SentinelOne Singularity Complete Reviews

We're a construction company using SentinelOne for endpoint security with endpoint detection and response. SentinelOne covers all of our endpoints and servers. It protects everyone across the company, even those not actively using an AV.

SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday.

We have the Ranger feature for network scans, allowing us to pick up any new devices that show up on a network. That was especially useful for us when we shifted to working from home.

If two or more agents are in a remote network, they will scan the network and give you an inventory of the MAC addresses and device types they see. This is handy when you have a small office or someone working from home. We do not allow employees to bring their own devices, but people are plugging their company computers into their home network, exposing them to risks. The ability to report on connections in remote networks is handy.

SentinelOne's machine learning engine is purely behavioral. The engine will shut down anything that's bad, isolate the system from the network, and alert everyone. We had tremendous success with CylancePROTECT for over five years. Zero successful attacks. In 18 months in with SentinelOne, we've seen the same lack of drama. No endpoints have been compromised to the degree that it has negatively impacted our network.

Managing the false positives creates additional management overhead. The behavioral analysis engine might misinterpret real user behavior as malware. For example, a drafter was cleaning up a Revit folder and deleting 4,000 files. That looks like ransomware. The SentinelOne agent kicked his computer off the network.

We interrupted that process and then isolated his computer and the file server. It was somewhat disruptive in the middle of the day. At the same time, it was a perfect simulation of what ransomware would do, so it was reassuring that SentinelOne stepped up and said, "Nope!" 

It was not a malicious process running that was detected. It was simply behavior he shouldn't have done. Now, our drafters know to co my team when they're going to do some file cleanup. The false positives are just inherent in just the large amount of poorly written software that's out there. Any competent antivirus is going to have a behavioral, heuristic engine looking at what's actually being done.

It might be something bad done by the software you use. We used a machine learning engine for five years. The Wire Hauser Corporation builds subpar software because they're supposed to be building lumber products. It triggered a false positive, that's about the only negative for any modern AV is just false positives.

In the future, I would like to see SentinelOne implement integrated patch management. It would be great to manage endpoint patching through SentinelOne. We're on our third patch manager in three years because they are lackluster. It would be nice to have a new patch management tool.

I have been using Sentinel One for about a year and a half.

SentinelOne is stable and constantly improving. Today I did a demo of a new acquisition they made for Active Directory. Ranger is the product that scans networks. This is a new product from a company they bought.

They do automated scans of your Active Directory infrastructure to identify fixable problems and anyone trying to take advantage of the unfixable problems. They're improving their core product while adding new functionality and products that I'm interested in.

SentinelOne is highly scalable. I know folks with 10 times the number of endpoints we have, and they're pleased with it. One fellow I know has 4,000 endpoints under management.

I rate SentinelOne support nine out of 10. I wish our other vendors had tech support as good as SentinelOne. I can only think of one other vendor that possibly has better tech support, but the vast majority of software companies have sub-par tech support. Little goes wrong, but get a quick turnaround time when something comes up. 

Positive

We were using CylancePROTECT, one of the early innovators in machine learning next-gen AV. Then they added on an EDR component called  CylanceOPTICS. CylancePROTECT was an outstanding product for us. It was extremely low overhead and highly efficient. It crushed it in the proof of concept and did an excellent job for us.

Blackberry acquired the solution in 2019, the last year of our three-year agreement. It was awful. Development essentially stopped. All of the intelligent people started leaving. I found out that some went to SentinelOne. It was clear my worst fears were realized: that Blackberry was going to screw up yet another good thing.

I had prior experience with this kind of antivirus, so I thought setting up SentinelOne was very straightforward. We stood up three different products in the course of 60 days to do this test. I didn't think there was anything unusual or unexpected about setting it up. It's perfectly understandable if you know what you're doing.

We have automated tools for deploying software. The biggest problem was getting the old endpoint solution off and the new endpoint solution parked on top of it. We had a 30-day window to get it all done for 250 endpoints.

My IT group has four people, including me, but it's not hard to manage or deploy. It fits right within our normal imaging endpoints, so it's super-low overhead.

We did the deployment in-house. I'm paranoid. I wouldn't let anybody touch our security software.

We pay $30,000 a year for 275 endpoints. We're growing, so I plan to buy another 75 endpoints. There is still a year and a half left in my three-year subscription, so I'm going to increase my endpoint count by 30 percent.

I'm buying midterm. We're a little over our licensing right now—less than 10%—but we'll correct our device count and plan for future growth. We pay for additional managed detection and Ranger network scanning.

We started doing proofs of concept for a short list of candidates in October 2020 when things calmed down a little bit. In addition to SentinelOne, we were looking at Sophos Intercept X, and CrowdStrike Falcon, which I assumed would win the bake-off. I had every expectation that Falcon was going to be our new endpoint. SentinelOne was kind of a startup. CrowdStrike Falcon was number three. Our second choice would've been Sophos Intercept X.

We left behind traditional AVs like Symantec and Norton Antivirus in 2016. It's awful stuff. We would've been good with Intercept X or Falcon, but SentinelOne has just proven to be the right choice for what we're doing. I hope they don't get bought.

I rate SentinelOne 10. It's an excellent next-gen AV with none of the signature-update nonsense. It'll kill anything that does something bad, which sometimes is an Adobe product, etc. False positives are expected in that situation, but it's not a problem.

If you're considering SentinelOne, devote time, money, and staff to a thorough proof of concept. If you don't test your use cases, You will regret it. Just assume it's going to be an exit project to do an endpoint security selection. Ignore Gartner's and the press. Don't pay attention to the big analysts. Read the peer reviews and the community feedback. 

Do the heavy lifting with a proof of concept. If you think you're spending too much time on it, you're probably not spending enough. It's so important. Treat picking a product like you would any other big project.

We use SentinelOne daily for endpoint protection and restriction on using USB devices. 

The protection and management provided by SentinelOne is good.

I would like to see the reports from SentinelOne more customizable, as there are very few options.

I have been using SentinelOne for four months. I work as a senior network security engineer.

The management of SentinelOne is easy, it does not put too much burden on the machine. We will be upgrading to Windows 11 in the upcoming months, we will be able to better comment on stability after that.

Our organization has close to 3,000 machines with approximately 2,000 users. It is easy to scale.

We were using McAfee prior to SentinelOne. McAfee has a wide range of reports and is more customizable than SentinelOne. We switched from McAfee because we were no longer satisfied with the support they provided. They were no longer providing prompt responses, tickets were taking too long to get resolved.

The other reason we switched was that McAfee was a traditional antivirus working on a definition basis. They have not moved on to the next generation of antivirus. McAfee needs to focus on the behavior of the program and machine files. If you want this, you need to choose a different McAfee product. They were not putting everything in one place, but rather offering a buffet of offerings, driving the cost up.

The initial setup of this solution was simple. We did the setup ourselves, but did require a little help from the vendor.

I would give SentinelOne a four out of five for ease of setup.

The deployment of SentinelOne is easy. If you calculate the installation of the product and make all the packages ready, it takes about a week. Implementation was another month to go through and replace the older systems and install the new ones.

The pricing of SentinelOne is less than McAfee.

I would advise anyone looking to implement SentinelOne to look before you set up. Know how many machines are working in your network and which type of communication they are doing, whether it is internal or on the internet. No matter what solution you pick if it is SentinelOne, Carbon Black, McAfee, or Symantec check the usage of your machines.

I would rate SentinelOne a nine out of ten overall.

My company leverages SentinelOne Vigilance and SentinelOne Singularity Complete for managed SOC.

SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool, with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment.

SentinelOne Vigilance is one of the feature sets of SentinelOne Singularity Complete as a whole, and my company found SentinelOne Singularity Complete a little bit easier to use and flexible; plus, it had several feature sets.

I've not been using SentinelOne Singularity Complete for a long time to have a lot of feedback on its areas for improvement, as my team is still learning the tool, but what comes to mind is the need for it to give more straightforward directions or communication about detection or what has been detected.

We officially deployed SentinelOne Singularity Complete, including its feature set SentinelOne Vigilance, about three months ago.

SentinelOne Singularity Complete has been very stable, so it's an eight out of ten for me, stability-wise.

SentinelOne Singularity Complete is a scalable solution, which is one of the reasons why my company uses it.

I found the technical support for SentinelOne Singularity Complete excellent, especially in terms of communication. Support is nine out of ten for me.

Positive

We previously used Atos as our SIEM tool and wanted to replace it with a newer technology, so we're now using SentinelOne Singularity Complete.

I'm involved in deploying SentinelOne Singularity Complete, and I found the process straightforward. My company is still going through with the deployment because of the ninety-day deployment model.

I have people in my team assisting with SentinelOne Singularity Complete implementation.

I've seen ROI from SentinelOne Singularity Complete within a month after deploying the solution, mainly after my company started getting different alerts, which I was happy about.

I found the pricing for SentinelOne Singularity Complete reasonable, which is one of the reasons my company went with it.

SentinelOne Singularity Complete requires just a little bit of maintenance, as my team has to update agents and do some finetuning, but not too much.

My rating for SentinelOne Singularity Complete as a solution is eight out of ten.

My advice to people looking into using SentinelOne Singularity Complete is to ask for sample reports and processes to understand how SentinelOne would let you do it.

The company I work with is a SentinelOne customer.

Every five years, we research tools that could replace our old software. We combine our AV and intrusion detection. We were trying to find out if there’s an agent for the whole nine-yard, and we came across SentinelOne.

The product has an automated process where we find security issues. It’s a 24/7 behavior analytical tool to execute certain actions. The tool deletes the problem-causing process and prevents issues. It discovers, kills, and protects. The software is good. I don't see much of an issue with it.

They should train their own people so that they can train us better. The theory is good. If the product is good, but we cannot rely on it or pass it along to the customer, it's useless. When we purchased the solution, we were told that certain functions could be done. I understand it is part of sales, but I feel like I'm being fooled. We couldn't test it because it was in production. We first had a proof of concept but didn't connect it to our Azure portion.

I have been using SentinelOne Singularity Complete since February.

The product's stability is okay.

The tool's scalability is average.

The support people of SentinelOne do not know the different products offered by SentinelOne. How can they support their customer if one person knows one thing and the other doesn't? They tell us the issue does not come under them and point us to a different team.

There is a SentinelOne support team and a Singularity support team. SentinelOne's support team is okay. Once, the technical support and help desk director got involved with all our issues. However, the director got involved after we strongly complained about the issues. That's not the way it's supposed to be.

Neutral

I have used Arctic Wolf.

The initial deployment was good. The solution is cloud-based.

We took help from SentinelOne to deploy the solution. We paid for it, but it was not worth the money we paid for. Two people from our company are required for the deployment. The solution requires maintenance.

The licensing is okay. I don't see any issues with it.

We evaluated other options. We were trying to have one solution for everything. We heard that SentinelOne purchased another company. Other products like Rapid7 provide multiple solutions and products for our needs. We saw that SentinelOne provided us with one product and one support system. However, even while using SentinelOne, I have to contact different teams.

When we purchased the solution, it did not do what we expected. We didn't use all of the features. It has quite a few options. There are a bunch of more add-on modules. Other products from SentinelOne are not good. I am really disappointed with them. The user must understand the solution by just reading the training documents. The team claims it is professional, but it lacks a lot of functions.

The integration is fine, but the feature is not how they market it. It looks good on paper, but it's not what we think it is. It's not a ready product in marketing. I am disappointed with it. The interoperability is still under development. Not many people know or understand it, including people from SentinelOne. When we call and try to figure out what's going on with the solution, not many understand what it is. There is a lack of training on their products and services.

The Ranger functionality is fine. It’s only been six months since we started using it. We're still learning as it goes. I think Ranger is probably better than Singularity. Sometimes, they send false positives. It's not really a big feature for us. It's good. They're trying to prevent any networking attack, but I don't think it’s there yet. They're just trying to discover what is on the network, but we already have other tools for that.

It is important for us that Ranger requires no new agents, hardware, or network changes. Ranger is just trying to discover whatever issues we have. I don't think it can prevent it. I don't think it can block issues or protect our devices.

Overall, I rate the product a seven out of ten.

Our company is a platinum partner and uses the solution to provide endpoint protection for customers. 

A few new customers require the on-premises solution but others use the cloud technology. 

The solution offers excellent detection and integration capabilities. 

Integrations talk to other security vendors and share data with the help of the API. No other product offers this functionality. 

The solution is a bit costly for some customers. 

DLP support would be a good addition. Currently, there are multiple vendors and agents on endpoints. The solution looks at data from a specific documentation view so it would be beneficial to use that same documentation to look at DLP. 

I have been using the solution for six years. 

The solution is stable so I rate it a nine out of ten. 

The solution is very easy to scale. Scalability is the best and the GUI itself is very fast with no issues. A customer with 10,000 clients still gets fast responses. 

Technical support is very good and helpful in getting results. 

The turnaround time for solving bugs or finding workarounds for customers is quick. 

The setup is simple and the solution can be deployed using any tool. Vendors can also remotely deploy the solution.

If the solution is set up properly with the right policies and processes in place, then it won't require too many maintenance resources. Customers can also utilize the solution's NDR service instead of staffing that position. One technician can easily handle ongoing maintenance.  

We implement the solution for customers. 

The pricing is comparable with other vendors but some customers find it a bit costly. There is a bit of pricing flexibility with the solution, but initial quotes can surprise customers. 

I rate pricing a six out of ten. 

The solution stands out because has excellent detection and integration capabilities. In my opinion, the solution is better than Microsoft, CrowdStrike, and Palo Alto. 

Customers are very happy with deployments and stick with the solution year after year.

I rate the solution a nine out of ten. 

The solution is agent-based, so it's on service, and it's a cloud solution.

We are using its API capabilities for our server for protecting us from cyber security threats and attacks.

Earlier, we used some internal protections. However, we moved to HD information for the cyber security portion. It's helped us to mitigate security attacks and provide solid defense.

We like the file-less monitoring and filtering are great in the context of security.

The setup is very straightforward. 

It is stable. 

The product can scale if the licensing is correct.

SentinelOne has some inputs, some traditional NPRs, or models like IPS and IDS. We can configure individual rules for particular machines. In a sense, control is not from the console.

There should be more integration models with different security operations tools or soft tools. It could provide a single pane for integration with the firewall, or a soft solution should be there.

I'd been using the solution for eight months.

It's a stable, reliable product. there are no bugs or glitches. It doesn't crash or freeze. 

The product can scale. However, it depends on the license. 

We have 500 users on the solution right now.

Right now, we don't have plans to increase usage as we already have some buffer limit there.

While I haven't directly contacted support, I have used their documentation surrounding KPIs and have found them helpful.

Positive

Earlier, we were using Symantec and the One Protection Suite.

The solution is easy to set up. It's not an overly complex process. We had no issues at all. 

One system engineer which has some knowledge of network security can handle the implementation.

We handled the deployment in-house. 

SentinelOne has a very good XDR product, and it can also integrate with different security components. It's a single pane of glass for cyber security posture management. The ROI is good.

The licensing is handled by another team. I can't speak to the exact cost of the product.

We also looked at CrowdStrike before choosing this product.

Someone interested in the product should first do POC, and depending upon their OIS environment, they should consider this first before going for any XD solution.

I'd rate the solution eight out of ten.

We use it as an Enterprise EDR solution for threat detection, anti-malware, and security investigations.

SentinelOne Singularity Complete has greatly enhanced our security posture. We feel that our endpoints are more secure. We are in the know of what is happening within our company from a security perspective. We are confident in the ability to detect untrue positives. It has also helped us in achieving industry certifications such as SOC 2.

SentinelOne Singularity Complete has absolutely helped reduce our organization's mean time to detect. There has also been an impact on our mean time to respond. With the integrations that we have set up with Splunk and other products, we are able to respond to incidents as soon as they alert us.

We have a couple of integrations with it. They are alright. I am not blown away by its integration capability.

SentinelOne Singularity Complete has not helped reduce alerts. If anything, we create more alerts with it. We are able to fine-tune the product to reduce noise and alerts, but without it, we would not have any alerts. It is the piece of software that provides that alerting capability for us.

SentinelOne Singularity Complete has not helped free up staff. In a way, it creates work for us, but that is the purpose of the product.

The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features.

There should be Terraform support for console administration. Dynamic tagging would be also useful. 

The auto-upgrade capability should be improved.

I have been using SentinelOne Singularity Complete for two years at this company. My company has been using it longer than that.

Its stability is pretty good. I like the stability of their agent.

It is extremely scalable.

Their technical support is pretty good. I would rate them an eight out of ten.

Positive

I was not here when they bought this solution, but I know why we bought the tool. We replaced another EDR solution, and then we used it as our enterprise EDR solution for ransomware prevention, threat hunting, and security investigations. We were using CrowdStrike previously. SentinelOne Singularity Complete also saved us money. It is very competitive compared to CrowdStrike.

I have used a couple of EDR solutions. SentinelOne Singularity Complete is less mature than CrowdStrike, but it is definitely one of the top players in the industry.

SentinelOne Singularity Complete has not helped reduce our organizational risk. It is about the same as CrowdStrike in this aspect.

We have it on our laptops and the cloud, so our setup is hybrid. I am in charge of deployment, and it is as simple or complex as any other solution. 

It requires maintenance on our end.

We have a team, but I do most of the work. I am in charge of it.

It is hard to define the ROI. It does not save us money, but it prevents security breaches. In the grand scheme of things, it is definitely worth investing in. 

Its pricing is competitive. 

It has competitive pricing and great support. It is a complete solution.

As a strategic security partner, they collaborate with us quite a bit on our overall posture. They constantly have webinars and education sessions for us to deepen our security knowledge and how to use their product. They have assisted us on various PoCs for different offerings that they have and different services they offer. They help us to understand how each of those components integrates into our overall security posture. We did a PoC of the Ranger functionality.

I would rate SentinelOne Singularity Complete a seven out of ten.

We deploy and manage the product for hundreds of clients.

We are a large global insurance company and we're trying to help proactively find a way for clients not to get breached by ransomware. This product is part of the way we do that.

The range and functionality are great.

The remote script orientation is good. 

The level of vigilance is impressive.

Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well.  

The solution's ability to ingest and correlate across other security solutions is helpful. It's been very important in terms of how we will move forward with the product. We're in the process of consolidating security solutions right now. Hopefully, it will help us reduce the use of some tool sets. It's helped us automate more and correlate better by bringing in data sets from different areas or systems so that we get a sense of threats. That's been really critical.

It provides increased visibility through Ranger. We don't need new agents or hardware. The ability to look for and find new devices that come onto the network helps us protect more efficiently.

It's been a great product in a couple of ways from my analysis of working on it. They have a great user interface, for example. It's easy to install and easy to support. It's allowing integration from all the different parts of our business and data points. Then there is the breadth of services that are tied into it. The support infrastructure overall has been great. 

Singularity can correlate with other data and it helps us put an automated lens around everything to reduce the amount of alerts we'll get.

We can scale with the solution and not have to scale more analysts. It helps us be more efficient.

It has already helped reduce the mean time to detect. The mean time to respond has been okay.

It's also helped us save costs. We're able to deploy a standardized solution that's really well-defined and offers very good training. The ability to scale has been wonderful and it's helped reduce the overall cost of the service we provide. 

Singularity helps us reduce organizational risk from a customer perspective. 

I'm able to have my analyst view everything from one console, and we have multiple boxes with them, and we have to log into separate consoles to access each of those one boxes. We really need a more centralized view of all of our environments. 

The MDM functionality and maturity still need improvement.

I've been using the solution for two years. 

I have contacted technical support in the past. They've been very responsive and helped us drive problems to completion. We've had no issues there.

Positive

We were using Carbon Black previously. Singularity has been much better about mean time to detect. It's likely 15% to 20% better by comparison. 

Carbon Black also didn't operate from a place of integrity.

I was involved in the initial setup and found it to be straightforward. I cannot really how long it took to fully deploy.

We handed the setup internally.

The pricing is great. I don't have any issues with it.

I'd rate the solution eight out of ten.