We bought the product for endpoint protection and platform use, where we have two environments: one is the endpoint with laptops, desktops, and VDI environment, and the other is our server environment. We are using CrowdStrike for the server environment, while for the desktops and VDI environment, we are using SentinelOne, Singularity Platform.

The benefits from the product include that Singularity Platform provides complete end-to-end visibility on our malware protection and our ransomware protection across our desktops, endpoints, and thin clients and VDI environments, allowing us to control zero-day protection across our environment. There is no need to do any signature patch or anything; we only updated the sensor and fine-tuned the policy here and there during the implementation. We focus on prevention and detection instead of only detection, and we do quarantining as well, leading to complete end-to-end protection across our desktops, laptops, and thin clients and VDI environments.

The real-time personalization feature provides protection against zero-day attacks. Real-time monitoring is very much available in Singularity Platform because once the agent is up to date, it protects critical assets across our network against malicious attacks. Malicious attacks pose a big challenge as if someone downloads malicious files, we face risks. Once an EXE file with vulnerabilities is detected during installation, it will be quarantined, indicating how effective real-time functions are in those scenarios.

From an operational perspective, the customizable dashboards are easy to use, but I face concerns with the alerts from the email ticketing system. We receive alerts for every event, such as USB access attempts, which can create unnecessary noise. We fine-tuned the alert mechanism after implementing the solution to reduce this noise.

The alerting mechanism could be improved in Singularity Platform as I want to fine-tune the alerts based on the specific environment. Each environment has different requirements, such as IoT or manufacturing, and we must adapt our policies accordingly.

I have been using the product for the past two years.

I see no particular areas of improvement for the product because, having used both SentinelOne and CrowdStrike, I find SentinelOne to be good as it performs its functions without requiring much manpower after deployment. The automation helps a lot, and once implemented, we face no further issues regarding stability or scalability; everything works absolutely fine.

Singularity Platform is scalable and stable, with no issues on that part.

The tech support from SentinelOne is great.

The installation process is quite easy, with no significant issues encountered.

We can achieve ROI in about nine months rather than one year. We save approximately 20%.

Singularity Platform is very affordable compared to other options.

I would say both SentinelOne and CrowdStrike are equally good, at a 50/50 assessment between them.

The impact of Singularity Platform on our supply chain processes is significant, as supply chain processes are a real headache for the complete organization. Whenever we face any supply chain challenges, we ensure that all end-user and end patch management are updated. We must ensure that particular patches do not have zero-day vulnerabilities or critical vulnerabilities. Ensuring proper IT hygiene is a challenge as well, as some users may not be using the latest patches or may have to stick to legacy applications that prevent upgrades. Protecting our networks and systems is crucial, especially when considering that older operating system versions may not be supported. The challenge in supply chain management is significant.

We use the fraud detection feature for financial services, where we provide financial applications and solutions to our customers. It helps with risk management as it comes with a complete structured approach whenever we implement Singularity Platform. We must ensure that the systems or agents are properly implemented in a tested environment. We first identify risks and then respond. Sometimes we only detect malware files, and depending on the use case, we do our risk assessment and develop a risk methodology to put policies in place based on whether we are using Windows, Linux, or legacy systems.

Regarding the implementation issue, moving from traditional signature-based antivirus solutions to an EDR solution means the new solution must do complete scanning on the initial implementation. However, EDR functions only when incidents occur, which is a change from the previous method used by typical antivirus solutions that scan all files. It is a challenge to explain this shift in expectations, but EDR only reacts when necessary, unlike traditional tools.

I believe Singularity Platform is perfectly fine overall. Some issues with report functionalities and latency are present in other solutions, but not here. The moment we implemented it, everything was clear. It is an excellent, robust tool for protecting our endpoints.

One small example of a challenge I faced is related to connecting my log management part, specifically SIEM. I encountered some issues with parsing when connecting SentinelOne to QRadar for log management.

I would rate this review a 9.

My main use cases for Singularity Platform are compliance and security operations.

I have found the correlations in Singularity Platform to be the most valuable. The main benefits the end-user gets from Singularity Platform are, first, the program itself being very small, and then we get better output from applications running on their systems. The output of the users has gone up 50%, although I don't remember other benefits at this time.

There are a lot of false positives in that, which is why I'm not working with it. The use of the fraud detection feature in financial services in Singularity Platform depends on the compliances that are applicable to the organization, so it may be useful for some and may not be useful for others. I did that by myself, not with the help of Singularity Platform. In my opinion, the real-time monitoring capabilities in Singularity Platform sometimes work and sometimes they don't, because there are a lot of false positives and people use unsigned applications which get deleted or quarantined by the product. It's not a 100% foolproof solution.

A point for improvement for SentinelOne is that the false positives are huge since people in India, at least, are using homegrown applications which get blocked. Right now, Singularity Platform is working fine, but people have concerns about enhancements like website monitoring that can be done through Singularity Platform itself, so they don't need to buy any SASE products for people working from home to control their browsing. If that feature can be included, it will be a big advantage.

I have been working with Singularity Platform for almost two years now.

I had some issues with that.

I would rate the scalability a nine.

Technical support will always be between six and seven.

The initial setup for Singularity Platform is very simple; the dashboard is quite simple, and the agents' installations are very simple, like one click, I would say.

For pricing, I would say it's a six. It could be cheaper, as I understand.

The main competitor for Singularity Platform is CrowdStrike at number one, and the second is Trellix, which is coming up very fast. The leader on the market is still SentinelOne, but if they don't add some add-ons to their product like Trellix and CrowdStrike have, they may lag very soon. If we do only apple-to-apple comparison on Singularity Platform, then I'll give it ten marks.

Singularity Platform functions as a security information and event management solution, and that is an inbuilt part of it. I believe in the correlations that I get because we work on it, but we don't use the Purple AI part of it. I'm not able to get clarity regarding the real-time personalization feature in Singularity Platform. I do not use the real-time personalization feature in Singularity Platform. It is a matter of false positives when people use it in my area.

Regarding the impact of Singularity Platform on supply chain processes, I don't have much on it, but it's a good product and the tracking is better with the log capturing and the data that we get from it. The customer does require customizations on the dashboards as per the requirement of their organizations; if it's manufacturing, medical, or financial institution or banking, then they will have different requirements for their dashboards, which are yet not available, so we have to actually build up those dashboards for them. I can recommend Singularity Platform to other users. I have provided this review a rating of 9.

For the major use cases for the client, I would mention EDR.

I have worked and implemented Purple AI. While we were in India, it is more about data privacy as a protection law which has been implemented. Purple AI is collecting all the information which needs to be evaluated and correlate this entire data and segregate and disseminate into different roles and privileges. We have utilized that. These are the mechanisms which are very new into the Indian market and customers and their team members created it and accepted it as well. That is one of the major reasons to sell SentinelOne Singularity Complete.

However, we have not implemented the SecOps feature in major installation as of now.

SentinelOne Singularity Complete helps to reduce alerts by almost fifteen to twenty percent. The false alert activation is much more effective in SentinelOne Singularity Complete in competition with all the comparative tools.

It helps to free up my people and staff for other projects. It depends on a project-to-project and team-to-team basis, but it really helps. I would estimate between thirty to fifty percent.

SentinelOne Singularity Complete helps to reduce MTTD by about twenty to thirty percent.

For MTTR, it is almost another way for between fifteen to twenty percent.

As a reseller and user, I would say that SentinelOne Singularity Complete is better than its competition. I have evaluated Palo Alto, Trellix, and CrowdStrike as well. SentinelOne EDR is much better than all of them. The capability and technical capabilities are superior. It is efficient and faster detection.

For ingestion and correlation across security solutions, the agent is quite heavier when compared to other competition. The agent has to be light-weighted. That is one of the drawbacks for the competition. They have to work quite a lot.

I have been selling the product for three and a half years.

As for stability, there are no issues. It is stable.

As for scalability, it is acceptable. The scalability depends entirely on how much security is required for it. It is easy to scale that.

I would say technical support from SentinelOne is excellent. Everyone in SentinelOne is known to us for the last many years.

I would rate support eight point five out of ten. One point five has been removed just because many times it has been delayed or the support has not been available due to vacation. That should be a challenge. Ten out of ten would not even be given to AWS.

SentinelOne stands out and is the best product among those, especially in India. There was a recent strike incident with Microsoft, and SentinelOne's approach is much better and much more effective.

It is easy to deploy. The deployment model depends on the type of organization. If it is government, then it has to be on-premises. If it is more like an enterprise and BFSI, that can be over the cloud. In India, it has to be done with the intent. It can be into the SentinelOne cloud with an instance in India, or whether it has to be AWS or Azure, they are acceptable in any format.

There is a chance to buy this product through AWS Marketplace, the CPPO. I did that previously.

It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the pricing.

I do sell SentinelOne Singularity Complete.

I am a Chief Security Officer for Technocentric.

I have been selling this product for the last three and a half years.

I have been involved in this domain for twenty-five years.

I would give SentinelOne Singularity Complete a rating of nine out of ten.

I have worked with Singularity Platform, and I'm well-versed with Cloud Security, but I have not worked with the AI CM. Singularity Platform comprises three things: Identity Security, Endpoint Security, and Cloud Security. The platform has multiple products including Singularity Identity, Singularity Complete, and the AI-powered Singularity XDR. I have experience with Singularity Identity, Singularity Endpoint, and Singularity Complete products, and we will continue to work because we have more opportunities on this.

Purple AI provides features and functionalities that have been asked for by customers, and we have given those functionalities to them using Singularity Platform.

When we manage Identity Security and Endpoint Security, it's from a single console. We get data and visibility on everything happening in our environment and how it is related. We can integrate many other solutions such as Fortinet firewalls and Palo Alto firewalls. Singularity Platform provides a marketplace with many kinds of integrations with mail security solutions and firewall solutions that are very helpful for customers from the XDR point of view. We haven't used the SIM as of now, and we have not given the AI SIM to customers, but we have evaluated the product. To my knowledge, I think it's good, but when it comes to use cases, we will be able to tell how it exactly addresses the client's requirements, how it gives alerts, and how it stores data on correlation time. We need to implement it in the client's environment in order to get proper feedback.

These were the features and functionalities which have been asked for by customers, and we have provided those functionalities to them using Singularity Platform.

For the past three years, after Corona, we have started using Singularity Platform.

During the time of attacks, if there is any data loss, we were able to easily roll back those attacks and retrieve that data for the client with a single click. That's how Singularity Platform works for endpoint security. When it comes to Identity Detection and Response, it also gives much more visibility on what identities are weak. It scans all usernames and passwords in the Active Directory or Azure Directory. If you have Azure Directory, integrating with the Identity Security or Posture Management solution allows us to find out what users are in a vulnerable state and all the users to which they might have received five to ten attempts. If those kinds of attempts are received, that particular user account will be locked. We were able to write these kinds of rules from Singularity Identity itself. When it comes to threat intelligence, Singularity Platform holds its own threat intelligence data lake, and they have introduced Purple AI, which is very useful for us when dealing with attacks.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

Singularity Platform has an easy-to-use console. When it comes to customization, it has some options, but I wouldn't say it is very customizable. If you are asking if this is fully customizable, I would say it is partially customizable, not fully customizable. In some places, I can understand from a security background that they have kept those features considering security. However, it lacks customization and could enable much more than that.

Even though Singularity Platform has multiple integrations with multiple solutions, it still needs more because competitive vendors such as CrowdStrike and Trend Micro provide more integrations than SentinelOne.

The first thing I would say about the negative side of Singularity Platform is that it lacks some customization and integrations compared to competitors. We can integrate Fortinet and Palo Alto, which are big players, but there are many other small companies. Even Zoho is a significant player in our market, but there are no integrations for Zoho.

For the past three years, after Corona, we have started using Singularity Platform.

In SentinelOne, we have not received reports regarding outages. Until now, we have not experienced any issues regarding stability. The product is pretty stable, and even if the agent is offline, it will handle the threats. This is pretty solid and stable.

Singularity Platform has flexible licenses, and it is also easily scalable.

The technical support from SentinelOne is very good.

One of our customers had an attack and they were using CrowdStrike. We proposed the SentinelOne alternative solution, and we were able to manage to get some details about the attack and present it to the customer.

This is a straightforward approach. Singularity Platform provides pretty much everything that is easy to configure, even by a fresher. If a fresher has basic experience in configuring endpoint security, they would be able to handle SentinelOne. The console and the configuration part are that easy, but for an endpoint security specialist, an understanding of how threat vectors evolve and how they are attacked is necessary. The console view and everything, even writing queries in the XDR, are pretty simple.

Singularity Platform is hybrid and has both on-prem deployment as well as SaaS deployment. However, when it comes to the implementation or deployment part, they recommend cloud. We have done only cloud because even from the SentinelOne team, they tell us that they do not recommend on-prem. I will say that the cloud version is better since we haven't done any on-prem deployments, and I don't believe they recommend that for customers.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

It's average. It's not cheap, but not expensive—average cost and quite affordable.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

My remarks are purely based on feedback from my clients.

The key unique selling points for SentinelOne are its patented rollback option and offline protection. Even when an agent is offline, we are still able to protect it. There are some protection events happening even when the agent is offline, which is not available with most vendors that expect the agents to be online. That's a good thing about SentinelOne. Additionally, we have not received any complaints regarding performance issues. I rate this solution an 8 out of 10.