We use Singularity to protect our staff computers, the hospital network, and virtual machine servers. Singularity helps us ensure our environment is fully protected in light of the increasing cyberattacks hospitals face.
IT Manager at a healthcare company with 501-1,000 employees
If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked
Pros and Cons
- "Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked."
- "The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."
What is our primary use case?
How has it helped my organization?
Singularity's Ranger feature provides deep visibility. We implemented some rules, and Ranger scans the system based on the criteria we set. Ranger's ability to scan without agents or network changes is crucial because we want to minimize the number of changes needed on end-user machines. It's an excellent tool for minimizing risk and detecting threats before they disrupt our network.
The solution has decreased the number of alerts we see. We get notifications and email alerts that some user machines are compromised. Singularity does a good job with bad files and data, allowing us to tackle those threats before they become bigger problems.
Singularity has helped free up staff time. For example, it automatically updates virus definitions so we don't need to do that work manually. Singularity pulls the latest virus definitions on its own. It actively monitors our machines without us having to do anything.
It has reduced our mean time to detect by about 70 percent. Singularity has reduced the mean time to respond by roughly 90 percent because we can choose to respond to a threat by rolling back, deleting, or quarantining it. It greatly reduces our overall risk by about 30 percent.
What is most valuable?
Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked.
The interoperability is solid. We've integrated Google Authenticator with SentinelOne for multifactor authentication, so it works well. We also use Citrix multifactor authentication. It works well with our other systems.
What needs improvement?
The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load.
Buyer's Guide
SentinelOne Singularity Complete
March 2025

Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
For how long have I used the solution?
I have used Singularity for about a year.
What do I think about the stability of the solution?
I rate SentinelOne Singularity seven out of 10 for stability. The stability and performance could be better.
What do I think about the scalability of the solution?
Singularity is highly scalable. We can easily cover all our machines with it.
How are customer service and support?
I rate SentinelOne's support seven out of 10. SentinelOne's customer service isn't that great. There's only so much they can do before they just tell you to look at the documentation.
How would you rate customer service and support?
Neutral
How was the initial setup?
The deployment was straightforward. We worked with a trainer and implementation specialist over at Sentinel. Four people from our team and one from the vendor were involved. After installation, the primary maintenance is ensuring the agents are deployed to the end-user machines.
What's my experience with pricing, setup cost, and licensing?
Singularity is fairly priced.
What other advice do I have?
I rate SentinelOne Singularity Complete eight out of 10. It's a high-quality product compared to what else is on the market. When implementing Singularity, it helps to organize your machines into groups like laptops, servers, and desktops and then push the agent to those groups separately.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

CISO at Katholische Universität Eichstätt-Ingolstadt
Robust security with efficient threat detection, minimal false positives and user-friendly features, empowering organizations to safeguard their systems effectively
Pros and Cons
- "The platform is user-friendly, easy to administer, and aligns well with GDPR requirements, which is crucial for us."
- "It primarily operates on local machines, monitoring processes, and not always providing detailed insights, relying on external information to determine the nature of a file."
What is our primary use case?
Our primary use cases involve Endpoint Detection and Response and Extended Detection and Response.
How has it helped my organization?
My positive experience with SentinelOne lies in its comprehensive version, allowing for rollback and replay of events, which is especially useful for EDR. The strength of behavior-based solutions like SentinelOne, CrowdStrike, CyberArk, and others lies in their ability to reveal the consequences of opening a file. Witnessing the impact of a virus gaining control over a computer or understanding the ramifications of opening a file adds a layer of insight.
It stands out for its seamless interoperability with other SentinelOne products and tools, facilitated by REST interfaces. This integration is particularly potent when connecting SentinelOne as an endpoint solution to firewalls like Fortinet, allowing the firewall to receive insights from SentinelOne clients. In today's landscape, where file transfers often occur through encrypted channels, traditional firewalls face challenges in inspecting these streams effectively. SentinelOne's endpoint security addresses this by analyzing downloaded files in their decrypted form, providing a crucial layer of protection. The bidirectional information flow between the firewall and endpoint security, enabled by SentinelOne's REST API, empowers proactive threat prevention and detection, contributing to a robust cybersecurity posture.
Utilizing SentinelOne has significantly reduced the number of alerts for us. We might have experienced more false positives and missed potential attacks without it. Its alert system is efficient, with a low rate of false positives compared to other solutions I've heard about. Managing alerts is straightforward, and the platform allows for creating white lists to handle false positives, such as those related to old printer drivers. The administration is user-friendly, offering features like multi-factor authentication for secure connections to the console and automatic updates within the SentinelOne interface.
It has proven to be a time-saver for our staff, significantly reducing the likelihood of falling victim to various cyber threats. By addressing the spectrum of attacks, from initial malware infiltration to potential worst-case scenarios like Active Directory compromise, SentinelOne has played a pivotal role. It effectively diminishes the probability of becoming a target for attacks that exploit stolen passwords, infiltrate the company's IT infrastructure, and escalate privileges, ultimately leading to severe consequences such as a randomized Active Directory.
What is most valuable?
The platform is user-friendly, easy to administer, and aligns well with GDPR requirements, which is crucial for us. What makes SentinelOne stand out is its speed and efficiency, consuming minimal computing resources. It operates by checking data only when it's accessed, synchronizing with the process that opens the data which is well-designed and effective.
I don't actively use SentinelOne's Ranger functionality because we haven't implemented it university-wide. While we've employed it in specific cases, my experience with it is limited. However, it provides valuable insights into past events, allowing you to trace the history of a virus download or malware activity. For instance, you might discover that a virus was downloaded two weeks ago using the Safari web browser, saved to the computer, and later opened with Excel, triggering certain actions before SentinelOne intervened. The ability to roll back such ransom actions is a valuable capability provided by SentinelOne.
What needs improvement?
It primarily operates on local machines, monitoring processes, and not always providing detailed insights, relying on external information to determine the nature of a file. This limitation becomes apparent in more complex scenarios, such as analyzing or assessing the content of files at the byte level, especially in cases involving files like Excel, where there may be some difficulty in discerning potential issues. They should consider incorporating a cloud-based service where users can upload suspicious links, documents like Excel sheets, or ambiguous files to observe their behavior in a sandbox environment. Currently, with SentinelOne, the process involves setting up a separate network and machine for this purpose, requiring users to upload the file and monitor its behavior on the dedicated machine. Offering a free and accessible service like this would be a noteworthy enhancement to their product, providing users with a convenient and efficient way to analyze potentially harmful content.
For how long have I used the solution?
I have been working with it for four years.
What do I think about the stability of the solution?
I would rate its stability capabilities ten out of ten.
What do I think about the scalability of the solution?
I would rate its scalability abilities nine out of ten.
How are customer service and support?
I am highly satisfied with their technical support; it is truly excellent. I would rate it ten out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Comparatively, SentinelOne has certain drawbacks, particularly when measured against CrowdStrike. CrowdStrike offers a free sandbox at hybrid-analysis.com, allowing the examination of links and downloaded files on a virtual machine. This proves especially valuable in assessing potential phishing emails. Uploading the file or link to hybrid-analysis.com provides a detailed analysis, complete with screenshots of what transpires on the virtual machine. This includes actions like the opening of links, prompting CEO impersonation attempts, and other background information. While SentinelOne may lack these specific features, its advantage lies in being an all-encompassing solution, whereas CrowdStrike functions primarily as a managed service, which may not align with specific preferences.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
The deployment of Singularity Complete involved some consultation, as we collaborated with a partner who facilitated the onboarding process with SentinelOne. While the partner occasionally provides support, larger issues are infrequent, and overall, the deployment has been relatively smooth. We have implemented it across various locations. There is some maintenance involved in managing Singularity Complete.
What was our ROI?
It's challenging to quantify precisely, but the implementation of Singularity Complete has significantly reduced organizational risks. Currently, we employ it on critical systems, constituting approximately fifty percent of our infrastructure.
What other advice do I have?
Creating separate groups for various types of computers, like Windows servers and clients, enables efficient management and customization of security configurations tailored to specific needs. Overall, I would rate it ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
SentinelOne Singularity Complete
March 2025

Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Head - Network & Security at a manufacturing company with 1,001-5,000 employees
Provides immediate MTTD, and automatic remediation, but the support needs a lot of work
Pros and Cons
- "The most valuable feature is the automatic remediation."
- "SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance."
What is our primary use case?
We use SentinelOne Singularity Complete for our endpoint security.
How has it helped my organization?
The visibility that SentinelOne Singularity Complete provides throughout our organization is good.
SentinelOne Singularity Complete's capability to intake and correlate across our security solutions is great. As long as we have configured everything correctly and are monitoring the logs to respond to potential threats, we have the assurance that the threats are being identified and thwarted. A year ago, we faced a malicious attack that was detected and halted by SentinelOne EDR, which played a pivotal role in saving me.
SentinelOne Singularity Complete has certainly helped reduce the number of alerts we were receiving. Previously, I was using McAfee, and I had numerous threats and malware present in my environment that were only detected by SentinelOne Singularity Complete. This assistance facilitated the remediation of those threats and subsequently led to a decrease in security alerts.
SentinelOne Singularity Complete has saved us time by identifying the threats in real-time saving us long investigation times.
SentinelOne Singularity Complete's MTTD is immediate.
The MTTR is good.
What is most valuable?
The most valuable feature is the automatic remediation.
What needs improvement?
The reporting dashboards require improvement. Currently, they lack customization options, preventing me from generating a summarized executive report for management.
SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance. The quality of after-sales support is also subpar and requires enhancement. The support is not meeting the expected standards, and as a result, I am feeling dissatisfied.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for one and a half years.
What do I think about the stability of the solution?
SentinelOne Singularity Complete is stable.
How are customer service and support?
The customer service and support are unsatisfactory. I have been attempting to initiate the MDR services and have reached out to my account representative at SentinelOne for three months now, with no results. I am disappointed that I am unable to integrate any details into my environment, which would allow me to present information on a monthly and quarterly basis. I require this information to assess the performance with my MDR representative, but these matters are not progressing. I feel deceived.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I previously used McAfee but it was not able to detect some of the malware threats that SentinelOne Singularity Complete does.
How was the initial setup?
The initial setup is straightforward as long as we are not dealing with legacy systems. In the manufacturing industry, many systems utilize older operating systems like Windows 2000, which run traditional applications that cannot be removed. Deploying on Unix is also challenging, whereas Windows Ten is straightforward.
We deploy in large manufacturing environments and there were around 80 people involved in the deployments.
What about the implementation team?
The implementation was completed by the SentinelOne team.
What's my experience with pricing, setup cost, and licensing?
SentinelOne Singularity Complete can be expensive for the SMB market but is suitable for enterprise-level organizations. The service provided by SentinelOne is not up to par with the cost we are paying.
Which other solutions did I evaluate?
I carried out a Proof of Concept with several Endpoint Detection and Response solutions, including CrowdStrike, Trend Micro, and VMware. However, none of them were able to meet my requirements in the same way that SentinelOne Singularity Complete does.
What other advice do I have?
I would rate SentinelOne Singularity Complete a six out of ten.
Currently, I have not yet completed the integration with third-party tools. However, I am utilizing the Sentinel logs as inputs for my Security Operations Center services, and I am gaining comprehensive visibility from this approach.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Network & Security Section Head, Digital Transformation at a government with 201-500 employees
Automation has freed up our team, streamlining quick actions and restoration capabilities
Pros and Cons
- "The most valuable features are the quick action and restoration capabilities."
- "The stability is just okay."
What is our primary use case?
First, budget-wise, and for the quick actions I take in automation, certainly AI plays a crucial role.
What is most valuable?
The most valuable features are the quick action and restoration capabilities. I can catch any behavior and restore everything for the last two changes. There's also automation that gives my team free time, preventing them from having to look for every alert. As a result, we don't need their action on some emails.
What needs improvement?
Integration with the firewalls is needed because there is no integration with Forti as a FortiAnalyzer. It is currently integrated with FortiManager and the Forti box, but if I have an analyzer, it doesn’t integrate with them. It would be better if there were direct integration with FortiAnalyzer.
For how long have I used the solution?
I have used the solution for two years.
What do I think about the stability of the solution?
The stability is just okay.
What do I think about the scalability of the solution?
The scalability is good at more than ninety percent.
How are customer service and support?
I would rate the customer service at an eight.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I tried, when busy, CrowdStrike, and as an endpoint, I work with FortiClient.
How was the initial setup?
The setup is complex related to the XDR because there are more logs, and the queries need someone expert for that. I should create a guide.
What about the implementation team?
The deployment has been done in-house by my team.
What was our ROI?
If I compare prices between SentinelOne and another solution, I have already conducted this exercise, and SentinelOne is cheaper by more than sixteen percent.
What's my experience with pricing, setup cost, and licensing?
It’s cheaper than other competitors.
What other advice do I have?
I will recommend it to other clients. The quality is good for us based on our operations. We don't have a huge amount of transactions, but it’s good for us. The solution meets our needs. It’s good. Overall product rating is eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 2, 2025
Flag as inappropriateCEO at Sentree Systems, Corp.
Easy to navigate and use with helpful support
Pros and Cons
- "Their platform is really easy to work with."
- "I really haven't done enough to really see any improvements."
What is our primary use case?
We primarily use it the same way we would use Bitdefender. It's for security.
What is most valuable?
When it comes to security, the telemetry, the information that you get from the EDR part of it, and the ability to be able to parse it and use it is great. I really like their platform. You're able to go in and do some of the research and study. If there's an incident response needed, you can handle it with SentinelOne. That's what I really like about it.
It's just as good, if not better, than Bitdefender. The one thing I do like more about SentinelOne is working with their tech support. It's really easy to get to them and easy to work with them.
Their platform is really easy to work with. It's easy to navigate and use.
What needs improvement?
I really haven't done enough to really see any improvements. It really has all the telemetry markers that I look for.
For how long have I used the solution?
I just started using the solution. I've used it for five or six months.
What do I think about the scalability of the solution?
The scalability is very good. I'd rate it nine out of ten. It can expand well.
We have about ten people, admins, who are on the solution.
How are customer service and support?
Technical support has been great. They are helpful and responsive. I've only used them for onboarding assistance. I've never had an issue I needed help troubleshooting with.
Which solution did I use previously and why did I switch?
I've also used Bitdefender. I didn't stop liking Bitdefender. I love Bitdefender. I have nothing against Bitdefender. The only reason I did move to this product is due to the SOC that I work with. Bitdefender doesn't work with the stock that I use as well as SentinelOne does. SentinelOne also offers better support. Bitdefender's platform can be a bit more cumbersome to try to get through in terms of getting your agents to install, for example. SentinelOne is very simple.
How was the initial setup?
The initial setup is very easy. I'd rate the ease of implementation ten out of ten.
There is one person that handles maintenance on the solution. That would be me.
What's my experience with pricing, setup cost, and licensing?
There are a couple of different solutions that they offer. The one I use is $6 a month per device. Some are $4 and there are some that are more than that, and those offer an MDR part, which is the managed detection and response.
What other advice do I have?
I'm a partner.
To anyone using any of these MDR-type scenarios, one of the things they need to recognize with SentinelOne is that, only looking at SentinelOne telemetry, when it comes to the stock solution that they offer, it's not a true SOC. It is an internal SOC solution. That's why it's an MDR. So they're only looking at what their solution finds. If their solution finds ransomware and stops it, then you're only looking at that telemetry. That's why I offer an outside external stock since the external stock is looking at everything. If you have one device that has something on it or something with nothing on it, it's going to see it all. That's the big difference between an internal SOC as opposed to an external SOC.
I'd rate the solution ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Director of information technology at Stuart & Branigin LLP
Allows users to see and manage infections from the web-based admin panel, is reasonably priced, and has more advanced technology and multiple features
Pros and Cons
- "What I like best about SentinelOne Singularity Complete is its web-based admin interface, which allows me to go into the platform, look at the entire organization, particularly all of the sentinels or endpoints, and manage everything from there."
- "SentinelOne Singularity Complete takes up a lot of memory in Google Chrome, which sometimes causes it to lag, so this is an area for improvement. The solution could be improved by increasing its efficiency within the web browser."
What is our primary use case?
SentinelOne Singularity Complete is an endpoint protection solution that my company deployed on all workstations and servers to protect against ransomware, malware, and other types of infection.
What is most valuable?
What I like best about SentinelOne Singularity Complete is its web-based admin interface, which allows me to go into the platform, look at the entire organization, particularly all of the sentinels or endpoints, and manage everything from there. For example, if someone is infected, I can manage the whole operation and process from the admin panel.
I also find SentinelOne Singularity Complete beneficial in its interoperability with other SentinelOne solutions and third-party applications. This helps the solution stand out.
The ability of SentinelOne Singularity Complete to ingest and correlate across security solutions is also a great feature.
The solution has not reduced any of the alerts for my company, but I'm happy to see when the alerts come through on the platform. As for the mean time to detect, SentinelOne Singularity Complete helped reduce it by ninety percent.
I noticed the mean time to respond has been reasonably quicker after using SentinelOne Singularity Complete, plus the organizational risk has been reduced.
In terms of quality and maturity, SentinelOne Singularity Complete has been around for a while and is a trusted solution. I have a colleague who works for another organization that was hit with ransomware, and the consulting company working with his team recommended SentinelOne Singularity Complete as one of the changes to implement immediately so from that standpoint, I truly enjoyed hearing that knowing that my company is also a SentinelOne Singularity Complete customer.
As a strategic security partner, I found the solution great, primarily because all of its features work well.
What needs improvement?
SentinelOne Singularity Complete takes up a lot of memory in Google Chrome, which sometimes causes it to lag, so this is an area for improvement. The solution could be improved by increasing its efficiency within the web browser.
Another area for improvement in SentinelOne Singularity Complete is technical support, particularly the response time when dealing with non-critical issues.
For how long have I used the solution?
We've been using SentinelOne Singularity Complete for over two years now.
What do I think about the stability of the solution?
I didn't experience crashing and downtime from SentinelOne Singularity Complete, so I find it stable.
What do I think about the scalability of the solution?
For my company's use, SentinelOne Singularity Complete is great and has no issues scalability-wise.
How are customer service and support?
The technical support provided for SentinelOne Singularity Complete is a seven out of ten because the team takes longer to deal with non-critical support issues. Response time could be faster.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
My company was looking for a solution encompassing a wide range of protection, and SentinelOne Singularity Complete matched what the company was looking for. The company used another product, particularly Webroot, and then moved to this solution.
Moving to SentinelOne Singularity Complete was my company's decision as it had more features, was more advanced and was more suitable for an enterprise application. Hence, the solution was ultimately a better fit when compared to Webroot.
How was the initial setup?
I was involved in the initial deployment of SentinelOne Singularity Complete, which was very straightforward.
What about the implementation team?
SentinelOne Singularity Complete was implemented in-house. I did it all by myself.
What was our ROI?
Anytime my company doesn't get infected with ransomware, there's ROI from SentinelOne Singularity Complete, as being infected with ransomware is pretty costly.
What's my experience with pricing, setup cost, and licensing?
I find the licensing cost for SentinelOne Singularity Complete fair.
What other advice do I have?
I've never used the Ranger functionality of SentinelOne Singularity Complete.
In my company, SentinelOne Singularity Complete has a hybrid deployment.
From a maintenance perspective, I have to ensure the solution is working and looks good, but I only have to go in and check occasionally. In SentinelOne Singularity Complete, the upgrade is automated.
My rating for SentinelOne Singularity Complete is nine out of ten.
I'd tell others looking into SentinelOne Singularity Complete that it provides complete protection and has yet to fail my company, so it's a solution that I recommend. I'd tell others to go with SentinelOne Singularity Complete.
My company is a SentinelOne customer.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Mar 20, 2025
Flag as inappropriateIT Solutions Specialist at a non-tech company with 11-50 employees
Great real-time alerts, deep visibility, and threat-hunting modules
Pros and Cons
- "I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
- "I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities."
What is our primary use case?
We deploy SentinelOne Singularity Complete as an EDR on our customers' endpoints for real-time monitoring and incident response.
How has it helped my organization?
SentinelOne Singularity Complete has reduced our alerts by up to 15 percent.
SentinelOne Singularity Complete has enabled our staff to redirect their time toward other projects and responsibilities. We do not have a dedicated SOC team, but we utilize SentinelOne to manage security incidents. The incident volume is manageable for our team to handle, and we do not require full-time staff solely dedicated to security tasks. Instead, we rotate incident management and response responsibilities among our team members.
SentinelOne Singularity Complete has reduced our MTTD and MTTR. The initial and immediate response required to collect foreign evidence or logs is handled by SentinelOne. This provides us with the locations or parts where the infection spread and where the incident originated, which helps us in troubleshooting or at least getting a vague idea of where to start. We can then dive into the threat setting to see what kind of information we can gather from the logs. So, I would say that SentinelOne has assisted us in this way. Additionally, we have Proofpoint in our environment because we use it as a backup defense.
What is most valuable?
The real-time alerts, deep visibility, and threat-hunting modules are the most valuable features.
I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition. We are currently evaluating its capabilities to determine its suitability for our needs.
What needs improvement?
Given that SentinelOne is primarily a host-based intrusion prevention system, I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities. Currently, the scope of the vulnerability assessment seems limited, and I don't believe it adequately covers the full spectrum of vulnerabilities that may exist on endpoints. This is a capability that I feel SentinelOne is still lacking, and it's the reason why users still need to rely on other tools for certain isolated cases. If SentinelOne could provide this functionality, it would eliminate the need to look beyond their solution for vulnerability assessment. Apart from the vApp component of Singularity Complete, I believe SentinelOne is already excelling in other areas. However, this is one area where I believe they could introduce additional features to make SentinelOne a truly comprehensive security solution.
I would like to generate a vulnerability assessment report that leverages the national vulnerability database or, if possible, calculates the CDSS score by conducting an endpoint assessment using the SentinelOne agent that is already deployed and resides on endpoints 24/7. I prefer not to deploy additional applications solely for information gathering, as the SentinelOne agent provides ample data for this purpose.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for three years.
What do I think about the stability of the solution?
I would rate the stability of SentinelOne Singularity Complete nine out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of SentinelOne Singularity Complete nine out of ten. I have not encountered any issues when deploying for our clients.
How are customer service and support?
The technical support is generally good, but there are instances when they need to consult with the development team before providing a resolution, which is understandable. However, there have been occasional issues with the IVR system not functioning properly.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have experience using Cisco Nexus and the Nmap Scripting Engine to identify vulnerabilities and strengthen security postures. I have also used Wazuh, primarily for its comprehensive PCIBSS SOC and GDPR compliance reports, which provide detailed vulnerability listings and mitigation strategies. I believe this focus on compliance is crucial as cybersecurity standards become increasingly mandatory for businesses.
We discontinued using Wazuh because we were unwilling to pay $25,000 annually for a product that provided only CIS benchmark support, a basic vulnerability report, and essentially replicated capabilities we already possessed. I believe a Nexus subscription would be a more cost-effective alternative, costing only a quarter of Wazuh's price while still fulfilling our vApp exercise logging requirements. I am capable of conducting vulnerability assessments, applying patches, re-scanning for vulnerabilities, and proceeding to penetration testing. Our primary goal is to provide vApp capabilities to our clients, and that is where we are seeking a solution. If SentinelOne offered this functionality, we would not need to explore alternative options. However, since SentinelOne lacks this crucial capability, we must seek solutions elsewhere.
How was the initial setup?
The deployment is straightforward. We have scripts to do the automatic installation while onboarding. The deployment takes no more than ten minutes.
What other advice do I have?
I would rate SentinelOne Singularity Complete eight out of ten. I've been using the solution for three years now. It's been generally reliable, but certain capabilities are needed in today's environment that are lacking.
Our clients primarily utilize Office365, we also assess Microsoft Defender for 365 to ascertain if it might be a more viable option, especially if clients intend to enroll with Intune and MDM. This option would be more cost-effective as it is already included within their existing licenses.
Most of our clients are small to medium-sized businesses. This is why the logs and the number of endpoints are not very high. So, unless we specifically require the use of Ranger, we don't need it. However, cybersecurity compliance standards are becoming increasingly stringent. As a result, we are looking into obtaining a solution that can help us perform at least the vulnerability assessment and patching tasks, along with complaint handling.
SentinelOne is an innovative cybersecurity solution. In terms of reputation, SentinelOne excels, particularly in passing third-party and independent audits. Having SentinelOne in our environment gives us the confidence to say that our EDR capabilities are well-managed. So, in that regard, SentinelOne is outstanding. Feature-wise, while SentinelOne's patch and new feature releases aren't always perfect, I would rate them an eight out of ten.
SentinelOne is a well-established product in the market. The addition of new features and modules to the existing platform is a significant step forward. The positive reviews of the product further reinforce its value.
The maintenance revolves around moving to the next stable version. Our standard practice is to always test the version before rolling it out. Therefore, internally, we generally update all the endpoints as soon as we have identified the next stable version. This is the only maintenance that is required, as we are using the cloud version.
SentinelOne is a reliable tool that we rely on. However, when it comes to strategic solutions, we need a tool that can provide us with the capabilities to have a broader discussion with the company's management. I'm not sure if SentinelOne can export reports that could be presented to upper management. If we are seeking management approval for a security budget, we can't simply base our conversation on an EDR solution. We need to address a wider range of security concerns as well. Another drawback of SentinelOne is its lack of support for SysLog from network devices. This is a limitation that often leads people to consider integrating SentinelOne with other solutions, such as a SIEM. My feedback is that if I have to deploy SentinelOne and pay $70,000, I would expect it to provide comprehensive capabilities so that I don't need to look for additional solutions. Otherwise, it becomes tough for technicians and the company as a whole to manage multiple solutions for different security modules.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Cybersecurity Manager at a comms service provider with 10,001+ employees
Helps reduce the number of incidents generated
Pros and Cons
- "The most valuable feature is the rollback functionality, which is highly impactful. We can roll back deleted or compromised files. The Ranger feature is also interesting. It enables the solution to visualize the logs and assets that are not yet covered by the platform. Ranger also enables deployments and revisions. It doesn't always work, but it's effective 90 percent of the time."
- "SentinelOne is making a lot of moves to acquire various companies, but the roadmap isn't clear, and it is still uncertain how the new acquisitions will integrate. For example, SentinelOne recently acquired a mobile security solution, but there is no real integration between the platforms."
What is our primary use case?
I am not an end-user of Singularity Complete. I'm a service provider. We have a complete team that focuses on handling incidents from this platform for our customers. We are an extension of their team, and they outsource these tasks to us.
Singularity has multiple mechanisms to identify threats and transform them into incidents. The solution not only detects but also prevents threats. On the investigation side, it helps our analysts analyze events to understand exactly what's happening and why these events have been generated.
How has it helped my organization?
Singularity helps reduce the number of incidents generated. We can configure it to reduce false positives, but we also need to implement a SOAR platform to automate the resolution of some frequent incidents.
Singularity Complete saves us some money because we don't need to implement any other additional solutions. SentinelOne is more powerful than an antivirus and can secure the environment without the need to implement an IPS, IDS, or a next-gen firewall. It's a good choice for a medium-sized business. The solution reduces organizational risks in terms of the continuity of activity, maintaining confidentiality, and external threats like malware and ransomware.
What is most valuable?
The most valuable feature is the rollback functionality, which is highly impactful. We can roll back deleted or compromised files. The Ranger feature is also interesting. It enables the solution to visualize the logs and assets that are not yet covered by the platform. Ranger also enables deployments and revisions. It doesn't always work, but it's effective 90 percent of the time.
Ranger doesn't require us to deploy an agent on our architecture or integrate anything. We activate and configure it, and everything works. You can choose to visualize assets that have no agent installed so we can get full coverage of all the assets. You can also tell it to block connections to any assets that aren't covered.
We can identify activities and sensitive connections that we can isolate from the network. We can set all our agents to not communicate with certain IP addresses or assets without the agent. For example, we can limit IoT devices, surveillance cameras, printers, etc. This functionality is critical for covering the gaps.
What needs improvement?
SentinelOne is making a lot of moves to acquire various companies, but the roadmap isn't clear, and it is still uncertain how the new acquisitions will integrate. For example, SentinelOne recently acquired a mobile security solution, but there is no real integration between the platforms.
We also have a SOAR platform that helps us reduce the number of incidents that our analysts must handle manually. It would be nice if Singularity Complete had native security automation and integrated mechanisms to reduce the number of false positives.
For how long have I used the solution?
I have used Singularity for about three years.
How are customer service and support?
I rate SentinelOne support eight out of 10. SentinelOne offers excellent support.
How would you rate customer service and support?
Positive
What other advice do I have?
I rate SentinelOne Singularity Complete eight out of 10 overall. It needs some improvement in some areas, such as backup functionality and performance, but it's a good solution.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner

Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Microsoft Defender XDR
Cisco Secure Endpoint
IBM Security QRadar
Elastic Security
HP Wolf Security
Trend Vision One Endpoint Security
Kaspersky Endpoint Security for Business
Intercept X Endpoint
Trend Vision One
Check Point Harmony Endpoint
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?