Try our new research platform with insights from 80,000+ expert users
Brian Glen - PeerSpot reviewer
Incident Response Specialist at Klick Health
Real User
Provides good protection and helps with network and device control
Pros and Cons
  • "Device control and network control are valuable."
  • "The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab."

What is our primary use case?

We use it for endpoint protection. It is our antivirus and EDR solution. 

We are also using it for device control, such as blocking USBs, and we also use it for network control. We are blocking port access on machines.

How has it helped my organization?

Singularity Complete has saved us time. I recently did the agent upgrade. I used their upgrade policy and just specified the maintenance window and things like that. The first two times I updated the agents, I used to sit there and highlight the endpoints and run agent updates, but this time, I used auto-upgrade. With auto-upgrade, it ran between 6 PM to 8 AM, and then it ran all day on the weekend, and it was up in there. In one day, it updated 1,000 endpoints. That was pretty cool. I did not have to sit there and do the manual work. I just watched the system to make sure that the endpoints got updated. That was pretty cool. It is nice to know that I do not have to sit there, and I can just create a policy and let it go. It definitely saves time.

Singularity Complete has reduced our mean time to detect (MTTD). I get an email pretty much right off the bat. When an alert pops up, I get an email from my ticketing system, so it is pretty quick. If I am on my desk. I take care of it pretty quickly. Currently, I am the main person running this, and other people back me up when I am not around. I am hoping I can get somebody else trained on this. 

Singularity Complete has helped reduce our organizational risk. It is somewhere in the middle when it comes to contributing to our security posture.

SentinelOne has been a good partner. We mostly use Mac and Windows systems, and we were able to do device control and network control out of SentinelOne rather than through MDM. We are doing it all through SentinelOne. We did not have any conflict in the apps.

In terms of interoperability, we have plugged it into our Alert Logic MDR. It flags to our MDR. For example, if a threat cannot be mitigated or it is hard to mitigate a threat, then the MDR will notify us. Some of the things related to applications could use some work, but they are in the process of fixing this. We will then be able to update and disable applications through SentinelOne.

What is most valuable?

Device control and network control are valuable. 

They updated the console, and on the incidents page, we can break down the incidents and see all attack attempts. It is pretty cool and in-depth. 

What needs improvement?

The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab.

Singularity Complete has not helped reduce alerts. In fact, it produces a lot of false positives. It does its job, but I have spent the last week fine-tuning the system and trying to suppress false positives. I am getting a hang of it.

Buyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for about a year and a half.

What do I think about the stability of the solution?

Its stability is very good. Recently, one person had an issue, and I had to reinstall the agent. They had lost their Internet connectivity. We put in some strategy work, and we had to go in there and figure out which ports are open, but other than that, it has been very good.

What do I think about the scalability of the solution?

Its scalability is pretty good. 

How are customer service and support?

I have interacted with their support. They are always pretty easy to get a hold of. I never have to wait. They are helpful. They have resolved any issue that I have ever brought up with them in a timely manner. I would rate them a 10 out of 10.

How would you rate customer service and support?

Positive

How was the initial setup?

It is a cloud solution. I inherited it, so I was not there when they implemented it. It was implemented about six months before I got hired. It was probably deployed in late 2021, and I started in February 2022.

It requires a little bit of maintenance in terms of fine-tuning the false positives and things like that. For example, because people use Logitech devices, I had to suppress the alerts because they kept popping up because the hash was always different. I have noticed that when a new agent comes, it can be a little aggressive in the beginning. I have to fine-tune the alerts a little bit, but that is a part of the process. I update the agents twice a year. I will try to do it more because now I know how the upgrade policy works. The only thing I am not yet good at is reviewing the Mac logs. Windows logs are easy because of the years of Windows experience and the use of Windows Event Viewer. I just got to be better with the Mac logs.

What was our ROI?

In terms of cost savings, I am starting to get into the budget, but we have not got any malware or serious incidents. There are money savings when you do not have serious incidents.

We have not had any downtime. We have not had anybody's machines compromised. It has been protecting the endpoints pretty well. It has been pretty quiet. We have not had anything that we would consider a major incident, so it is doing pretty well.

What's my experience with pricing, setup cost, and licensing?

I do not know much about it. From what I understand, it is pricey, but it works. It is a very good product. 

What other advice do I have?

I also used SentinelOne five years ago at another company, and I find it to be way better now. It is a much more refined product. It does not actively scan the system the way it used to. It has come a long way in terms of performance on the machines. It does not hinder the performance of developers' machines. I hear no complaints about SentinelOne blocking or grinding machines to a halt with scans when developers are doing builds and things like that. It has improved greatly. Five years ago, I used to hear complaints about SentinelOne slowing down the systems, but I have not heard that once here.

We tested the Ranger functionality a bit. We were demoing it. Ranger was pretty cool for the visibility of devices, but we did not find a use for it.

Overall, I would rate SentinelOne Singularity Complete a 9 out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT Director at a wholesaler/distributor with 501-1,000 employees
Real User
Helps save us time, provides good service, and quick remediation
Pros and Cons
  • "The most valuable feature is the quick response to attacks."
  • "The SentinelOne portal is not user-friendly, which is one of its drawbacks."

What is our primary use case?

We use SentinelOne Singularity Complete to protect our environment.

How has it helped my organization?

SentinelOne Singularity Complete has helped us reduce the number of alerts we receive. I was attacked three times, and each time I received an alert. There were a lot of good features in SentinelOne that we were not aware of until we contacted them after we were hacked. SentinelOne took the role of fast response protection and took action.

SentinelOne Singularity Complete has freed up our staff's time to work on other tasks and projects. I made many changes to my department this year, including migrating all of my servers from on-premises to the cloud. With Singularity Complete, I was able to protect my cloud servers immediately and shut down my on-premises. I was also able to receive notifications of changes to IP addresses and users, which are common changes that occur during a migration. Sentinel was able to alert me every time there was a change.

What is most valuable?

In terms of service, SentinelOne has very great service. They respond immediately as soon as we open a ticket. I got attacked last year, and they were able to help me resolve my issues. So I got a fast response. Of course, we paid for it, but in terms of professionalism and support, they were extremely professional, and they have a lot of professional people working for them.

The most valuable feature is the quick response to attacks.

What needs improvement?

The SentinelOne portal is not user-friendly, which is one of its drawbacks. We have to search for options to disable and enable protection. We have to go through it on our own to find the options we need to add or remove notifications. SentinelOne did not tell us about these options until we encountered problems and had to contact them. We were not well informed. When we first implemented the solution all the options were turned off and we did not know that we had to navigate through and turn on what we required.

The MTTD has room for improvement. I was attacked last year and did not receive an alert from SentinelOne Singularity Complete until 24 hours after the attack occurred.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for two years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable and we have not encountered any issues.

What do I think about the scalability of the solution?

I would rate SentinelOne Singularity Complete's scalability an eight out of ten.

How are customer service and support?

We do not have a support package, so we pay per use, which is expensive. However, they are very professional and follow up well. They took charge immediately, found a solution immediately, and blocked the ransomware attack. They also gave us details on what to do next. Two to three days later, they called my department back and followed up with the system administrator to make sure everything was okay. Overall, I am satisfied with their service.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I previously used Microsoft Defender and Sophos. SentinelOne is a much better solution than Defender and has a quicker response time to alerts and attacks than Sophos.

How was the initial setup?

The initial deployment was straightforward. Implementing SentinelOne was not complicated, and more user-friendly than the others.

The deployment was completed by myself and one admin.

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete is expensive compared to Microsoft but not Sophos. However, it is worth the price for its quick response and immediate remediation options.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten. SentinelOne is one of the best security solutions I have worked with. I would rank it in the top three best platforms for security.

SentinelOne Singularity Complete is an aggressive and accurate security solution.

No maintenance is required except for updates that we push out to all end users.

For organizations that want an aggressive security partner, I recommend SentinelOne Singularity Complete.

Although SentinelOne Singularity Complete is expensive, I have no qualms about investing more money in the security of my department and data. I would definitely recommend SentinelOne Singularity Complete. It gives me peace of mind knowing that my data is safe.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
Head - Network & Security at a manufacturing company with 1,001-5,000 employees
Real User
Top 20
Provides immediate MTTD, and automatic remediation, but the support needs a lot of work
Pros and Cons
  • "The most valuable feature is the automatic remediation."
  • "SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance."

What is our primary use case?

We use SentinelOne Singularity Complete for our endpoint security.

How has it helped my organization?

The visibility that SentinelOne Singularity Complete provides throughout our organization is good.

SentinelOne Singularity Complete's capability to intake and correlate across our security solutions is great. As long as we have configured everything correctly and are monitoring the logs to respond to potential threats, we have the assurance that the threats are being identified and thwarted. A year ago, we faced a malicious attack that was detected and halted by SentinelOne EDR, which played a pivotal role in saving me.

SentinelOne Singularity Complete has certainly helped reduce the number of alerts we were receiving. Previously, I was using McAfee, and I had numerous threats and malware present in my environment that were only detected by SentinelOne Singularity Complete. This assistance facilitated the remediation of those threats and subsequently led to a decrease in security alerts.

SentinelOne Singularity Complete has saved us time by identifying the threats in real-time saving us long investigation times.

SentinelOne Singularity Complete's MTTD is immediate.

The MTTR is good.

What is most valuable?

The most valuable feature is the automatic remediation.

What needs improvement?

The reporting dashboards require improvement. Currently, they lack customization options, preventing me from generating a summarized executive report for management. 

SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance. The quality of after-sales support is also subpar and requires enhancement. The support is not meeting the expected standards, and as a result, I am feeling dissatisfied.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one and a half years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable.

How are customer service and support?

The customer service and support are unsatisfactory. I have been attempting to initiate the MDR services and have reached out to my account representative at SentinelOne for three months now, with no results. I am disappointed that I am unable to integrate any details into my environment, which would allow me to present information on a monthly and quarterly basis. I require this information to assess the performance with my MDR representative, but these matters are not progressing. I feel deceived.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

I previously used McAfee but it was not able to detect some of the malware threats that SentinelOne Singularity Complete does.

How was the initial setup?

The initial setup is straightforward as long as we are not dealing with legacy systems. In the manufacturing industry, many systems utilize older operating systems like Windows 2000, which run traditional applications that cannot be removed. Deploying on Unix is also challenging, whereas Windows Ten is straightforward.

We deploy in large manufacturing environments and there were around 80 people involved in the deployments.

What about the implementation team?

The implementation was completed by the SentinelOne team.

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete can be expensive for the SMB market but is suitable for enterprise-level organizations. The service provided by SentinelOne is not up to par with the cost we are paying.

Which other solutions did I evaluate?

I carried out a Proof of Concept with several Endpoint Detection and Response solutions, including CrowdStrike, Trend Micro, and VMware. However, none of them were able to meet my requirements in the same way that SentinelOne Singularity Complete does.

What other advice do I have?

I would rate SentinelOne Singularity Complete a six out of ten.

Currently, I have not yet completed the integration with third-party tools. However, I am utilizing the Sentinel logs as inputs for my Security Operations Center services, and I am gaining comprehensive visibility from this approach.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Security Expert at a healthcare company with 5,001-10,000 employees
Real User
Very powerful solution that highlights threats immediately
Pros and Cons
  • "The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use."
  • "I would like to improve the reports because they are not so customizable and we would like more info from them."

What is our primary use case?

We have the Core version for almost all our endpoints. We will be installing it completely for the US, who wants more products, and India, because we have experienced that India is more exposed to threats.  

We are currently updating our agents from 4.0.5 to 4.2.

How has it helped my organization?

Every day, we check threats that come from outside.

What is most valuable?

The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use. 

Regarding threats, it is very powerful. It highlights them immediately on the console, then you can decide if it's a false positive or an actually real threat. 

SentinelOne's distributed intelligence at the endpoint is very powerful and works well.

What needs improvement?

I would like to improve the reports because they are not so customizable and we would like more info from them.

I cannot download all the hosts that we have on our tenant, because there is limit of 10,000. I have asked our provider to work with SentinelOne to fix this. For example, my complaint is that if I want to download an Excel file or CSV, I have a limit of 10,000 rows. However, in our tenant environment, we can download more than 16,000 rows. 

For how long have I used the solution?

We started deploying it in 2018.

What do I think about the stability of the solution?

It has been a stable product.

The process is completely automatic when an endpoint connects to the console. At that point, the agent will be updated. However, when we install a new machine, we have to install it manually, even the agent.

What do I think about the scalability of the solution?

We have never had an issue with scalability.

We have 15,447 endpoints in total with the Core version. 99.99 percent of the endpoint usage is Windows. We also use it with a few Macs and Linux. It is really powerful from this point of view.

How are customer service and technical support?

Our SOC has logged some tickets with the technical support. They have never complained about SentinelOne's support.

Which solution did I use previously and why did I switch?

Previously, we had the McAfee, which was complicated to managed. 

We heard about this SentinelOne and its new antivirus, so we contacted our consultant who organized a PoC. After the PoC, we decided to migrate the solution.

I have been satisfied with the new antivirus.

How was the initial setup?

For deploying, it takes a long time. Our process was first to install SentinelOne with McAfee, having two antiviruses in the same host. Then, we started to uninstall McAfee. That process took about six to nine months because we had a lot of endpoints to deploy.

The antivirus migration was normal. The only thing that was tricky was the removal of the McAfee tool because sometimes it worked incorrectly and didn't uninstall the antivirus.

What about the implementation team?

The installation was done by our SOC and me. Our SOC is comprised of five to six people. The SOC personnel are the same people who currently maintain the solution.

What was our ROI?

I think the solution has reduced our incident response time and mean time to repair.

Which other solutions did I evaluate?

SentinelOne is easier to use than McAfee was. With the SentinelOne console, you have everything you need, like the dashboard and configuration, which makes it easier to manage than McAfee. However, I have more experience with McAfee.

What other advice do I have?

We have a SOC managing our environment. They are very happy with features that SentinelOne provides.

We will be upgrading to complete version next year, including Deep Visibility. This includes 2,000 endpoints for the USA and India. However, we currently haven't enabled this feature.

We have never needed the solution’s one-click, automatic remediation and rollback for restoring an endpoint, but the feature is very powerful.

Biggest lesson learnt from using SentinelOne: Never trust anyone.

I would rate this solution as a 10 out of 10.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Rick Bosworth - PeerSpot reviewer
Rick BosworthDirector, Product Marketing at a tech vendor with 501-1,000 employees
Real User

Thank you, Claudio, for your kind words and for trusting SentinelOne with your endpoint security.

Ronel Silawan - PeerSpot reviewer
Network and Systems Team Lead at Utilibill Pty Ltd
Real User
The solution performs well and is less resource-intensive than other products
Pros and Cons
  • "Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory."
  • "SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan."

What is our primary use case?

We use Singularity to secure our workstations and servers.

How has it helped my organization?

Singularity has added some features to our security setup. It adds layers of protection to our security servers and workstations. One advantage of Singularity over other traditional antivirus products I use is that it doesn't use as many resources as other products. 

If you resolve them permanently, the solution can reduce the number of alerts. Some applications keep triggering alerts, and you need to remove them, or they will continue to do so. We need physical signatures to prevent them from alerting again in the future. We can reduce the alerts by about 80 to 90 percent annually. Our old antivirus wouldn't flag some applications as malicious, but SentinelOne detected them, so we removed those applications, and it reduced our alerts.  

Singularity has reduced our organizational risk by about 80 to 90 percent. We were able to address those alerts and remove a lot of malicious files that our previous solution didn't recognize. We saw a significant advantage in the first year. We've experienced a massive improvement in our mean time to detect. We have a large user base, but Singularity Complete performs better than our previous solution.

What is most valuable?

Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory. We can consolidate our security solutions into one centralized platform, and monitor all our workstations and servers from one place. 

What needs improvement?

SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan. 

For how long have I used the solution?

I have used Singularity for 4 or 5 years. 

What do I think about the stability of the solution?

I rate Singularity Complete 9 out of 10 for stability.

What do I think about the scalability of the solution?

I rate Singularity Complete 9 out of 10 for scalability. 

How are customer service and support?

I rate SentinelOne support 9 out of 10 because they're very responsive.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I previously worked with Sophos and ESET. The primary reason we prefer SentinelOne is that it doesn't consume a lot of resources. 

How was the initial setup?

Deploying Singularity is straightforward, and it doesn't require you to restart the servers in the latest version.

What's my experience with pricing, setup cost, and licensing?

Singularity isn't cheap, but it's worth what we pay for it. 

What other advice do I have?

I rate SentinelOne Singularity Complete 9 out of 10 overall. Singularity performs as well as expected, and it's less resource-intensive than other products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
reviewer2299671 - PeerSpot reviewer
Cyber Security Engineer at a manufacturing company with 10,001+ employees
Real User
Uses low resources, reduces alerts, and reduces organizational risk
Pros and Cons
  • "The external drive scanning is great."
  • "I am not a fan of the UI and feel it has room for improvement."

What is our primary use case?

We have deployed SentinelOne Singularity Complete on all of our internal employee workstations. It is our endpoint solution for extended detection and response and all of the components within that scope.

We implemented SentinelOne Singularity Complete to help us address our cybersecurity challenges, mitigate threats to our machines and organization, and protect our data.

How has it helped my organization?

SentinelOne Singularity Complete integrates well with other third-party solutions, such as Palo Alto Networks, which we use for VPNs, and Zscaler, which we use for content filtering. The fact that it is not an invasive program is great. Therefore, staying in alignment with what SentinelOne is currently doing with the platform is something I would definitely recommend. Something to avoid when choosing an endpoint protection solution is resource consumption. People develop a bad reputation for a product when they detect it impeding their workflow. So, as long as SentinelOne can avoid this, they are on the right track.

It ingests and correlates data across all of our security solutions. It is a modern solution that I am extremely satisfied with.

SentinelOne Singularity Complete has helped us consolidate our security solutions. It is an extended detection and response solution that provides us with detection and response capabilities, as well as heuristic-based protection. It is a very modern endpoint protection solution. I think it is very competitive with other software such as Trend Micro.

SentinelOne Singularity Complete is a modern endpoint protection solution that addresses the cybersecurity needs of the organization realistically and from a compliance perspective. Since I joined the team a year ago, I have seen the benefits.

SentinelOne Singularity Complete reduces the number of alerts because it is an easy-to-manage solution without thousands of data sources. When we do receive alerts, Singularity Complete provides concise and actionable information.

SentinelOne Singularity Complete is a manageable solution that scales and does not require a dedicated person to handle it.

I am satisfied with SentinelOne Singularity Completes MTTD.

SentinelOne Singularity Complete helps reduce the MTTR because it provides actionable steps when something is detected. It also helped us reduce our organizational risk. It uses modern techniques to identify threat actors and helps us maintain compliance. As a large international company involved in governance, it is important to us that Singularity Complete reduces our organizational risk. 

What is most valuable?

SentinelOne Singularity Complete does not consume many resources compared to the competition, like McAfee. The external drive scanning is great.

What needs improvement?

I am not a fan of the UI and feel it has room for improvement.

Heuristic analysis can always be improved. Many companies need to work on this. So, I think the sooner SentinelOne, for example, can get ahead of the curve on that, the sooner we can count on it as a realistic enterprise solution.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for over one year.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is one of the most stable solutions we have in our stack.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is scalable.

How are customer service and support?

The few times I have used the technical support it has been a good experience.

How would you rate customer service and support?

Positive

What other advice do I have?

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Manager of Information Security at a recreational facilities/services company with 1,001-5,000 employees
Real User
Top 20
Reduces alerts, offers deep visibility, and saves time
Pros and Cons
  • "The deep visibility is really important for us. With it, we can really look deep into some of the incidents."
  • "We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it."

What is our primary use case?

We use it at our enterprise to protect all of our endpoints. We needed an EDR tool, and this product was one of the top options that we looked at at the time.

How has it helped my organization?

We definitely get a lot more insights into incidents. When we get an alert, we can go a lot deeper into the information and investigate.

What is most valuable?

The deep visibility is really important for us. With it, we can really look deep into some of the incidents.

Singularity's interoperability with other SentinelOne is okay. It does an okay job. We can tie it into some of our other tools. 

The solution's ability to ingest and correlate across our security solutions is okay. We can tie it into messaging solutions so that we can get alerts directly rather than logging into the console. 

It reduces alerts. There are not a lot fewer false positives. I'm not sure the percentage it has reduced, however in comparison to before, it is definitely less. 

The product does save a lot of time and we are able to get to tasks and respond quicker. It's helped reduce our mean time to respond.

It's helped us save costs in some areas. It would be based on hours saved. While the solution itself is a little more expensive, operationally, it helps us reduce costs. 

What needs improvement?

We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it.

The remote console is currently an add-on. Having the remote console without having to pay a huge fee would be ideal. They could reduce the cost a lot.

There was an issue a few months ago where the agent kept getting shut off, however, now there's a newer agent and that's not happening anymore. 

For how long have I used the solution?

I've used the solution for almost two years now. 

What do I think about the stability of the solution?

The stability has gotten better and better over the last two years.

What do I think about the scalability of the solution?

The solution is deployed across 2,000 machines in four properties. 

It can scale well. We keep deploying it further and it works. 

How are customer service and support?

Technical support does a good job. I've never had to work with support a ton. They do a decent job. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had previously used a few solutions, including FireEye and Endgame. We left Endgame when they got bought out shortly after we bought them and it felt stagnant. 

How was the initial setup?

The deployment was pretty straightforward. We deployed it originally in a reduced state until we had an outline for a majority of machines when we could protect the environment better. 

We had two or three staff members who handled the deployment. 

There is some maintenance required. We do have to monitor and fix agents and occasionally update the product. There are two to three people who perform occasional maintenance duties. 

What about the implementation team?

We set up the product ourselves. 

What was our ROI?

We have witnessed an ROI, although I can't speak to the exact number or percentage. 

What's my experience with pricing, setup cost, and licensing?

I don't have any visibility on the pricing. 

Which other solutions did I evaluate?

We did evaluate other options. We looked into CrowdStrike and SentinelOne and maybe one other option, however, it wasn't considered very long. We demoed CrowdStrike and went with SentinelOne as it was more user-friendly and had a better flow. CrowdStrike felt thrown together and was hard to navigate. 

What other advice do I have?

SentinelOne's ability to be innovative is good. They've done a good job. Over the last two years, the product has continued to improve, change, and add valuable features. 

The quality of the product is good. It feels mature and is well-developed. I don't have any concerns with its technology. 

They are a good strategic security partner. They are a growing company and one of the leading EDR tools in the space. 

I'd rate the solution nine out of ten. I would recommend it to others. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
AshishGautam - PeerSpot reviewer
IT Project Manager at Rajiv Gandhi Cancer Institute In India
Real User
Top 10
Excellent notification capabilities, good roll-back features and a straightforward interface
Pros and Cons
  • "SentinelOne is preferred because of its great features and nominal cost."
  • "The setup process could be improved."

What is our primary use case?

The most important feature is the roll-back feature because when any system is corrupted, we can easily restore it within a few seconds. Also, if an end-user is not connected to your network, they can communicate with the central manager. We can be notified of any end-user activity with a central dashboard. The solution is also a very lightweight agent model compared to other solutions like Sophos, Carbon Black and the app action from X-microsite product. SentinelOne does not use the RAM SCP installation for the agent, and the user interface is also straightforward.

What needs improvement?

The setup process could be improved, and it would be good if artificial intelligence were added as an additional feature in the next release.

For how long have I used the solution?

We used SentinelOne at my previous company before I left eight months ago, and it was deployed on cloud base.

What do I think about the stability of the solution?

It is a stable solution.

What do I think about the scalability of the solution?

It is a scalable solution, and we have about 800 users using SentinelOne. We only need one person for maintenance, and they can offer maintenance in person and remotely via email and SMS.

How are customer service and support?

I rate the technical support a ten out of ten. The support is very easy if you connect with global support. A company focused on non-technical issues can't easily adopt the solution. You have a support team from the layman language.

How was the initial setup?

The initial setup was a bit complex but very simple if you set up a single order.

What's my experience with pricing, setup cost, and licensing?

I rate the price of SentinelOne a ten out of ten, meaning it is the best price in the market. This is because SentinelOne has a nominal cost. For example, if CrowdStrike costs $1000, SentinelOne provides the same features for about $7 to $8.

What other advice do I have?

I rate this solution a ten out of ten. I have around 10 to 15 years of experience in security and have used products like Sophos, Micro and CrowdStrike. CrowdStrike and SentinelOne are the best, but SentinelOne is preferred because of its great features and nominal cost.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.