Try our new research platform with insights from 80,000+ expert users
reviewer1431807 - PeerSpot reviewer
Sr. Information Security Manager at a computer software company with 1,001-5,000 employees
Real User
Shortened our incident response process because all of the information we need is already there
Pros and Cons
  • "Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
  • "In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear."

What is our primary use case?

SentinelOne has completely replaced the antivirus solution that we used before. It's also an EDR solution. In the case of any suspicious malware, we can control the system with this agent.

How has it helped my organization?

Previously, we had some processes related to incident response which required more steps.  We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future.

Behavioral AI does recognize novel and fileless attacks but we hope not to experience an attack like this. These days, there is no life without the internet. I don't think it is really a plausible scenario because we all use Microsoft services, 365, etc. If you don't have an internet connection, then you don't have anything. The guys from SentinelOne showed me an example where they can actually work without an internet connection and it worked just fine, like a common antivirus solution. But it wasn't important to us that it can do this because we know that in the real world, there are not many scenarios that wouldn't involve the internet.

We do use the storyline feature because it's SentinelOne's main feature that they are proud of. We don't see a lot of viruses in our environment and from what we have seen, it doesn't really help because a user will download a virus, the antivirus blocks it, and that's the end of the story. So there isn't much of a storyline behind it. But the SentinelOne guys showed us how it works and in the case of a difficult attack, it should work fine. 

We work with the storyline feature when we are suspicious of something and we need to check. But we didn't have an exact case where something highly critical was in our systems.

What is most valuable?

I find all of the features to be valuable. It's a cool and very informative tool. The management console analyzes, stops, and prevents the spread of malware. You only need to work with the console. There is nothing to do on the agent side. The user does not need to be involved in this process. 

The level of information it provides is enormous. You have all you need in case something happens. If we need to have an incident response with third-party external companies, we can give them the data that they can analyze further. The information about what's happened on the computer is absolutely amazing.

It's very comprehensive. It offers a lot of data but you can see only what you need or you can go further. If you need to investigate a little further, you can do that in any process. It's a SOC-analyst style.

If you are not an analyst, you can still do a lot with it. It's very convenient. We have workers who are not in the office, who are working from home. This is a good solution for them because it's Cloud-based. I can control everything from one console and even for users who are not in the office. We work with lots of vendors and not many of them have this solution. Traditional antivirus software doesn't have these features.

In terms of its impact on the endpoint, when you have a house computer working on antivirus, it doesn't make a huge impact on the system resources and even more, it can be installed parallel to antivirus. We have had scenarios where we have traditional antivirus and SentinelOne installed in parallel. It's two antiviruses on the computer and users won't know about it. They know about it when they start to download bad stuff and the antivirus starts yelling. 

According to what I see in the console, I do think that SentinelOne covers a wide variety of operating systems. It's even more than it needs to. In the traditional way, it's like antivirus but it does even more because it's also like an EDR solution. It covers all processes, what it does, where it goes, et cetera. There's a lot of stuff under the hood. I'm surprised it doesn't use a lot of resources because I thought it would be more aggressive for CPU memory.

What needs improvement?

In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear.

They have a lot of updates on their management console. They have a lot of features. There is not enough time to read about it all. It's really a lot. The features that they apply are great and I would love to use them, but it's lots of things to know. And if you're not only working with antivirus on SentinelOne like me, there isn't much time to learn about it. 

Buyer's Guide
SentinelOne Singularity Complete
March 2025
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne for almost a year. 

What do I think about the stability of the solution?

I'm very excited to work with SentinelOne but they have a problem with agent updates. We lose connectivity when we update agents. When users are working from home it's not good to lose connection because you don't have options to connect or have meetings. 

I think they started working very closely on this problem. This solution will be better but so far, that's been my experience. 

What do I think about the scalability of the solution?

We use the Cloud. It's completely scalable. They use a management console for lots of companies. It's tremendously scalable, it can be used with hundreds of thousands of computers.

Right now, we protect only 100 endpoints, it's for highly critical systems. Before the COVID crisis, we had plans to increase usage. We need to renew at the end of the year. We will for sure renew for 100 endpoints. I'm not sure about expanding though.

We don't need to do anything related to updating service backend sites. For agents, we only need to click "select all" and "run update," that's it. It only requires one person for maintenance, to see events and analyst information, technology, etc. It has access for three people who are security engineers and our CSO.

How are customer service and support?

They have excellent support. There are security vendors who take up to 48 hours to just answer back a "Hello," without an explanation to my problem. The SentinelOne guys answer within the hour with a solution to any concerns expressed in an email. Support is very awesome. They also connect me with engineers who can help me. I can share a screen with them to show them the exact problem. This is important because a lot of vendors don't do this.

How was the initial setup?

The initial setup is very easy and straightforward. We don't use the on-premise solution, we are Cloud-based. It's important because we have a lot of resources on our side who work fast. We can deploy in minutes. The initial deployment took one hour. 

What about the implementation team?

We did the deployment ourselves. It's really easy. We have a Wiki page where end-users can see what they can install themselves. They just need to click on it, type, tell us where they want us to put a computer, and that's it. The users can do it themselves.

We installed it for a pilot group of 10 users and then deployed for others.

What was our ROI?

Our analysts spend less time doing his job because he has everything he needs in one management console. He can programmatically do everything and only react to real incidents. It reduced the costs of analysts' work. Their work costs a lot of time and money and having SentinelOne enables us to save on these costs. 

What's my experience with pricing, setup cost, and licensing?

There are actually three versions of this product: the user version, professional, and professional plus. If analysts need to see something, like what the users are doing, what processes are running, we can go to the console and see. The traditional version only shows when incidents happen. I think the next time we renew, we'd go with the lesser version because it shows enough information. 

There aren't additional costs to the standard licensing.

Which other solutions did I evaluate?

We have the option to choose different vendors. We briefly looked at other vendors. We looked at Carbon Black, Kaspersky, and ESET EDR.

We evaluated them one year ago. These vendors are comparable to traditional antivirus while SentinelOne is and all in one solution. It has everything you need. SOC analysts is straightforward and they gave us a straightforward proposal. 

It takes the same amount of time for SentinelOne to catch malware as it does other solutions. There's not much of a difference. In our case, we don't see a lot of viruses because we have a lot of levels of security that prevent them. 

What other advice do I have?

We can see the difference between traditional antivirus and what we can do with SentinelOne. Even if the price is a little bit more, we can see what we can do with it. We can use EDR, stop network activity, do whatever we need on the endpoint, from the security engineer side. We can see that it's at a completely different level. We have a traditional antivirus but we're going to rid of them at the end of the licensing period.

My advice would be to go with the Cloud version, not on-prem. 

I would rate SentinelOne a ten out of ten. It's a ten out of ten in terms of the EDR. It's also a 10 of 10 for the product and company. The solution does a lot. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Cyber Security at Taarak India Pvt Limited
Real User
Saves us time, improves security, and reduces alerts
Pros and Cons
  • "The most valuable features of SentinelOne Singularity Complete are machine learning because it saves us time, device control for data privacy, and the token."
  • "SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM."

What is our primary use case?

I am an MSP and provide service on behalf of SentinelOne.

I manage the incident logs from SentinelOne for our clients.

How has it helped my organization?

We integrated the SysLog server with SentinelOne without any issues.

SentinelOne Singularity Complete saves clients time by offering a comprehensive security solution that combines automatic detection, machine learning, behavior monitoring, and zero-day attack protection, all in one place, compared to traditional on-premise solutions.

SentinelOne Singularity Complete significantly reduced the number of alerts.

SentinelOne Singularity Complete freed up three of our people to focus on other tasks.

What is most valuable?

The most valuable features of SentinelOne Singularity Complete are machine learning because it saves us time, device control for data privacy, and the token. 

What needs improvement?

SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for eight months.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is extremely stable.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is scalable.

How was the initial setup?

Cloud deployment for this project was a simple process. With two people involved, it only took one hour to activate the tenant and configure everything.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete stands out as a mature security solution. Its robust threat detection, data loss prevention, and machine learning capabilities all point to its effectiveness.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: msp
PeerSpot user
Buyer's Guide
SentinelOne Singularity Complete
March 2025
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
reviewer2280609 - PeerSpot reviewer
Executive Director of Information Security and Compliance at a pharma/biotech company with 51-200 employees
Real User
Top 20
Multi-feature, easier to use, flexible, and provides excellent technical support
Pros and Cons
  • "SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment."
  • "In terms of areas for improvement in SentinelOne Singularity Complete, it needs to give more straightforward directions or communication about detection or what has been detected."

What is our primary use case?

My company leverages SentinelOne Vigilance and SentinelOne Singularity Complete for managed SOC.

What is most valuable?

SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool, with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment.

SentinelOne Vigilance is one of the feature sets of SentinelOne Singularity Complete as a whole, and my company found SentinelOne Singularity Complete a little bit easier to use and flexible; plus, it had several feature sets.

What needs improvement?

I've not been using SentinelOne Singularity Complete for a long time to have a lot of feedback on its areas for improvement, as my team is still learning the tool, but what comes to mind is the need for it to give more straightforward directions or communication about detection or what has been detected.

For how long have I used the solution?

We officially deployed SentinelOne Singularity Complete, including its feature set SentinelOne Vigilance, about three months ago.

What do I think about the stability of the solution?

SentinelOne Singularity Complete has been very stable, so it's an eight out of ten for me, stability-wise.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is a scalable solution, which is one of the reasons why my company uses it.

How are customer service and support?

I found the technical support for SentinelOne Singularity Complete excellent, especially in terms of communication. Support is nine out of ten for me.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used Atos as our SIEM tool and wanted to replace it with a newer technology, so we're now using SentinelOne Singularity Complete.

How was the initial setup?

I'm involved in deploying SentinelOne Singularity Complete, and I found the process straightforward. My company is still going through with the deployment because of the ninety-day deployment model.

What about the implementation team?

I have people in my team assisting with SentinelOne Singularity Complete implementation.

What was our ROI?

I've seen ROI from SentinelOne Singularity Complete within a month after deploying the solution, mainly after my company started getting different alerts, which I was happy about.

What's my experience with pricing, setup cost, and licensing?

I found the pricing for SentinelOne Singularity Complete reasonable, which is one of the reasons my company went with it.

What other advice do I have?

SentinelOne Singularity Complete requires just a little bit of maintenance, as my team has to update agents and do some finetuning, but not too much.

My rating for SentinelOne Singularity Complete as a solution is eight out of ten.

My advice to people looking into using SentinelOne Singularity Complete is to ask for sample reports and processes to understand how SentinelOne would let you do it.

The company I work with is a SentinelOne customer.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user1011267 - PeerSpot reviewer
Senior IT Consultant at Jeneri IT
Real User
Does an excellent job of using AI to determine and stop an attack, and the peace of mind it gives is significant
Pros and Cons
  • "It protects your machine, and it does an excellent job using AI to determine an attack and stop the attack. Its most powerful feature is prevention, and it can unwind ransomware activity as well. So, it is a really useful product in that sense."
  • "One of the things they could do is extend the product range to include Android and iPhone so that you could have the app on your phone as well. There is probably something going on there with that, but that's something that they're lacking at the moment. For instance, if I was to have to recommend a client to protect their phone, I'd have to recommend Norton or something else. I don't have an answer within the SentinelOne solution."

How has it helped my organization?

It runs continuously and uses AI to look for any suspicious activity. If it does determine that there is a virus or something going on that shouldn't be happening, it not only stops the process but also completely logs the whole function. It tells you in a map version how the attack happened and how it was stopped. It is brilliant. In the past, for example, if I had the same problem in Webroot, I would've had to submit the case to Webroot for viewing so that they could, as a human, literally determine what the cause was, but by that time, it is way too late, whereas, this is the real-time protection.

What is most valuable?

It protects your machine, and it does an excellent job using AI to determine an attack and stop the attack. Its most powerful feature is prevention, and it can unwind ransomware activity as well. So, it is a really useful product in that sense.

There is the ability to SSH into a machine even if the machine has been disconnected from the network. When a real hazard happens, SentinelOne disconnects it from the internet so that no more transactions can occur, but I still have access to the machine. One of the bigger benefits is that no harm could be done because there is no communication with the internet, but I still have the ability to go in, restart a machine, do some investigations, and make some things happen.

What needs improvement?

One of the things they could do is extend the product range to include Android and iPhone so that you could have the app on your phone as well. There is probably something going on there with that, but that's something that they're lacking at the moment. For instance, if I was to have to recommend a client to protect their phone, I'd have to recommend Norton or something else. I don't have an answer within the SentinelOne solution.

For how long have I used the solution?

I have been using this solution for close to three years.

What do I think about the stability of the solution?

It is perfect. I've seen very few problems related to the app. It is not using too much of the PC's power. It does not make PCs slower. So, I find it the best of both worlds. You reduce the impact of the product on the user, but at the same time, thoroughly protect the user, no matter what he does.

What do I think about the scalability of the solution?

You can certainly have thousands of SentinelOne users. We have 250 users. In terms of our plans to increase its usage, I provide IT as a service. So, as I add clients, I always add licenses for those clients.

How are customer service and support?

Their support is very good. I would rate them a five out of five.

How would you rate customer service and support?

Positive

How was the initial setup?

It was straightforward. It probably took me a week to get 250 machines converted.

What about the implementation team?

It can be done in-house very easily. You probably need one staff member that knows how to implement it, and after that, it pretty much runs itself. It requires very little maintenance.

What's my experience with pricing, setup cost, and licensing?

It is not sold as a consumer product. It is only sold based on the number of licenses. So, as an MSP, you're probably going to pay about three and a half dollars per license, per month to have SentinelOne.

What other advice do I have?

I would advise others to go for it. It is great. As an MSP, the peace of mind it gives me is really significant. While the cost of SentinelOne is higher than Webroot, the reality is that the peace of mind and the knowledge that you are probably not going to get a complete attack, simply because SentinelOne stepped in and stopped it, is worth every penny.

I would rate it a ten out of ten. It is absolutely fantastic.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jairo Avritchir - PeerSpot reviewer
Director of Technology and Digital Transformation at Banco Fibra
Real User
Collects logs and data and integrates well with other solutions
Pros and Cons
  • "It is easy to collect and retain logs with SentinelOne."
  • "The only concern we have is that there are a few features that were not readily available."

What is our primary use case?

We use SentinelOne to collect logs and data. We will connect it to other tools and places in the future.

What is most valuable?

It is easy to collect and retain logs with SentinelOne. When you need to compare information, the data is available. It also has the possibility to configure information. It integrates well with all the other solutions we use. 

What needs improvement?

The only concern we have is that there are a few features that were not readily available. We use a lot of application files that didn't have a connection.

We would also like to see integration with other tools that have to collect the logs.

Although Microsoft claims the use of building artificial intelligence to correlate events, we have actually had a couple of events that should have logs but did not. The solution is not at the same level in terms of building artificial intelligence.

SentinelOne can do a better job of not only creating corrective action based on the correlation. For example, someone was trying to repeatedly change their password. What they didn't realize was that they weren't connected correctly.

For how long have I used the solution?

I have been using SentinelOne for six months.

What do I think about the stability of the solution?

SentinelOne is a stable product.

What do I think about the scalability of the solution?

Scalability is based on the measure. There is no limitation regarding scalability if you pay for the upgrades.

How are customer service and support?

Technical support is good. When you need help from Microsoft, there is a long list of resources to help understand the issues.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward as we have contracts with Microsoft Office Supplies, commodities, defender, and Active Directory.

I would rate the ease of initial setup of SentinelOne a five out of five. It is easy.

What about the implementation team?

Our company used a third party that provided the utility. 

What's my experience with pricing, setup cost, and licensing?

This solution is less expensive than its competitors. You might need to buy additional space depending on how much they are willing to provide. I would rate the pricing a five out of five.

Which other solutions did I evaluate?

We selected SentinelOne because it was less expensive than the competitors. We also saw the speed of evolution with Microsoft, so it can be involved theoretically when compared to Splunk.

We also chose SentinelOne because of the balance between features. It is stable and has enough choices. Being with Microsoft, we felt confident that the solution would evolve.

What other advice do I have?

If you are considering SentinelOne, you should consider the cost of storage. Otherwise, the product is easy to deploy. You either need to have your own security operating center or hire someone that will use Sentinel or the secondary service. For you to consume the data, you may have had an internal security center or Sentinel.

With SentinelOne you have to invest extra cost. You have to always think of how much it will cost you to delay a response by a couple of days. If the incident is going to cost two days of revenue for the organization, that is much more than the cost of the solution.

I would rate SentinelOne an eight out of ten because of the price point and the features you get. 

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Cem BALIK - PeerSpot reviewer
Information Technologies Manager at VAS Bilisim Teknolojileri A.S
Real User
Reliable, easy to set up and easy to use
Pros and Cons
  • "The product can scale as needed."
  • "Security could always be better."

What is our primary use case?

We primarily use the solution for security purposes. 

What is most valuable?

It's an easy tool and it offers a different experience. It is a new generation product.

The initial setup was easy.

It's stable and reliable.

The product can scale as needed.

What needs improvement?

While I'm sure improvements are necessary, there isn't one specific area I've found to be lacking. 

Security could always be better. It always needs to be adjusted to keep up with what's happening. 

For how long have I used the solution?

I've been using the solution for two years. 

What do I think about the stability of the solution?

We haven't had any issues with stability. It's reliable. there are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

It's scalable. We are using management software on the cloud. Therefore, if we want to install 1,000 agents, it doesn't impact our business now. We can scale and it's got a central implementation method for agents.

How are customer service and support?

Technical support has been very good and we are quite pleased with them. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We actually use regular antivirus solutions as well, such as Sophos and McAfee.

How was the initial setup?

It's a simple, straightforward setup. It is not overly complex or difficult. 

We have a small IT team and have found that we just need to have one person managing the product. 

What about the implementation team?

We deployed it using an outside resource.

What's my experience with pricing, setup cost, and licensing?

I cannot speak to the exact cost. Our managers buy the licenses. That said, it is my understanding that we are using the subscription model and pay for it yearly. I'm not sure if there are any other ancillary fees beyond that.

What other advice do I have?

I'm a customer and end-user. 

I'm not sure which version of the solution I'm using. 

I'd rate the solution eight out of ten. It's a good overall product. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1261773 - PeerSpot reviewer
Engineer II, Enterprise Client Support at a media company with 10,001+ employees
Real User
Visually appealing and customizable console, as well as a powerful API
Pros and Cons
  • "We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access."
  • "It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible."

What is our primary use case?

We use SentinelOne to secure our entire environment, including all user endpoints and servers. We are also currently testing the Deep Visibility addon. We were using a definition-based AV prior to SentinelOne, and we were getting daily/weekly infections of a variety of malware. We are a mix of PC, Mac, and Linux. We have on-premises machines and servers, as well as cloud VMs that we were wanting to protect. We wanted to purchase a Next Generation AV client that would be algorithm-based instead of definition file-based.

How has it helped my organization?

SentinelOne has provided amazing security. We were getting new cryptolocker variant infections several times per month and the month following our SentinelOne rollout, the numbers dropped to zero. We have not had a single infection since.

The new console is not only visually appealing and simple to use, but it allows you to customize and apply labels to different areas. I don't have a good gauge on how much money SentinelOne has saved us, but we only get a handful of security alerts in our console each day. It has freed up our security staff to perform other tasks. 

What is most valuable?

We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access. 

The agent will now also report the location in AD. This allows you to create dynamic collections of machines in the cloud console based on their location in local AD. You can replicate your AD OU structure into the console and run deployments and reporting based on OU. It's a very powerful feature and something that was missing in our last product. 

What needs improvement?

The agent update schedule is a little sporadic, and the updates are frequent. You are definitely going to want to have a good management solution in place, such as SCCM, Intune, or Jamf in order to maintain the environment properly.

There is agent data, such as last known IP address, that is not stored historically. It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible. You can see a snapshot of the data at the moment, but once it changes whatever was there previously is not stored. 

For how long have I used the solution?

I have been using SentinelOne for four years.

What do I think about the stability of the solution?

The agent is very stable, especially the later versions of the product. Agent never crashes and consumes minimal system resources. New agent versions are constantly released (which can be slightly difficult to manage if you don't have a good endpoint third party management solution like SCCM\JAMF). Release over release both stability and features have improved and been more fleshed out. 

What do I think about the scalability of the solution?

It is very scalable and easy to deploy over any of the standard management solutions.

How are customer service and technical support?

Customer service and our TAM are both very good. They are responsive and have never been unable to answer a question we asked. 

Which solution did I use previously and why did I switch?

We switched because or old solution flat out was not picking up infections. It was really almost rather useless. 

How was the initial setup?

The initial setup is straightforward. We do not have any on-premises infrastructure. Rather, we are using sentinel one in full-cloud mode. It was really just a matter of deploying the agent to the endpoints.

What about the implementation team?

Our in-house team handled the deployment.

What was our ROI?

ROI is kind of hard to quantify but we definitely do feel like we get our money worth.

What's my experience with pricing, setup cost, and licensing?

The costs are really rather minimal for what you receive with the product. No real advisement here. The larger count you have, the deeper discount you will receive in your contract.

Which other solutions did I evaluate?

We looked at Carbon Black. SentinelOne was more economical, and the feature set was comparable so we ultimately went with it.

What other advice do I have?

Be ready to dedicate a good amount of time to learn the API. To really get the most from the product you need to tap the REST API.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2270853 - PeerSpot reviewer
Network Engineer at a government with 11-50 employees
Real User
Discovers and deletes problem-causing processes, but the support team lacks knowledge
Pros and Cons
  • "The tool deletes the problem-causing process and prevents issues."
  • "They should train their own people so that they can train us better. The theory is good."

What is our primary use case?

Every five years, we research tools that could replace our old software. We combine our AV and intrusion detection. We were trying to find out if there’s an agent for the whole nine-yard, and we came across SentinelOne.

What is most valuable?

The product has an automated process where we find security issues. It’s a 24/7 behavior analytical tool to execute certain actions. The tool deletes the problem-causing process and prevents issues. It discovers, kills, and protects. The software is good. I don't see much of an issue with it.

What needs improvement?

They should train their own people so that they can train us better. The theory is good. If the product is good, but we cannot rely on it or pass it along to the customer, it's useless. When we purchased the solution, we were told that certain functions could be done. I understand it is part of sales, but I feel like I'm being fooled. We couldn't test it because it was in production. We first had a proof of concept but didn't connect it to our Azure portion.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete since February.

What do I think about the stability of the solution?

The product's stability is okay.

What do I think about the scalability of the solution?

The tool's scalability is average.

How are customer service and support?

The support people of SentinelOne do not know the different products offered by SentinelOne. How can they support their customer if one person knows one thing and the other doesn't? They tell us the issue does not come under them and point us to a different team.

There is a SentinelOne support team and a Singularity support team. SentinelOne's support team is okay. Once, the technical support and help desk director got involved with all our issues. However, the director got involved after we strongly complained about the issues. That's not the way it's supposed to be.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used Arctic Wolf.

How was the initial setup?

The initial deployment was good. The solution is cloud-based.

What about the implementation team?

We took help from SentinelOne to deploy the solution. We paid for it, but it was not worth the money we paid for. Two people from our company are required for the deployment. The solution requires maintenance.

What's my experience with pricing, setup cost, and licensing?

The licensing is okay. I don't see any issues with it.

Which other solutions did I evaluate?

We evaluated other options. We were trying to have one solution for everything. We heard that SentinelOne purchased another company. Other products like Rapid7 provide multiple solutions and products for our needs. We saw that SentinelOne provided us with one product and one support system. However, even while using SentinelOne, I have to contact different teams.

What other advice do I have?

When we purchased the solution, it did not do what we expected. We didn't use all of the features. It has quite a few options. There are a bunch of more add-on modules. Other products from SentinelOne are not good. I am really disappointed with them. The user must understand the solution by just reading the training documents. The team claims it is professional, but it lacks a lot of functions.

The integration is fine, but the feature is not how they market it. It looks good on paper, but it's not what we think it is. It's not a ready product in marketing. I am disappointed with it. The interoperability is still under development. Not many people know or understand it, including people from SentinelOne. When we call and try to figure out what's going on with the solution, not many understand what it is. There is a lack of training on their products and services.

The Ranger functionality is fine. It’s only been six months since we started using it. We're still learning as it goes. I think Ranger is probably better than Singularity. Sometimes, they send false positives. It's not really a big feature for us. It's good. They're trying to prevent any networking attack, but I don't think it’s there yet. They're just trying to discover what is on the network, but we already have other tools for that.

It is important for us that Ranger requires no new agents, hardware, or network changes. Ranger is just trying to discover whatever issues we have. I don't think it can prevent it. I don't think it can block issues or protect our devices.

Overall, I rate the product a seven out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.