SentinelOne Singularity Complete Reviews

We use Singularity to secure our workstations and servers.

Singularity has added some features to our security setup. It adds layers of protection to our security servers and workstations. One advantage of Singularity over other traditional antivirus products I use is that it doesn't use as many resources as other products. 

If you resolve them permanently, the solution can reduce the number of alerts. Some applications keep triggering alerts, and you need to remove them, or they will continue to do so. We need physical signatures to prevent them from alerting again in the future. We can reduce the alerts by about 80 to 90 percent annually. Our old antivirus wouldn't flag some applications as malicious, but SentinelOne detected them, so we removed those applications, and it reduced our alerts.  

Singularity has reduced our organizational risk by about 80 to 90 percent. We were able to address those alerts and remove a lot of malicious files that our previous solution didn't recognize. We saw a significant advantage in the first year. We've experienced a massive improvement in our mean time to detect. We have a large user base, but Singularity Complete performs better than our previous solution.

Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory. We can consolidate our security solutions into one centralized platform, and monitor all our workstations and servers from one place. 

SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan. 

I have used Singularity for 4 or 5 years. 

I rate Singularity Complete 9 out of 10 for stability.

I rate Singularity Complete 9 out of 10 for scalability. 

I rate SentinelOne support 9 out of 10 because they're very responsive.

Positive

I previously worked with Sophos and ESET. The primary reason we prefer SentinelOne is that it doesn't consume a lot of resources. 

Deploying Singularity is straightforward, and it doesn't require you to restart the servers in the latest version.

Singularity isn't cheap, but it's worth what we pay for it. 

I rate SentinelOne Singularity Complete 9 out of 10 overall. Singularity performs as well as expected, and it's less resource-intensive than other products.

We have deployed SentinelOne Singularity Complete on all of our internal employee workstations. It is our endpoint solution for extended detection and response and all of the components within that scope.

We implemented SentinelOne Singularity Complete to help us address our cybersecurity challenges, mitigate threats to our machines and organization, and protect our data.

SentinelOne Singularity Complete integrates well with other third-party solutions, such as Palo Alto Networks, which we use for VPNs, and Zscaler, which we use for content filtering. The fact that it is not an invasive program is great. Therefore, staying in alignment with what SentinelOne is currently doing with the platform is something I would definitely recommend. Something to avoid when choosing an endpoint protection solution is resource consumption. People develop a bad reputation for a product when they detect it impeding their workflow. So, as long as SentinelOne can avoid this, they are on the right track.

It ingests and correlates data across all of our security solutions. It is a modern solution that I am extremely satisfied with.

SentinelOne Singularity Complete has helped us consolidate our security solutions. It is an extended detection and response solution that provides us with detection and response capabilities, as well as heuristic-based protection. It is a very modern endpoint protection solution. I think it is very competitive with other software such as Trend Micro.

SentinelOne Singularity Complete is a modern endpoint protection solution that addresses the cybersecurity needs of the organization realistically and from a compliance perspective. Since I joined the team a year ago, I have seen the benefits.

SentinelOne Singularity Complete reduces the number of alerts because it is an easy-to-manage solution without thousands of data sources. When we do receive alerts, Singularity Complete provides concise and actionable information.

SentinelOne Singularity Complete is a manageable solution that scales and does not require a dedicated person to handle it.

I am satisfied with SentinelOne Singularity Completes MTTD.

SentinelOne Singularity Complete helps reduce the MTTR because it provides actionable steps when something is detected. It also helped us reduce our organizational risk. It uses modern techniques to identify threat actors and helps us maintain compliance. As a large international company involved in governance, it is important to us that Singularity Complete reduces our organizational risk. 

SentinelOne Singularity Complete does not consume many resources compared to the competition, like McAfee. The external drive scanning is great.

I am not a fan of the UI and feel it has room for improvement.

Heuristic analysis can always be improved. Many companies need to work on this. So, I think the sooner SentinelOne, for example, can get ahead of the curve on that, the sooner we can count on it as a realistic enterprise solution.

I have been using SentinelOne Singularity Complete for over one year.

SentinelOne Singularity Complete is one of the most stable solutions we have in our stack.

SentinelOne Singularity Complete is scalable.

The few times I have used the technical support it has been a good experience.

Positive

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.

We use it at our enterprise to protect all of our endpoints. We needed an EDR tool, and this product was one of the top options that we looked at at the time.

We definitely get a lot more insights into incidents. When we get an alert, we can go a lot deeper into the information and investigate.

The deep visibility is really important for us. With it, we can really look deep into some of the incidents.

Singularity's interoperability with other SentinelOne is okay. It does an okay job. We can tie it into some of our other tools. 

The solution's ability to ingest and correlate across our security solutions is okay. We can tie it into messaging solutions so that we can get alerts directly rather than logging into the console. 

It reduces alerts. There are not a lot fewer false positives. I'm not sure the percentage it has reduced, however in comparison to before, it is definitely less. 

The product does save a lot of time and we are able to get to tasks and respond quicker. It's helped reduce our mean time to respond.

It's helped us save costs in some areas. It would be based on hours saved. While the solution itself is a little more expensive, operationally, it helps us reduce costs. 

We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it.

The remote console is currently an add-on. Having the remote console without having to pay a huge fee would be ideal. They could reduce the cost a lot.

There was an issue a few months ago where the agent kept getting shut off, however, now there's a newer agent and that's not happening anymore. 

I've used the solution for almost two years now. 

The stability has gotten better and better over the last two years.

The solution is deployed across 2,000 machines in four properties. 

It can scale well. We keep deploying it further and it works. 

Technical support does a good job. I've never had to work with support a ton. They do a decent job. 

Positive

We had previously used a few solutions, including FireEye and Endgame. We left Endgame when they got bought out shortly after we bought them and it felt stagnant. 

The deployment was pretty straightforward. We deployed it originally in a reduced state until we had an outline for a majority of machines when we could protect the environment better. 

We had two or three staff members who handled the deployment. 

There is some maintenance required. We do have to monitor and fix agents and occasionally update the product. There are two to three people who perform occasional maintenance duties. 

We set up the product ourselves. 

We have witnessed an ROI, although I can't speak to the exact number or percentage. 

I don't have any visibility on the pricing. 

We did evaluate other options. We looked into CrowdStrike and SentinelOne and maybe one other option, however, it wasn't considered very long. We demoed CrowdStrike and went with SentinelOne as it was more user-friendly and had a better flow. CrowdStrike felt thrown together and was hard to navigate. 

SentinelOne's ability to be innovative is good. They've done a good job. Over the last two years, the product has continued to improve, change, and add valuable features. 

The quality of the product is good. It feels mature and is well-developed. I don't have any concerns with its technology. 

They are a good strategic security partner. They are a growing company and one of the leading EDR tools in the space. 

I'd rate the solution nine out of ten. I would recommend it to others. 

The most important feature is the roll-back feature because when any system is corrupted, we can easily restore it within a few seconds. Also, if an end-user is not connected to your network, they can communicate with the central manager. We can be notified of any end-user activity with a central dashboard. The solution is also a very lightweight agent model compared to other solutions like Sophos, Carbon Black and the app action from X-microsite product. SentinelOne does not use the RAM SCP installation for the agent, and the user interface is also straightforward.

The setup process could be improved, and it would be good if artificial intelligence were added as an additional feature in the next release.

We used SentinelOne at my previous company before I left eight months ago, and it was deployed on cloud base.

It is a stable solution.

It is a scalable solution, and we have about 800 users using SentinelOne. We only need one person for maintenance, and they can offer maintenance in person and remotely via email and SMS.

I rate the technical support a ten out of ten. The support is very easy if you connect with global support. A company focused on non-technical issues can't easily adopt the solution. You have a support team from the layman language.

The initial setup was a bit complex but very simple if you set up a single order.

I rate the price of SentinelOne a ten out of ten, meaning it is the best price in the market. This is because SentinelOne has a nominal cost. For example, if CrowdStrike costs $1000, SentinelOne provides the same features for about $7 to $8.

I rate this solution a ten out of ten. I have around 10 to 15 years of experience in security and have used products like Sophos, Micro and CrowdStrike. CrowdStrike and SentinelOne are the best, but SentinelOne is preferred because of its great features and nominal cost.

We use it as an EDR solution for all of our endpoints. We use it for our desktop servers, cloud, and Linux. We use it for all of it.

It showed us things that we were not even aware of. It went beyond malware and showed us behaviors. It showed the bad behaviors of a lot of our end-users.

The interoperability is all there. We are still at the beginning of our journey, but everything is kind of teed up and aligned for that integration. We are talking about the ServiceNow integration. It has been the early placement in our cloud clusters or nodes. Those are the things that have made interoperability, integration, and adoption easier.

Singularity Complete has not helped free up our staff for other projects and tasks because we are still at the beginning, and we still have a lot to deploy, but we will realize that. I am confident that we will realize those efficiencies.

Singularity Complete has changed what we are looking at. It has dramatically decreased our false positives. We are not chasing false positives. It does not save time as such, but it has helped us focus on what is actually important.

Singularity Complete has not helped reduce alerts, but it has changed what our analysts are looking at. We expected a spike in alerts. The product is showing things that we did not previously see, so the increase in alerts temporarily for a short duration or for the next six months is expected.

Singularity Complete has reduced our false positives, and it has helped us see the hygiene of our whole network in our environment.

Singularity Complete compresses the triage time. It is all about the triage time. That life cycle going from information to action is what security operations are all about. SentinelOne does that because it helps analysts focus on those true things that are risk-behavior in our environment, rather than the validation that they were on more traditional signature-based platforms we had before.

Singularity Complete has not helped reduce our organizational risk, but it has absolutely increased our awareness of that risk. Knowing what your risks are is half the battle before an organization or a medium-sized organization, so being aware of the risk is the first step, which is available for the first time since we adopted SentinelOne.

As far as EDR goes, the behavior analysis of the incidents is my big thing. 

Its non-signature-based capabilities and the heuristic analysis for dynamic threats are also valuable.

There should be full and complete integration in the single console of the mobile agent.

We have been using Singularity Complete for 18 months.

It is scalable, and it has scaled well.

So far, everything has been great. During our deployment, I have bugged them a lot, and it has been pretty good. I cannot complain. I would rate them a nine out of ten. There is always room for improvement. During their deployment, I relied on them to make sure that all of our things went fine. We had some hiccups, and they were there with us. They were there to help through everything. There were some things that took longer time to research and figure out, but for the most part, if I needed a solution, I got it.

We had a bit of a hiccup that was at the SaaS level. Keith W and the complete team made it right once they knew and understood the problem and its impact on our organization. I value that a lot.

Positive

We were using another solution before SentinelOne. We made the switch because of functionality, compatibility, interoperability, visibility, and ease of integration. It checked all the boxes that we needed. We definitely needed to go this way.

It was pretty straightforward, and it was pretty easy to get everything out.

We pushed through SCCM, and it went right in. I had very minimal issues with all of our endpoints. The ease was right there, and basically, there was not a disruption. It was one of the easier deployments that we have had. It roughly took half the time as our previous endpoint protection solution. We did it in about nine months, and we rolled from PoC straight into deployment. The previous solution took about 18 months to cover the same population with a lot more complications and finagling to make it work.

We implemented it in-house with some professional services from SentinelOne. Our experience with SentinelOne was good. We have no complaints.

It is hard to say, but I can say that we have seen an ROI because we have discovered things that we were not aware of. That alone is a return on the investment in my book, and my leadership understands that, and that is easy for me to make.

Singularity Complete has not saved us costs. We are not there yet. It will, but we are at the beginning of our journey. It is going to zero in on things that need to be corrected. For us, it is hopefully going to be that change agent or the catalyst for the change agent to our behavior. Technology can only go so far. We are starting to look at the behavior of how some of our business processes have been run because the risk has not been fully understood, so the costs are unquantifiable at this time, but I am sure they are there. I am confident that they are there.

It is comparable. Something that I look at for the long term is how sustainable it is. There is quite a bit in the security portfolio that I manage, and we will see.

We evaluated about seven other products through an evaluation score guard criteria in-house. It has been so long since I have looked at that matrix, but it came down to analysts evaluating it against our set requirements and evaluation criteria. After that, it becomes a number, and the numbers have a certain magic to themselves that makes things more objective. The numbers just came out where the score was clear and evident based on the analysts' analysis.

It is a good product, and it is something that has future-proofed me in my program for the organization.

I am pretty sure I made a super smart decision when I chose to buy it. The roadmap is sound. Based on the keynotes at SentinelOne OneCon23, there is a lot going on. They are dedicated to improving the product. There are a couple of things, such as SentinelOne Mobile, that cannot be forgotten. That is integral for us or our organization, but, overall, I feel pretty good about the strategic roadmap or journey that we will be on.

From a pragmatic level, it is very mature. There was a bit of a false start with the SentinelOne Mobile, which is important for us, but overall, the product is very mature and adaptable by a variety of talents and skill sets that you find in your SOCs or security operation centers.

I would rate it a nine out of ten because of the Mobile issue. This is something big, and I am a little worried that I did not see it in the keynotes SentinelOne OneCon23.

I am not an end-user of Singularity Complete. I'm a service provider. We have a complete team that focuses on handling incidents from this platform for our customers. We are an extension of their team, and they outsource these tasks to us.

Singularity has multiple mechanisms to identify threats and transform them into incidents. The solution not only detects but also prevents threats. On the investigation side, it helps our analysts analyze events to understand exactly what's happening and why these events have been generated.  

Singularity helps reduce the number of incidents generated. We can configure it to reduce false positives, but we also need to implement a SOAR platform to automate the resolution of some frequent incidents. 

Singularity Complete saves us some money because we don't need to implement any other additional solutions. SentinelOne is more powerful than an antivirus and can secure the environment without the need to implement an IPS, IDS, or a next-gen firewall. It's a good choice for a medium-sized business. The solution reduces organizational risks in terms of the continuity of activity, maintaining confidentiality, and external threats like malware and ransomware.

The most valuable feature is the rollback functionality, which is highly impactful. We can roll back deleted or compromised files. The Ranger feature is also interesting. It enables the solution to visualize the logs and assets that are not yet covered by the platform. Ranger also enables deployments and revisions. It doesn't always work, but it's effective  90 percent of the time. 

Ranger doesn't require us to deploy an agent on our architecture or integrate anything. We activate and configure it, and everything works. You can choose to visualize assets that have no agent installed so we can get full coverage of all the assets. You can also tell it to block connections to any assets that aren't covered. 

We can identify activities and sensitive connections that we can isolate from the network. We can set all our agents to not communicate with certain IP addresses or assets without the agent. For example, we can limit IoT devices, surveillance cameras, printers, etc. This functionality is critical for covering the gaps. 

SentinelOne is making a lot of moves to acquire various companies, but the roadmap isn't clear, and it is still uncertain how the new acquisitions will integrate. For example, SentinelOne recently acquired a mobile security solution, but there is no real integration between the platforms. 

We also have a SOAR platform that helps us reduce the number of incidents that our analysts must handle manually. It would be nice if Singularity Complete had native security automation and integrated mechanisms to reduce the number of false positives. 

I have used Singularity for about three years.

I rate SentinelOne support eight out of 10. SentinelOne offers excellent support.

Positive

I rate SentinelOne Singularity Complete eight out of 10 overall. It needs some improvement in some areas, such as backup functionality and performance, but it's a good solution. 

We mostly use SentinelOne to protect our computers and know which users are logging in.

SentinelOne gives the end-user and our IT staff a level of security, knowing that when they're downloading something, talking to a client, or looking at email, their computer is secure. And if, God forbid, they click on the wrong link or download the wrong item, SentinelOne will step in and block anything from happening.

The simplicity of the solution is key. There's only one portal to look at. I don't have to jump around to a couple of programs or combine multiple programs into one. It provides ease of management for me and my team.

And with Singularity, I don't have to worry as much about scanning. It has taken some of my daily activities away, such as system scans, identity scans, and making sure that everything is updated. Also, I now don't have to manually update anything on the laptops for security. The fact that SentinelOne can do that automatically has given me time back in my day.

It saves us at least a couple hours a week, and more if we need to do a full upgrade. If we're doing a full upgrade and have to update every SentinelOne client or any endpoint protection, it could take a day to touch every computer. Now, it takes five minutes to make a policy and push it. It all depends on what the day's workload is, but it definitely saves us time.

In terms of reducing alerts, that did not happen at the beginning, but now that we have it fine-tuned, I don't get as many false alerts. It has really dialed itself in to know what issues to look for. We're not getting spammed with insignificant stuff anymore. It definitely took some time to figure out the alert system and how to make the emails work for us. But now that we have it running, I know that when I get a notification that it's a real one.

And it has reduced our mean time to detect because I don't have to detect. It does it for me. And similarly, for our mean time to respond, it's definitely quicker because I get the email notification right away, and it becomes a priority in our ticketing queue from the notification. Once that comes in, someone on my team stops what they're doing and looks at the alert set. Nothing will sit on the network for long now with it scanning all the time.

It has reduced our organizational risk.

The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening.

I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible.

We have been using SentinelOne Singularity for about a year and a half.

There have been no issues at all.

Scaling is easy. It's not hard to expand it at this point.

When I contacted their technical support, the experience was okay. They fixed the issue. It was just a matter of getting to the right person.

I would rate SentinelOne highly as a strategic security partner. For any issues we had, they have been responsive, talking to the vigilance team and high-level teams. Again, it always comes down to finding the right person. It takes time to get to the right person, but once we get there, it's fine. They are able to help with our needs.

Positive

We previously used Sophos. We switched to Singularity because it's simpler, easier to use, and rated higher.

When looking at the quality and maturity of Singularity, it's a great program. Depending on what program you are coming from, there might be a little learning curve, but once you get past that, it's easy to use, and it becomes very intuitive after some time.

It took some time to figure out how to make the deployment work, to get it on everyone's computers, and to get the organization to fully adopt it, but it really wasn't hard in the long run now that we have it deployed.

There is no maintenance involved on our end. I can push policies during the day to upgrade the clients.

We did it in-house. The implementation was done by me and four other guys.

We did have training, but they didn't help with the deployment. They just showed us how to use the program itself.

The pricing is reasonable. It may be a little high, but it's on par with everything out there.

I wish the more users you have, the better the price would be.

We looked at CrowdStrike.

We have SentinelOne deployed through Intune, but we use the cloud login to work on any alerts or events that pop up. When new SentinelOne updates are available, we log into the cloud portal, make a new batch, and just send out the update automatically to all 400 clients that we have. If any events or errors show up, we go through the normal process. We let the vigilance team look at them, remove the computer from the network if need be, isolate it, and do our normal due diligence on what the error or the event is telling us.

We're very happy with the SentinelOne platform, so we haven't looked at anything else recently.

We primarily use the solution as an antivirus and also as a network control with built-in policies regarding device control. 

The product is a lighter client. Our previous solution ran heavy on the workstations and caused performance issues. This is lightweight and doesn't take up system resources. 

You can use the solution right out of the box. It's ready to go with baseline policies and is good to use without any changes. It's only gotten better since we've added custom rules. 

It's simple to use and intuitive. It gives you good visibility and shows what is going on. 

The product works well with other SentinelOne solutions and third-party tools. It's pretty seamless. They make it pretty easy to integrate with other products and you can pull data pretty easily from the other solutions. 

The solution's ability to ingest and correlate across our security solutions is excellent. It has allowed us to blend data from another product we own. 

It's helped us consolidate our other security solutions.

The product provides network and asset visibility. The Ranger piece is probably one of the best items. We have other solutions for asset management, yet none is never 100%. With Ranger, we really get that visibility we need. Having Ranger built into one client and being easy to use has been perfect. It helps us prevent vulnerable devices from being compromised. We've discovered a few assets within our organization we were not managing fully and Ranger has helped us secure our environment just that little bit more. 

There are fewer complaints from users when scans are running. The previous solution just used up so many resources. This product runs seamlessly in the background and we know it's running since we get triggers on alerts that are legitimate catches. SentinelOne does a good job at detecting. It's reduced our alerts by 25%.

The product has helped to free up our staff for other projects and tasks. It's freed around 50% of their time. 

It's reduced our company's mean time to detect by 40% or more. It's also drastically improved the mean time to respond. We don't have to worry about false positives. We know when we get an alert that it's legitimate, and we need to act on it. That's improved by about 40% to 50%

The biggest thing for me in terms of improvements is the online console. There are frequent updates, and sometimes we'll get a little agitated getting signed in. However, on the product itself, I would not recommend any changes.

I've used the solution for a little over a year.

The solution is very stable. Our old solution required babysitting to make sure everything was running correctly.

Pretty much everybody in the company uses the solution. We have 1,300 deployed agents and ten administrators. 

The solution is absolutely scalable. 

I have not had to use technical support.

We previously used Sophos. The biggest reason for the switch to SentinelOne was the system resources that were used. Whenever it would kick in, I would get tickets related to machine performance. 

The console is on the cloud, however, the devices are on-premises. The initial setup was very straightforward. Overall, it was fairly quick. We had more trouble getting the older product uninstalled than SentinelOne installed. We did the implementation slowly based on the business requirements. We deployed it over the course of a month. 

The company does a good job with training and keeping its documentation up to date.

It does not require much maintenance. Every now and then we might have one or two false positives.

We've seen a great ROI on the product. Obviously, we're still within our contract. That said, we've definitely seen a ROI. We've had a couple of incidents where something wouldn't have been detected previously.

The solution is fairly priced for what you get. 

We're a customer and end-user.

They do an excellent job at remaining innovative - including with their detection engines and everything involved in their product. They are doing an excellent job compared to everyone else.

SentinelOne has not been around for many years - yet the product is ahead of its time.

With any solution, I'd advise doing a proof of concept first. After that, I would not shy away from fully deploying this solution.

I'd rate the solution eight out of ten. The only thing that would improve the product is reducing the online console updates.