Try our new research platform with insights from 80,000+ expert users
reviewer1649415 - PeerSpot reviewer
Principal Security Analyst at a tech services company with 1,001-5,000 employees
Real User
Top 20
A great storyline feature, dashboard, and customization
Pros and Cons
  • "I really like the storyline feature."
  • "The false positive rate has room for improvement."

What is our primary use case?

We use SentinelOne Singularity Complete for antivirus and EDR capabilities on both our hosted and internal platforms.

We implemented SentinelOne Singularity Complete to harden the security of our environment.

How has it helped my organization?

Initially, we focused on our client-facing platform. We definitely wanted to ensure adequate antivirus and malware protection, and I believe we have achieved that with SentinelOne Singularity Complete. Our environment is fairly large so it took us a few months to realize the benefits.

SentinelOne Singularity Complete helped save our staff time to focus on other projects. Our security operations team has a little bit more bandwidth now.

SentinelOne has helped us reduce our MTTD. The Storyline feature has definitely cut down on research time when investigating incidents, making the process much faster. What used to take several hours to review logs can now be completed in ten minutes.

It has helped us reduce our MTTR.

Our organization had a costly incident before we implemented SentinelOne Singularity Complete. Since the implementation, we have not had any incidents, which correlate to cost savings.

Singularity Complete has helped reduce our organizational risk.

What is most valuable?

I really like the storyline feature. It makes it easier to tie together the processes and how they are related when investigating potential incidents. I also like the dashboard and the customization options.

What needs improvement?

The only integration that we are having a challenge with is our Rapid7 SIM solution. We have created exclusions for it, but sometimes there are still some false positives that the team works through.

The false positive rate has room for improvement.

We can build exclusions in a few ways, but one challenge is that many third-party applications spawn files with random names. This can make it difficult to write rules to account for these files. If there are better ways to deal with this, it would help to reduce conflicts between our Rapid7 solution and some of our other solutions that generate PowerShell scripts.

When agent updates require a reboot, this can be challenging for our large customer environments.

Buyer's Guide
SentinelOne Singularity Complete
November 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for four years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable. We have not had many stability issues.

What do I think about the scalability of the solution?

We have a large environment and find SentinelOne Singularity Complete to be scalable to meet our requirements.

How are customer service and support?

The technical support ticket for the issue we had with getting the agent installed in our PBS image took almost a year to resolve, and we ended up finding the solution on our own. We had several tickets open, but unfortunately, they didn't lead anywhere.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used Cylance, which our hosting provider provided along with Endpoint Detection and Response. However, we experienced several challenges with Cylance, so we purchased SentinelOne Singularity Complete for our corporate network. SentinelOne functions and deploys significantly better than Cylance, so we asked our hosting provider to switch us to SentinelOne instead.

How was the initial setup?

The initial deployment was straightforward for SentinelOne Singularity Complete. We had a bigger challenge installing Cylance. 

What other advice do I have?

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete has a lot more functionality right out of the gate.

I recommend considering SentinelOne Singularity Complete for anyone researching security solutions.

SentinelOne Singularity Complete is deployed on our corporate and hosted endpoints. We have between 5,000 and 9,000 endpoints.

We have six people that monitor SentinelOne Singularity Complete. 

Our agent updates require maintenance and close monitoring. We sometimes have to manually enable policies that are disabled due to the disruption caused by unexpected reboots. We must carefully plan these updates.

SentinelOne Singularity Complete is a good strategic security partner.

I would definitely recommend doing a POC to see if SentinelOne Singularity Complete is a good fit for the environment.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Deputy General Manager at SLT Visioncom Pvt Ltd
Real User
Good scanning and protection but needs to have a faster setup process
Pros and Cons
  • "The solution is easy to set up."
  • "The solution can use up a lot of resources when scanning. It would be ideal if it was lighter."

What is our primary use case?

We outsourced the operation to a partner, a supplier, and they have managed those services. If the product does identify some abnormal behavior, our supplier is informed, and our main IT division or group IT division is informed. They correct the machine, and they do whatever they need to do.

What is most valuable?

Nowadays, there is a lot of malware and various other malicious threats. Our system is an internal system. There might be a firewall there, however, malware can still get through an email. However, this solution is very good at detecting abnormal behavior. They act very fast and quarantine machines well. 

We find that having an endpoint protection solution allows us to adapt and react faster. 

I can put something on my pen drive and get the solution to scan it and see if there are any issues. They can identify and block without affecting any core sections. 

The solution is easy to set up.

It's stable.

What needs improvement?

The solution works quite well and I don't have many notes for improvement. 

The solution can use up a lot of resources when scanning. It would be ideal if it was lighter. 

We find the initial setup does take some time, as you have to do a lot of whitelisting. We'd like the process to be faster. 

For how long have I used the solution?

I've used the solution for a while. It's been more than two years. 

What do I think about the stability of the solution?

The solution is pretty stable. I'd rate it seven out of ten. It's pretty reliable. 

What do I think about the scalability of the solution?

You can scale the solution. However, you do have to pay more to expand as you need to purchase more licenses. At this point, we get additional blocks of licenses when we need them. We do not upgrade one license at a time. 

We have about 5,000 clients on the solution currently.

How are customer service and support?

I do not have much experience with technical support.

Which solution did I use previously and why did I switch?

We also have Microsoft Defender. They are two different products. We use Defender on our machines and workstations, however, not for endpoint security reasons. 

How was the initial setup?

IT installed the solution on my machine. 

That said, my understanding is the initial setup is not overly complex. At first, however, we had to do some whitelisting. You need to perform a few operations, and we had to reinstall the OS, install a backup, and handle whitelisting. While it takes time, it's not hard. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure of the exact pricing of the solution. That's handled by a different team.

Which other solutions did I evaluate?

We have an IT department that may look at other options, depending on the use case. They've looked at, for example, Sophos, however, they found SentinelOne to be more suitable for us. 

What other advice do I have?

I'm an end-user and not very technical.

While the solution is cloud-based, there's an on-prem server, and that is for the administration of our nodes. Mainly, the subscription is controlled by the cloud.

I'd rate the solution seven out of ten. Depending on the use case and if it makes sense for the company, I'd recommend the product.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Complete
November 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
Senior Vice President IT at a tech services company with 11-50 employees
Reseller
Top 5
Helps free up time, save costs, and reduce organizational risk
Pros and Cons
  • "The most valuable feature of SentinelOne Singularity Complete is the STAR Rules."
  • "While our current remote access to SentinelOne Singularity Complete is achieved through publishing, having a direct GUI interface would be a significant advantage for our user and administrator team."

What is our primary use case?

We use SentinelOne Singularity Complete for EDR. It is a one-click recovery.

How has it helped my organization?

SentinelOne Singularity Complete stands out for its ability to collect logs from any security tool we have, bringing together all our data onto a single, unified console.

The Ranger functionality helps identify vulnerabilities in our environment.

Singularity Complete is a complete security solution that goes beyond just alerts. It provides a dashboard that displays all configured security alerts, including lateral movement, consumer attacks, and any other relevant events, on a single console for easy monitoring and response.

Singularity Complete helps free up our time and has reduced the mean time to detection.

It also helps reduce the mean time to remediation and helps cut our client's costs by 75 percent.

Singularity Complete helps reduce organizational risk and improve compliance.

What is most valuable?

The most valuable feature of SentinelOne Singularity Complete is the STAR Rules.

What needs improvement?

While our current remote access to SentinelOne Singularity Complete is achieved through publishing, having a direct GUI interface would be a significant advantage for our user and administrator team. This console access would provide a more intuitive and efficient way to manage the platform.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one and a half years.

What do I think about the stability of the solution?

I would rate the stability of SentinelOne Singularity Complete nine out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of SentinelOne Singularity Complete ten out of ten.

How are customer service and support?

The technical support is excellent.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete is reasonably priced.

What other advice do I have?

I would rate SentinelOne Singularity Complete ten out of ten.

SentinelOne Singularity Complete stands out in the EDR market by offering a unique million-dollar guarantee, demonstrating their confidence in the product's ability to effectively protect our systems. This financial backing signifies a strong belief in its performance, something no other EDR vendor currently offers.

SentinelOne Singularity Complete is a zero-maintenance product. It's supported by their management defense research team which is working on the console update as well as the automation of the agent-client updates.

I would recommend SentinelOne Singularity Complete.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
reviewer2271060 - PeerSpot reviewer
Cybersecurity Engineer at a energy/utilities company with 1,001-5,000 employees
Real User
Top 20
Improves our visibility and response across multiple platforms in our enterprise network
Pros and Cons
  • "The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported."
  • "Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved."

What is our primary use case?

Our primary use case would be for active XDR protection. We wanted an innovative XDR to keep up with the rising dangers of malware, ransomware, et cetera.

How has it helped my organization?

Our visibility and response to a lot of the things that come with an enterprise network have improved. We have users doing multiple things across different platforms. There are applications, servers, endpoints, and certain things that fit in the wild, and it does a really good job protecting all of them.

It has saved time for my team because of what we can do in terms of device control that it provides externally. We have total control.

When it comes to detection, we have email alerts when a threat comes across, so it's pretty quick. And if we have predefined responses to certain threats, then obviously, our response is instantaneous. But in a lot of cases, we like to have our administrators take a look at it and make sure it gets remediated as quickly as possible.

As for security, SentinelOne Singularity puts us in a better place than most solutions. We can look at platform reviews that keep us in the loop regarding what's not considered a good solution.

What is most valuable?

The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported.

It also has a lot of flexibility with its ability to ingest things.

And the AI feature of the solution is prompt in how it learns a certain network and how it responds to certain things. If you do come across false positives, it's relatively easy to get around them.

What needs improvement?

There are some obstacles you have to overcome when it comes to whitelisting and the like, but that's true of every XDR platform.

Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved.

For how long have I used the solution?

We've been using SentinelOne Singularity Complete for about three years.

What do I think about the stability of the solution?

I would give it an A-plus in stability. A lot of times, when you download a new endpoint protection agent or an AV agent, you might run into a lot of compatibility issues or programs kind of freezing up.

What do I think about the scalability of the solution?

I would give it an A-plus for scalability as well.

How are customer service and support?

Our experience with their technical support has been straightforward and good. We got good, timely responses.

As a strategic partner, they're "the new guy on the block." There is some talk of them being bought out. I have heard some rumors like that. But from what I've seen, SentinelOne is just as good as, or better than, any other security partner out there.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use an endpoint protection platform, but I can't comment on which one we used.

How was the initial setup?

I was involved in the whole process of deployment. One thing that wasn't SentinelOne's forte was compatibility with a script for an on-premises software distribution tool. Most of what we did was homegrown to deploy the agents to the machines.

What about the implementation team?

We did it in-house. There were a handful of us involved, probably 10 at least.

What's my experience with pricing, setup cost, and licensing?

I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process.

Which other solutions did I evaluate?

We looked at a couple of other solutions but, again, I can't disclose more about those.

What other advice do I have?

The speed and user friendliness that this platform offers break down some complex aspects of the security industry, and the solution lays them out in a way that a general user can understand.

Definitely compare and contrast Singularity with other solutions. It depends on what fits best for you, what industry you're in, how mobile your network is.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2266944 - PeerSpot reviewer
Application Support Specialist at a non-tech company with 201-500 employees
Real User
Interoperable, saves time and reduces alerts
Pros and Cons
  • "It has helped to reduce our organizational risks."
  • "Using the filters takes a little bit of time to get to used to."

What is our primary use case?

We use the solution for antivirus protection. We do know it does more, however, we're trying to just get the antivirus program up and working and functioning at this point.

How has it helped my organization?

It's allowed us to really cover all of our endpoints, including servers, Macs, and services. We're hoping to do a kiosk mode in some of these services for our labs and facilities, and we're hoping that SentinelOne can actually do that. We're going to work with them to make sure we can get that rolled out.

What is most valuable?

The fact that they have a lot of search features is very helpful. We can go into their filters and we can filter out by specific computer name, for example. We can specify if we want Macs or we want Windows computers, or if we want just laptops, or desktops. There's just a lot of versatility as to how we can look up the devices and really drill down.

The interoperability with other SentinelOne solutions and other third-party tools is good. For other third-party tools, I've used other antivirus software that doesn't have this type of interface. This gives you a lot more latitude to control the computer to basically push out updates and monitor what's going on with the endpoints immediately. It really helps with everything that you need to be on top of quickly, and it really helps that we can monitor everything in real-time.

It integrates smoothly with other solutions. We were able to push out the software and the agent to all the endpoints rather easily. There were only a few stragglers who just weren't physically on and weren't getting the endpoint, however, the rollout went pretty smoothly. The few endpoints not covered were ones that weren't turned on or not in use.

My impressions of the solution's ability to ingest and correlate across our security solutions are positive. It works really well. 

We like the fact that we actually have a dedicated person at SentinelOne that we can talk with and work with.

It's helped to reduce alerts. The alerts have really gone down. We've actually had a lot of good coverage. There really haven't been that many alerts or issues. They've actually caught a lot of issues and threats before it's even been a problem. It's really helped cut down on the amount of work that we have to do on our end for troubleshooting and the prevention of viruses or phishing attempts.

This solution helped us to free up the time for other projects and tasks for your team members. We just rolled out a new software program, and it allowed us to focus on that more rather than having to deal with virus alerts that come through from our previous virus program. They've really managed it for us and really helped us find more time to work on the projects that we really need to focus on to advance our business rather than worry about threats that are coming through. It's been quite a time saver. 

It helped to reduce our organization's mean time to detect. It's got a much nicer interface to work with, and it's really helped to have them as a working partner rather than our previous vendor which was just a little harder to get a hold of and not as easy to work with.

The mean time to respond is much quicker than what we did have. 

It has helped to reduce our organizational risks. We save a lot of hours by not having to deal with all the alerts and managing them. It has saved us many hours of work and really helped us focus on what we really are there to do rather than working on the threats that come our way.

The solution does allow us to be innovative. The product has a nice interface and is quite robust in comparison. We like the options and availability and how it allowed us to manage our endpoints.

What needs improvement?

Using the filters takes a little bit of time to get used to. There are so many. You have to scroll from side to side in the filter section to find them. It's not very user-friendly. 

Some of the options they have up top are a bit much. It is a bit daunting. It minimizes, and then you have to click on select filters for it to completely open, and then you've got a scroll to the right or scroll to the left. Even if you maximize your screen from left to right, there are still more filters to scroll through. They're not well laid out.

I haven't used the reporting feature much, however, having a little bit more options in reporting would be helpful.

For how long have I used the solution?

I started using the solution about six months ago. 

What do I think about the stability of the solution?

The solution is very stable. 

What do I think about the scalability of the solution?

We have about 400 endpoints. They are all deployed in one location.

It is a scalable product. If we need to add more endpoints, we can. That said, we have yet to scale. 

How are customer service and support?

Technical support has been really good. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had a current vendor called Carbon Black who did our antivirus software, however, it wasn't it wasn't working as well as we would have liked. So we went with SentinelOne to give us a more complete solution.

There is just a lot of functionality on the end of SentinelOne that we just didn't have with Carbon Black, and it just made a lot more sense to go with this. Even though it was priced a little bit more.

How was the initial setup?

I was involved in the deployment of the solution. The process was very simple. SentinelOne took care of most of it for us. 

SentinelOne pushed out the agent for us. 

We did not need a lot of resources in terms of staff members. We were involved in the planning yet not too much of the implementation. We're still working on covering the last few machines. 

There is some maintenance, however, they are mostly updates and those are pushed out by SentinelOne. 

What about the implementation team?

We had a representative from the vendor who helped with the deployment. 

What was our ROI?

I can't speak to the exact numbers in terms of ROI. However, other programs do not have as much support and in that sense, support, along with savings, has provided some form of ROI. 

What's my experience with pricing, setup cost, and licensing?

My understanding is the pricing is reasonable. 

Which other solutions did I evaluate?

We evaluated other options as well. We looked at Norton, McAfee, and Avast, which were built-in. We went with this product based on the support we would get and the fact that they were personable and easy to work with. We have a dedicated customer service rep that we can talk with about any issues.

What other advice do I have?

We do not use the Ranger feature at this time. We would need to upgrade if we wanted to use that, apparently. So we just decided not to go with that.

The quality is good. I like the way it works and the amount of options it has. However, it has so many options and functionalities you need to really figure out how it works. It takes care of a lot of things for you. You can just set it and forget it. 

They are great as a strategic security partner. They worked closely with us and were good at explaining the layout and how the solution would work. They are very helpful.

I'd recommend the solution for users looking for antivirus or endpoint management. It's got great features for both small and large companies. I'd talk with SentinelOne about a company's individual needs. They are quite flexible.  

I'd rate the solution eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Ashish Dubey - PeerSpot reviewer
Lead Security Analyst at SecurityHQ
Real User
Top 10
Provides a better graph showing when the alert started, the process, the challenges, and the parameters; has an AI that segregates and categorizes events
Pros and Cons
  • "The most valuable feature of SentinelOne is the good graph it provides. It has a specific page where it detects the recent attacks on other machines or the hackers, for example, group APT28 and all."
  • "An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."

What is our primary use case?

Using SentinelOne isn't part of my daily tasks. My team only uses it when there's a detection, so the tool is only kept as a screenshot or wallpaper and is only used when there's an alert. It doesn't give us many alerts anyway.

My company uses SentinelOne for EDR purposes for alerts, detections, and patch deployment. For example, some clients ask my team to patch multiple devices and apply policies to the devices, so my team updates policies, applies patches, and updates machines per Windows and Mac updates.

My company also uses SentinelOne for EDR detections and investigations, including forensic purposes.

What is most valuable?

The most valuable feature of SentinelOne is the good graph it provides. It has a specific page where it detects the recent attacks on other machines or the hackers, for example, group APT28 and all. It shows the active group or predators in the market, the tactics the group uses, and the recent attacks the group performed.

My company even asked a particular client to onboard devices on SentinelOne because it's easier to graph the alerts. The tool can provide you with a better graph that shows when the alert started, the process, the challenges, and the parameters of the processes.

SentinelOne also has a knowledge base embedded in it. You have to visit the page to get the details.

I also like that you can see the activities performed for the alerts received from your end. You have a bunch of people working on SentinelOne, and you don't have to worry about not knowing who received and resolved the alerts because you can get information on the activities on the tool. You can view the actions on the alerts and who has taken action. This is a valuable feature of SentinelOne that's not usually provided on the other EDRs because it's unrelated to the investigations. I can see who recently closed or resolved a particular alert on SentinelOne because the name of the person who took action will appear on the activity page.

Another feature I like a lot about SentinelOne that I can't find in other EDR solutions is the AI segregation and categorization of events. You'll be directed to the logon events category if you're looking into logon-related events. If you're looking into network-related events, you'll be directed to another category, the appropriate one. Based on your search, the SentinelOne AI will segregate the results into categories. You can click on the category and view the categories related to your events. The segregated results then make it easier to do the investigations.

What needs improvement?

An area for improvement in SentinelOne is the search feature. It could be easier. For example, you can select the number of results that will be shown to you, such as two thousand events, and you can even go up to twenty thousand events for the search you've made, but you can't go beyond twenty thousand. You can only receive up to twenty thousand if you find login-related, detection-related, or process creation-related events. That's the limitation in the search feature of SentinelOne, which ruins the task because it isn't enough when you're doing your investigation.

The retention period of the tool also has room for improvement. The retention period is a time when you can patch up the logs, even older ones. Still, on SentinelOne, the retention period is only one week or one week up to twenty-eight days, and that period is insufficient, especially for a security breach. If a security breach occurs within the company, it could be six months to a year, so if you want to view the logs, you cannot go beyond the limit set by SentinelOne.

The retention period of the tool is way less than what other EDR solutions provide. SentinelOne and CrowdStrike come with a shorter retention period, which means you cannot go beyond one month when investigating the logs.

One month is the timeframe of the retention period, and one week is real-time, as scheduled by the vendor. For forensics purposes, the retention period is critical, so what would make SentinelOne better is a more extended retention period that lets you investigate logs. If you want to patch logs, you can directly call or reach out to the vendor who can provide you with the logs. If the vendor has no logs, you won't get the initial alert when the incident starts.

What I want to see from SentinelOne in its next release is a faster search. I also wish that the twenty thousand event limitation be removed.

For how long have I used the solution?

I've been using SentinelOne for nine to ten months now.

What do I think about the stability of the solution?

SentinelOne is a stable tool that never crashes. It's a good product.

Its stability is nine out of ten because, at times, the tool lacks robustness when searching. For example, if I want to search, it can take some time based on my ability to search. Searching on SentinelOne can be much faster because, search-wise, it could be a little laggy.

What do I think about the scalability of the solution?

The scalability of SentinelOne is much better than other tools, so it's a ten for me, scalability-wise.

How are customer service and support?

I haven't contacted the technical support for SentinelOne, but many of my colleagues had experience getting SentinelOne support. One case was about the retention period because a client had been compromised and needed more logs from SentinelOne, but the support team couldn't provide more logs as the retention period was too short.

Which solution did I use previously and why did I switch?

My company chose SentinelOne over other solutions because it's powerful in the areas of detection, flagging for alerts, and logs. The alert creation is stronger in SentinelOne, so my company went with this tool.

How was the initial setup?

The initial setup for SentinelOne was easy, and I manually performed it. It's easy to deploy a device onto SentinelOne. You have to run the agent, and the application, then the tool will be onboarded. It's that easy.

The deployment of SentinelOne hardly took me half an hour. Once you've learned how and executed the agent file on the machine, you'll start getting the logs. You'll test, configure, and collect the right resources and receive the logs.

What about the implementation team?

I implemented SentinelOne, so it's in-house.

What's my experience with pricing, setup cost, and licensing?

As a developer, I have no information on the pricing of SentinelOne.

What other advice do I have?

I'm using SentinelOne, the EDR solution.

SentinelOne is deployed on the cloud, probably the public cloud, though I wonder if it's private or public. It's on the cloud because it has many more features and doesn't use up many resources even when there's a high workload, and as a tool, SentinelOne performs very well. It may be on AWS or Azure, though.

Within the company, twenty people personally use SentinelOne daily.

My company is a partner of SentinelOne, so my team recommends it to clients, especially if clients require more detection and easy onboarding.

I'd tell anyone looking into implementing the tool that it's fun to learn and use. You can use it without needing many clicks to isolate the machine or perform your required activities. One of the best features of SentinelOne is that it has minimal mouse actions. For example, when you click on a machine, you'll get the hyperlink that shows you the machine details, the uptime, when it was first and last seen, the memory, and all the machine details. You get the details in one location, such as the applications installed on the machine, the network-related configurations of the machine, and the machine processes. You won't get as many features from other EDR solutions. You can isolate the machine, repair and update the machine, update the knowledge base and software, and onboard a particular device on SentinelOne. The tool has many more features. It's a good tool.

My rating for SentinelOne is nine out of ten. Still, if the twenty-thousand event limitation is removed, then that's the time I'd give the tool a score of ten because if there's no limit set, then you can get all process details related to your investigation.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Technical Team Lead at Alepo
Vendor
User-friendly with reasonable pricing and good support services
Pros and Cons
  • "We find the solution to be scalable."
  • "They need to improve how we install the software."

What is our primary use case?

The primary use case is as an endpoint detection and response software. Basically, it is an enhanced antivirus, anti-malware, and anti-ransomware solution. It protects from ransomware attacks and other types of cyber attacks. It protects the endpoint from malicious actions.

What is most valuable?

Protection from cyber attacks is the feature we find the most valuable.

It's a stable product.

We find the solution to be scalable.

Technical support is good. 

The pricing is not too high.

It has a pretty simple user interface and is user-friendly.

What needs improvement?

They need to improve how we install the software. For the agent of SentinelOne in the endpoint, it's not an automated process. We have to download it and then upload it on the endpoint. That is something that can be made simple. The uploading of the software in the endpoint, if that can be done publicly, would be great. The setup should be available publicly. The agent installation should all be done in the cloud.

For how long have I used the solution?

I've been using the solution for more than a year.

What do I think about the stability of the solution?

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The solution scales well. You can expand it as needed. 

We are a small organization and have around 200 to 250 people on the solution. 

How are customer service and support?

The management is outsourced, and I find they are doing a very good job. We are satisfied with how we are able to get help if we need it. 

Which solution did I use previously and why did I switch?

This is the first EDR solution we used. We did not have another solution in place beforehand. We only used basic antivirus software previously.

How was the initial setup?

The initial setup is annoying since you have to download the agent and then upload it to the endpoint. 

For maintenance, basically, I'm the admin for SentinelOne. Also, there is a different organization altogether to whom we have outsourced the management of SentinelOne. They have their own employees. Their particular team would be working for our organization. They are an SoC organization, and they work 24/7 for various clients. We are one of their clients.

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable. 

I'm not sure of the exact costs, as those are managed by a different team.

What other advice do I have?

I'm a client and end-user. 

The solution is pretty easy to implement and administrate. We have not tried to integrate it with other solutions. While the pricing is reasonable, it's a bit more than typical antivirus software. That said, it has advanced functionalities that make the price worthwhile. Therefore, I would rate it nine out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Cem BALIK - PeerSpot reviewer
Information Technologies Manager at VAS Bilisim Teknolojileri A.S
Real User
Reliable, easy to set up and easy to use
Pros and Cons
  • "The product can scale as needed."
  • "Security could always be better."

What is our primary use case?

We primarily use the solution for security purposes. 

What is most valuable?

It's an easy tool and it offers a different experience. It is a new generation product.

The initial setup was easy.

It's stable and reliable.

The product can scale as needed.

What needs improvement?

While I'm sure improvements are necessary, there isn't one specific area I've found to be lacking. 

Security could always be better. It always needs to be adjusted to keep up with what's happening. 

For how long have I used the solution?

I've been using the solution for two years. 

What do I think about the stability of the solution?

We haven't had any issues with stability. It's reliable. there are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

It's scalable. We are using management software on the cloud. Therefore, if we want to install 1,000 agents, it doesn't impact our business now. We can scale and it's got a central implementation method for agents.

How are customer service and support?

Technical support has been very good and we are quite pleased with them. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We actually use regular antivirus solutions as well, such as Sophos and McAfee.

How was the initial setup?

It's a simple, straightforward setup. It is not overly complex or difficult. 

We have a small IT team and have found that we just need to have one person managing the product. 

What about the implementation team?

We deployed it using an outside resource.

What's my experience with pricing, setup cost, and licensing?

I cannot speak to the exact cost. Our managers buy the licenses. That said, it is my understanding that we are using the subscription model and pay for it yearly. I'm not sure if there are any other ancillary fees beyond that.

What other advice do I have?

I'm a customer and end-user. 

I'm not sure which version of the solution I'm using. 

I'd rate the solution eight out of ten. It's a good overall product. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.