I typically deploy it into typical business environments such as law offices, doctors' offices, and marketing companies. I have clients of all walks of life, including accountants, attorneys, doctors, and veterinarians. I work in a very simple environment and am not dealing with high security, such as CIA-level security. For example, I use it in a doctor's office where it does a good job staying HIPAA compliant.

The best aspects of SentinelOne Singularity Complete for these clients are its ability to detect malicious activity. While there are sometimes false positives, they are minimal, making it quite effective. It recently stopped a ransomware attack at one of my clients, proving its reliability. The clients do not see immediate efficiency gains or significant time savings.

I haven't done any integrations, as I'm just in the beginning stage of ramping up the product implementation and mastering the product. I don't qualify myself as a master in the use of SentinelOne Singularity Complete, so I cannot offer great insight on this.

I have dealt with SentinelOne Singularity Complete for less than a year.

The stability of SentinelOne Singularity Complete is demonstrated through its ability to detect malicious activity. While there are sometimes false positives, they are minimal. It recently stopped a ransomware attack at one of my clients, proving its reliability.

My clients are mostly small, and my largest client has about thirty computers. I do the deployment myself, and it's not a huge effort. It's not comparable to dealing with a company that has three thousand computers.

In the past, I used another product that malfunctioned and caused high processor activity which required stopping and reinstalling it. However, this hasn't happened with SentinelOne Singularity Complete. I used to have many false positives with other products that would block good programs, but I haven't experienced that with SentinelOne Singularity Complete, making it more quiet and efficient.

The initial setup was very simple; deployment is straightforward. Fine-tuning it is a bit more involved, but overall, it's a very simple product to get started with.

I was a part of the setup and deployment process.

The return on investment for my clients isn't visible until there is an incident or an attack that gets stopped. Then they realize the value of prevention. The challenge with security products is that ROI isn't apparent until an incident demonstrates the potential for loss. Clients often think they are immune, especially small ones, believing they're too small to be attacked. They don't realize that the cost of an attack could be a hundred thousand dollars, while they perceive the likelihood as very low.

The pricing for SentinelOne Singularity Complete is good. There are other products that are less expensive, but I tell my clients that in security, they cannot cut corners or look for the cheapest solution. If they want security, looking for the cheapest solution means they have the wrong approach, because good products are not cheap.

I don't have hands-on experience with CrowdStrike, Cisco, or Palo Alto products, but I know the companies. I do not have experience with AI features or AI analytics yet. I don't think there is real-time threat intelligence within SentinelOne Singularity Complete, and if there is, I'm not using it. I'm just getting to learn the product, so I cannot offer any deep insightful opinion. On a scale of one to ten, I would rate it a nine or a ten, as I'm very happy with it currently.

Our main use case is to protect all the Linux servers. We use it only for servers, not for users.

SentinelOne Singularity Complete is one of the most mature solutions available. It shows great benefits over time.

We can install filters to analyze every alert, and make some whitelists, blacklists, and exceptions, thus helping reduce alerts.

It can reduce the organization's risk. It gives better control to our limited team resources.

It already has AI capabilities, which is one of their advantages.

When you select a policy for a type of server, such as an Active Directory, we can apply a dedicated policy. We can have a dedicated policy for Exchange Server and a dedicated policy for MS SQL, Oracle server, etc.

The interface of SentinelOne Singularity Complete is user-friendly, and we can quickly find what we need.

The main issue with SentinelOne Singularity Complete was the process memory used for Linux servers, which generated a lot of tickets and incidents due to the high load of disk consumption and memory. The problem was on all systems, but especially on Linux servers. It might have already been fixed.

SentinelOne Singularity Complete is the best EDR in the market, but it will evolve, though I have concerns about using US partners in Europe due to the geopolitical context. It is better to work with European companies.

I have been using SentinelOne Singularity Complete for approximately four years.

For stability, I would rate it a nine, as I have experienced only the issue of overload.

The technical support from SentinelOne Singularity Complete is very active and good, with a strong knowledge base available online. The response time of technical support is satisfactory and acceptable.

I would rate their support a nine out of ten based on reactivity and the solutions they provide; this is based on my team's interactions, not mine.

Positive

For Windows servers, we are using Defender. SentinelOne Singularity Complete is only used for Linux servers. 

The initial setup was not really complex; we only needed one on-premise management server to deploy to different servers. It took about two months for about 300 servers.

I am the third party assisting in the deployment.

I don't know about the licensing model. It seems easy, but it's not my area of expertise. I don't have information on how it compares to its competitors, but the pricing is per device.

We conducted some PoCs between SentinelOne Singularity Complete, Defender, and Carbon Black, and we decided to go with SentinelOne Singularity Complete based on usability. 

It is unclear if it has helped reduce our organization's mean time to detect or respond because we have a platform with four people, and we are using SOC as well. Our main activities are done by four people, and we don't have much time to conduct thorough investigations.

I cannot assess SentinelOne Singularity Complete's ability to be innovative because we stayed with it after choosing it and never compared it with others.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten because nothing is perfect, but it is close.

Singularity Complete has helped reduce alerts. We have one place to go to check them, and there is also a reduction in false alerts.

Singularity Complete helped free up our staff for other projects and tasks. I do not have the metrics, but it saves a lot of time compared to what I have used at other companies.

Singularity Complete has helped reduce our mean time to detect. We only have to look at the portal. We can quickly isolate the user or the device, which also stops the virus from spreading. It also reduces our mean time to respond.

The web portal has a really good web UI, and all the things are well integrated. It is easy for us to increase the number of users because it is pretty simple.

The maintenance window can be improved because once it happened that I had multiple laptops, and the maintenance window caused a lot of laptops to get stuck in the portal, blocking access. This is important to address. The basic functionalities should be up and running even during maintenance windows. I understand that it is a software-as-a-service model, but it becomes a problem if I cannot do anything when issues occur during maintenance.

They could make it simple to have a SIEM integrated with their solution so that we can send logs to their server and then analyze them.

I have been using SentinelOne Singularity Complete for almost one year.

It is stable.

It is scalable. We have 50 users in our company. We have three administrators. We also have a consultant.

I did not have the opportunity to contact them because I had almost no issues.

Neutral

We were probably using Webroot. I was not there when they made the decision to switch.

I did not participate in the initial setup, but our new onboarding process for laptops is really straightforward. You just join the domain, and the software gets installed automatically. It is bound to our site, making it very easy.

It is difficult to measure ROI, but since we started using it, we have not had any problems related to security. We have not experienced any breaches or issues so far.

It has absolutely helped reduce our organizational risk.

Overall, it was a good experience. It is pretty easy for us to increase the number.

SentinelOne is focused on this solution. This is evident in the GUI. The GUI is well done compared to solutions like Microsoft Defender which I have been trying to get into, but it almost repels me. SentinelOne Singularity Complete is very stable and mature. It is one of the best solutions that one can choose.

I would rate SentinelOne Singularity Complete a nine out of ten.

Singularity Complete integrates well. We have changed our monitoring solution, and SentinelOne supports that solution. We are using SecureWorks to monitor our system. It is directly using the SentinelOne agent. All security logs for SentinelOne and other security products are being pushed to that one. SecureWorks consolidates all the logs and alerts, and we are getting 24/7 monitoring.

Singularity Complete significantly reduces alerts. It has reduced false positives by 30% to 40%.

Singularity Complete helps free up our staff for other projects and tasks. We have fewer false positives. We are very comfortable with it. Before, we had to provide extensive technical support for endpoint protection, but after installing the agent, administration became much easier.

Singularity Complete has been excellent, and we have not faced any issues in the last three to four years. It has reduced critical risks significantly.

Singularity Complete has reduced our mean time to remediate to a good level. It has also reduced the organizational risk.

We have used Ranger, but it is not always useful for us because most of our users are working from remote areas. It is a bit difficult for Ranger to identify them because they are working with some local networks. However, we are protecting our endpoints with the agents. It is mandatory for our technicians to install this agent.

APT and ransomware protection is valuable. We also use the Vigilance service from SentinelOne. It is a complete XDR platform for us.

Sometimes, support can be lacking. We would like to have more interactive sessions, which are not currently available. A chat service for technical support would also be beneficial. With other vendors, we are able to resolve small issues through the chat, whereas with SentinelOne, we have to open a ticket. Without a ticket, we cannot do anything. It takes more time.

They should host a data center in Saudi Arabia, making it easy for customers to go for a SaaS model.

We have been working with SentinelOne since 2019. It has been almost five years.

For EDR, the solution is perfect. Over the five years of using it, many improvements have been made. Initially, there were issues, particularly on the management side, but now the console is much more stable.

They can provide more interactive options for support. For example, a chat service would be beneficial.

Positive

Previously, we were using Trend Micro, which posed a lot of issues. Trend Micro has different products for different things. For example, they have a different product for servers and a different product for clients. For management and reporting, there is another product. We have to manage a lot of things in Trend Micro. 

SentinelOne has consolidated these functionalities into a single platform, greatly reducing our workload. 

The SaaS model is better, but due to some regulations, companies are hesitant to go for it. 

Deployment was challenging because we did not have software distribution capabilities at the time, and my technicians faced many challenges. I tried using group policy, and it worked for some clients, but not all, since half of my employees work remotely. Once deployed, agent updates were automated from SentinelOne. 

Maintenance is not required because we are using the SaaS model. We do not have any servers to manage, as it is a SaaS-based solution. When there is a new agent release from SentinelOne, we just have to deploy it from the console.

We have different entities inside our organization. It took us three to four weeks to deploy to about 1,500 endpoints. 

My team handled the deployments. We had five to six technicians.

We have not faced any attacks since we implemented it. We had some critical incidents before this. In that respect, we have saved costs.

Its cost is similar to Trend Micro, but the protection is much better. If you want protection, you have to pay the price.

This technology is perfect for us. They are good at innovation and enhancements. We have good visibility across the network and endpoints. The product is continually improving, and I am very satisfied with it. I have already recommended it to a few people.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten. There are areas for improvement, such as support and hosting data inside Saudi Arabia.

First, budget-wise, and for the quick actions I take in automation, certainly AI plays a crucial role.

The most valuable features are the quick action and restoration capabilities. I can catch any behavior and restore everything for the last two changes. There's also automation that gives my team free time, preventing them from having to look for every alert. As a result, we don't need their action on some emails.

Integration with the firewalls is needed because there is no integration with Forti as a FortiAnalyzer. It is currently integrated with FortiManager and the Forti box, but if I have an analyzer, it doesn’t integrate with them. It would be better if there were direct integration with FortiAnalyzer.

I have used the solution for two years.

The stability is just okay.

The scalability is good at more than ninety percent.

I would rate the customer service at an eight.

Positive

I tried, when busy, CrowdStrike, and as an endpoint, I work with FortiClient.

The setup is complex related to the XDR because there are more logs, and the queries need someone expert for that. I should create a guide.

The deployment has been done in-house by my team.

If I compare prices between SentinelOne and another solution, I have already conducted this exercise, and SentinelOne is cheaper by more than sixteen percent.

It’s cheaper than other competitors.

I will recommend it to other clients. The quality is good for us based on our operations. We don't have a huge amount of transactions, but it’s good for us. The solution meets our needs. It’s good. Overall product rating is eight out of ten.

We have it for all of our client machines and servers. It is the antivirus solution for all clients and servers. We are also looking into going further with their log analysis portion. We are working with them in terms of pricing.

The overhead on the CPU is minimalistic, not taking up too many system resources.

Making exceptions and exclusions through the console interface is smooth, providing a very good experience. The clients communicate with the web console in less than a minute, which is much faster than other solutions such as Malwarebytes.

SentinelOne has helped us with consolidation. We have Malwarebytes installed along with SentinelOne, and we are moving just to SentinelOne. SentinelOne has the most widespread and up-to-date coverage because of the fact that we can deploy it fairly quickly. Its rogue detection feature helps catch systems missed during initial deployment. We are the most up-to-date now. 

It saves time for the staff once it is up and running. Once the system has gotten used to everything, it just works. There is a six to eight-month learning curve for the system to get used to your servers and software.

In the beginning, we had a fair number of false positives coming across, but once the system got set up, it has been pretty much running on its own. If we are running a lot of internal IT scripts for applications that are triggering the antivirus, it might detect that as suspicious. We have to configure it to exclude things. Overall, it is pretty smart. Its automation is working fairly well for us that way. 

As a strategic partner, they have been very vocal with us. They have been communicative and supportive. The product itself is robust. We have not had any situation where it failed and broke the computer. There is no CrowdStrike-type scenario going on.

Based on the updates they have done, they are focused on advancing the product. There is a constant evolution going on. The system is getting more robust. We are advancing and not digressing anywhere in terms of technology.

We moved from ESET, and we find that the licensing scheme, particularly how the licenses are attributed to clients, is pretty nice compared to what ESET offers. We work in a highly virtualized environment. We have roughly 150 to 160 virtualized clients that are refreshed daily. Every night, the systems refresh. With the old antivirus solution, the licensing would count into the thousands, necessitating manual deletion. Luckily, SentinelOne has a feature to decommission automatically, which has been fantastic. 

One area for improvement is automated deployment. I use it through a group policy. I put in the PC name, and when the user logs in, if the PC is in that group, it attempts an MSI install through Active Directory via GPO. That seems to play a little havoc and can conflict with manual installs, causing issues where it wants to delete and reinstall the client. To resolve this, I remove the computer from the security group, and it then stops complaining. The automated installation could improve in this regard.

We have been using SentinelOne for one year.

I would rate their support an eight out of ten. The rating would be better if they picked up the phone and had someone talk immediately. We are using the automated email process for support, and they respond within an hour or two hours sometimes.

Positive

We had moved from ESET.

We have not been hit since using it. I have experienced a ransomware attack only once, a few years ago, with minimal damage. Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.

It has not helped us save costs. We are increasing costs because we are going more toward the avenue of protecting as a city. We have been watching other cities around us get hit, so there is more focused attention on protection at this level. We are moving to the complete license solution and looking at expanding that into Vigilance.

When it comes to interoperability, we are going to look at some integration with our FortiGate system for the firewall to help analyze the logs that come through there. We are slowly moving from stopping the intrusion to more like a preemptive, preventative focus.

To those considering using this solution, I would advise digging into the console and taking the time to learn. Some people complain and find it confusing, but understanding the system's ins and outs is crucial. The console is well laid out, so it is worth taking the time to learn it.

The quantity of detection is quite a lot in the first few months. The product has a learning curve, so you have to guide it in the beginning so it gets used to the scripts and applications that are running in your system. We have created quite a list of exclusions, and I always take the time to look at each one. Since September 2024, false positives have been reduced to one every two weeks.

Overall, I would rate it a nine out of ten.

SentinelOne Singularity Complete is primarily used for endpoint protection and integrating vulnerability reports from assessments. It also provides device control, exclusion management, and block listing capabilities. 

Our clientele represents a diverse range of industries, including insurance and manufacturing.

Singularity offers complete interoperability with other SentinelOne solutions and third-party tools, and our clients have reported no issues.

The Ranger functionality provides network and asset visibility, allowing identification of installed and uninstalled assets within the environment. This capability contributes to maintaining a clean and organized environment.

It can prevent unauthorized access and use of USB drives, a common source of malware. Personal USB drives can carry malicious software that infects an entire network. Therefore, SentinelOne Singularity Complete plays a crucial role in protecting organizations from these external threats.

SentinelOne Singularity Complete enables in-depth root cause analysis and the ability to add exclusions as needed, effectively minimizing alert volume.

SentinelOne Singularity Complete helps users save approximately one-third of their time, allowing them to focus on other tasks.

SentinelOne Singularity Complete helps reduce our mean time to detect and helps reduce our mean time to respond by 25 percent.

SentinelOne Singularity Complete helps reduce environmental risk by identifying vulnerabilities.

The visibility feature is crucial for effective detection analysis. The user-friendly console ensures ease of use and learning, even for beginners. Furthermore, the tool's capacity to consolidate various security solutions and perform risk correlation analysis enhances its value.

The primary issue is the console's random automatic logouts, requiring users to repeatedly re-enter their username and password. This problem needs to be addressed.

I have been using SentinelOne Singularity Complete for about six months.

The system has experienced interoperability challenges and high resource utilization, particularly with CPU and RAM.

SentinelOne Singularity Complete is highly scalable.

The response time of customer service could be improved.

Neutral

The initial setup involves configuration policy setup and deploying the agent, which is straightforward if done through tools like SCCM.

Deployment can be managed by one person when using SCCM or similar tools.

The manual effort used for tasks like remediation has been reduced, contributing to ROI.

While SentinelOne Singularity Complete carries a higher price tag than some endpoint security solutions, customers find its robust features and return on investment justify the cost. However, it remains a more budget-friendly option compared to CrowdStrike.

CrowdStrike is a comparable endpoint integration solution. SentinelOne is priced higher than CrowdStrike.

SentinelOne's console offers a more user-friendly experience compared to CrowdStrike and Trend Micro One, making it particularly well-suited for beginners.

I would rate SentinelOne Singularity Complete nine out of ten.

We have many endpoints in multiple locations.

Maintenance is only required if an agent is disabled or cannot connect to the controller; otherwise, no manual intervention is needed.

As a security partner, SentinelOne is on par with CrowdStrike and has strong potential to become a leader in its field.

I recommend SentinelOne for its ease of use and management, especially for new customers. The user-friendly console and straightforward deployment process facilitate a quick learning curve. Furthermore, its cloud-based architecture minimizes the burden of updates.

We have the Singularity Endpoint Detection platform along with the MDR service. We are using their Singularity Enterprise offering along with Vigilance Pro.

We are currently in the process of deploying it. We started with the deployment earlier this calendar year with a goal of reaching 30,000 endpoints this year. We have deployed to about 25,000 endpoints to date. Our end goal is 100,000, but that will be phased in over the next year.

Our deployment experience has been excellent. We have received a ton of support from their customer success team. We are using this initial deployment to tune the product to make sure it is not causing performance issues on our endpoints. We are going about it in a very methodical fashion.

It has helped us achieve business goals in a few areas. Even though we are early in our adoption, there are a few areas where I have seen benefits. One is around the technology, the solution itself. It provides our security analysts with a very succinct and usable interface that they can use to effectively and efficiently manage incidents and investigations. 

The second area is around the MDR. This has been a huge benefit to us compared to our prior solution. We used to get a lot of false positives. That took up the time of our security analysts, which then took away time from addressing real problems.

The risk management at Lenovo has improved greatly over our prior toolset. We have identified risks that we would not have otherwise identified with our prior implementation.

Our analysts' efficiency has gone up tremendously. We are not chasing false positives. The tool provides timely and relevant information to our analysts so that they can address the events with confidence. They know they are working on the right activities, and then along with the managed service, they are not chasing rudimentary incidents. Those are being resolved before they can get to our team.

It has definitely helped us reduce noise. In the prior platform, which we are phasing out, the false positive rate was tremendously high. That caused a huge amount of inefficiency in the team.

It has helped us increase our incident response because we are working as a team. We not only have an improved platform for detecting and managing incidents; we are also partnering with SentinelOne on the MDR and the managed service aspect of it.

It has helped us improve our mean time to respond from a perspective of seeing what is happening. I do not have any metrics related to the percentage of that improvement.

It has highlighted the risk of insider threats, and we have found that on multiple occasions. It is hard to compare if they would have been caught in our prior solution, but we have increased visibility into what is going on across our network and the machines that are connected to it.

SentinelOne is an integral part of our AI strategy. We have recently got a chief AI officer in our organization. He happened to be our chief security officer, so we take AI very seriously. There are two things that AI can impact. We can leverage SentinelOne to help us protect the AI models that we develop and use, but we can also leverage AI for endpoint protection in the product itself. We can utilize the AI offering to improve our response rate and mean time to respond.

We are freeing up our resources and our security analysts' time to focus on the most critical threats to our landscape by not having to chase down false positives. In conjunction with the MDR, many of those incidents and events are mitigated and resolved without any intervention from our team.

SentinelOne can continue to make the presentation of relevant and timely data to the analysts as succinct and clear as possible. It will allow analysts to execute remediation or resolution with the least amount of clicks.

We started with the deployment earlier this calendar year.

The support from SentinelOne has been second to none, exceeding expectations. Maybe we are in the honeymoon period, but they have definitely exceeded expectations. I have been part of many deployments, not just of cybersecurity platforms but also of other platforms, and SentinelOne, in comparison, has been second to none.

Positive

We purchase it through CDW.

One of the primary considerations in evaluating EDR and identity security vendors was around the effectiveness of the detection and the ability to tune the solution to fit our needs. The presentation of the data to our analysts and the ability to detect events and threats that were not detected by our prior platform played a big role in that. We also were able to test out the MDR service as part of our proof of concept. That pushed it over the edge from anything we experienced with other vendors.

Earlier, we had a high false positive rate coming in, which would take up our analysts' time. In addition to that, our prior vendors or other vendors would report threats and incidents to our team but not what action to take to resolve them. The huge difference that we have seen is that we are now getting feedback from SentinelOne and the MDR team, and it is coming back completely resolved and completed. We are more on an information basis, and we do not have to spend any time on resolution or investigation.

Anyone considering changing their endpoint detection or SIEM solution should consider SentinelOne. It offers benefits in the product and technology aspect, service aspect, and partnership, allowing us to influence the roadmap and plan our cyber defenses.

Even though we are early on in our adoption, we have had a direct line of contact with the product team. We have been able to provide feature requests. We are not simply a customer of SentinelOne. We view it as a partnership. We can influence the roadmap. Likewise, SentinelOne is providing us a vision of their roadmap, and we can plan accordingly how to steer our cyber defenses.

As it stands today, I would rate SentinelOne Singularity Complete a nine out of ten simply because we are so early in our adoption that we are not taking full advantage of all the aspects of the solution. We will continue to grow and mature alongside the product.