We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients.
Consultant at NFC/IT
AI-powered protection, data-rollback ability, and seamless integration with SolarWinds
Pros and Cons
- "It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting."
- "Set up is very labor-intensive."
What is our primary use case?
How has it helped my organization?
Deployment is automatable through the RMM, though a little clunky to do. The provided automation was a little challenging, but once you get it configured it's quite effective. Once we got it deployed to our users, it operates seamlessly and with minimal impact on system resources. Even our clients with lower-end workstations report improved performance since switching from Bitdefender.
After migrating, this also picked up some latent malware that was not previously detected & cleaned it immediately with almost no interaction required. I was impressed with how little this bogged down the affected system. This was in our pilot run, so I was on-site.
What is most valuable?
The fact that this runs using AI instead of heuristics provides the best protection I've seen. It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting.
I tested this by deliberately infecting an unpatched test machine with WanaCry. First of all, SentinalOne blocked the initial infection attempt. I had to put S1 into "notify only" mode on that system to actually infect the machine. Once infected, WanaCry did what it does... encrypted all the documents I had copied to the test machine and put up the background.
We immediately got a notification on our dashboard that a system was infected. At the same time, we got a popup on the client machine notifying us of the infection, with the option to auto-repair the damage. It took less than a minute (granted, we only had about 200 MB of files on the test system) for S1 to repair the damage and put the machine back to normal with no evidence of the infection.
You also can't remove the client from the local machine without approving it within the dashboard. This is a nice feature to prevent tampering by either hapless users or even skilled threat actors.
What needs improvement?
Set up is very labor-intensive. You have to provide multiple codes from multiple places within the S1 dashboard in order to use the provided automation, and it's different for each client (or "sites" as they call it). It very much feels like an enterprise application that has been adapted for SMBs, but not very thoroughly. It would be better if they had a "site package" similar to the one offered by SolarWinds for the RMM. You just run the package on the client machine and done.
Buyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
For how long have I used the solution?
We have been using this solution for approximately three months.
What do I think about the stability of the solution?
The stability is excellent so far. Once installed, it's "set it and forget it."
What do I think about the scalability of the solution?
Scalability is great if you're scaling up, but scaling down may prove to be challenging.
How are customer service and support?
Technical support is provided for us through SolarWinds, and they're very knowledgable.
Which solution did I use previously and why did I switch?
We used Bitdefender (also through SolarWinds) previously. SentinalOne was pitched by SolarWinds a few months ago as an alternative with robust ransomware protection. Being a small MSP, a single ransomware infection at a client could spell disaster for our business. We are always looking for the latest technology, but not marginal improvements.
How was the initial setup?
The setup script provided by SolarWinds (proprietary to their RMM) was a little challenging to get going, but once it worked, it worked perfectly. Except it didn't run on Win7 systems because it uses Powershell commands from a later version than what's available on Win7.
What about the implementation team?
The vendor team provided support, but we did the deployment.
What was our ROI?
We're making about seventy-five percent over the per-seat cost, and it's easy to sell at that price point.
What's my experience with pricing, setup cost, and licensing?
The per-seat cost is low, but you have to commit to a certain number of licenses for a year.
Which other solutions did I evaluate?
We really hadn't seen EDR solutions in action before. Our decision was based primarily on the fact that it has SolarWinds integration.
What other advice do I have?
Definitely worth the money compared to heuristic solutions, especially for clients who tend to "stretch" their hardware as long as possible. The low impact and robust reporting go a long way to make this an easy sell, and the cost is excellent for the price point.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Engineer - Cyber Security at a tech services company with 201-500 employees
Enhances endpoint security with user-friendly detection tools
Pros and Cons
- "The visibility feature is crucial for effective detection analysis."
- "The primary issue is the console's random automatic logouts, requiring users to repeatedly re-enter their username and password."
What is our primary use case?
SentinelOne Singularity Complete is primarily used for endpoint protection and integrating vulnerability reports from assessments. It also provides device control, exclusion management, and block listing capabilities.
Our clientele represents a diverse range of industries, including insurance and manufacturing.
How has it helped my organization?
Singularity offers complete interoperability with other SentinelOne solutions and third-party tools, and our clients have reported no issues.
The Ranger functionality provides network and asset visibility, allowing identification of installed and uninstalled assets within the environment. This capability contributes to maintaining a clean and organized environment.
It can prevent unauthorized access and use of USB drives, a common source of malware. Personal USB drives can carry malicious software that infects an entire network. Therefore, SentinelOne Singularity Complete plays a crucial role in protecting organizations from these external threats.
SentinelOne Singularity Complete enables in-depth root cause analysis and the ability to add exclusions as needed, effectively minimizing alert volume.
SentinelOne Singularity Complete helps users save approximately one-third of their time, allowing them to focus on other tasks.
SentinelOne Singularity Complete helps reduce our mean time to detect and helps reduce our mean time to respond by 25 percent.
SentinelOne Singularity Complete helps reduce environmental risk by identifying vulnerabilities.
What is most valuable?
The visibility feature is crucial for effective detection analysis. The user-friendly console ensures ease of use and learning, even for beginners. Furthermore, the tool's capacity to consolidate various security solutions and perform risk correlation analysis enhances its value.
What needs improvement?
The primary issue is the console's random automatic logouts, requiring users to repeatedly re-enter their username and password. This problem needs to be addressed.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for about six months.
What do I think about the stability of the solution?
The system has experienced interoperability challenges and high resource utilization, particularly with CPU and RAM.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete is highly scalable.
How are customer service and support?
The response time of customer service could be improved.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup involves configuration policy setup and deploying the agent, which is straightforward if done through tools like SCCM.
Deployment can be managed by one person when using SCCM or similar tools.
What about the implementation team?
What was our ROI?
The manual effort used for tasks like remediation has been reduced, contributing to ROI.
What's my experience with pricing, setup cost, and licensing?
While SentinelOne Singularity Complete carries a higher price tag than some endpoint security solutions, customers find its robust features and return on investment justify the cost. However, it remains a more budget-friendly option compared to CrowdStrike.
Which other solutions did I evaluate?
CrowdStrike is a comparable endpoint integration solution. SentinelOne is priced higher than CrowdStrike.
SentinelOne's console offers a more user-friendly experience compared to CrowdStrike and Trend Micro One, making it particularly well-suited for beginners.
What other advice do I have?
I would rate SentinelOne Singularity Complete nine out of ten.
We have many endpoints in multiple locations.
Maintenance is only required if an agent is disabled or cannot connect to the controller; otherwise, no manual intervention is needed.
As a security partner, SentinelOne is on par with CrowdStrike and has strong potential to become a leader in its field.
I recommend SentinelOne for its ease of use and management, especially for new customers. The user-friendly console and straightforward deployment process facilitate a quick learning curve. Furthermore, its cloud-based architecture minimizes the burden of updates.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
Last updated: Oct 31, 2024
Flag as inappropriateBuyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
Security Analyst at a consumer goods company with 501-1,000 employees
Helps to centralize and mitigate organizational risk
Pros and Cons
- "The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI."
- "SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end."
What is our primary use case?
We use the solution for endpoint threat detection.
How has it helped my organization?
The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI.
What is most valuable?
SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening.
What needs improvement?
SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end.
For how long have I used the solution?
I have been using the product for a year.
How are customer service and support?
I have not used support yet, which is a good thing.
What other advice do I have?
SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation.
As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.
SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario.
The product has reduced our organizational risk. Any tool designed around security mitigates risk.
SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people.
I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI.
I rate it an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Innovation Officer
Integrates well, reduces organizational risk, and saves our staff time
Pros and Cons
- "The most valuable aspect of SentinelOne Singularity Complete is the protection it provides."
- "Everything is now offered as a service, so the console and the licensing model can be improved to make things easier, especially when updating new versions of the software."
What is our primary use case?
We use SentinelOne Singularity Complete to protect all of our servers and cloud workloads, whether they are on-premises or hosted in the cloud.
We were transitioning from our legacy antivirus protection system, which required a lot of overhead to maintain, ensure they were up to date, and verify their performance. It also tended to hurt system performance. We therefore sought to move to a modern EDR solution that did not rely on that type of outdated technology. We migrated to SentinelOne, which gave us better protection without the adverse consequences of legacy AV products.
SentinelOne Singularity Complete is deployed on workstations, data centers, servers in the public cloud, and all of our mobile devices, which are very numerous.
How has it helped my organization?
The integration between SentinelOne and IBM QRadar, our security operation center SIEM, is important and works extremely well. It means that if there are any alerts on the SentinelOne platform, they will be sent to QRadar, where a stack analyst will review them. This allows us to start working on incidents quickly, without having to have people continuously monitoring the SentinelOne console. Another benefit of the integration is that it makes it easy to deploy new or upgraded versions of the SentinelOne software to all of our endpoints and servers. We simply notify the data center run by the customer success team, and they take care of the deployment. This eliminates the need for IT overhead to keep everything up to date, which is important from a governance perspective.
The integration with other SentinelOne products and third-party tools is very good.
SentinelOne Singularity Complete's ability to ingest and correlate data from our other security solutions is good. If we look at a diagram of our security operation systems, we can see that the SIEM is at the center of everything. All other products, such as SentinelOne, Chain, patch management, and abnormal security for email, feed into the SIEM, which is where the stack measures everything. Therefore, SentinelOne does not integrate with other solutions directly, but rather through the SIEM.
In the three years since we began using SentinelOne Singularity Complete, we have not had a major security incident. We have observed malware entering browsers through websites, but SentinelOne has always dealt with it effectively. Therefore, we see the benefits of the platform in the absence of any significant events. As long as SentinelOne Singularity Complete continues to operate quietly, we are happy with its performance.
SentinelOne Singularity Complete alerts when it should, and those alerts are sent to the SIEM. I don't approach EDR or SentinelOne from the perspective of wanting to reduce alerts, because I want those alerts. I rely on peripheral systems like SentinelOne to always tell the SIEM anything it needs to know. So, I'm not approaching this from an alert minimization perspective. Instead, I approach it from this perspective: If we have a high, medium, or low alert, it's up to us to decide how we're feeding our highest rate and mediums, but we don't need to feed in the lowest alerts because we don't see the benefit of that. It's up to us to make that judgment. And obviously, our high and medium alerts will be smaller, and our lows will be higher. It's up to the customer to decide how much they want to send over to the team.
SentinelOne Singularity Complete has helped free up our staff time around one day per week.
SentinelOne Singularity Complete helps reduce our MTTD.
SentinelOne Singularity Complete has reduced our MTTR by 25 percent. It is a more reliable product, so we receive alerts and respond to them more quickly than we did with the previous product.
SentinelOne Singularity Complete has reduced our organizational risks by five percent.
What is most valuable?
The most valuable aspect of SentinelOne Singularity Complete is the protection it provides. We get endpoint protection without the IT team workloads and the negative impact on end-user rotation servers. This is because of the way SentinelOne has implemented the technology.
What needs improvement?
One of my criticisms of SentinelOne is the Ranger functionality. If Ranger were part of the core product, we would be able to identify endpoints or servers that need to be protected with our licenses. However, to get Ranger, we need to buy more licenses, which doubles our costs. I would like to have Ranger, but I challenge the way that SentinelOne licenses it. I believe that Ranger should be a core part of the product. If we run Ranger today and find that 100 devices on our network are not protected by SentinelOne, we would then need to add on those 100 licenses to cover them.
The licensing model is too complex, whether we agree with all parts of it or not. Everything is now offered as a service, so the console and the licensing model can be improved to make things easier, especially when updating new versions of the software.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for three years.
What do I think about the stability of the solution?
SentinelOne Singularity Complete is stable.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete is highly scalable.
How are customer service and support?
We are happy with SentinelOne's technical support.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used a legacy solution. The migration over to SentinelOne Singularity Complete was relatively trouble-free.
How was the initial setup?
Once all testing was complete, the deployment was straightforward. Eight part-time employees completed the deployment in three months.
What was our ROI?
The only return on investment we can point to with any EDR is that we have not been attacked.
What's my experience with pricing, setup cost, and licensing?
SentinelOne Singularity Complete is reasonably priced. Compared to other products I've used in the past, such as CrowdStrike, it is significantly less expensive. I can easily find evidence of this price difference, so I believe that SentinelOne is a fairly priced product.
What other advice do I have?
I would rate SentinelOne Singularity Complete eight out of ten.
SentinelOne Singularity Complete is a mature solution of the highest quality.
We have deployed SentinelOne Singularity Complete worldwide in airlines from Australia, throughout Europe, and across Africa in a complex environment.
We have 4,500 endpoints and around ten active users.
The maintenance level for SentinelOne Singularity Complete is relatively low.
SentinelOne is good as a security partner. They do exactly what we expect of them and it protects us.
I would always conduct a proof of concept for these types of products, as each environment is different. Even though SentinelOne Singularity Complete works well, a POC should always be done.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Principal Forensics Lead at Dotcom Security
The most valuable features are Deep Visibility, Remote Script Orchestration, and Ranger
Pros and Cons
- "The solution is extremely stable."
- "The solution can improve by adding more granular firewall capabilities."
What is our primary use case?
The primary use case of the solution is cybersecurity. The solution provides endpoint protection against direct threats and insider threats.
What is most valuable?
The most valuable features are Deep Visibility, Remote Script Orchestration, and Ranger.
What needs improvement?
The solution can improve by adding more granular firewall capabilities. I would like to see an interface where I can in one view change the security posture of all groups with one click. I would like to have a listing of all the groups and then apply what's relevant to all the groups at once.
For how long have I used the solution?
I have been using the solution for one year.
What do I think about the stability of the solution?
The solution is extremely stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The tech support is brilliant.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward. It takes about four weeks to deploy.
What about the implementation team?
The implementation was done in-house.
What was our ROI?
The ROI is good. Once you go through the stabilization phase and get to know and understand the customer's environment and configure accordingly to what the customer needs, the return is there immediately.
What's my experience with pricing, setup cost, and licensing?
The license is paid annually and is competitive. There are features that are not included in the licensing cost but it does include Vigilance and STAR.
What other advice do I have?
I give the solution a nine out of ten.
On average, once the implementation phase is complete the solution only requires two people to maintain it.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior IT Security Analyst at a comms service provider with 501-1,000 employees
Easy to set up and good for protecting endpoints with helpful documentation available
What is our primary use case?
SentinelOne is an antivirus and an EDR platform. We are using is simply for its antivirus and EDR features.
What is most valuable?
The solution is overall very good in terms of protecting endpoints and servers from malicious activities, malware, cyber attacks, viruses, worms, and so on. It offers really good security.
The initial setup is easy.
We have been happy with the stability.
It is possible to scale the product.
There is good documentation available, and support works to help users resolve issues.
What needs improvement?
It doesn't have application control capability. Other antivirus or EDR solutions have that. I would be happy if SentinelOne added that to their platform. This is the first point.
The second point is SentinelOne should provide support for legacy open-source operating systems. For example, old versions of Oracle are not supported by SentinelOne.
The third point is that SentinelOne does not support a few platforms, including IBM AIX and UNIX-based OS. These three platforms are almost all used in all enterprises, and SentinelOne does not support them. If SentinelOne provides agents for these missing platforms, it'll be very good.
It would be ideal if they offered video support for troubleshooting issues.
For how long have I used the solution?
I've been dealing with the solution for just over one year.
What do I think about the stability of the solution?
The solution is stable and reliable. We have been happy with its performance. There are no bugs or glitches, and it doesn't crash or freeze.
I'd give it a four out of five in terms of stability.
What do I think about the scalability of the solution?
The scalability has been very good.
There are thousands of both users and servers. Everyone uses it.
How are customer service and support?
I have raised a lot of tickets, and their support is very good. However, with other members, when we have raised tickets in the past, we were able to have technical sessions through Zoom, WebEx, or Teams very easily. That's true, for example, with Microsoft, Cisco, McAfee, and Kaspersky. With SentinelOne, they are providing very good support, excellent support, however, their engineers are not very interested in providing online sessions, which is more convenient.
When you face any issue, they always provide documentation and videos - and that's very good. However, sometimes it's required that they show us how something is done. Doing some sort of video call helps with the walk-through. SentinelOne engineers, most of them, are not so much interested in doing this.
Which solution did I use previously and why did I switch?
We did previously use a different solution. However, I can't speak to which product that was.
Other solutions that I usually use in other organizations were on-premises. This one is cloud-based. The point is, when you have your antivirus or EDR solution on-prem, that's your responsibility to troubleshoot the core server and do that maintenance patch and all of those kinds of tasks. When the solution is hosted in the cloud, all of these responsibilities belong to the provider, in this case, SentinelOne. When a new patch is getting released from the vendor, normally, if we were using legacy platforms, we would have to upgrade each endpoint one by one. By using cloud-based EDRs, it can be done automatically and reduces maintenance time.
How was the initial setup?
The solution is very easy to set up. It's not overly complex or difficult.
The implementation strategy was very simple: removing the old antivirus solution and replacing that with SentinelOne.
It took us three months to migrate and deploy.
We have ten to 14 people that can handle deployment and maintenance. Only one person, however, needs to handle typical maintenance tasks.
What about the implementation team?
We handled the initial setup ourselves. We did not need any outside assistance.
What's my experience with pricing, setup cost, and licensing?
Licensing is part of the procurement team. I can't speak to the exact cost of the product.
What other advice do I have?
We are a customer of SentinelOne.
SentinelOne does not have a version. SentinelOne is a centralized platform that is hosted in the cloud. It's the agent that we install on servers and clients, it has versions we are using the latest version of agents.
The product has two deployment options, cloud deployment, and on-prem deployment. Most people prefer to use cloud deployment in the way we do.
I recommend this solution often. I'd rate the solution eight out of ten.
My advice for other companies that do not use SentinelOne is this: that everyone, every company, likely has its own antivirus solution, whether it's McAfee, Symantec, Kaspersky, and so on. These platforms provide only an antivirus solution, however. If they replace their solutions with SentinelOne, they will have two features: EPP, endpoint protection from antiviruses, and EDR, endpoint protection and response features. They will not need to install two applications, one antivirus, and one EDR, on their clients' computers; only one agent can do anything.
SentinelOne provides an amazing amount of visibility over clients and servers. Anything done on a server, on a client, with a network connection, login, logout, changes in directories, et cetera, is recorded. Using query searches, you can find what happened very easily.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Head at a financial services firm with 11-50 employees
Excellent for detection and device blocking and offer good network control
Pros and Cons
- "The solution is both stable and scalable."
- "The delay in updating inventory is ten minutes. If it can be improved, it will help a lot."
What is our primary use case?
We use the solution for anti-malware, policy enforcement, and blocking USBs, for example. It's used for detection in general, and for protection and threat blocking.
What is most valuable?
The solution is very straightforward to set up.
The features are great. It is excellent for detection and device blocking.
The network control has been useful, as well as the firewall control.
The solution is both stable and scalable.
What needs improvement?
The inventory is a good feature. However, it's not up to date. The delay in updating inventory is ten minutes. If it can be improved, it will help a lot.
For the general IT management, there is a need to correlate the software version from inventory with the CVE information. For example, we have the CVE, however, it doesn't take into account the current version. We need it to stay up to date with the latest version.
For how long have I used the solution?
I've used the solution for less than one year.
What do I think about the stability of the solution?
The solution is quite stable. It's reliable. There are no bugs or glitches.
What do I think about the scalability of the solution?
The product can scale very well.
We have less than 50 people on the solution currently. We are using it in a smaller environment.
We do have plans to increase usage in the future. We are, in fact, still deploying it. So the department is not finished yet.
How are customer service and support?
We get technical support from the vendor.
Which solution did I use previously and why did I switch?
I've also used Microsoft Defender.
How was the initial setup?
It offers an easy implementation process. It's not overly complex or difficult. Setting everything up on the cloud is simple. The deployment was done in a matter of days. In the end, it took less than a week. We had two people handle the deployment process.
What about the implementation team?
We did have some outside assistance. They helped with half of the process.
What was our ROI?
We found the ROI to be quite high. However, it would vary, depending on the contract. It's a good investment. I'd give it a five out of five.
What's my experience with pricing, setup cost, and licensing?
I cannot speak to the exact pricing. That said, it's very reasonable. I'd rate it five out of five in terms of affordability. There are cheaper options; however, it is quite affordable. We pay a yearly licensing fee.
What other advice do I have?
We are a customer and end-user. We deal with a SentinelOne partner.
I can't speak to which version we are using.
Whether or not the solution would work for an organization depends on the environment and other factors. That said, we are very satisfied with the product overall.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cloud Engineer at a comms service provider with 1,001-5,000 employees
Quick deployment, beneficial lateral movement, and integrates well with Active Directory
Pros and Cons
- "The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory."
- "SentinelOne can improve by having better integration with Active Directory."
What is our primary use case?
We use SentinelOne mainly for lateral movement, ransomware, anti-malware, AI engine, and forensics.
What is most valuable?
The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory.
What needs improvement?
SentinelOne can improve by having better integration with Active Directory.
For how long have I used the solution?
SentinelOne can be deployed on-premise and in the cloud.
I have been using SentinelOne for approximately two years.
What do I think about the stability of the solution?
SentinelOne is stable. However, the only issue I had was with legacy system, such as older kernels. The newer systems are more stable.
What do I think about the scalability of the solution?
The scalability of SentinelOne is good, but my biggest concern is they need to find some way to automatically install their agents to specifically Microsoft Windows devices because not every IT infrastructure has SECM of others that automatically deploy it. It would be helpful during the migration of new customers.
We have approximately 4,000 systems using the solution and plan on adding another 400.
How are customer service and support?
I haven't had the opportunity to interact with SentinelOne support.
Which solution did I use previously and why did I switch?
I have previously used Microsoft Windows Defender.
How was the initial setup?
The initial setup of SentinelOne is very easy. You only need to turn it on and it starts working with a couple of clicks. The ease of implementation is SentinelOne strongest feature.
What about the implementation team?
We have three people deploying SentinelOne. As part of the team deploying the agent, there are multiple teams involved, and each one can deploy an agent when they have their own time.
What's my experience with pricing, setup cost, and licensing?
SentinelOne can cost approximately $70 per device.
What other advice do I have?
The advice I would give others that are thinking of implementing SentinelOne is if they have any other solutions, I would highly recommend them to start using it, especially if they have Active Directory. It's very good at picking up weird anomalies.
I rate SentinelOne an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
Microsoft Defender XDR
IBM Security QRadar
Elastic Security
Intercept X Endpoint
Trend Vision One Endpoint Security
Kaspersky Endpoint Security for Business
VMware Carbon Black Endpoint
Check Point Harmony Endpoint
Trend Vision One
Trellix Endpoint Security (ENS)
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?