I rate this solution an 8 out of 10.

As a company, we are using Singularity Platform to manage the data on the platform.

We use Singularity Platform as a unified view where we can see all the data from our applications in one place. It manages everything into one place and we have automations, so we can perform certain actions and we have rules in there where if we want to perform these actions, they can happen automatically via the Playbook functionality.

The impact of Singularity Platform on our supply chain processes streamlines it quite well. It helps in the processes. It is basically integrated into our pipeline and it helps us to push product more quickly and more securely.

Singularity Platform's real-time personalization feature has helped our customer experience strategies by allowing us to have different workspaces where we have custom views, and depending on the use case because we have many products that use Singularity Platform, they interact with the UI in different ways, producing different elements and giving us tailored views for different products.

Customizable dashboards have helped optimize operational efficiency for us because we have different products and different UIs for different products, allowing us to focus on the things that matter for different occasions. Since we are working with multiple data sources and multiple products, we needed customized solutions to really pay attention to the things that matter. These customized dashboards make it faster to work with certain products. It is easier to identify what is wrong with the product or where we need more resources.

Since starting to work with Singularity Platform, I have seen really good integration and control from the platform itself. You can perform many actions remotely through the agent, which helps with the administrative work of checking the versions of the software on the computer and what software and services are running. This really helps us collect this information on an organization-wide level.

I think the ability to automate actions and workflows is the best solution out of Singularity Platform. Other solutions are quite static in this case. You cannot really set up steps and gather information, certain pieces of information, filter them out, and based on that data, perform actions. However, Singularity Platform makes it very simple.

Singularity Platform's real-time monitoring capability has indeed helped me in decision making, as it is one of the best features of the platform. It is working really well, and while the software could seem a little bit invasive because it is working on a kernel level, it really detects a lot of things, perhaps too many things. Sometimes, these customized solutions our developers develop also get flagged in real time, and the processes get stopped and are blocked, and we have to whitelist the processes. However, for enhanced security, we definitely want this.

I think some parts of Singularity Platform could be improved or enhanced, as you most likely need to know the platform quite well to write queries and search for information. There are a few too many similar fields, such as the storyline ID and the storyline, which sometimes gets confusing. Perhaps the distinguishing could be better, but correlation in general is done very well with the storyline because it is the platform's own field for correlating data.

We have been using the solution for two and a half years.

I have noticed only a few occasions where the features, particularly the search feature, are not working with Singularity Platform. The automations, however, are working. I did not notice that they announced maintenance in advance, so it was more that I was not prepared and did not read about planned maintenance. Other than that, everything else is good and stable, apart from short windows of four to eight hours of maintenance they do every month.

If I have to rate the stability level of Singularity Platform from one to ten, I would say it would be a strong nine.

I have not run into any issues regarding how scalable Singularity Platform is, so I do not see any limitations for scalability. It is probably doing very well in that regard.

It is important to have the scalability that we have with Singularity Platform because we are always expanding and onboarding new computers. Definitely, new employees come in, and it takes a small amount of time, probably twenty minutes to set up new workers.

My experience with the technical support of Singularity Platform is that they write us back semi-quickly. If I were to rate it out of ten, I would say they are quite helpful, perhaps an eight.

Before using Singularity Platform, I was not aware of any different solution for the same use cases. When I came to the company, we moved relatively recently to Singularity Platform. We were basically fully migrated from SentinelOne.

The process of onboarding new data points to Singularity Platform is quite easy to ingest. It is really simple to add new computers to the network; you just have one command to install the agent on the computer, and it automatically appears on the platform with data coming in. It is quite easy in terms of integration and expanding the existing network. Setting up the automation rules is not so easy initially, but once you know how to set up one rule, it becomes much easier to set up more advanced actions and automatic removals of certain software or scanning.

Before choosing Singularity Platform, we were evaluating other options, and we were using Microsoft side by side. Microsoft Sentinel was quite all right, but SentinelOne had more searching capabilities and threat hunting and more automation built in.

Regarding Singularity Platform, I would go for the platform. I am most familiar with that one.

I do not currently know what version of Singularity Platform I am using. I will have to check. Probably I am using the latest version because we have automatic updates.

We are not using the fraud detection feature in financial services, as we are not doing any financial services.

Regarding Singularity Platform's real-time personalization feature, we are using it.

Overall, if I had to rate Singularity Platform from one to ten, I think an eight would be appropriate. It is quite up to our standards. I would rate this review an eight overall.

SentinelOne Singularity Complete can be quite intrusive, but it has strong detection capabilities. The Ranger functionality of SentinelOne Singularity Complete for the EDR is extensively used for customers. Microsoft Defender has recently upgraded to XDR capabilities.

For Google SecOps, the only improvement I suggest is in terms of the reporting, especially for out-of-the-box reporting that seems very lacking right now. There aren't too many useful reports coming from out-of-the-box; we have to develop them ourselves right now.

SentinelOne Singularity Complete needs to work more on increasing true positive detections to make it closer to 10. A weakness seen with one large customer was that the detections were too intrusive, blocking many applications that should have been working, which led to many false positives.

While the others will be on the cyber threat intelligence, the primary is Google SecOps, and I think the other one is Azure Sentinel.

There is room for improvement for these solutions. It's mostly SIEM and MDR for SentinelOne Singularity Complete. I haven't used Vigilance MDR; I only know the name.

We mainly focus on SentinelOne Singularity Complete and Cortex, while the other EDRs that we have managed are less significant. It's almost similar since both SentinelOne Singularity Complete and Cortex have EDR and XDR capabilities.

In terms of non-locked XDR platforms, the best one is SentinelOne Singularity Complete right now for their XDR capabilities. Other ones such as Palo Alto Cortex or even CrowdStrike are locked into their own ecosystem right now since they have many products within that ecosystem. In terms of integration, even though it looks quite open, some are tightly coupled into their own ecosystem, especially for Palo Alto Cortex.

We haven't had that in-depth experience in terms of ingesting and correlating for SentinelOne Singularity Complete; we mainly use it right now for their EDR capabilities. Since we provide the MDR services, we mainly integrate those with Google SecOps right now for the overall SOC services. I think they are the most capable in terms of detection and response.

We only tried Purple AI but haven't used it quite extensively. I find the pricing very reasonable, especially right now compared to other top-tier EDR platforms at the same level. I usually recommend the product for both smaller and bigger organizations. My overall rating for this review is 9.

We protect our endpoints and servers, workstations, and we use Singularity Platform to ingest third-party data for alerts or detections.

We work in the cybersecurity industry, so we use Singularity Platform and implement it for our customers.

Singularity Platform basically keeps us protected. We utilize it across various sectors, including financial services, insurance, retail, and manufacturing. It has significantly reduced some of the risks associated with the current threats we face, both at the endpoint level and in terms of identity protection.

Singularity Platform allows us to have one single view of potential threats and the health of our environment, helping us optimize operational efficiency.

Singularity Platform is allowing us to detect threats early on and make sure that they don't proliferate in our environment if there are any.

The best features of this product include its ability to detect malicious software and malware, and the functionality itself is exceptional. The console is easy to navigate.

The dashboards can be improved, and their dashboarding functionality needs to be better. The way the dashboards look is not really impactful or meaningful.

I have three years of experience with SentinelOne.

Singularity Platform is stable; so far, so good.

It works. It's not designed for scalability, it's designed to protect the enterprise.

I would evaluate their customer service and technical support as very good, five stars.

Before, we were using Kaspersky, but then the Russians came in, and we had to stop using it. It's a Russian product, and with everything happening with that, we stopped using it.

The initial setup of Singularity Platform was straightforward. We have a team member here who handles it.

One person, a really good techie, handled the deployment.

I don't really see a return on investment; it's a necessary requirement today to protect the enterprise.

The pricing for Singularity Platform is good, and the setup cost is very minimal.

We evaluated CrowdStrike, Microsoft Defender, and Trend Micro before choosing Singularity Platform. The main differences between Singularity Platform and some of these others include threat detection ability, lower cost, and that was the key factor in our decision-making.

I would rate Singularity Platform a nine out of ten.

I have extensive experience with SentinelOne products and am particularly impressed with SentinelOne Singularity Complete. The solution integrates effectively with third parties.

I find it extremely reliable. For instance, I report monthly for compliance and other security metrics across our multi-cloud platforms. Primarily, we rely on Microsoft, especially with Entra ID and MFA. While Microsoft provides decent reporting tools, they can make it difficult to get high-level summaries. In contrast, Singularity allows me to pull insights across various platforms, not just Microsoft and Azure. Whether I’m using it within AWS, with single sign-on, or with one of our partners, I can see all the relevant data.

It has improved significantly with its upgrades, especially in threat hunting and analysis. Now, when it identifies a threat, it efficiently kills the process and attempts to quarantine the affected items. If it cannot, the system continues its automated threat hunting. This feature is fantastic because it remediates issues while maintaining a clear audit trail, which is great for compliance. However, a drawback is that although it handles threats effectively, I sometimes cannot access the necessary data quickly enough to address recurring problems and prevent them from escalating. The good news is that the platform is robust and supports our security needs. While it's not perfect, it certainly has its strengths.

The analytics and reporting can be a bit overwhelming. I love the dashboards, but I find that I need to better understand PowerQuery—specifically when to turn it on and off and its limitations. It's similar to SharePoint in that regard. As a former SharePoint instructor, I know it like the back of my hand. The best thing about SharePoint is that it can do whatever you want; the worst part is also that it can do whatever you want. You really need to know what you want before diving in. Most people usually have a good idea of what they need. SharePoint offers a lot out of the box, but you can customize it further if you wish. However, customization often requires hiring someone, which can be risky since you never know if it will work as intended. On the other hand, PowerQuery can help bridge some of those gaps within Singularity. The challenge arises when you want to incorporate what you've done into dashboards and charts, as there are limitations. For instance, I want more clickable drill-down options that allow me to filter on specific sections of the data, but that's currently not possible. It’s not to say that improvements won’t come in the future; it's just that it feels a bit early at this stage.

Additionally, I find some navigation features frustrating, like the back button in certain contexts. For example, if you open PowerQuery from a chart, it doesn't open in a new window or tab. Clicking the back button takes you all the way back to the previous state, causing you to lose whatever progress you made. However, I'm actively providing this feedback to my partner, Pro Circular, through whom we access SentinelOne. They take our input seriously, and I've been sharing my observations. They have their own views but are addressing the issues I raise. It's good to see that suggestions occasionally lead to updates and improvements.

I have been using SentinelOne for approximately three and a half to four years, with particularly intensive use in the last two and a half years.

Though I wasn't present for the implementation, the success of SentinelOne Singularity Complete migration heavily depends on having a quality partner. Prior to the purchase and recent changes, experiences with SentinelOne's support and product were not positive.

I obviously want it to be more affordable, and I believe we should be able to achieve that. However, my main concern is partner pricing; that's where they really need to focus. While we can manage it ourselves, if we're going back to the traditional service management model with trusted service providers, I depend heavily on ProCircular as our SOC partner. They offer a few different solutions, but SentinelOne Singularity appears to be the preferred choice.

Similarly, SHI can provide various options as well, but according to my account representative, SentinelOne is gaining momentum and improving significantly. However, it’s important to note that we're only talking about a timeframe of around six months. I'm happy to share this feedback because insights like these can impact future purchasing decisions for other tech leaders like myself who have decision-making authority.

As for pricing, it’s essential to address that. Reputation and quality are important, but especially in today’s economy, price is a significant factor. Unfortunately, many organizations are prioritizing price right now. My hope is that SentinelOne and Singularity can recognize the importance of partner pricing and economies of scale.

Right now, I'm focusing on the basics of cloud integration. I have established a standard that I need to recreate, particularly with SentinelOne. It serves two main purposes: it is our primary antivirus solution for both Windows and Linux. There are various ways to forward logs from other systems where SentinelOne cannot be installed, such as firewalls and databases. However, they all provide similar functionality. There are two types of integrations available: you can use a plug-in, or you can utilize the standard Singularity integration. For AWS specifically, I've standardized the ingestion of AWS CloudTrail data across all platforms. Azure has a similar capability, so now I can view all my cloud reports in one place instead of having to switch between different dashboards, like SentinelOne's or AWS's Security Hub and GuardDuty. I can consolidate everything into one platform, which is very convenient. The integrations are robust, and from a plug-in perspective, I realize that I might not even need to use them. Some older systems, such as Cisco, can forward logs to a log management system, and SentinelOne Singularity Complete handles those logs seamlessly, which is fantastic. There's still a lot more I want to accomplish, but I'm pleased with the progress so far.

It has evolved significantly. Prior to SentinelOne Singularity's acquisition of DataSet, there were numerous issues and negative feedback. Previously, common complaints involved having to implement exclusions due to lack of thorough investigation. However, these complaints have ceased since the changes were implemented.

They offer a lot of options, especially when it comes to integration. With the recent upgrades they've made to their platform, it truly appears cohesive, almost like a single pane of glass. There is a lot of consistency, which makes navigation easier. However, the challenge lies in the distinction between EDR and XDR. SentinelOne is still part of the product, but it’s important to recognize that SentinelOne and Singularity operate separately. This situation is both a positive and a negative. The positive aspect is the uniformity of the interface, which you would expect to make it more intuitive and user-friendly. I know they’re working toward that, but the systems are fundamentally different. Your EDR, XDR, and other tools need to be considered separately; one involves installation and monitoring logs, while the other focuses on ingestion. They do an impressive job of bringing together commonalities among EDR, XDR, and the managed extended detection response, but if you choose one path over the other, you need to understand that the approach may vary. It’s a bit of a blessing and a curse at the same time.

I would rate it an eight out of ten. For ten, it has got to be rock solid all over the place.