We use it mainly for EDR, alert handling, and development. It's a detection and response tool. It is mainly for protecting endpoints and having response capabilities. We use it as the one endpoint solution for all departments and all operating systems.

We get a lot of data from SentinelOne about threats, and obviously that helps protect the organization.

It helps reduce alerts because it can correlate the data. It doesn't just depend on hashes. It can see the behaviors, and that helps a lot to reduce alerts. Compared to our previous tool, it is detecting 20 to 30 percent fewer false alerts.

In addition, because it has real-time detection, it helps decrease our MTTR. Within seconds, we'll get the data. And for mean time to respond, we need to collect the data, and most of it is available. So it takes us five to 10 minutes to respond after detection.

For our organization, security is very important. If a solution is protecting us, it is like saving money. With SentinelOne's features and the fact that it is in the cloud, that makes it cheaper. As an EDR tool—the best one—it helps to reduce risk; in our organization by 30 to 40 percent.

They provide a map, a process tree, and that is pretty good for analysis.

Also, it can be integrated with third-party threat intelligence tools. From that perspective, it's good. And we can ingest SentinelOne data into Splunk and correlate and provide analysis on that.

It gets data from all the endpoints, and we'll have that in a centralized place, and we can track those cases to detect the threats. It helps protect the organization in that way.

And Ranger provides network and asset visibility. We have network-level data visibility, as well as endpoint data and application layer data. It has a good feature to collect all the domains that are initiated. That helps us see if there are any malicious connections on the machines. And it's simple because Ranger requires no new agents, hardware, or network changes.

They could add more visibility on the network side. That is currently done via a plugin.

Also, it would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations.

I have been working with SentinelOne Singularity Complete for about one and a half years.

It is a stable solution and it is growing.

It can be extended in the cloud, so the scalability is a 9 out of ten.

The tech support is really good. We get responses on time, as defined in the SLAs.

The SentinelOne team helps with the implementation, and as it is a cloud SaaS application, we didn't have to do much. They have pretty well-defined documentation, and it is straightforward. And similarly, the maintenance is taken care of by the vendor.

We are seeing ROI because we are securing and protecting the company and, obviously, protecting its money as well. As an EDR, it's doing a good job of protecting the endpoints.

It is comparatively cheap in the market and provides a good price point.

In terms of maturity, SentinelOne is a good tool.

It can be used in any department in an environment with Windows, Linux, and Mac machines.

Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.

The use case varies based on the customers' requirements and specific needs.

The solution's Ranger functionality offers network visibility and a defined set of capabilities, particularly in terms of discovering and understanding network structures.

The fact that Ranger doesn't necessitate new agents, hardware, or network modifications is a crucial aspect for us. It stands out as one of the primary selling points, especially considering the intermittent nature of changes like those affecting CPO.

With the increasing prevalence of remote processes and a shift towards cloud architectures like SASE or SSE, moving towards a single vendor for security purposes could simplify the overall process. It aided in minimizing alerts, primarily due to the behavioral analytics component, which reduces a significant amount of noise.

It contributed to time savings for our team, particularly for the projects and tasks I predominantly handled on my own.

The solution contributed to a decrease in our organization's time to detect incidents and respond to incidents. It aided the organization in cost savings and it contributed to a reduction in our organizational risk.

One of the most valuable features resides on the endpoint, with the rollback functionality standing out as particularly noteworthy. It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness.

The capability to ingest and correlate data across our security solutions stands out as one of the strongest features. It excels in connecting incidents to create a coherent storyline.

Improvement seems necessary, especially with the focus on enhanced support. This is particularly crucial in the analytics domain, where the existing agent falls short in comprehensive performance. Additionally, there's room for enhancement in the mobile element. Although it's in their pipeline, the current state is not optimal, especially when considering the need to install it on people's phones.

I have been using it for a year.

The stability is straightforward and solid. It's notably uncomplicated and easily manageable.

The scalability is excellent, with a high degree of flexibility and ease.

Mostly, we handled the support aspect for our clients. However, among the vendors, it's notable for being quite strong in terms of support. I would rate it eight out of ten.

The initial setup was straightforward.

When it comes to deploying the agent across machines within the environment, it's a relatively straightforward process, akin to pushing it through the system's processor. The implementation strategy is contingent on the specific cluster, taking into account factors like the proof of concept and the desired objectives. In our case, we managed the implementation independently, involving only a few people. The deployment model is highly variable and depends on the customer's preferences. They typically communicate their preferences to us, and we adapt accordingly. Some opt for in-house hosting, while others prefer a cloud-based approach. It doesn't require maintenance.

The pricing is on the higher end, making it less suitable for small or medium-sized businesses and perhaps not the ideal fit for the public sector where budget constraints may be more pronounced. I would recommend it more as an enterprise-level product.

SentinelOne Singularity Complete was selected from a range of different providers, evaluated against other companies, and then analyzed to be the chosen product for our managed service. The capacity for innovation, ease of deployment, and streamlined management set it apart from other solutions. Additionally, its leading capability to correlate incidents into a cohesive storyline is a noteworthy aspect.

As a partner, I find them to be highly effective, especially since they are increasingly focusing on the enterprise market. Overall, I would rate it nine out of ten.

We use the solution for endpoint threat detection.

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI.

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening.

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end.

I have been using the product for a year.

I have not used support yet, which is a good thing.

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation.

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario.

The product has reduced our organizational risk. Any tool designed around security mitigates risk.

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people.

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI.

I rate it an eight out of ten.

I use the solution for EDR. We're in the process of deploying so log collection will be a use case later on.

We are certain it will improve our organization later on because today our cloud has limited AD and zero EDR. SentinelOne is replacing our current legacy and we're also getting the EDR functionality.

The tool's most valuable feature is EDR.

I have been using the product for two months.

I rate Singularity Cloud Workload Security's stability a four out of ten.

I rate the solution's scalability a four out of five.

We chose Singularity Cloud Workload Security because our team wanted a cloud-native solution instead of a legacy.

The tool's deployment is not complex. Our team got complex information, which made it complex.

SentinelOne's team helped us with the deployment. We had an awesome experience working with them. There were some miscommunications also.

The product is reasonably priced.

I rate Singularity Cloud Workload Security an eight out of ten.

We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.

I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.

I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.

Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.

Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.

SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.

I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.

The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.

Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.

I have been using this solution for between two and three years.

Its stability is excellent.

Its scalability is excellent.

I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others.

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start.

There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.

We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.

Overall, I would rate Singularity Complete a nine out of ten.

SentinelOne Singularity Complete has improved our security stack. You don't have to worry about monitoring 24/7.

The tool's most valuable feature is Vigilance Respond Pro monitoring. You don't have to have a dedicated SOC and worry about staffing.

I don't like switching the way you switch from legacy to XDR.

I have been using SentinelOne Singularity Complete since March 2023.

SentinelOne Singularity Complete is stable.

The product is scalable.

A reseller consultant helped us with the tool's implementation. Our experience was good.

SentinelOne Singularity Complete has freed up my staff's time and helped them focus on other tasks.

The product's interoperability with other SentinelOne solutions and third-party tools is good.

The solution has reduced our organizational risk. We have faster responses to incidents.

SentinelOne Singularity Complete is a mature and solid product. I like the standard EDR capabilities.

I rate it a nine out of ten.

We deploy SentinelOne Singularity Complete as an EDR on our customers' endpoints for real-time monitoring and incident response.

SentinelOne Singularity Complete has reduced our alerts by up to 15 percent.

SentinelOne Singularity Complete has enabled our staff to redirect their time toward other projects and responsibilities. We do not have a dedicated SOC team, but we utilize SentinelOne to manage security incidents. The incident volume is manageable for our team to handle, and we do not require full-time staff solely dedicated to security tasks. Instead, we rotate incident management and response responsibilities among our team members.

SentinelOne Singularity Complete has reduced our MTTD and MTTR. The initial and immediate response required to collect foreign evidence or logs is handled by SentinelOne. This provides us with the locations or parts where the infection spread and where the incident originated, which helps us in troubleshooting or at least getting a vague idea of where to start. We can then dive into the threat setting to see what kind of information we can gather from the logs. So, I would say that SentinelOne has assisted us in this way. Additionally, we have Proofpoint in our environment because we use it as a backup defense.

The real-time alerts, deep visibility, and threat-hunting modules are the most valuable features.

I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition. We are currently evaluating its capabilities to determine its suitability for our needs.

Given that SentinelOne is primarily a host-based intrusion prevention system, I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities. Currently, the scope of the vulnerability assessment seems limited, and I don't believe it adequately covers the full spectrum of vulnerabilities that may exist on endpoints. This is a capability that I feel SentinelOne is still lacking, and it's the reason why users still need to rely on other tools for certain isolated cases. If SentinelOne could provide this functionality, it would eliminate the need to look beyond their solution for vulnerability assessment. Apart from the vApp component of Singularity Complete, I believe SentinelOne is already excelling in other areas. However, this is one area where I believe they could introduce additional features to make SentinelOne a truly comprehensive security solution.

I would like to generate a vulnerability assessment report that leverages the national vulnerability database or, if possible, calculates the CDSS score by conducting an endpoint assessment using the SentinelOne agent that is already deployed and resides on endpoints 24/7. I prefer not to deploy additional applications solely for information gathering, as the SentinelOne agent provides ample data for this purpose.

I have been using SentinelOne Singularity Complete for three years.

I would rate the stability of SentinelOne Singularity Complete nine out of ten.

I would rate the scalability of SentinelOne Singularity Complete nine out of ten. I have not encountered any issues when deploying for our clients.

The technical support is generally good, but there are instances when they need to consult with the development team before providing a resolution, which is understandable. However, there have been occasional issues with the IVR system not functioning properly.

I have experience using Cisco Nexus and the Nmap Scripting Engine to identify vulnerabilities and strengthen security postures. I have also used Wazuh, primarily for its comprehensive PCIBSS SOC and GDPR compliance reports, which provide detailed vulnerability listings and mitigation strategies. I believe this focus on compliance is crucial as cybersecurity standards become increasingly mandatory for businesses.

We discontinued using Wazuh because we were unwilling to pay $25,000 annually for a product that provided only CIS benchmark support, a basic vulnerability report, and essentially replicated capabilities we already possessed. I believe a Nexus subscription would be a more cost-effective alternative, costing only a quarter of Wazuh's price while still fulfilling our vApp exercise logging requirements. I am capable of conducting vulnerability assessments, applying patches, re-scanning for vulnerabilities, and proceeding to penetration testing. Our primary goal is to provide vApp capabilities to our clients, and that is where we are seeking a solution. If SentinelOne offered this functionality, we would not need to explore alternative options. However, since SentinelOne lacks this crucial capability, we must seek solutions elsewhere.

The deployment is straightforward. We have scripts to do the automatic installation while onboarding. The deployment takes no more than ten minutes.

I would rate SentinelOne Singularity Complete eight out of ten. I've been using the solution for three years now. It's been generally reliable, but certain capabilities are needed in today's environment that are lacking.

Our clients primarily utilize Office365, we also assess Microsoft Defender for 365 to ascertain if it might be a more viable option, especially if clients intend to enroll with Intune and MDM. This option would be more cost-effective as it is already included within their existing licenses.

Most of our clients are small to medium-sized businesses. This is why the logs and the number of endpoints are not very high. So, unless we specifically require the use of Ranger, we don't need it. However, cybersecurity compliance standards are becoming increasingly stringent. As a result, we are looking into obtaining a solution that can help us perform at least the vulnerability assessment and patching tasks, along with complaint handling.

SentinelOne is an innovative cybersecurity solution. In terms of reputation, SentinelOne excels, particularly in passing third-party and independent audits. Having SentinelOne in our environment gives us the confidence to say that our EDR capabilities are well-managed. So, in that regard, SentinelOne is outstanding. Feature-wise, while SentinelOne's patch and new feature releases aren't always perfect, I would rate them an eight out of ten.

SentinelOne is a well-established product in the market. The addition of new features and modules to the existing platform is a significant step forward. The positive reviews of the product further reinforce its value.

The maintenance revolves around moving to the next stable version. Our standard practice is to always test the version before rolling it out. Therefore, internally, we generally update all the endpoints as soon as we have identified the next stable version. This is the only maintenance that is required, as we are using the cloud version.

SentinelOne is a reliable tool that we rely on. However, when it comes to strategic solutions, we need a tool that can provide us with the capabilities to have a broader discussion with the company's management. I'm not sure if SentinelOne can export reports that could be presented to upper management. If we are seeking management approval for a security budget, we can't simply base our conversation on an EDR solution. We need to address a wider range of security concerns as well. Another drawback of SentinelOne is its lack of support for SysLog from network devices. This is a limitation that often leads people to consider integrating SentinelOne with other solutions, such as a SIEM. My feedback is that if I have to deploy SentinelOne and pay $70,000, I would expect it to provide comprehensive capabilities so that I don't need to look for additional solutions. Otherwise, it becomes tough for technicians and the company as a whole to manage multiple solutions for different security modules.

I am part of the security team, and our strategy is to have this EDR deployed on all of the company's assets, all of our endpoints. We wanted a powerful platform in terms of detection and response to incidents.

It gives us a first layer of security. In addition, we have hired the SentinelOne Vigilance Respond team, a 24/7 SOC that monitors and mitigates. And, in case we need to escalate an alert on any of our assets, it allows us to do a bit of threat intelligence analysis and debug any asset on any topic.

It has helped reduce alerts thanks to the Vigilance service over the last two years. This includes all types of incidents, whether critical, medium, or low priority. Most of the alerts are managed by them, and we do not see them. We only see those that require some information that only our company has, but very few reach that level since Vigilance is directly in charge of managing them. If we had to manage the alerts that Vigilance manages, between 30 and 50 percent of my workday would go to reviewing alerts.

Overall, it has reduced our mean time to detect by about 70 percent, as that is the percentage in which it acts as an autonomous tool. And our mean time to respond has been reduced by 80 to 90 percent because we have SentinelOne's DFIR, Digital Forensics and Incident Response, team involved.

By providing that first layer of detection and response, SentinelOne allows us to have eyes on all our endpoints and, from there, to manage if a machine or a server has been compromised. We can directly isolate it from the network so that malware or ransomware cannot spread broadly.

It has helped us consolidate security solutions, although we did have some problems. The DFIR team responds quickly, and the Vigilance Respond team is continually working with us, managing the alerts. We do quarterly evaluations, and the support team always responds well, plus we interact with the tool ourselves.

The security team has gained a presence and control over the company's equipment that we did not have before.

Every device that does not have SentinelOne installed is a risk, and without SentinelOne, the difference would be significant. It has helped reduce our organizational risk by 70 percent.

SentinelOne has three services that are very well consolidated:

1. Technical support, through which they help you, suggest new configurations, and resolve questions.
2. The Vigilance Respond service, which is a 24/7 SOC that works on and manages all the alerts that are raised in SentinelOne on our devices. It’s a first layer of defense that filters a lot of the requests. Sometimes we end up escalating something because there are times when we need to understand if the alert is a false positive or not.
3. DFIR, Digital Forensics and Incident Response. This team is in charge of doing all the forensic analysis of an incident, and we have a certain number of hours contracted with them. Their advisors' technical level is very high and enables you to create a high-quality forensic report, in case you have to escalate or report it to senior staff. The DFIR team is excellent.

Another aspect that is very good is the solution’s ingestion and correlation across security solutions. We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer. If you do not have visibility over that computer and the ability to manage it, you cannot block it, restart it, or run a full scan to see if the user has clicked on a link or if any type of malware has been downloaded. This is a layer of visibility and basic management that any company needs.

Also, there is the threat intelligence and activity correlation. They not only detect and respond to incidents but also prevent them.

We started using SentinelOne Ranger, but we found two problems. Perhaps they are particularities, but they should be addressed as they may change the minds of other companies that are considering this feature.

The first problem is that, while it scans all the assets that are on the network, when it comes to discerning whether an asset is a server or a laptop, it tends to fail. It does not have a very high level of precision. We have experienced problems when reporting these types of assets to those responsible for installing the agent, and then they tell us, "Hey, this is not a server, this is a fax," or "this is a printer." When things like that happen, we lose credibility.

The other issue that we saw with the functionality of Ranger is that if, for whatever reason, you have a product with SentinelOne installed but it is on a client's network, the SentinelOne agent starts scanning the ports and the network and goes to a honeypot. As a result, the client may think that it is being attacked because someone has reached its honeypot, when it’s actually us on the client's network. When you don't know that this is happening, it can generate conflict and tension with the clients. Once you know about the problem, you can deactivate that process, but sometimes it can have a negative impact.

Ranger does provide me with visibility of the network, but not completely because the assets it scans are often mistakenly identified regarding what type of device they are. A SentinelOne agent is worth a lot of money, and there is no point in putting it onto a printer, for example. It should have the ability to go a little further and be more precise.

Another very clear area for improvement, one that I don't understand why they haven't deployed it yet, is a self-updating SentinelOne agent. The agent has a version, and what SentinelOne proposed up until one year ago is that you had to be proactive in consulting the dashboard to see if your agent had reached end-of-life and then update it. Now, they've released a new feature where I believe you can schedule updates, so it makes perfect sense for the agent to update itself without any action on our part, and never go out of version. By simply connecting to the network it should be able to download and update.

This idea is not critical because SentinelOne updates many versions of the agent and, when one becomes obsolete, it does not mean that it no longer works. But this is something that SentinelOne should know how to work with. A solution could be that if you do not have the ability to auto-update the agent, SentinelOne would directly tell you which agents are not updated. That way, we would not have to go to the documentation, look at the dashboard, and filter the agents by version. It would be great if it were able to tell if the operating systems are unsupported so that we wouldn't have to look in the official documentation at whether the Windows Server is outdated or not.

If the agents self-updated, maintenance due to the update process would be minimal.

I have been using SentinelOne Singularity Complete for about two years.

SentinelOne is very stable. It has never dropped or caused any problems

We do not have it in any cloud. The agent is located on devices; we manage almost 10,000 computers. Our company has a presence in nine European countries, and SentinelOne is used in all of them. Our department is the group that supervises all regions, including Spain, France, the Nordic countries, Poland, Romania, the Czech Republic, Austria, and Switzerland.

We are continually deploying new agents because we detect more and more devices. SentinelOne will stay in our company until it dies, so to speak. With what it has cost us to get here, we will not change now.

Support responds in less than a day.

SentinelOne is a top partner in the industry.

Defender for Endpoint is more expensive than SentinelOne. Other solutions are more expensive and others are cheaper, but in terms of cost-benefit ratio, we’ll always stick with SentinelOne.

The detection and visibility over all assets, whether by the agent or Ranger, and the ability to take action as a result are worth it. It is all very intuitive, and for me, these elements are our return on investment.

All the portals, at the end of the day, are "first cousins", such as CrowdStrike and Palo Alto, although that's not exactly an EDR. We went to a global cybersecurity congress in London, and all the solutions were there: SentinelOne and its competition. At the portal, user, and other levels, they are practically the same. Each will have something that is better and something that is worse, but they are quite similar.

You have to do a cost-benefit analysis. Understand the context of your company. It is not the same for a bank or an insurance company compared to a company in the industrial sector that does not manage sensitive data. Understand your particular needs. After a cost analysis, if there is enough budget, choose SentinelOne.

The most important lesson I have learned using SentinelOne is to always listen to what the Vigilance Respond team says.

We are still chasing the benefits of the solution. The model is already deployed, but we are a very large company, and every day we find new devices that do not have SentinelOne. We are still in that phase of continual improvement, of improving the solution and achieving even more benefits. We are getting to the most isolated cases of, for example, servers that have little RAM, and we are debating if we should apply SentinelOne to them because, perhaps, the server will be affected more so.

We are dealing with these small cases and continuously improving. You don't get all the benefits in two months; it is an ongoing process.

I would recommend SentinelOne, and if, in the end, it is a question of budget, choose it. If I became a CSO tomorrow, that is what I would do.

We have deployed SentinelOne Singularity Complete on all of our internal employee workstations. It is our endpoint solution for extended detection and response and all of the components within that scope.

We implemented SentinelOne Singularity Complete to help us address our cybersecurity challenges, mitigate threats to our machines and organization, and protect our data.

SentinelOne Singularity Complete integrates well with other third-party solutions, such as Palo Alto Networks, which we use for VPNs, and Zscaler, which we use for content filtering. The fact that it is not an invasive program is great. Therefore, staying in alignment with what SentinelOne is currently doing with the platform is something I would definitely recommend. Something to avoid when choosing an endpoint protection solution is resource consumption. People develop a bad reputation for a product when they detect it impeding their workflow. So, as long as SentinelOne can avoid this, they are on the right track.

It ingests and correlates data across all of our security solutions. It is a modern solution that I am extremely satisfied with.

SentinelOne Singularity Complete has helped us consolidate our security solutions. It is an extended detection and response solution that provides us with detection and response capabilities, as well as heuristic-based protection. It is a very modern endpoint protection solution. I think it is very competitive with other software such as Trend Micro.

SentinelOne Singularity Complete is a modern endpoint protection solution that addresses the cybersecurity needs of the organization realistically and from a compliance perspective. Since I joined the team a year ago, I have seen the benefits.

SentinelOne Singularity Complete reduces the number of alerts because it is an easy-to-manage solution without thousands of data sources. When we do receive alerts, Singularity Complete provides concise and actionable information.

SentinelOne Singularity Complete is a manageable solution that scales and does not require a dedicated person to handle it.

I am satisfied with SentinelOne Singularity Completes MTTD.

SentinelOne Singularity Complete helps reduce the MTTR because it provides actionable steps when something is detected. It also helped us reduce our organizational risk. It uses modern techniques to identify threat actors and helps us maintain compliance. As a large international company involved in governance, it is important to us that Singularity Complete reduces our organizational risk.

SentinelOne Singularity Complete does not consume many resources compared to the competition, like McAfee. The external drive scanning is great.

I am not a fan of the UI and feel it has room for improvement.

Heuristic analysis can always be improved. Many companies need to work on this. So, I think the sooner SentinelOne, for example, can get ahead of the curve on that, the sooner we can count on it as a realistic enterprise solution.

I have been using SentinelOne Singularity Complete for over one year.

SentinelOne Singularity Complete is one of the most stable solutions we have in our stack.

SentinelOne Singularity Complete is scalable.

The few times I have used the technical support it has been a good experience.

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.