We are a service provider with a huge customer base. Singularity Complete is a tool we use to protect our clients from ransomware and other external threats. SentinelOne has been our strategic partner for a long time, and we are one of their platinum partners in Central Europe. It covers all endpoints like laptops, desktops, and servers. It's used everywhere.

We manage multiple clients with Singularity Complete, and the clients are happy with the protection it offers against external threats or ransomware attacks. It's an excellent tool for detecting those and preventing much greater damage.

Once you deploy the tool and spend a few weeks fine-tuning it, Singularity helps reduce the number of alerts. It decreases your alerts by around 25 percent. Singularity frees up staff for other projects and tasks.

Singularity has reduced our mean time to detect and respond. At most, detection takes up to 30 minutes. The response time depends on your configuration. Quarantine is happening in real-time.

I like Singularity's rollback features, threat-hunting, and Ranger Insights. The Ranger feature scans the network and provides visibility into all the unsecured assets. It doesn't require any agents or network changes. It just gives us information about the unsecured assets that aren't managed by the IT departments of any company. It detects the vulnerabilities but doesn't prevent them.

Singularity's reporting isn't that great. The dashboards could be more customizable. It could be better integrated with other tools. SIEM tools provide better feeds. Singularity is a separate product altogether. It does not give enough information to integrate with different solutions to correlate better.

I have used Singularity for three years.

I rate Singularity Complete eight out of 10 for stability.

I rate Singularity Complete nine out of 10.

I rate SentinelOne support four out of 10. Their response is usually slow, even for priority one issues. They don't get on a call and fix the issue. They keep asking questions, so it gets frustrating sometimes.

Deploying Singularity was straightforward. The only issue is with the interoperability with other tools running in the customer's environment. We faced some challenges, but those were the initial teething issues. The solution requires some maintenance. You need to continuously update the agents and apply patches. We need multiple people to maintain the solution because we are a service provider with a huge customer base, but if you are deploying it for one client, one engineer is enough.

If an organization does not use this tool and gets attacked by ransomware or a threat, and it will incur costs in terms of a ransom or business loss. Singularity reduces organizational risk by about 30 to 35 percent.

Singularity is reasonable, but a few clients say it's expensive because they're comparing it with traditional antivirus. The pricing could be much cheaper for the Asia-Pacific region because it's a price-sensitive market.

I rate SentinelOne Singularity Complete eight out of 10. Singularity Complete is a high-quality tool. The detections are good. We don't see many false positives. It's a good tool. It's still maturing but good.

I use the solution for endpoint protection, including features like EDR, antivirus, and advanced threat prevention.

Singularity Complete has significantly reduced response time for our clients. With its multifunctional capabilities, it streamlines processes, allowing quicker and more efficient responses to various issues.

The most valuable feature of Singularity Complete is the Ranger function.

Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions.

I have been working with SentinelOne Singularity Complete for a year.

I would rate the stability of the solution as a nine out of ten.

I would rate the technical support of SentinelOne as an eight out of ten.

The initial deployment of the solution was straightforward. SentinelOne is typically used across multiple locations and departments for our clients. Fortunately, it demands very little continuous maintenance.

The solution is reasonably priced.

Before choosing SentinelOne, we evaluated other solutions, including SmartOps. SentinelOne stood out with its advanced AI engine, especially evident in recent micro-attack evaluations.

Singularity Complete offers strong integration capabilities with over 100 APIs and excellent integration with other SentinelOne solutions.

Asset visibility with Singularity Complete is crucial for my clients as it enables a clear understanding of their network and assets. It is important because without knowing what is in their environment, it is challenging to secure it effectively.

It is crucial for me that Ranger requires no new hardware or network changes. This is very important as it simplifies deployments and enhances scalability for us.

Ranger assists in preventing vulnerable devices from being compromised. It can isolate devices on the network in response to a threat, automatically detecting and responding to issues such as a virus, ensuring swift action and containment.

Singularity has successfully reduced alerts by 80%, significantly improving the efficiency of the alert management process.

Singularity has freed up people's time, reducing their workload by approximately 45%, and enabling them to focus on other projects and tasks more efficiently.

Singularity has proven to be cost-effective for our clients, with an estimated cost reduction of around 30%.

SentinelOne Singularity Complete is high quality and built for enterprise-level security.

I'm very pleased with SentinelOne as a strategic security partner. Overall, I would rate SentinelOne Singularity Complete as a nine out of ten.

My advice to new users is to adopt SentinelOne's Singularity Complete platform, and if feasible, opt for the visual response option for enhanced security measures.

We use it mainly for EDR, alert handling, and development. It's a detection and response tool. It is mainly for protecting endpoints and having response capabilities. We use it as the one endpoint solution for all departments and all operating systems.

We get a lot of data from SentinelOne about threats, and obviously that helps protect the organization.

It helps reduce alerts because it can correlate the data. It doesn't just depend on hashes. It can see the behaviors, and that helps a lot to reduce alerts. Compared to our previous tool, it is detecting 20 to 30 percent fewer false alerts.

In addition, because it has real-time detection, it helps decrease our MTTR. Within seconds, we'll get the data. And for mean time to respond, we need to collect the data, and most of it is available. So it takes us five to 10 minutes to respond after detection.

For our organization, security is very important. If a solution is protecting us, it is like saving money. With SentinelOne's features and the fact that it is in the cloud, that makes it cheaper. As an EDR tool—the best one—it helps to reduce risk; in our organization by 30 to 40 percent.

They provide a map, a process tree, and that is pretty good for analysis.

Also, it can be integrated with third-party threat intelligence tools. From that perspective, it's good. And we can ingest SentinelOne data into Splunk and correlate and provide analysis on that.

It gets data from all the endpoints, and we'll have that in a centralized place, and we can track those cases to detect the threats. It helps protect the organization in that way.

And Ranger provides network and asset visibility. We have network-level data visibility, as well as endpoint data and application layer data. It has a good feature to collect all the domains that are initiated. That helps us see if there are any malicious connections on the machines. And it's simple because Ranger requires no new agents, hardware, or network changes.

They could add more visibility on the network side. That is currently done via a plugin.

Also, it would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations.

I have been working with SentinelOne Singularity Complete for about one and a half years.

It is a stable solution and it is growing.

It can be extended in the cloud, so the scalability is a 9 out of ten.

The tech support is really good. We get responses on time, as defined in the SLAs.

The SentinelOne team helps with the implementation, and as it is a cloud SaaS application, we didn't have to do much. They have pretty well-defined documentation, and it is straightforward. And similarly, the maintenance is taken care of by the vendor.

We are seeing ROI because we are securing and protecting the company and, obviously, protecting its money as well. As an EDR, it's doing a good job of protecting the endpoints.

It is comparatively cheap in the market and provides a good price point.

In terms of maturity, SentinelOne is a good tool.

It can be used in any department in an environment with Windows, Linux, and Mac machines.

Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.

The use case varies based on the customers' requirements and specific needs.

The solution's Ranger functionality offers network visibility and a defined set of capabilities, particularly in terms of discovering and understanding network structures.

The fact that Ranger doesn't necessitate new agents, hardware, or network modifications is a crucial aspect for us. It stands out as one of the primary selling points, especially considering the intermittent nature of changes like those affecting CPO.

With the increasing prevalence of remote processes and a shift towards cloud architectures like SASE or SSE, moving towards a single vendor for security purposes could simplify the overall process. It aided in minimizing alerts, primarily due to the behavioral analytics component, which reduces a significant amount of noise.

It contributed to time savings for our team, particularly for the projects and tasks I predominantly handled on my own.

The solution contributed to a decrease in our organization's time to detect incidents and respond to incidents. It aided the organization in cost savings and it contributed to a reduction in our organizational risk.

One of the most valuable features resides on the endpoint, with the rollback functionality standing out as particularly noteworthy. It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness.

The capability to ingest and correlate data across our security solutions stands out as one of the strongest features. It excels in connecting incidents to create a coherent storyline.

Improvement seems necessary, especially with the focus on enhanced support. This is particularly crucial in the analytics domain, where the existing agent falls short in comprehensive performance. Additionally, there's room for enhancement in the mobile element. Although it's in their pipeline, the current state is not optimal, especially when considering the need to install it on people's phones.

I have been using it for a year.

The stability is straightforward and solid. It's notably uncomplicated and easily manageable.

The scalability is excellent, with a high degree of flexibility and ease.

Mostly, we handled the support aspect for our clients. However, among the vendors, it's notable for being quite strong in terms of support. I would rate it eight out of ten.

The initial setup was straightforward.

When it comes to deploying the agent across machines within the environment, it's a relatively straightforward process, akin to pushing it through the system's processor. The implementation strategy is contingent on the specific cluster, taking into account factors like the proof of concept and the desired objectives. In our case, we managed the implementation independently, involving only a few people. The deployment model is highly variable and depends on the customer's preferences. They typically communicate their preferences to us, and we adapt accordingly. Some opt for in-house hosting, while others prefer a cloud-based approach. It doesn't require maintenance.

The pricing is on the higher end, making it less suitable for small or medium-sized businesses and perhaps not the ideal fit for the public sector where budget constraints may be more pronounced. I would recommend it more as an enterprise-level product.

SentinelOne Singularity Complete was selected from a range of different providers, evaluated against other companies, and then analyzed to be the chosen product for our managed service. The capacity for innovation, ease of deployment, and streamlined management set it apart from other solutions. Additionally, its leading capability to correlate incidents into a cohesive storyline is a noteworthy aspect.

As a partner, I find them to be highly effective, especially since they are increasingly focusing on the enterprise market. Overall, I would rate it nine out of ten.

We use the solution for endpoint threat detection.

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI.

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening.

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end.

I have been using the product for a year.

I have not used support yet, which is a good thing.

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation.

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario.

The product has reduced our organizational risk. Any tool designed around security mitigates risk.

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people.

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI.

I rate it an eight out of ten.

I use the solution for EDR. We're in the process of deploying so log collection will be a use case later on.

We are certain it will improve our organization later on because today our cloud has limited AD and zero EDR. SentinelOne is replacing our current legacy and we're also getting the EDR functionality.

The tool's most valuable feature is EDR.

I have been using the product for two months.

I rate Singularity Cloud Workload Security's stability a four out of ten.

I rate the solution's scalability a four out of five.

We chose Singularity Cloud Workload Security because our team wanted a cloud-native solution instead of a legacy.

The tool's deployment is not complex. Our team got complex information, which made it complex.

SentinelOne's team helped us with the deployment. We had an awesome experience working with them. There were some miscommunications also.

The product is reasonably priced.

I rate Singularity Cloud Workload Security an eight out of ten.

We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.

I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.

I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.

Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.

Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.

SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.

I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.

The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.

Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.

I have been using this solution for between two and three years.

Its stability is excellent.

Its scalability is excellent.

I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others.

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start.

There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.

We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.

Overall, I would rate Singularity Complete a nine out of ten.

SentinelOne Singularity Complete has improved our security stack. You don't have to worry about monitoring 24/7.

The tool's most valuable feature is Vigilance Respond Pro monitoring. You don't have to have a dedicated SOC and worry about staffing.

I don't like switching the way you switch from legacy to XDR.

I have been using SentinelOne Singularity Complete since March 2023.

SentinelOne Singularity Complete is stable.

The product is scalable.

A reseller consultant helped us with the tool's implementation. Our experience was good.

SentinelOne Singularity Complete has freed up my staff's time and helped them focus on other tasks.

The product's interoperability with other SentinelOne solutions and third-party tools is good.

The solution has reduced our organizational risk. We have faster responses to incidents.

SentinelOne Singularity Complete is a mature and solid product. I like the standard EDR capabilities.

I rate it a nine out of ten.

We deploy SentinelOne Singularity Complete as an EDR on our customers' endpoints for real-time monitoring and incident response.

SentinelOne Singularity Complete has reduced our alerts by up to 15 percent.

SentinelOne Singularity Complete has enabled our staff to redirect their time toward other projects and responsibilities. We do not have a dedicated SOC team, but we utilize SentinelOne to manage security incidents. The incident volume is manageable for our team to handle, and we do not require full-time staff solely dedicated to security tasks. Instead, we rotate incident management and response responsibilities among our team members.

SentinelOne Singularity Complete has reduced our MTTD and MTTR. The initial and immediate response required to collect foreign evidence or logs is handled by SentinelOne. This provides us with the locations or parts where the infection spread and where the incident originated, which helps us in troubleshooting or at least getting a vague idea of where to start. We can then dive into the threat setting to see what kind of information we can gather from the logs. So, I would say that SentinelOne has assisted us in this way. Additionally, we have Proofpoint in our environment because we use it as a backup defense.

The real-time alerts, deep visibility, and threat-hunting modules are the most valuable features.

I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition. We are currently evaluating its capabilities to determine its suitability for our needs.

Given that SentinelOne is primarily a host-based intrusion prevention system, I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities. Currently, the scope of the vulnerability assessment seems limited, and I don't believe it adequately covers the full spectrum of vulnerabilities that may exist on endpoints. This is a capability that I feel SentinelOne is still lacking, and it's the reason why users still need to rely on other tools for certain isolated cases. If SentinelOne could provide this functionality, it would eliminate the need to look beyond their solution for vulnerability assessment. Apart from the vApp component of Singularity Complete, I believe SentinelOne is already excelling in other areas. However, this is one area where I believe they could introduce additional features to make SentinelOne a truly comprehensive security solution.

I would like to generate a vulnerability assessment report that leverages the national vulnerability database or, if possible, calculates the CDSS score by conducting an endpoint assessment using the SentinelOne agent that is already deployed and resides on endpoints 24/7. I prefer not to deploy additional applications solely for information gathering, as the SentinelOne agent provides ample data for this purpose.

I have been using SentinelOne Singularity Complete for three years.

I would rate the stability of SentinelOne Singularity Complete nine out of ten.

I would rate the scalability of SentinelOne Singularity Complete nine out of ten. I have not encountered any issues when deploying for our clients.

The technical support is generally good, but there are instances when they need to consult with the development team before providing a resolution, which is understandable. However, there have been occasional issues with the IVR system not functioning properly.

I have experience using Cisco Nexus and the Nmap Scripting Engine to identify vulnerabilities and strengthen security postures. I have also used Wazuh, primarily for its comprehensive PCIBSS SOC and GDPR compliance reports, which provide detailed vulnerability listings and mitigation strategies. I believe this focus on compliance is crucial as cybersecurity standards become increasingly mandatory for businesses.

We discontinued using Wazuh because we were unwilling to pay $25,000 annually for a product that provided only CIS benchmark support, a basic vulnerability report, and essentially replicated capabilities we already possessed. I believe a Nexus subscription would be a more cost-effective alternative, costing only a quarter of Wazuh's price while still fulfilling our vApp exercise logging requirements. I am capable of conducting vulnerability assessments, applying patches, re-scanning for vulnerabilities, and proceeding to penetration testing. Our primary goal is to provide vApp capabilities to our clients, and that is where we are seeking a solution. If SentinelOne offered this functionality, we would not need to explore alternative options. However, since SentinelOne lacks this crucial capability, we must seek solutions elsewhere.

The deployment is straightforward. We have scripts to do the automatic installation while onboarding. The deployment takes no more than ten minutes.

I would rate SentinelOne Singularity Complete eight out of ten. I've been using the solution for three years now. It's been generally reliable, but certain capabilities are needed in today's environment that are lacking.

Our clients primarily utilize Office365, we also assess Microsoft Defender for 365 to ascertain if it might be a more viable option, especially if clients intend to enroll with Intune and MDM. This option would be more cost-effective as it is already included within their existing licenses.

Most of our clients are small to medium-sized businesses. This is why the logs and the number of endpoints are not very high. So, unless we specifically require the use of Ranger, we don't need it. However, cybersecurity compliance standards are becoming increasingly stringent. As a result, we are looking into obtaining a solution that can help us perform at least the vulnerability assessment and patching tasks, along with complaint handling.

SentinelOne is an innovative cybersecurity solution. In terms of reputation, SentinelOne excels, particularly in passing third-party and independent audits. Having SentinelOne in our environment gives us the confidence to say that our EDR capabilities are well-managed. So, in that regard, SentinelOne is outstanding. Feature-wise, while SentinelOne's patch and new feature releases aren't always perfect, I would rate them an eight out of ten.

SentinelOne is a well-established product in the market. The addition of new features and modules to the existing platform is a significant step forward. The positive reviews of the product further reinforce its value.

The maintenance revolves around moving to the next stable version. Our standard practice is to always test the version before rolling it out. Therefore, internally, we generally update all the endpoints as soon as we have identified the next stable version. This is the only maintenance that is required, as we are using the cloud version.

SentinelOne is a reliable tool that we rely on. However, when it comes to strategic solutions, we need a tool that can provide us with the capabilities to have a broader discussion with the company's management. I'm not sure if SentinelOne can export reports that could be presented to upper management. If we are seeking management approval for a security budget, we can't simply base our conversation on an EDR solution. We need to address a wider range of security concerns as well. Another drawback of SentinelOne is its lack of support for SysLog from network devices. This is a limitation that often leads people to consider integrating SentinelOne with other solutions, such as a SIEM. My feedback is that if I have to deploy SentinelOne and pay $70,000, I would expect it to provide comprehensive capabilities so that I don't need to look for additional solutions. Otherwise, it becomes tough for technicians and the company as a whole to manage multiple solutions for different security modules.