SentinelOne Singularity Complete Reviews

The solution is agent-based, so it's on service, and it's a cloud solution.

We are using its API capabilities for our server for protecting us from cyber security threats and attacks.

Earlier, we used some internal protections. However, we moved to HD information for the cyber security portion. It's helped us to mitigate security attacks and provide solid defense.

We like the file-less monitoring and filtering are great in the context of security.

The setup is very straightforward. 

It is stable. 

The product can scale if the licensing is correct.

SentinelOne has some inputs, some traditional NPRs, or models like IPS and IDS. We can configure individual rules for particular machines. In a sense, control is not from the console.

There should be more integration models with different security operations tools or soft tools. It could provide a single pane for integration with the firewall, or a soft solution should be there.

I'd been using the solution for eight months.

It's a stable, reliable product. there are no bugs or glitches. It doesn't crash or freeze. 

The product can scale. However, it depends on the license. 

We have 500 users on the solution right now.

Right now, we don't have plans to increase usage as we already have some buffer limit there.

While I haven't directly contacted support, I have used their documentation surrounding KPIs and have found them helpful.

Positive

Earlier, we were using Symantec and the One Protection Suite.

The solution is easy to set up. It's not an overly complex process. We had no issues at all. 

One system engineer which has some knowledge of network security can handle the implementation.

We handled the deployment in-house. 

SentinelOne has a very good XDR product, and it can also integrate with different security components. It's a single pane of glass for cyber security posture management. The ROI is good.

The licensing is handled by another team. I can't speak to the exact cost of the product.

We also looked at CrowdStrike before choosing this product.

Someone interested in the product should first do POC, and depending upon their OIS environment, they should consider this first before going for any XD solution.

I'd rate the solution eight out of ten.

We are using it for endpoint security. It acts as an antivirus as well as is useful for endpoint detection. We are using the same product for both use cases. 

SentinelOne is very lightweight. It doesn’t consume much memory of endpoints. Endpoints don't hang, and machine performance doesn’t get impacted. Their technical support is also very nice.

It has all the features that other leading products in the market provide. They should keep enhancing it based on the challenges in the market. I am fine with its detection capability, but they can work more on deep inspection.

I have been using this solution for around two years.

It is stable. I would rate it a four out of five in terms of stability.

It is scalable. I would rate it a four out of five in terms of scalability. We have more than 1,200 users who are using this solution.

Their technical support is very nice. I would rate them a five out of five.

Positive

It is very easy to implement or install. I would rate it a five out of five in terms of the ease of setup. It does require maintenance by someone.

Its cost is yearly. It is not much costlier than other leading products available in the market. I would rate it a four out of five in terms of pricing.

We were looking for an antivirus and EDR solution. We evaluated some of the products, and finally, we decided to go for SentinelOne EDR. CrowdStrike was one of the solutions we evaluated. SentinelOne was lightweight, but CrowdStrike had a more secure door.

I would rate it a nine out of ten.

We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients. 

Deployment is automatable through the RMM, though a little clunky to do. The provided automation was a little challenging, but once you get it configured it's quite effective. Once we got it deployed to our users, it operates seamlessly and with minimal impact on system resources. Even our clients with lower-end workstations report improved performance since switching from Bitdefender. 

After migrating, this also picked up some latent malware that was not previously detected & cleaned it immediately with almost no interaction required. I was impressed with how little this bogged down the affected system. This was in our pilot run, so I was on-site.

The fact that this runs using AI instead of heuristics provides the best protection I've seen. It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting. 

I tested this by deliberately infecting an unpatched test machine with WanaCry. First of all, SentinalOne blocked the initial infection attempt. I had to put S1 into "notify only" mode on that system to actually infect the machine. Once infected, WanaCry did what it does... encrypted all the documents I had copied to the test machine and put up the background. 

We immediately got a notification on our dashboard that a system was infected. At the same time, we got a popup on the client machine notifying us of the infection, with the option to auto-repair the damage. It took less than a minute (granted, we only had about 200 MB of files on the test system) for S1 to repair the damage and put the machine back to normal with no evidence of the infection.

You also can't remove the client from the local machine without approving it within the dashboard. This is a nice feature to prevent tampering by either hapless users or even skilled threat actors. 

Set up is very labor-intensive. You have to provide multiple codes from multiple places within the S1 dashboard in order to use the provided automation, and it's different for each client (or "sites" as they call it). It very much feels like an enterprise application that has been adapted for SMBs, but not very thoroughly. It would be better if they had a "site package" similar to the one offered by SolarWinds for the RMM. You just run the package on the client machine and done. 

The stability is excellent so far. Once installed, it's "set it and forget it."

Scalability is great if you're scaling up, but scaling down may prove to be challenging.

Technical support is provided for us through SolarWinds, and they're very knowledgable.

We used Bitdefender (also through SolarWinds) previously. SentinalOne was pitched by SolarWinds a few months ago as an alternative with robust ransomware protection. Being a small MSP, a single ransomware infection at a client could spell disaster for our business. We are always looking for the latest technology, but not marginal improvements. 

The setup script provided by SolarWinds (proprietary to their RMM) was a little challenging to get going, but once it worked, it worked perfectly. Except it didn't run on Win7 systems because it uses Powershell commands from a later version than what's available on Win7.

The vendor team provided support, but we did the deployment.

We're making about seventy-five percent over the per-seat cost, and it's easy to sell at that price point.

The per-seat cost is low, but you have to commit to a certain number of licenses for a year.

We really hadn't seen EDR solutions in action before. Our decision was based primarily on the fact that it has SolarWinds integration. 

Definitely worth the money compared to heuristic solutions, especially for clients who tend to "stretch" their hardware as long as possible. The low impact and robust reporting go a long way to make this an easy sell, and the cost is excellent for the price point. 

We have been growing, but we are still a pretty small team. We have integrated it with our other software, and we are getting logs out of it. We go into threat hunting and do a deep watch. We go in there, see those logs, and make more sense of things. It has been a real help.

In terms of its deployment model, we have private companies. It is mostly on-prem, but each plant is a little bit different. Anything and everything that touches our corporate environment gets it.

For the most part, it gives us time to react by getting things off the network and getting that account locked down for a minute. We can let a member of our team take a look at it and move on from there instead of letting something fly under the radar and letting the incident take place or continue to happen. We can put the spotlight on the incident, make someone take a look at it, and then we can get going.

The integrations I have been working with work great. They do exactly as advertised, and they have been helping me with my threat hunting and seeing what is out there. There are always things lurking in the weeds that you just do not know about, so being able to have that correlation and more insights is always helpful.

Singularity Complete has helped free up our staff for other projects and tasks. It is a small team. I am more of a one-man SOC. A lot of the incidents either come through me or someone else on the team if I am not there for vigilance, so being able to dive down and get an issue resolved quickly is helpful. I can then go back to another incident. Usually, they come in batches, so being able to go to the next one or go back to working on a major project has helped a great bit.

Singularity Complete has not helped to reduce alerts. To my knowledge, it stayed about the same. We have fewer false positives, but there are some other ones that I would rather look into. They are more on the identity side. Now that we have Singularity Identity, I am intrigued by what we will see there in terms of weird logins and other things. Now that we have the integration set up, I will get some alerts from there to go track down.

Singularity Complete has helped reduce our organizational risk. When you get these new tools, you see everything that is wrong, and then you are like, "Oh, man," but at least we are seeing them and fixing them. In that sense, it has helped to reduce risks. I do not have the metrics, but we have been able to tackle some vulnerabilities and issues that have been big known ones.

Singularity Complete would help our organization save on its costs if we were not trying to expand so much. We are into manufacturing, and we grow a lot by mergers and acquisitions, so anywhere we can get security funding is a great point. It has helped us identify some things that we can do without. We can either reduce or eliminate those other tools and cascade down, so overall, it has reduced costs.

The Microsoft integrations are most valuable right now. One that I still have in the testing is putting user accounts into the high risk and letting our policies on that take place, and then have SentinelOne put it into network isolation as well until an incident is resolved.

There could be more integrations with more software. We have been looking at Palos and getting those put into the data lake. If there was a native integration for that, that would help a lot. They can just continue adding more integrations with these big brands and software security products. 

I have been with the company for two years, and it has been there since the time I have been there, so I can only say two years at most.

I would rate it a ten out of ten in terms of stability. It is great in terms of stability and agents working as long as you do your due diligence and you do not leave it there to run just like every other product. If you leave it there with no attendance, it is going to do what it does, but if you are in there, doing your due diligence and making sure things are set, it is great. Auto updates are something I know that was implemented. That has been super helpful, so if you are doing what you need to do, it is a ten out of ten.

I would rate it a ten out of ten in terms of scalability, especially because we have Ranger deployed. If we need to or if we have a merger, we can get them to put SentinelOne on a couple of devices for us and give us creds so that we can deploy to the rest from there in case they cannot get us in the SCCM or whatever else they are using.

Their support is great. Keith Fields and Mitch Milligan are always there. They have been super helpful. I knew Keith before Mitch was even part of our account. I have been working with Keith for a little bit, and he has been super insightful on different things that I did not know the tool could do or quicker ways to do things. Mitch has also been super helpful in getting us set up. 

We just bought Singularity Identity, and Keith, Mitch, and Paul have been there to give us those meetings on what we need. They really understand what our business is, and they look into our console to help us out at times as well. It has been great. I would rate their support a ten out of ten.

Positive

It was already in place when I joined the organization. We run Defender as well. It is like a dual-stack. We have E5 for other reasons, and we use it because it is already there, but our team has gone for SentinelOne. We have had other people, especially the research teams, who want to use their own agent, but we are so comfortable with SentinelOne's abilities and what we have set up to keep us secure that we have looked away from those other SIEMs who want their agent. We have looked away from other software in the realm of MDR that may not work with SentinelOne. It is a staple piece for us that would be a hard buy to remove.

It works great. One thing I wish I had done more in college is hands-on with EDR agents. I went to Purdue for the cybersecurity network engineering major. They had classes and labs for forensics, but one thing we did not get too much hands-on was EDR. I believe they lived in the world of Microsoft for their operations there. Since I have been working here, Singularity Complete has been a great product. We are expanding. We have gone into these other modules and platforms, and we have always had a great experience.

It is a mature solution. It has been here longer than ten years. I graduated from college in 2021 and from high school in 2017. It has been around longer than I have known cyber practices. It is a good one. Always do your research and compare, but it is definitely a top one. I believe it is up there on the Gartner's Quadrants as well. It is up there for a reason.

We will use it more as we get more tools and integrate it. Currently, some of the things are still in beta. I am not leveraging it to its full capability because things are either in testing or we are looking at the software that is going to be connected. From what I have seen and based on the demos and how the beta is going, I have to give it a ten out of ten.

We deploy and manage the product for hundreds of clients.

We are a large global insurance company and we're trying to help proactively find a way for clients not to get breached by ransomware. This product is part of the way we do that.

The range and functionality are great.

The remote script orientation is good. 

The level of vigilance is impressive.

Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well.  

The solution's ability to ingest and correlate across other security solutions is helpful. It's been very important in terms of how we will move forward with the product. We're in the process of consolidating security solutions right now. Hopefully, it will help us reduce the use of some tool sets. It's helped us automate more and correlate better by bringing in data sets from different areas or systems so that we get a sense of threats. That's been really critical.

It provides increased visibility through Ranger. We don't need new agents or hardware. The ability to look for and find new devices that come onto the network helps us protect more efficiently.

It's been a great product in a couple of ways from my analysis of working on it. They have a great user interface, for example. It's easy to install and easy to support. It's allowing integration from all the different parts of our business and data points. Then there is the breadth of services that are tied into it. The support infrastructure overall has been great. 

Singularity can correlate with other data and it helps us put an automated lens around everything to reduce the amount of alerts we'll get.

We can scale with the solution and not have to scale more analysts. It helps us be more efficient.

It has already helped reduce the mean time to detect. The mean time to respond has been okay.

It's also helped us save costs. We're able to deploy a standardized solution that's really well-defined and offers very good training. The ability to scale has been wonderful and it's helped reduce the overall cost of the service we provide. 

Singularity helps us reduce organizational risk from a customer perspective. 

I'm able to have my analyst view everything from one console, and we have multiple boxes with them, and we have to log into separate consoles to access each of those one boxes. We really need a more centralized view of all of our environments. 

The MDM functionality and maturity still need improvement.

I've been using the solution for two years. 

I have contacted technical support in the past. They've been very responsive and helped us drive problems to completion. We've had no issues there.

Positive

We were using Carbon Black previously. Singularity has been much better about mean time to detect. It's likely 15% to 20% better by comparison. 

Carbon Black also didn't operate from a place of integrity.

I was involved in the initial setup and found it to be straightforward. I cannot really how long it took to fully deploy.

We handed the setup internally.

The pricing is great. I don't have any issues with it.

I'd rate the solution eight out of ten.

We primarily use the solution at our endpoints. We use it for security.

It's catching a lot of malicious and suspicious threats. That's good for us. 

We are able to write some custom rules on SentinelOne.

The setup is simple. 

Right now, the solution meets our needs. We do not need anything added to it. 

Maybe they can develop some firewall aspects for it to better protect us. If they did that, we can write a lot of rules for the firewall and custom rules.

I've been using the solution for about two years. 

The solution is stable and reliable. It catches a lot of malicious and suspicious threats. There are no bugs or glitches and it doesn't crash or freeze. 

The solution scales well and can work across platforms. We can use it with MacOS, Linux, and Windows Servers. You can use it with everything.

We have 600 people on the solution right now. It is used throughout the company.

We may increase usage in our company. 

Technical support is great. They are very responsive. For example, today, if I open a ticket, they will likely give me an answer in 24 hours.

Positive

I used FireEye and Symantec. However, SentinelOne is better than them. It's more flexible and catches more threats. 

We found the initial setup to be very simple. You just click through, and you're up and running. 

I'd rate it five out of five in terms of ease of deployment.

We're deploying it every month. SentinelOne sends updates every month and we action them. 

Licensing is paid on a yearly basis. I can't speak to the exact pricing. 

I'm not sure which version number we are currently on. 

If a company has a lot of people and needs to protect its many endpoints, this is a great option.

I'd rate the solution eight out of ten. 

We use the solution for antivirus protection. We do know it does more, however, we're trying to just get the antivirus program up and working and functioning at this point.

It's allowed us to really cover all of our endpoints, including servers, Macs, and services. We're hoping to do a kiosk mode in some of these services for our labs and facilities, and we're hoping that SentinelOne can actually do that. We're going to work with them to make sure we can get that rolled out.

The fact that they have a lot of search features is very helpful. We can go into their filters and we can filter out by specific computer name, for example. We can specify if we want Macs or we want Windows computers, or if we want just laptops, or desktops. There's just a lot of versatility as to how we can look up the devices and really drill down.

The interoperability with other SentinelOne solutions and other third-party tools is good. For other third-party tools, I've used other antivirus software that doesn't have this type of interface. This gives you a lot more latitude to control the computer to basically push out updates and monitor what's going on with the endpoints immediately. It really helps with everything that you need to be on top of quickly, and it really helps that we can monitor everything in real-time.

It integrates smoothly with other solutions. We were able to push out the software and the agent to all the endpoints rather easily. There were only a few stragglers who just weren't physically on and weren't getting the endpoint, however, the rollout went pretty smoothly. The few endpoints not covered were ones that weren't turned on or not in use.

My impressions of the solution's ability to ingest and correlate across our security solutions are positive. It works really well. 

We like the fact that we actually have a dedicated person at SentinelOne that we can talk with and work with.

It's helped to reduce alerts. The alerts have really gone down. We've actually had a lot of good coverage. There really haven't been that many alerts or issues. They've actually caught a lot of issues and threats before it's even been a problem. It's really helped cut down on the amount of work that we have to do on our end for troubleshooting and the prevention of viruses or phishing attempts.

This solution helped us to free up the time for other projects and tasks for your team members. We just rolled out a new software program, and it allowed us to focus on that more rather than having to deal with virus alerts that come through from our previous virus program. They've really managed it for us and really helped us find more time to work on the projects that we really need to focus on to advance our business rather than worry about threats that are coming through. It's been quite a time saver. 

It helped to reduce our organization's mean time to detect. It's got a much nicer interface to work with, and it's really helped to have them as a working partner rather than our previous vendor which was just a little harder to get a hold of and not as easy to work with.

The mean time to respond is much quicker than what we did have. 

It has helped to reduce our organizational risks. We save a lot of hours by not having to deal with all the alerts and managing them. It has saved us many hours of work and really helped us focus on what we really are there to do rather than working on the threats that come our way.

The solution does allow us to be innovative. The product has a nice interface and is quite robust in comparison. We like the options and availability and how it allowed us to manage our endpoints.

Using the filters takes a little bit of time to get used to. There are so many. You have to scroll from side to side in the filter section to find them. It's not very user-friendly. 

Some of the options they have up top are a bit much. It is a bit daunting. It minimizes, and then you have to click on select filters for it to completely open, and then you've got a scroll to the right or scroll to the left. Even if you maximize your screen from left to right, there are still more filters to scroll through. They're not well laid out.

I haven't used the reporting feature much, however, having a little bit more options in reporting would be helpful.

I started using the solution about six months ago. 

The solution is very stable. 

We have about 400 endpoints. They are all deployed in one location.

It is a scalable product. If we need to add more endpoints, we can. That said, we have yet to scale. 

Technical support has been really good. 

Positive

We had a current vendor called Carbon Black who did our antivirus software, however, it wasn't it wasn't working as well as we would have liked. So we went with SentinelOne to give us a more complete solution.

There is just a lot of functionality on the end of SentinelOne that we just didn't have with Carbon Black, and it just made a lot more sense to go with this. Even though it was priced a little bit more.

I was involved in the deployment of the solution. The process was very simple. SentinelOne took care of most of it for us. 

SentinelOne pushed out the agent for us. 

We did not need a lot of resources in terms of staff members. We were involved in the planning yet not too much of the implementation. We're still working on covering the last few machines. 

There is some maintenance, however, they are mostly updates and those are pushed out by SentinelOne. 

We had a representative from the vendor who helped with the deployment. 

I can't speak to the exact numbers in terms of ROI. However, other programs do not have as much support and in that sense, support, along with savings, has provided some form of ROI. 

My understanding is the pricing is reasonable. 

We evaluated other options as well. We looked at Norton, McAfee, and Avast, which were built-in. We went with this product based on the support we would get and the fact that they were personable and easy to work with. We have a dedicated customer service rep that we can talk with about any issues.

We do not use the Ranger feature at this time. We would need to upgrade if we wanted to use that, apparently. So we just decided not to go with that.

The quality is good. I like the way it works and the amount of options it has. However, it has so many options and functionalities you need to really figure out how it works. It takes care of a lot of things for you. You can just set it and forget it. 

They are great as a strategic security partner. They worked closely with us and were good at explaining the layout and how the solution would work. They are very helpful.

I'd recommend the solution for users looking for antivirus or endpoint management. It's got great features for both small and large companies. I'd talk with SentinelOne about a company's individual needs. They are quite flexible.  

I'd rate the solution eight out of ten. 

We are a system integrator. We are a SentinelOne partner, and we provide Singularity Complete to our customers.

Singularity Complete has helped to reduce alerts. There is about 50% reduction. It automatically generates alerts and can also solve a problem.

It has reduced the mean time to detect (MTTD). It has real-time detection, and it has been very good so far.

The mean time to respond (MTTR) has been reduced. We can respond to an incident in 10 to 15 minutes.

Singularity Complete saves costs for our customers. Its automation helps save money. There is a reduction in the operational costs.

It reduces the risk for the organization. They have an AI engine to detect new threats, such as Zero-day threats.

It is a robust solution. It provides great visibility. It scans and shows the vulnerabilities in our devices.

It is complicated to do certain tasks.

I have been working with Singularity Complete for about one year.

It is stable. Our customers have not had any issues.

I have not used their support so far.

I have worked with Symantec and one more solution for endpoint protection. Singularity Complete has an AI engine. There is no need to download anything.

It is very easy to deploy. It takes about a week.

We are a partner of SentinelOne. We are happy with SentinelOne as our strategic security partner. 

I would rate SentinelOne Singularity Complete a ten out of ten.