SentinelOne Singularity Complete Reviews

We're a construction company using SentinelOne for endpoint security with endpoint detection and response. SentinelOne covers all of our endpoints and servers. It protects everyone across the company, even those not actively using an AV.

SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday.

We have the Ranger feature for network scans, allowing us to pick up any new devices that show up on a network. That was especially useful for us when we shifted to working from home.

If two or more agents are in a remote network, they will scan the network and give you an inventory of the MAC addresses and device types they see. This is handy when you have a small office or someone working from home. We do not allow employees to bring their own devices, but people are plugging their company computers into their home network, exposing them to risks. The ability to report on connections in remote networks is handy.

SentinelOne's machine learning engine is purely behavioral. The engine will shut down anything that's bad, isolate the system from the network, and alert everyone. We had tremendous success with CylancePROTECT for over five years. Zero successful attacks. In 18 months in with SentinelOne, we've seen the same lack of drama. No endpoints have been compromised to the degree that it has negatively impacted our network.

Managing the false positives creates additional management overhead. The behavioral analysis engine might misinterpret real user behavior as malware. For example, a drafter was cleaning up a Revit folder and deleting 4,000 files. That looks like ransomware. The SentinelOne agent kicked his computer off the network.

We interrupted that process and then isolated his computer and the file server. It was somewhat disruptive in the middle of the day. At the same time, it was a perfect simulation of what ransomware would do, so it was reassuring that SentinelOne stepped up and said, "Nope!" 

It was not a malicious process running that was detected. It was simply behavior he shouldn't have done. Now, our drafters know to co my team when they're going to do some file cleanup. The false positives are just inherent in just the large amount of poorly written software that's out there. Any competent antivirus is going to have a behavioral, heuristic engine looking at what's actually being done.

It might be something bad done by the software you use. We used a machine learning engine for five years. The Wire Hauser Corporation builds subpar software because they're supposed to be building lumber products. It triggered a false positive, that's about the only negative for any modern AV is just false positives.

In the future, I would like to see SentinelOne implement integrated patch management. It would be great to manage endpoint patching through SentinelOne. We're on our third patch manager in three years because they are lackluster. It would be nice to have a new patch management tool.

I have been using Sentinel One for about a year and a half.

SentinelOne is stable and constantly improving. Today I did a demo of a new acquisition they made for Active Directory. Ranger is the product that scans networks. This is a new product from a company they bought.

They do automated scans of your Active Directory infrastructure to identify fixable problems and anyone trying to take advantage of the unfixable problems. They're improving their core product while adding new functionality and products that I'm interested in.

SentinelOne is highly scalable. I know folks with 10 times the number of endpoints we have, and they're pleased with it. One fellow I know has 4,000 endpoints under management.

I rate SentinelOne support nine out of 10. I wish our other vendors had tech support as good as SentinelOne. I can only think of one other vendor that possibly has better tech support, but the vast majority of software companies have sub-par tech support. Little goes wrong, but get a quick turnaround time when something comes up. 

Positive

We were using CylancePROTECT, one of the early innovators in machine learning next-gen AV. Then they added on an EDR component called  CylanceOPTICS. CylancePROTECT was an outstanding product for us. It was extremely low overhead and highly efficient. It crushed it in the proof of concept and did an excellent job for us.

Blackberry acquired the solution in 2019, the last year of our three-year agreement. It was awful. Development essentially stopped. All of the intelligent people started leaving. I found out that some went to SentinelOne. It was clear my worst fears were realized: that Blackberry was going to screw up yet another good thing.

I had prior experience with this kind of antivirus, so I thought setting up SentinelOne was very straightforward. We stood up three different products in the course of 60 days to do this test. I didn't think there was anything unusual or unexpected about setting it up. It's perfectly understandable if you know what you're doing.

We have automated tools for deploying software. The biggest problem was getting the old endpoint solution off and the new endpoint solution parked on top of it. We had a 30-day window to get it all done for 250 endpoints.

My IT group has four people, including me, but it's not hard to manage or deploy. It fits right within our normal imaging endpoints, so it's super-low overhead.

We did the deployment in-house. I'm paranoid. I wouldn't let anybody touch our security software.

We pay $30,000 a year for 275 endpoints. We're growing, so I plan to buy another 75 endpoints. There is still a year and a half left in my three-year subscription, so I'm going to increase my endpoint count by 30 percent.

I'm buying midterm. We're a little over our licensing right now—less than 10%—but we'll correct our device count and plan for future growth. We pay for additional managed detection and Ranger network scanning.

We started doing proofs of concept for a short list of candidates in October 2020 when things calmed down a little bit. In addition to SentinelOne, we were looking at Sophos Intercept X, and CrowdStrike Falcon, which I assumed would win the bake-off. I had every expectation that Falcon was going to be our new endpoint. SentinelOne was kind of a startup. CrowdStrike Falcon was number three. Our second choice would've been Sophos Intercept X.

We left behind traditional AVs like Symantec and Norton Antivirus in 2016. It's awful stuff. We would've been good with Intercept X or Falcon, but SentinelOne has just proven to be the right choice for what we're doing. I hope they don't get bought.

I rate SentinelOne 10. It's an excellent next-gen AV with none of the signature-update nonsense. It'll kill anything that does something bad, which sometimes is an Adobe product, etc. False positives are expected in that situation, but it's not a problem.

If you're considering SentinelOne, devote time, money, and staff to a thorough proof of concept. If you don't test your use cases, You will regret it. Just assume it's going to be an exit project to do an endpoint security selection. Ignore Gartner's and the press. Don't pay attention to the big analysts. Read the peer reviews and the community feedback. 

Do the heavy lifting with a proof of concept. If you think you're spending too much time on it, you're probably not spending enough. It's so important. Treat picking a product like you would any other big project.

We replaced McAfee's endpoint security with SentinelOne. The vendors we deal with recommended this product, and we had some issues with McAfee, so we decided to switch. It is used for detection, however, detection is very rare. 

The solution is easy to configure. How it detects threats is modern.

It's been pretty good. I have no complaints. It's been working very well.

I like the way that this product works. It doesn't rely on the data file. It checks the behavior of the process to prevent virus or phishing attempts from there.

I like the way it detects threats. It's based on the heavy behavior, not just based on the signatures, and it downloads from a central repository. 

I really like how you manage the endpoints. Their web portal is really nice. I can do everything through the web portal. I can see all the endpoints. I can upgrade them from there. And gives me a nice list of what software is installed on the endpoint as well. The solution will give me recommendations if there are any security vulnerabilities, for example, if the software is missing a patch or something like that. The deep visibility feature is great. If there's an incident, I can deep dive into the incident to see where it's coming from and how it affects the endpoints.

The interoperability with other SentinelOne solutions or third-party applications and tools has been pretty good. We haven't had major issues. 

While I'm not sure if the solution helps us with consolidation, their product does improve our overall security posture. We basically just use it as endpoint security. We're not using other products from them altogether. However, this is doing a great job of protecting us.

It has helped to reduce any of our alerts. Ever since we had this product implemented we've had fewer alerts. We had less user involvement as well. Where McAfee used to interfere with the user's daily productivity, SentinelOne does not. That's another thing I'm pretty happy about.

With this product, we can free up our staff for other projects, assignments, and tasks. It's reduced disruption for our users. Therefore, our help desk doesn't have to do as many tickets as when we were with McAfee.

Our mean time to respond to threats is definitely better. If there's anything happening, we get alerts right away via email. McAfee was not instant. We know about threats sooner and we have more time to respond to them.

Singularity helped our organization to save on costs. There's less maintenance compared to McAfee. The price is similar; there's not a big difference. However, we do save time and that translates to money. 

Our organizational risk has been reduced. It's a much better product compared with what we had. If there are any security vulnerabilities, if there's any patch needed, or if there's any known security threat that I should be aware of, I get notified fast.

The quality and maturity of the product are very good. Customers seem happy with them. I'm also happy with the product and its capabilities. 

In the beginning, we had some issues with their product on some of the Windows 32-bit operating systems. However, that was only on a special group of computers as we have our own special software. Other than that, for other computers and servers, we had no issue at all.

The web portal needs improvement. Sometimes when I go on their web portal and put in the username and password, and then all of a sudden, it says that the web interface has been refreshed. You have to put in the username and password again. It's very minor. Other than that, there isn't anything else I can see.

We have been using S1 for about 3 years now, still very happy with it.

Stability-wise, it's very good. I've had no issues at all and I never get complaints from users.

Scaling should be pretty easy. You just push out the agent. That's it. There's a group policy on the web portal and there's not much to manage. 

When I ran into the Windows 32-bit issues, I contacted support. I've also contacted them here or there for a few issues. They are responsive and knowledgeable. I have no complaints. 

Positive

We used McAfee and found how it looked at threats was old school. We wanted to explore new solutions and technologies. A vendor recommended this solution and when we looked at it we found all users are pretty happy with them. 

The deployment was good. We have agents installed on all endpoints. The management portal has a nice interface. We can do everything we need to do from there, which is nice. 

I was involved in the deployment. It was pretty straightforward. You just install the agents and make sure the policy is correct based on the servers or the usage of the endpoint. We only ran into an issue around a 32-bit Windows software system, however, it wasn't anything major. I mostly handled the implementation myself. 

There isn't much maintenance needed. You just need to do version updates. 

I worked with the company that got us the license. We worked together to get the implementation done. 

The price is pretty good. It is reasonable. It's one of the reasons we went with them. Palo Alto, in comparison, was pretty expensive. The price of Cylance was reasonable and somewhere in the middle, however, SentinelOne feature-wise gave us everything we needed for a good price. 

We did look at other options. We looked at CrowdStrike, for example. We also looked at Palo Alto. They had something similar in terms of endpoint security, In the end, we chose SentinelOne. 

I'm a customer and end-user.

We do not use the Ranger functionality. I know it is available, however, it is an extra cost.

In terms of the solution's ability to be innovative, I've only used McAfee and SentinelOne. I can't really say how it compares with Cloudstrike or Proofpoint. That said, compared to McAfee, it can detect threats based on user behavior and not just definitions. It helps monitor software for potential security issues. It's really nice and works very well.

I would recommend the solution to others. 

They make a good strategic partner in terms of security. Their product is the last line of defense for security breaches, and having a good, reliable product on all endpoints is very important to our organization. 

I'd rate the solution nine out of ten overall. The ability to detect threats and the deep visibility on the endpoints is great. I like that it alerts you to patching requirements. It's great that, if a threat appears, we can drill down and see exactly what's going on.

We utilize SentinelOne Singularity Complete as our EDR. The solution has replaced our previous solutions, Trend Micro and Symantec antivirus.

The Symantec agent we had before would require almost a reboot every time you would make a change, an agent update, or even sometimes in definitions. None of them were as comprehensive as SentinelOne Singularity Complete regarding threat detection and response. I don't believe any of them had any of the rollback features that are available through SentinelOne.

Overall, having more coverage and confidence in our antivirus is part of our decision to choose SentinelOne Singularity Complete. The other consideration was cost. We were going to upgrade to a more comprehensive threat protection solution either way. We were also looking at CrowdStrike then, and SentinelOne beat it by pricing while offering the protection we were looking for.

The solution's in-place upgrades have been very helpful. Another valuable feature is the ability to set policy exclusions on different scope levels, such as at the site or across all sites. Having the API access and documentation for the API is very valuable. If we needed a feature that didn't already exist in the SentinelOne console, we could cook it up ourselves and have it run whenever we wanted.

I feel like SentinelOne is very locked away from being able to be sold to smaller businesses to self-manage. We did have to jump through a lot of hoops to purchase SentinelOne and have control over it because, most of the time, you're forced to go through a reseller. In our experience, the reseller also wanted to manage it for us.

Unless it's a managed detection and response, that's not adding as much value as adding access outside of our organization that we may not necessarily want. The ability to have more direct purchasing for smaller groups and smaller businesses would be great. However, I understand if that's not part of what SentinelOne wants and is not lucrative for their bottom line.

I have been using SentinelOne Singularity Complete since June 2021.

My only issue with the solution's technical support so far is that we can only communicate via email tickets, not phone calls. However, we've still been able to resolve the majority of issues. Their response time is pretty fair. I wish there were more abilities to conduct a remote session because there are a lot of situations where I will have to get walked through some instructions.

Then I have to give feedback saying that an instruction is unavailable, or I can't do this because this device is in this situation or this mode. There may have to be three or four back-and-forth messages before we can proceed to the next step because it isn't an interactive remote session. It is just email communications with a delay every time, which adds to some frustration.

Suppose there's something that's concerning to us that we really wanted to make sure wasn't a false negative as a threat. While we were worried about it, we would just have to wait for responses and be unable to communicate with anybody.

Neutral

SentinelOne Singularity Complete's initial setup is straightforward.

We did not use an integrator, reseller, or consultant for the solution's deployment. I have had some experience with SentinelOne in the past. We just read through some of the documentation and asked a couple of questions. There was also some information on what other administrators have done to implement the solution.

That has worked well, and things have been pretty smooth sailing since the implementation. I've been pretty happy in that regard, and it wasn't a big pain to replace our existing antivirus solution. Two other guys were involved in the solution's deployment, but I was heading up the task.

We have not seen a return on investment with SentinelOne Singularity Complete because we have not used it. It has just added costs for us that we're not taking advantage of.

SentinelOne Singularity Complete's pricing is not terrible. It's not enough to make us want to move away from using SentinelOne. The solution's pricing is not too bad for what it's offering, like the documentation that comes with it. I feel like it should be an optional add-on for people who may not be using things to integrate or may not want to integrate things.

We have used very little of SentinelOne Singularity Complete's interoperability with other solutions. It has looked like it has been nice because we have been scoping out the use of a managed detection and response and have SentinelOne Singularity Complete plugin with other solutions for log output. There hasn't really been anything we wanted to use that SentinelOne was incompatible with.

I believe SentinelOne Singularity Complete is very capable of ingesting and correlating across our security solutions. I don't think I've seen any solutions that would necessarily outperform it. It's done everything that we've needed it to. Again, we have not used it extensively.

SentinelOne Singularity Complete has not helped us consolidate our security solutions, but that's our choice. We like going into the console and seeing everything within there and the dashboards we already have access to.

I can't say that I think SentinelOne Singularity Complete has helped reduce alerts. We would like to use SentinelOne to correlate our alerts so we're getting alerts from multiple different areas to see what matches up there. Currently, we still have an ad hoc solution where we're looking at different sources for that information because we don't have it all trusting each other yet.

Overall, for supply chain attacks, we're hesitant to give access to other products to our SentinelOne. We just don't want to put all our eggs in one basket, but that's more of a mindset problem than a functionality problem.

SentinelOne Singularity Complete has helped free up our staff for other projects. The solution's automation functionality, notifications, alerts, additions with its API, and custom tools to do what we want have helped me not to have to go in and manually check for things. For example, SentinelOne says they do not need to do static file scans other than when you first install the agent.

Our compliance requires that we still have static agent scans on a regular basis, preferably daily. You can launch those from within the console, but it's not viable for me to log in to the console daily and initiate that. Since there's no ability to schedule that in the future, that was best done with the API script that runs automatically and can give us feedback on how it went.

I believe SentinelOne Singularity Complete has helped reduce our organization's mean time to detect. We get some good context within there of what the threat was. Most of the time, it has pretty good notes regarding what it got flagged for if it's behavior-based, but some static file threats don't show the indicators.

We do not know what to do with some threats or understand what it is. We've been told we would need to get the SentinelOne vigilance or managed detection and response to fill that gap. We have been looking at managed detection and response but haven't put it in place yet.

SentinelOne Singularity Complete has helped reduce our organization's mean time to respond from our previous antivirus solutions. The solution gave us some more context than we had and also the ability to isolate each endpoint. If an endpoint looks scary and we don't know what it's doing exactly, we can cut off all of its internet access except SentinelOne until we feel it's a clean endpoint. SentinelOne Singularity Complete has helped reduce our mean time to respond by 20 minutes.

Singularity Complete has helped reduce our organizational risk. There have been multiple things that could have potentially been an incident, and they were stopped in their tracks by the solution. For that, we've been able to demonstrate the solution's value to our leadership in terms of keeping it.

SentinelOne Singularity Complete has not helped our organization save on its costs. SentinelOne Singularity Complete isn't optional and was forced onto us from the licensing. We didn't really get a choice on whether we wanted those extra features, but we had to pay for the SentinelOne Singularity Complete add-on, which is just a blanket cost.

If it was up to us, we might not have chosen it, but it was not. We don't use many of the features, and many of the things we like are within the basic SentinelOne license.

We earlier used SentinelOne Complete, and then we used SentinelOne Complete with Singularity. There hasn't been a great improvement since we've done that. We haven't used many of its features or had any guidance on recommendations that would be helpful to put into place without having to buy anything else.

Most of the time, if we wanted to use anything in the marketplace, we would have to start paying for something we don't already have or integrate with something we aren't using.

I would say SentinelOne Singularity Complete is pretty mature, and there's a good amount of documentation of details. I would say it's much more mature right now than a year and a half ago when it was introduced. I looked into it then and said there's nothing that looks useful to us here.

Now, there are actually many more applications and things to integrate with it that we didn't have access to before. We're still not using a lot of it. As far as recommending it to somebody else or another company, I am confident that it will plug into all the major utilities and tools you may want.

SentinelOne Singularity Complete requires maintenance, but it's not bad. We need to go into the console and initiate updates for select devices when there are updates available. We need to ensure that we stay within supported and not end-of-life releases of SentinelOne. After those select devices have been tested out and we know there are not many issues with them, I will go ahead and release those to all the other devices we manage in the rolling phases.

That's not too much work. I would not classify it as maintenance, but when detection comes up while using the platform, that works well when we need to check that out. We haven't necessarily caught something that needed to be caught.

I am impressed with what they're doing both for detections for our endpoints and also for the security world at large. A while back, they headed up some of the investigations and publications about the supply chain attack for 3CX software, which was something that we had used and were impacted by. However, thanks to SentinelOne, we did not have any fallout from that attack.

Overall, I rate SentinelOne Singularity Complete an eight out of ten.

We used SentinelOne because we needed a tool that would add extra visibility into the environment. We also wanted something that was easier to use than our existing product so we switched to SentinelOne.

Deep Visibility is a valuable feature. It lets us search across the environment and correlate things much more easily than we could have previously.

The learning curve was a little steep. The solution gives training we can go through, but we have to pay for that. We ended up paying for it so we could get everybody ramped up. The product must enable easier onboarding for less familiar or less formally trained people. It would've helped us adopt it quickly.

I have been using the solution for three months.

We had no stability issues.

The product is on a cloud-hosted instance. It can be integrated into everything that we use. It seems highly scalable.

Support is good. The support team is quick to respond and quick to resolve. We can't ask for anything more.

Positive

The product is cloud-based. The initial deployment was straightforward. We were able to rip and replace and do it all faster than our onboarding team had expected. It was done within a month.

We had the standard onboarding services, but we did all the lifting ourselves. It required four people from our side. Apart from agent upgrades, the tool doesn't need any major maintenance.

We currently see returns in getting our technicians' and engineers' time back.

The pricing makes sense to us. The pricing model is simple. It was easy to move forward from our previous products to the new bundle.

We've been using the tool mostly with third-party applications through Singularity Marketplace. Integrating it with our Microsoft environment has been helpful and convenient. The product is robust in ingesting and correlating across our security solutions. It is doing its job without us having to check it.

Previously, we had a few different endpoint solutions on a single asset. The product helped us rip and replace multiple solutions with one. We did a POC on Ranger but didn't go with it. The solution hasn't reduced any alerts, but it has at least given us more actionable data. We need to do tuning because we're so early in the adoption.

The tool has certainly saved the staff's time. It's able to correlate data a lot better and bring it all onto a single pane of glass, which helps save time. It's hard to quantify right now because we're so early in the adoption. We're definitely able to see more bandwidth for other projects. SentinelOne has helped reduce our mean time to detect.

We have seen the most improvements in our organization’s mean time to respond. We would have had to balance between different solutions or portals to correlate data. Now, the tool is just bringing everything into one place. Taking action within the solution has helped us respond and resolve. Our mean time to respond has been reduced by more than half.

We were using multiple products. We replaced them with SentinelOne. Getting a better solution for the same price was a no-brainer for us. Singularity Complete has helped reduce our organizational risk. The solution's quality is top-tier. The maturity was as good as our current solutions. It was easy to make the choice to move over.

SentinelOne is closely aligned with what the actual responders need to do. It seems like the vendor is building tools and solutions for people in the thick of it, which is a big reason why we went with their product. They are making tools for those who need to use them.

If someone were to evaluate or do a proof of concept, the bigger their initial POC, the better. We found some oddities after expanding the initial POC, which would have been nice to work through before the deployment. The vendors set up a capture-the-flag type of event that really helped us learn the environment, where to go for what, and how to use the tools. I highly recommend having everybody go through the capture-the-flag trial they set up.

Overall, I rate the tool a ten out of ten.

We use SentinelOne Singularity Complete as our antivirus and malware detection solution.

Singularity Complete has helped reduce our alerts.

It gives me peace of mind knowing that it patches areas that need it and is always available to hunt for malware in our environment.

Singularity Complete has helped significantly reduce our MTTD. We are notified within the hour of an incident.

It has also helped reduce our MTTR. We are able to respond to an incident within the hour.

Singularity Complete has helped reduce our organizational risk.

Malware detection is valuable. We have had incidents where users have clicked on malicious links and we were able to patch the malware using SentinelOne Singularity Complete before it reached the SIEM. SentinelOne Singularity Complete has become one of my most trusted solutions for hunting malware in our environment.

I have been trying to synchronize SentinelOne Singularity Complete with our SIEM, but it has not been very successful.

SentinelOne's customer service has room for improvement. It is hard to reach them.

I have been using SentinelOne Singularity Complete for two years.

Singularity Complete is stable.

Singularity Complete is scalable.

The support team is hard to get a hold of.

Neutral

Based on a management decision, we switched from CrowdStrike to Singularity Complete.

The initial deployment was complex, but SentinelOne helped with the process and two of our employees were involved.

We used the help of SentinelOne for the implementation.

The license is per user.

I would rate SentinelOne Singularity Complete eight out of ten.

It is a mature and high-quality solution.

SentinelOne Singularity Complete as a tool is good but the support needs a lot of work.

We use the solution as an EDR tool. We focus specifically on Linux components and a Linux environment.

The threat detection and visibility as well as the migration of the data to our SIM instance has been useful. Doing automation workflows has been excellent.

They have fairly decent integration with third-party tools within their own stack. They have very strong integration with CrowdStrike and Microsoft Defender. They also have connections for Palo Alto Networks and all the tools that we leverage across the firm. These are API connectors, so they are plug-and-play. The login session coordination piece is also fairly robust, which is done with Splunk on the same side.

It's a plug-and-play solution that works well with other out of box integrations that we have. We can move the data from the solution into third-party tools.

It helped us to reduce our alerts. On the the Linux kernel side, we have quite a few different versions of Linux, and hence the alerts that we used to get earlier were a lot more. They are significantly less since they're now managed and controlled through the Singularity platform.

Our mean time to detect has been reduced significantly. We've saved maybe thirty minutes to an hour. Our mean time to respond is a bit better by a few minutes.

The reports for the executives who are the decision makers should be better. That would help with product renewal and adding new modules. There aren't enough reporting capabilities for decision-makers. 

I've used the solution for just under a year. 

We have not noted any crashing or lagging issues. 

They offer fairly decent technical support. We've not had any major challenges with them so far. The support team has been pretty good.

Positive

We have CrowdStrike as an EDR tool for Windows, and CrowdStrike did not really support our Linux kernels. That's when I did an evaluation with different vendors, and Singularity was able to support our Linux kernels.

I was involved in the deployment. It was a straightforward deployment. We had six people handling the deployment. 

We have not had a need for maintenance just yet. 

We used our own internal IT team for the implementation. 

The product's pricing is at par with what you see among major competitors. It's higher than McAfee, yet cheaper than CrowdStrike. 

It allows us to be innovative. It's fairly robust and one of the main leaders in the space. It's a pretty strong offering compared to others in the market. It is a quality product. 

It's important to test it first to see if the solution works well for your firm. I'd advise people to validate and test it out thoroughly. Bringing in a solution is not that difficult, however, ripping and replacing a solution is hard, so you want to avoid regretting any decisions. 

The solution is a helpful strategic security partner. 

I'd rate the solution an eight out of ten. 

We use it as an EDR solution for all of our endpoints. We use it for our desktop servers, cloud, and Linux. We use it for all of it.

It showed us things that we were not even aware of. It went beyond malware and showed us behaviors. It showed the bad behaviors of a lot of our end-users.

The interoperability is all there. We are still at the beginning of our journey, but everything is kind of teed up and aligned for that integration. We are talking about the ServiceNow integration. It has been the early placement in our cloud clusters or nodes. Those are the things that have made interoperability, integration, and adoption easier.

Singularity Complete has not helped free up our staff for other projects and tasks because we are still at the beginning, and we still have a lot to deploy, but we will realize that. I am confident that we will realize those efficiencies.

Singularity Complete has changed what we are looking at. It has dramatically decreased our false positives. We are not chasing false positives. It does not save time as such, but it has helped us focus on what is actually important.

Singularity Complete has not helped reduce alerts, but it has changed what our analysts are looking at. We expected a spike in alerts. The product is showing things that we did not previously see, so the increase in alerts temporarily for a short duration or for the next six months is expected.

Singularity Complete has reduced our false positives, and it has helped us see the hygiene of our whole network in our environment.

Singularity Complete compresses the triage time. It is all about the triage time. That life cycle going from information to action is what security operations are all about. SentinelOne does that because it helps analysts focus on those true things that are risk-behavior in our environment, rather than the validation that they were on more traditional signature-based platforms we had before.

Singularity Complete has not helped reduce our organizational risk, but it has absolutely increased our awareness of that risk. Knowing what your risks are is half the battle before an organization or a medium-sized organization, so being aware of the risk is the first step, which is available for the first time since we adopted SentinelOne.

As far as EDR goes, the behavior analysis of the incidents is my big thing. 

Its non-signature-based capabilities and the heuristic analysis for dynamic threats are also valuable.

There should be full and complete integration in the single console of the mobile agent.

We have been using Singularity Complete for 18 months.

It is scalable, and it has scaled well.

So far, everything has been great. During our deployment, I have bugged them a lot, and it has been pretty good. I cannot complain. I would rate them a nine out of ten. There is always room for improvement. During their deployment, I relied on them to make sure that all of our things went fine. We had some hiccups, and they were there with us. They were there to help through everything. There were some things that took longer time to research and figure out, but for the most part, if I needed a solution, I got it.

We had a bit of a hiccup that was at the SaaS level. Keith W and the complete team made it right once they knew and understood the problem and its impact on our organization. I value that a lot.

Positive

We were using another solution before SentinelOne. We made the switch because of functionality, compatibility, interoperability, visibility, and ease of integration. It checked all the boxes that we needed. We definitely needed to go this way.

It was pretty straightforward, and it was pretty easy to get everything out.

We pushed through SCCM, and it went right in. I had very minimal issues with all of our endpoints. The ease was right there, and basically, there was not a disruption. It was one of the easier deployments that we have had. It roughly took half the time as our previous endpoint protection solution. We did it in about nine months, and we rolled from PoC straight into deployment. The previous solution took about 18 months to cover the same population with a lot more complications and finagling to make it work.

We implemented it in-house with some professional services from SentinelOne. Our experience with SentinelOne was good. We have no complaints.

It is hard to say, but I can say that we have seen an ROI because we have discovered things that we were not aware of. That alone is a return on the investment in my book, and my leadership understands that, and that is easy for me to make.

Singularity Complete has not saved us costs. We are not there yet. It will, but we are at the beginning of our journey. It is going to zero in on things that need to be corrected. For us, it is hopefully going to be that change agent or the catalyst for the change agent to our behavior. Technology can only go so far. We are starting to look at the behavior of how some of our business processes have been run because the risk has not been fully understood, so the costs are unquantifiable at this time, but I am sure they are there. I am confident that they are there.

It is comparable. Something that I look at for the long term is how sustainable it is. There is quite a bit in the security portfolio that I manage, and we will see.

We evaluated about seven other products through an evaluation score guard criteria in-house. It has been so long since I have looked at that matrix, but it came down to analysts evaluating it against our set requirements and evaluation criteria. After that, it becomes a number, and the numbers have a certain magic to themselves that makes things more objective. The numbers just came out where the score was clear and evident based on the analysts' analysis.

It is a good product, and it is something that has future-proofed me in my program for the organization.

I am pretty sure I made a super smart decision when I chose to buy it. The roadmap is sound. Based on the keynotes at SentinelOne OneCon23, there is a lot going on. They are dedicated to improving the product. There are a couple of things, such as SentinelOne Mobile, that cannot be forgotten. That is integral for us or our organization, but, overall, I feel pretty good about the strategic roadmap or journey that we will be on.

From a pragmatic level, it is very mature. There was a bit of a false start with the SentinelOne Mobile, which is important for us, but overall, the product is very mature and adaptable by a variety of talents and skill sets that you find in your SOCs or security operation centers.

I would rate it a nine out of ten because of the Mobile issue. This is something big, and I am a little worried that I did not see it in the keynotes SentinelOne OneCon23.

We use SentinelOne Singularity Complete for incident management planning to protect against insider and outsider threats, monitor threats, block websites across our branches, and manage assets.

Before implementing SentinelOne Singularity Complete, we could not track our assets, manage the threat insights, or block USB devices. Now we can manage and handle all our assets and keep them healthy. We can also protect our data from malware and ransomware attacks.

The SentinelOne Singularity Complete reporting suite is essential for providing comprehensive visibility into the security posture of an organization.

We realized the benefits of SentinelOne Singularity Complete two months after we deployed it. We knew after the proof-of-concept that SentinelOne Singularity Complete would be useful in our environment.

SentinelOne Singularity Complete helps our organization track all our systems. We receive an automated weekly threat report on our systems, which helps us manage incidents before they occur. We automatically receive insight threat reports in our emails, which is a great way to identify and track issues so that we can remove the affected asset from the environment to protect our systems and network.

SentinelOne Singularity Complete has helped reduce our organizational risk. 

SentinelOne Singularity Complete has a valuable feature that allows us to install the agent on every endpoint and extract all asset information for reporting purposes in our live inventory.

SentinelOne's XDR service is valuable. We use them to find the root cause of an issue.

I would like to have a remote desktop feature added so we can remotely access our endpoints.

I have been using SentinelOne Singularity Complete for six months.

We previously used Kaspersky, but we found that it could not clearly identify all of our assets and risks. With SentinelOne Singularity Complete, our environment is more secure.

The initial deployment was straightforward. 

We used a third party for the implementation.

SentinelOne Singularity Complete is expensive, but we must be willing to pay for it if we want a high level of protection.

I would rate SentinelOne Singularity Complete nine out of ten.

We recommend that people evaluate SentinelOne Singularity Complete before buying it. At a minimum, they should compare it to their current solution and other products to see the difference. They should do a small comparison of the major points that each product covers and does not cover. Once they have a good understanding of the options, they can have a demo or proof-of-concept before making a purchase. Additionally, it is helpful to check which companies are currently using SentinelOne Singularity Complete in their live environment for a long period of time without experiencing any challenges.