SentinelOne Singularity Complete Reviews

SentinelOne is an antivirus and an EDR platform. We are using is simply for its antivirus and EDR features.

The solution is overall very good in terms of protecting endpoints and servers from malicious activities, malware, cyber attacks, viruses, worms, and so on. It offers really good security.

The initial setup is easy.

We have been happy with the stability.

It is possible to scale the product.

There is good documentation available, and support works to help users resolve issues.

It doesn't have application control capability. Other antivirus or EDR solutions have that. I would be happy if SentinelOne added that to their platform. This is the first point.

The second point is SentinelOne should provide support for legacy open-source operating systems. For example, old versions of Oracle are not supported by SentinelOne.

The third point is that SentinelOne does not support a few platforms, including IBM AIX and UNIX-based OS. These three platforms are almost all used in all enterprises, and SentinelOne does not support them. If SentinelOne provides agents for these missing platforms, it'll be very good.

It would be ideal if they offered video support for troubleshooting issues.

I've been dealing with the solution for just over one year.

The solution is stable and reliable. We have been happy with its performance. There are no bugs or glitches, and it doesn't crash or freeze. 

I'd give it a four out of five in terms of stability.

The scalability has been very good.

There are thousands of both users and servers. Everyone uses it.

I have raised a lot of tickets, and their support is very good. However, with other members, when we have raised tickets in the past, we were able to have technical sessions through Zoom, WebEx, or Teams very easily. That's true, for example, with Microsoft, Cisco, McAfee, and Kaspersky. With SentinelOne, they are providing very good support, excellent support, however, their engineers are not very interested in providing online sessions, which is more convenient.

When you face any issue, they always provide documentation and videos - and that's very good. However, sometimes it's required that they show us how something is done. Doing some sort of video call helps with the walk-through. SentinelOne engineers, most of them, are not so much interested in doing this.

We did previously use a different solution. However, I can't speak to which product that was.

Other solutions that I usually use in other organizations were on-premises.  This one is cloud-based. The point is, when you have your antivirus or EDR solution on-prem, that's your responsibility to troubleshoot the core server and do that maintenance patch and all of those kinds of tasks. When the solution is hosted in the cloud, all of these responsibilities belong to the provider, in this case, SentinelOne. When a new patch is getting released from the vendor, normally, if we were using legacy platforms, we would have to upgrade each endpoint one by one. By using cloud-based EDRs, it can be done automatically and reduces maintenance time.

The solution is very easy to set up. It's not overly complex or difficult. 

The implementation strategy was very simple: removing the old antivirus solution and replacing that with SentinelOne.

It took us three months to migrate and deploy.

We have ten to 14 people that can handle deployment and maintenance. Only one person, however, needs to handle typical maintenance tasks. 

We handled the initial setup ourselves. We did not need any outside assistance. 

Licensing is part of the procurement team. I can't speak to the exact cost of the product.

We are a customer of SentinelOne.

SentinelOne does not have a version. SentinelOne is a centralized platform that is hosted in the cloud. It's the agent that we install on servers and clients, it has versions we are using the latest version of agents. 

The product has two deployment options, cloud deployment, and on-prem deployment. Most people prefer to use cloud deployment in the way we do.

I recommend this solution often. I'd rate the solution eight out of ten.

My advice for other companies that do not use SentinelOne is this: that everyone, every company, likely has its own antivirus solution, whether it's McAfee, Symantec, Kaspersky, and so on. These platforms provide only an antivirus solution, however. If they replace their solutions with SentinelOne, they will have two features: EPP, endpoint protection from antiviruses, and EDR, endpoint protection and response features. They will not need to install two applications, one antivirus, and one EDR, on their clients' computers; only one agent can do anything.

SentinelOne provides an amazing amount of visibility over clients and servers. Anything done on a server, on a client, with a network connection, login, logout, changes in directories, et cetera, is recorded. Using query searches, you can find what happened very easily.

We use the solution for anti-malware, policy enforcement, and blocking USBs, for example. It's used for detection in general, and for protection and threat blocking.

The solution is very straightforward to set up. 

The features are great. It is excellent for detection and device blocking.

The network control has been useful, as well as the firewall control. 

The solution is both stable and scalable. 

The inventory is a good feature. However, it's not up to date. The delay in updating inventory is ten minutes. If it can be improved, it will help a lot. 

For the general IT management, there is a need to correlate the software version from inventory with the CVE information. For example, we have the CVE, however, it doesn't take into account the current version. We need it to stay up to date with the latest version. 

I've used the solution for less than one year.

The solution is quite stable. It's reliable. There are no bugs or glitches. 

The product can scale very well. 

We have less than 50 people on the solution currently. We are using it in a smaller environment.

We do have plans to increase usage in the future. We are, in fact, still deploying it. So the department is not finished yet.

We get technical support from the vendor. 

I've also used Microsoft Defender.

It offers an easy implementation process. It's not overly complex or difficult. Setting everything up on the cloud is simple. The deployment was done in a matter of days. In the end, it took less than a week. We had two people handle the deployment process. 

We did have some outside assistance. They helped with half of the process. 

We found the ROI to be quite high. However, it would vary, depending on the contract. It's a good investment. I'd give it a five out of five.

I cannot speak to the exact pricing. That said, it's very reasonable. I'd rate it five out of five in terms of affordability. There are cheaper options; however, it is quite affordable. We pay a yearly licensing fee. 

We are a customer and end-user. We deal with a SentinelOne partner. 

I can't speak to which version we are using.

Whether or not the solution would work for an organization depends on the environment and other factors. That said, we are very satisfied with the product overall. 

I'd rate the solution ten out of ten.

We use SentinelOne mainly for lateral movement, ransomware, anti-malware, AI engine, and forensics.

The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory.

SentinelOne can improve by having better integration with Active Directory.

SentinelOne can be deployed on-premise and in the cloud.

I have been using SentinelOne for approximately two years.

SentinelOne is stable. However, the only issue I had was with legacy system, such as older kernels. The newer systems are more stable.

The scalability of SentinelOne is good, but my biggest concern is they need to find some way to automatically install their agents to specifically Microsoft Windows devices because not every IT infrastructure has SECM of others that automatically deploy it. It would be helpful during the migration of new customers.

We have approximately 4,000 systems using the solution and plan on adding another 400.

I haven't had the opportunity to interact with SentinelOne support.

I have previously used Microsoft Windows Defender.

The initial setup of SentinelOne is very easy. You only need to turn it on and it starts working with a couple of clicks. The ease of implementation is SentinelOne strongest feature.

We have three people deploying SentinelOne. As part of the team deploying the agent, there are multiple teams involved, and each one can deploy an agent when they have their own time.

SentinelOne can cost approximately $70 per device.

The advice I would give others that are thinking of implementing SentinelOne is if they have any other solutions, I would highly recommend them to start using it, especially if they have Active Directory. It's very good at picking up weird anomalies.

I  rate SentinelOne an eight out of ten.

We use SentinelOne to secure our entire environment, including all user endpoints and servers. We are also currently testing the Deep Visibility addon. We were using a definition-based AV prior to SentinelOne, and we were getting daily/weekly infections of a variety of malware. We are a mix of PC, Mac, and Linux. We have on-premises machines and servers, as well as cloud VMs that we were wanting to protect. We wanted to purchase a Next Generation AV client that would be algorithm-based instead of definition file-based.

SentinelOne has provided amazing security. We were getting new cryptolocker variant infections several times per month and the month following our SentinelOne rollout, the numbers dropped to zero. We have not had a single infection since.

The new console is not only visually appealing and simple to use, but it allows you to customize and apply labels to different areas. I don't have a good gauge on how much money SentinelOne has saved us, but we only get a handful of security alerts in our console each day. It has freed up our security staff to perform other tasks. 

We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access. 

The agent will now also report the location in AD. This allows you to create dynamic collections of machines in the cloud console based on their location in local AD. You can replicate your AD OU structure into the console and run deployments and reporting based on OU. It's a very powerful feature and something that was missing in our last product. 

The agent update schedule is a little sporadic, and the updates are frequent. You are definitely going to want to have a good management solution in place, such as SCCM, Intune, or Jamf in order to maintain the environment properly.

There is agent data, such as last known IP address, that is not stored historically. It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible. You can see a snapshot of the data at the moment, but once it changes whatever was there previously is not stored. 

I have been using SentinelOne for four years.

The agent is very stable, especially the later versions of the product. Agent never crashes and consumes minimal system resources. New agent versions are constantly released (which can be slightly difficult to manage if you don't have a good endpoint third party management solution like SCCM\JAMF). Release over release both stability and features have improved and been more fleshed out. 

It is very scalable and easy to deploy over any of the standard management solutions.

Customer service and our TAM are both very good. They are responsive and have never been unable to answer a question we asked. 

We switched because or old solution flat out was not picking up infections. It was really almost rather useless. 

The initial setup is straightforward. We do not have any on-premises infrastructure. Rather, we are using sentinel one in full-cloud mode. It was really just a matter of deploying the agent to the endpoints.

Our in-house team handled the deployment.

ROI is kind of hard to quantify but we definitely do feel like we get our money worth.

The costs are really rather minimal for what you receive with the product. No real advisement here. The larger count you have, the deeper discount you will receive in your contract.

We looked at Carbon Black. SentinelOne was more economical, and the feature set was comparable so we ultimately went with it.

Be ready to dedicate a good amount of time to learn the API. To really get the most from the product you need to tap the REST API.

I am an MSP and provide service on behalf of SentinelOne.

I manage the incident logs from SentinelOne for our clients.

We integrated the SysLog server with SentinelOne without any issues.

SentinelOne Singularity Complete saves clients time by offering a comprehensive security solution that combines automatic detection, machine learning, behavior monitoring, and zero-day attack protection, all in one place, compared to traditional on-premise solutions.

SentinelOne Singularity Complete significantly reduced the number of alerts.

SentinelOne Singularity Complete freed up three of our people to focus on other tasks.

The most valuable features of SentinelOne Singularity Complete are machine learning because it saves us time, device control for data privacy, and the token. 

SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM.

I have been using SentinelOne Singularity Complete for eight months.

SentinelOne Singularity Complete is extremely stable.

SentinelOne Singularity Complete is scalable.

Cloud deployment for this project was a simple process. With two people involved, it only took one hour to activate the tenant and configure everything.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete stands out as a mature security solution. Its robust threat detection, data loss prevention, and machine learning capabilities all point to its effectiveness.

We primarily use the solution for endpoint protection. 

SentinelOne is very simple to install and very simple to manage. It's very aggressive, so it does protection well, and it seems to be stopping attacks that other solutions cannot.

The ability to integrate this product with an antivirus solution would be welcome. Even consolidation with more security products, like Umbrella networking abilities etc. to provide more on this platform, that would be great.

We have been implementing this product for our customers for a few months now. 

The solution is very stable.

We have implemented this product for companies ranging from 10 to 200 endpoints, with many hundreds of users and it has been fine with this volume. 

We get support from our local reseller in Israel and their support has been fine.

We trialed an ESET product, but it didn't provide us with the solution we needed. 

The implementation time depends on the size of the network but it's usually very short, no more than a day or two.  

The pricing of the solution seems reasonable, we got a discount but it still seems reasonable. The licensing cost is $3 to $4 per endpoint and can be paid monthly or yearly, with the price changing according to commitment. 

I would rate this solution a nine out of ten. 

I would say it is important to understand all the settings to deliver exactly what the customer requires. 

We are a system integrator. We are a SentinelOne partner, and we provide Singularity Complete to our customers.

Singularity Complete has helped to reduce alerts. There is about 50% reduction. It automatically generates alerts and can also solve a problem.

It has reduced the mean time to detect (MTTD). It has real-time detection, and it has been very good so far.

The mean time to respond (MTTR) has been reduced. We can respond to an incident in 10 to 15 minutes.

Singularity Complete saves costs for our customers. Its automation helps save money. There is a reduction in the operational costs.

It reduces the risk for the organization. They have an AI engine to detect new threats, such as Zero-day threats.

It is a robust solution. It provides great visibility. It scans and shows the vulnerabilities in our devices.

It is complicated to do certain tasks.

I have been working with Singularity Complete for about one year.

It is stable. Our customers have not had any issues.

I have not used their support so far.

I have worked with Symantec and one more solution for endpoint protection. Singularity Complete has an AI engine. There is no need to download anything.

It is very easy to deploy. It takes about a week.

We are a partner of SentinelOne. We are happy with SentinelOne as our strategic security partner. 

I would rate SentinelOne Singularity Complete a ten out of ten.

The use case varies based on the customers' requirements and specific needs.

The solution's Ranger functionality offers network visibility and a defined set of capabilities, particularly in terms of discovering and understanding network structures. 

The fact that Ranger doesn't necessitate new agents, hardware, or network modifications is a crucial aspect for us. It stands out as one of the primary selling points, especially considering the intermittent nature of changes like those affecting CPO. 

With the increasing prevalence of remote processes and a shift towards cloud architectures like SASE or SSE, moving towards a single vendor for security purposes could simplify the overall process. It aided in minimizing alerts, primarily due to the behavioral analytics component, which reduces a significant amount of noise. 

It contributed to time savings for our team, particularly for the projects and tasks I predominantly handled on my own.

The solution contributed to a decrease in our organization's time to detect incidents and respond to incidents. It aided the organization in cost savings and it contributed to a reduction in our organizational risk.

One of the most valuable features resides on the endpoint, with the rollback functionality standing out as particularly noteworthy. It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness. 

The capability to ingest and correlate data across our security solutions stands out as one of the strongest features. It excels in connecting incidents to create a coherent storyline.

Improvement seems necessary, especially with the focus on enhanced support. This is particularly crucial in the analytics domain, where the existing agent falls short in comprehensive performance. Additionally, there's room for enhancement in the mobile element. Although it's in their pipeline, the current state is not optimal, especially when considering the need to install it on people's phones.

I have been using it for a year.

The stability is straightforward and solid. It's notably uncomplicated and easily manageable.

The scalability is excellent, with a high degree of flexibility and ease.

Mostly, we handled the support aspect for our clients. However, among the vendors, it's notable for being quite strong in terms of support. I would rate it eight out of ten.

Positive

The initial setup was straightforward.

When it comes to deploying the agent across machines within the environment, it's a relatively straightforward process, akin to pushing it through the system's processor. The implementation strategy is contingent on the specific cluster, taking into account factors like the proof of concept and the desired objectives. In our case, we managed the implementation independently, involving only a few people. The deployment model is highly variable and depends on the customer's preferences. They typically communicate their preferences to us, and we adapt accordingly. Some opt for in-house hosting, while others prefer a cloud-based approach. It doesn't require maintenance. 

The pricing is on the higher end, making it less suitable for small or medium-sized businesses and perhaps not the ideal fit for the public sector where budget constraints may be more pronounced. I would recommend it more as an enterprise-level product.

SentinelOne Singularity Complete was selected from a range of different providers, evaluated against other companies, and then analyzed to be the chosen product for our managed service. The capacity for innovation, ease of deployment, and streamlined management set it apart from other solutions. Additionally, its leading capability to correlate incidents into a cohesive storyline is a noteworthy aspect.

As a partner, I find them to be highly effective, especially since they are increasingly focusing on the enterprise market. Overall, I would rate it nine out of ten.