SentinelOne Singularity Complete Reviews

It runs continuously and uses AI to look for any suspicious activity. If it does determine that there is a virus or something going on that shouldn't be happening, it not only stops the process but also completely logs the whole function. It tells you in a map version how the attack happened and how it was stopped. It is brilliant. In the past, for example, if I had the same problem in Webroot, I would've had to submit the case to Webroot for viewing so that they could, as a human, literally determine what the cause was, but by that time, it is way too late, whereas, this is the real-time protection.

It protects your machine, and it does an excellent job using AI to determine an attack and stop the attack. Its most powerful feature is prevention, and it can unwind ransomware activity as well. So, it is a really useful product in that sense.

There is the ability to SSH into a machine even if the machine has been disconnected from the network. When a real hazard happens, SentinelOne disconnects it from the internet so that no more transactions can occur, but I still have access to the machine. One of the bigger benefits is that no harm could be done because there is no communication with the internet, but I still have the ability to go in, restart a machine, do some investigations, and make some things happen.

One of the things they could do is extend the product range to include Android and iPhone so that you could have the app on your phone as well. There is probably something going on there with that, but that's something that they're lacking at the moment. For instance, if I was to have to recommend a client to protect their phone, I'd have to recommend Norton or something else. I don't have an answer within the SentinelOne solution.

I have been using this solution for close to three years.

It is perfect. I've seen very few problems related to the app. It is not using too much of the PC's power. It does not make PCs slower. So, I find it the best of both worlds. You reduce the impact of the product on the user, but at the same time, thoroughly protect the user, no matter what he does.

You can certainly have thousands of SentinelOne users. We have 250 users. In terms of our plans to increase its usage, I provide IT as a service. So, as I add clients, I always add licenses for those clients.

Their support is very good. I would rate them a five out of five.

Positive

It was straightforward. It probably took me a week to get 250 machines converted.

It can be done in-house very easily. You probably need one staff member that knows how to implement it, and after that, it pretty much runs itself. It requires very little maintenance.

It is not sold as a consumer product. It is only sold based on the number of licenses. So, as an MSP, you're probably going to pay about three and a half dollars per license, per month to have SentinelOne.

I would advise others to go for it. It is great. As an MSP, the peace of mind it gives me is really significant. While the cost of SentinelOne is higher than Webroot, the reality is that the peace of mind and the knowledge that you are probably not going to get a complete attack, simply because SentinelOne stepped in and stopped it, is worth every penny.

I would rate it a ten out of ten. It is absolutely fantastic.

We use SentinelOne to collect logs and data. We will connect it to other tools and places in the future.

It is easy to collect and retain logs with SentinelOne. When you need to compare information, the data is available. It also has the possibility to configure information. It integrates well with all the other solutions we use. 

The only concern we have is that there are a few features that were not readily available. We use a lot of application files that didn't have a connection.

We would also like to see integration with other tools that have to collect the logs.

Although Microsoft claims the use of building artificial intelligence to correlate events, we have actually had a couple of events that should have logs but did not. The solution is not at the same level in terms of building artificial intelligence.

SentinelOne can do a better job of not only creating corrective action based on the correlation. For example, someone was trying to repeatedly change their password. What they didn't realize was that they weren't connected correctly.

I have been using SentinelOne for six months.

SentinelOne is a stable product.

Scalability is based on the measure. There is no limitation regarding scalability if you pay for the upgrades.

Technical support is good. When you need help from Microsoft, there is a long list of resources to help understand the issues.

Positive

The initial setup is straightforward as we have contracts with Microsoft Office Supplies, commodities, defender, and Active Directory.

I would rate the ease of initial setup of SentinelOne a five out of five. It is easy.

Our company used a third party that provided the utility. 

This solution is less expensive than its competitors. You might need to buy additional space depending on how much they are willing to provide. I would rate the pricing a five out of five.

We selected SentinelOne because it was less expensive than the competitors. We also saw the speed of evolution with Microsoft, so it can be involved theoretically when compared to Splunk.

We also chose SentinelOne because of the balance between features. It is stable and has enough choices. Being with Microsoft, we felt confident that the solution would evolve.

If you are considering SentinelOne, you should consider the cost of storage. Otherwise, the product is easy to deploy. You either need to have your own security operating center or hire someone that will use Sentinel or the secondary service. For you to consume the data, you may have had an internal security center or Sentinel.

With SentinelOne you have to invest extra cost. You have to always think of how much it will cost you to delay a response by a couple of days. If the incident is going to cost two days of revenue for the organization, that is much more than the cost of the solution.

I would rate SentinelOne an eight out of ten because of the price point and the features you get. 

We are using it for endpoint security. It acts as an antivirus as well as is useful for endpoint detection. We are using the same product for both use cases. 

SentinelOne is very lightweight. It doesn’t consume much memory of endpoints. Endpoints don't hang, and machine performance doesn’t get impacted. Their technical support is also very nice.

It has all the features that other leading products in the market provide. They should keep enhancing it based on the challenges in the market. I am fine with its detection capability, but they can work more on deep inspection.

I have been using this solution for around two years.

It is stable. I would rate it a four out of five in terms of stability.

It is scalable. I would rate it a four out of five in terms of scalability. We have more than 1,200 users who are using this solution.

Their technical support is very nice. I would rate them a five out of five.

Positive

It is very easy to implement or install. I would rate it a five out of five in terms of the ease of setup. It does require maintenance by someone.

Its cost is yearly. It is not much costlier than other leading products available in the market. I would rate it a four out of five in terms of pricing.

We were looking for an antivirus and EDR solution. We evaluated some of the products, and finally, we decided to go for SentinelOne EDR. CrowdStrike was one of the solutions we evaluated. SentinelOne was lightweight, but CrowdStrike had a more secure door.

I would rate it a nine out of ten.

We use SentinelOne mainly for lateral movement, ransomware, anti-malware, AI engine, and forensics.

The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory.

SentinelOne can improve by having better integration with Active Directory.

SentinelOne can be deployed on-premise and in the cloud.

I have been using SentinelOne for approximately two years.

SentinelOne is stable. However, the only issue I had was with legacy system, such as older kernels. The newer systems are more stable.

The scalability of SentinelOne is good, but my biggest concern is they need to find some way to automatically install their agents to specifically Microsoft Windows devices because not every IT infrastructure has SECM of others that automatically deploy it. It would be helpful during the migration of new customers.

We have approximately 4,000 systems using the solution and plan on adding another 400.

I haven't had the opportunity to interact with SentinelOne support.

I have previously used Microsoft Windows Defender.

The initial setup of SentinelOne is very easy. You only need to turn it on and it starts working with a couple of clicks. The ease of implementation is SentinelOne strongest feature.

We have three people deploying SentinelOne. As part of the team deploying the agent, there are multiple teams involved, and each one can deploy an agent when they have their own time.

SentinelOne can cost approximately $70 per device.

The advice I would give others that are thinking of implementing SentinelOne is if they have any other solutions, I would highly recommend them to start using it, especially if they have Active Directory. It's very good at picking up weird anomalies.

I  rate SentinelOne an eight out of ten.

The most important feature is the roll-back feature because when any system is corrupted, we can easily restore it within a few seconds. Also, if an end-user is not connected to your network, they can communicate with the central manager. We can be notified of any end-user activity with a central dashboard. The solution is also a very lightweight agent model compared to other solutions like Sophos, Carbon Black and the app action from X-microsite product. SentinelOne does not use the RAM SCP installation for the agent, and the user interface is also straightforward.

The setup process could be improved, and it would be good if artificial intelligence were added as an additional feature in the next release.

We used SentinelOne at my previous company before I left eight months ago, and it was deployed on cloud base.

It is a stable solution.

It is a scalable solution, and we have about 800 users using SentinelOne. We only need one person for maintenance, and they can offer maintenance in person and remotely via email and SMS.

I rate the technical support a ten out of ten. The support is very easy if you connect with global support. A company focused on non-technical issues can't easily adopt the solution. You have a support team from the layman language.

The initial setup was a bit complex but very simple if you set up a single order.

I rate the price of SentinelOne a ten out of ten, meaning it is the best price in the market. This is because SentinelOne has a nominal cost. For example, if CrowdStrike costs $1000, SentinelOne provides the same features for about $7 to $8.

I rate this solution a ten out of ten. I have around 10 to 15 years of experience in security and have used products like Sophos, Micro and CrowdStrike. CrowdStrike and SentinelOne are the best, but SentinelOne is preferred because of its great features and nominal cost.

We primarily use the solution for security purposes. 

It's an easy tool and it offers a different experience. It is a new generation product.

The initial setup was easy.

It's stable and reliable.

The product can scale as needed.

While I'm sure improvements are necessary, there isn't one specific area I've found to be lacking. 

Security could always be better. It always needs to be adjusted to keep up with what's happening. 

I've been using the solution for two years. 

We haven't had any issues with stability. It's reliable. there are no bugs or glitches and it doesn't crash or freeze. 

It's scalable. We are using management software on the cloud. Therefore, if we want to install 1,000 agents, it doesn't impact our business now. We can scale and it's got a central implementation method for agents.

Technical support has been very good and we are quite pleased with them. 

Positive

We actually use regular antivirus solutions as well, such as Sophos and McAfee.

It's a simple, straightforward setup. It is not overly complex or difficult. 

We have a small IT team and have found that we just need to have one person managing the product. 

We deployed it using an outside resource.

I cannot speak to the exact cost. Our managers buy the licenses. That said, it is my understanding that we are using the subscription model and pay for it yearly. I'm not sure if there are any other ancillary fees beyond that.

I'm a customer and end-user. 

I'm not sure which version of the solution I'm using. 

I'd rate the solution eight out of ten. It's a good overall product. 

Sentinel One protects our endpoints from malware, viruses, trojans, and other cyber attacks. We outsource the management of Sentinel One to another organization. They monitor for infections at any endpoint on the console and work to determine if it's a false positive or an actual attack.

Most of the time, Sentinel One can automatically identify an attack, and it quarantines the process to block the attack. If Sentinel One can't make that determination on its own, the third-party team will further investigate the suspicious traffic. 

SentinelOne is doing its job and protecting our endpoints from various cyberattacks. Since we implemented the solution, we haven't seen any big cyberattacks get through, which has happened before. Any malware and threats we've seen in the past have been resolved by SentinelOne.

I like that SentinelOne doesn't use a lot of system resources or make the system slow. It also performs a full scan quickly—within two hours. It has an easy-to-use end-user GUI. 

We want more communication about features that we request and when they will be added to the product. For example, they can tell us what is being done about it. part, if that can be shared for the new features. 

We've requested that SentinelOne's agent provide more reporting on the endpoint's OS, system host, modem, and serial number. It's not able to determine this now. If the SentinelOne team can provide us with some updates about whether they're working on it, that would be useful.Also, we'd like SentinelOne to upgrade automatically. It doesn't automatically update the agent if some system has an older version of the SentinelOne. It has to be triggered from the console.

We have been using SentinelOne for a year now.

We've had SentinelOne for a year and haven't faced any major issues, so I would say it is reliable.

SentinelOne is scalable, but we need to purchase additional licenses. We have purchased two licenses for 300 endpoints. The license not only applies to the users but also to some of the servers. We have SentinelOne installed on some of our critical servers. It can be scaled to whatever size we want if we purchase enough licenses.

We haven't contacted SentinelOne support directly. When we need help, we reach out to our service provider. SentinelOne deals with threats when it detects them. If not, the service provider will analyze them. We haven't had issues with them so far. Their service is satisfactory and cost-effective.  

This is the first time we have used endpoint security. We were using an antivirus solution before this. I would say Sentinel One is doing the job perfectly.

Setting up SentinelOne is a pretty straightforward process. We have around 300 systems in our environment. Working with our security service provider and four other colleagues, we completed the deployment 10 to 15. It's worth noting that we were handling our daily tasks, so we weren't working on this the entire time. 

After deployment, we have to scan the endpoint for maintenance and upgrade. We also need to regularly update the endpoint agents from the console. Our security service provider primarily handles upgrades to the console itself. 

We have outsourced this whole thing to a security service provider. They provide complete security services for SentinelOne. They worked with our in-house IT team, and I took the lead. Once I learned the process from them, I could deploy it on a few systems, and they did the rest.

SentinelOne isn't cheap, but it's less expensive than CrowdStrike It's priced competitively. There are no add-ons. We have a Singularity Complete license, which includes everything we need for endpoint protection. 

We compared a few endpoint security solutions, including CrowdStrike before introducing SentinelOne to our organization

I rate SentinelOne eight out of 10. It's a good endpoint security tool, and I wouldn't hesitate to recommend it to others. 

We have the solution deployed on-premises and, for the last year, on the cloud as well. We have two systems.

Over the last year of Corona, we provided a lot of laptops to our workers to work at home. But because they're not connected, at first, to our network, they can't connect to the SentinelOne instance on-premises. We wanted something that would protect them when they're on the internet, and not only after they connected to our network. That is why we got the system that is in the cloud, to protect all the company laptops.

We don't have a lot of incidents because ours is a very closed network. We don't connect directly to the internet. So SentinelOne is only a barrier between us and the emails or between us and the files that go into our network. 

Three years ago, one of our employees got an email from someone and opened a file. It was ransomware. It started to infect the disks and I didn't know if it had started to encrypt the network routes. I stopped the computer, but I didn't know if another computer had also been infected. I waited for a company that was giving us support for those kinds of things. They got the disk and they started to check and analyze it. After four hours—and that was very quick, by their standards—I got the first analysis. If I had had SentinelOne the whole thing would have taken between 10 seconds and one minute. And then there was the cost of the SLA that we paid to the support company for that kind of support. A four-hour SLA costs a lot of money; the basic SLA is eight hours.

It has cut the response times to nothing. When we have an incident, we get an email in seconds and I can respond in a second to any threat. Even if it's a false alarm, I get the alarm immediately. For example, when we started to work from home, I accidentally installed a program that writes to the MBR partition in the laptop. It wanted to write to the MBR partition and SentinelOne stopped the file and it saved me from having to install the whole computer again. So it not only protects against threats but against mistakes. It's like having a big brother sitting behind you who protects you.

When you pay for a system like SentinelOne, along with the other systems that we have, we're less dependent on a SOC.

The solution gives me peace of mind when it comes to the reliability of the computers on our system. We can work through the internet, as has been happening recently with half of the company working from home, and I know that I have a system that has my back, that protects me. I know it does because I have tested it.

There isn't a single valuable feature, it's the whole engine and system. It's working online in  real-time and gives us alerts, on-click. We chose SentinelOne because in the millisecond that I clicked on the file, I got a block-alert.

SentinelOne's Static AI and Behavioral AI technologies are among the most effective for protecting against attacks because they analyze not only the file's surface, but the behavior of the file. When I described to my manager what I was going to buy, I described a system that analyzes file behavior. If you open a calculator, calc.exe, you know it's going to open calc.exe, and maybe open service X or Y, but it won't go to the internet, to an IP, and spread something. When you analyze the behavior or reaction of each file that works on your PC, it's something else. It's a different level of EDR.

When there is an incident, the solution's Storyline feature gives you a timeline, the whole story, what it began with, what it opened, et cetera. You have the whole picture in one minute. You don't need someone to analyze the system, to go into the logs. You get the entire picture in the dashboard. The Storyline feature has made our response time very fast because we don't need to rely on outside help. We see the whole picture in front of us, from the beginning to the end. We can see, with the click of a button, if that file ran on more computers, not only one or two, and how it spread to other computers. We can see the whole tree and we can immediately respond. We don't need to wait for analysis.

The UI is very clear. You don't need to look for something or to dig to understand where it is. It's all in front of your eyes.

All they need to do to improve it is for it to grow further. The hackers don't sleep. If the hackers don't sleep, the solution continually needs to be updated. They need to keep ahead of the hackers.

I have been using SentinelOne for two years.

It has never gone down. In two years I haven't had any software or hardware problems.

The scalability is driven by demand. If I need to buy 100 licenses, I can buy 100 licenses. We started with 50 and now we have 200 on-premises and 100 on the cloud.

In terms of expanding our usage, we have a SCADA network. It is our operational network. That network is 100 percent disconnected from the outside world. It's not connected to any network, not to IT and not to the internet. We use a regular antivirus there. We plan on deploying SentinelOne to support that and to remove the old antivirus.

Prior to using Sentinel one we were using McAfee Endpoint Security. We switched because I understood that the systems that are only checking file signatures don't work anymore.

We installed it, in the beginning, on-premises on our computer inside the network, and the installation was done with an integration company. Every three or four months we upgrade because our location is not connected to the internet directly.

The on-premises deployment took something like a week to get it deployed to everyone, but the installation itself was very quick, half a day. Then, to see what should be put in the blacklist or what to exclude took about two weeks. The deployment was done by me and the IT manager.

The cloud version was very simple, no problem. Things were done automatically.

The integrator we used was DnA-IT. They only did the installation for the first implementation.

Now that we are going back to the workplace, I will start to work with them on an hourly basis, and we'll learn about all the features from them. They have good guys who know what I need and what we're going to do. I am one person who supports 400 people, so I need the time to sit with the system and to learn it. The system has a lot of features that we don't use or that we don't understand how to use because we haven't had a lot of time in the past year to research them and sit with the company to teach us. We work with the basic features, things like the blacklist and the USB restrictions. The integrator will show us how to use the more advanced features. I'm starting to think that if we can implement all the features from SentinelOne, I will be able to cut the antivirus that we are paying for.

We also use DnA-IT for support. If necessary, they open a ticket with SentinelOne.

It's cost-effective. The price of 100 licenses that I need in the cloud is cheaper than one Bitcoin I would need to pay in the case of ransomware. It's already paying for itself.

The pricing is very fair for the solution they provide.

Aside from the standard licensing fee, the only other costs are for the hardware, because we use Hyper-V on-premises.

I don't remember the names of the other solutions we tested because it was more than two years ago. At that time, SentinelOne was a very young, small, Israeli company with a new product. We were using another startup on our OT network and I asked them if they knew of a good EDR company and they told me there's a little company like ours, our friends, check them out. We also checked two other companies.

We did a penetration test on some solutions. A company that we work with on pen testing planted malware in Excel files, in a macro. We tested how each of the solutions alerted us on the macro and about what it was doing. SentinelOne alerted us at the moment I clicked on the mouse. When I got the popup alert from SentinelOne, I said, "That's it."

In the other software that we checked, there was a little delay because the software got the file, transferred it to the cloud, waited for the cloud to handle the file, and then got the answer back. It took about half a minute or a minute. But in half a minute or a minute, an attack can destroy half of the network. In fact, one of the others didn't detect it at all.

My advice is check out SentinelOne. See how the system works in a real-time attack. Only when you see how it works in real life, in real time, will you understand the ROI of the system. Simulate an attack, simulate a file, simulate that file changing something, and see how it works. I can say to my manager, "I have McAfee installed on my system, I'm safe," and they'll check the checkbox and move on, without understanding what they are doing. I need to sleep well at home and I can do so by knowing I have a system that has my back. That is what SentinelOne is.