SentinelOne Singularity Complete Reviews

Our company serves as resellers and solution engineers for our enterprise customers. We deploy and support the solution in customer environments. 

The XDR capability is quite good and offers advantages such as its real-time detection that is superior to CrowdStrike. I hear that face detection capabilities have also been added. 

The dashboard should include troubleshooting because it can have problems. 

Sometimes, the XDR does not configure its policies for data security on time. 

The XDR should include ECI compliance, multiple data securities, and the load balancer for network firewalls under one umbrella. It would be beneficial to buy a salient solution that does everything. 

The cloud side could be improved to include security, advanced integrations with other products, storage accounts, monitoring, and support. 

The solution should include USB blocking for specific machines. 

I have been using the solution for one year. 

The solution is stable with no issues. 

The solution is scalable. 

The technical support is half and half. They offer good support but response time is slow. Sometimes, you have to contact multiple engineers to get good information and that is a challenge. 

Neutral

We deploy the solution for customers. 

The solution's XDR is superior to CrowdStrike. 

I am satisfied with the solution and rate it an eight out of ten. 

We use SentinelOne mainly for lateral movement, ransomware, anti-malware, AI engine, and forensics.

The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory.

SentinelOne can improve by having better integration with Active Directory.

SentinelOne can be deployed on-premise and in the cloud.

I have been using SentinelOne for approximately two years.

SentinelOne is stable. However, the only issue I had was with legacy system, such as older kernels. The newer systems are more stable.

The scalability of SentinelOne is good, but my biggest concern is they need to find some way to automatically install their agents to specifically Microsoft Windows devices because not every IT infrastructure has SECM of others that automatically deploy it. It would be helpful during the migration of new customers.

We have approximately 4,000 systems using the solution and plan on adding another 400.

I haven't had the opportunity to interact with SentinelOne support.

I have previously used Microsoft Windows Defender.

The initial setup of SentinelOne is very easy. You only need to turn it on and it starts working with a couple of clicks. The ease of implementation is SentinelOne strongest feature.

We have three people deploying SentinelOne. As part of the team deploying the agent, there are multiple teams involved, and each one can deploy an agent when they have their own time.

SentinelOne can cost approximately $70 per device.

The advice I would give others that are thinking of implementing SentinelOne is if they have any other solutions, I would highly recommend them to start using it, especially if they have Active Directory. It's very good at picking up weird anomalies.

I  rate SentinelOne an eight out of ten.

We use the solution for anti-malware, policy enforcement, and blocking USBs, for example. It's used for detection in general, and for protection and threat blocking.

The solution is very straightforward to set up. 

The features are great. It is excellent for detection and device blocking.

The network control has been useful, as well as the firewall control. 

The solution is both stable and scalable. 

The inventory is a good feature. However, it's not up to date. The delay in updating inventory is ten minutes. If it can be improved, it will help a lot. 

For the general IT management, there is a need to correlate the software version from inventory with the CVE information. For example, we have the CVE, however, it doesn't take into account the current version. We need it to stay up to date with the latest version. 

I've used the solution for less than one year.

The solution is quite stable. It's reliable. There are no bugs or glitches. 

The product can scale very well. 

We have less than 50 people on the solution currently. We are using it in a smaller environment.

We do have plans to increase usage in the future. We are, in fact, still deploying it. So the department is not finished yet.

We get technical support from the vendor. 

I've also used Microsoft Defender.

It offers an easy implementation process. It's not overly complex or difficult. Setting everything up on the cloud is simple. The deployment was done in a matter of days. In the end, it took less than a week. We had two people handle the deployment process. 

We did have some outside assistance. They helped with half of the process. 

We found the ROI to be quite high. However, it would vary, depending on the contract. It's a good investment. I'd give it a five out of five.

I cannot speak to the exact pricing. That said, it's very reasonable. I'd rate it five out of five in terms of affordability. There are cheaper options; however, it is quite affordable. We pay a yearly licensing fee. 

We are a customer and end-user. We deal with a SentinelOne partner. 

I can't speak to which version we are using.

Whether or not the solution would work for an organization depends on the environment and other factors. That said, we are very satisfied with the product overall. 

I'd rate the solution ten out of ten.

We use the solution for endpoint threat detection. 

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI. 

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening. 

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end. 

I have been using the product for a year. 

I have not used support yet, which is a good thing. 

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation. 

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario. 

The product has reduced our organizational risk. Any tool designed around security mitigates risk. 

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people. 

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI. 

I rate it an eight out of ten. 

We use it as an Enterprise EDR solution for threat detection, anti-malware, and security investigations.

SentinelOne Singularity Complete has greatly enhanced our security posture. We feel that our endpoints are more secure. We are in the know of what is happening within our company from a security perspective. We are confident in the ability to detect untrue positives. It has also helped us in achieving industry certifications such as SOC 2.

SentinelOne Singularity Complete has absolutely helped reduce our organization's mean time to detect. There has also been an impact on our mean time to respond. With the integrations that we have set up with Splunk and other products, we are able to respond to incidents as soon as they alert us.

We have a couple of integrations with it. They are alright. I am not blown away by its integration capability.

SentinelOne Singularity Complete has not helped reduce alerts. If anything, we create more alerts with it. We are able to fine-tune the product to reduce noise and alerts, but without it, we would not have any alerts. It is the piece of software that provides that alerting capability for us.

SentinelOne Singularity Complete has not helped free up staff. In a way, it creates work for us, but that is the purpose of the product.

The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features.

There should be Terraform support for console administration. Dynamic tagging would be also useful. 

The auto-upgrade capability should be improved.

I have been using SentinelOne Singularity Complete for two years at this company. My company has been using it longer than that.

Its stability is pretty good. I like the stability of their agent.

It is extremely scalable.

Their technical support is pretty good. I would rate them an eight out of ten.

Positive

I was not here when they bought this solution, but I know why we bought the tool. We replaced another EDR solution, and then we used it as our enterprise EDR solution for ransomware prevention, threat hunting, and security investigations. We were using CrowdStrike previously. SentinelOne Singularity Complete also saved us money. It is very competitive compared to CrowdStrike.

I have used a couple of EDR solutions. SentinelOne Singularity Complete is less mature than CrowdStrike, but it is definitely one of the top players in the industry.

SentinelOne Singularity Complete has not helped reduce our organizational risk. It is about the same as CrowdStrike in this aspect.

We have it on our laptops and the cloud, so our setup is hybrid. I am in charge of deployment, and it is as simple or complex as any other solution. 

It requires maintenance on our end.

We have a team, but I do most of the work. I am in charge of it.

It is hard to define the ROI. It does not save us money, but it prevents security breaches. In the grand scheme of things, it is definitely worth investing in. 

Its pricing is competitive. 

It has competitive pricing and great support. It is a complete solution.

As a strategic security partner, they collaborate with us quite a bit on our overall posture. They constantly have webinars and education sessions for us to deepen our security knowledge and how to use their product. They have assisted us on various PoCs for different offerings that they have and different services they offer. They help us to understand how each of those components integrates into our overall security posture. We did a PoC of the Ranger functionality.

I would rate SentinelOne Singularity Complete a seven out of ten.

We outsourced the operation to a partner, a supplier, and they have managed those services. If the product does identify some abnormal behavior, our supplier is informed, and our main IT division or group IT division is informed. They correct the machine, and they do whatever they need to do.

Nowadays, there is a lot of malware and various other malicious threats. Our system is an internal system. There might be a firewall there, however, malware can still get through an email. However, this solution is very good at detecting abnormal behavior. They act very fast and quarantine machines well. 

We find that having an endpoint protection solution allows us to adapt and react faster. 

I can put something on my pen drive and get the solution to scan it and see if there are any issues. They can identify and block without affecting any core sections. 

The solution is easy to set up.

It's stable.

The solution works quite well and I don't have many notes for improvement. 

The solution can use up a lot of resources when scanning. It would be ideal if it was lighter. 

We find the initial setup does take some time, as you have to do a lot of whitelisting. We'd like the process to be faster. 

I've used the solution for a while. It's been more than two years. 

The solution is pretty stable. I'd rate it seven out of ten. It's pretty reliable. 

You can scale the solution. However, you do have to pay more to expand as you need to purchase more licenses. At this point, we get additional blocks of licenses when we need them. We do not upgrade one license at a time. 

We have about 5,000 clients on the solution currently.

I do not have much experience with technical support.

We also have Microsoft Defender. They are two different products. We use Defender on our machines and workstations, however, not for endpoint security reasons. 

IT installed the solution on my machine. 

That said, my understanding is the initial setup is not overly complex. At first, however, we had to do some whitelisting. You need to perform a few operations, and we had to reinstall the OS, install a backup, and handle whitelisting. While it takes time, it's not hard. 

I'm not sure of the exact pricing of the solution. That's handled by a different team.

We have an IT department that may look at other options, depending on the use case. They've looked at, for example, Sophos, however, they found SentinelOne to be more suitable for us. 

I'm an end-user and not very technical.

While the solution is cloud-based, there's an on-prem server, and that is for the administration of our nodes. Mainly, the subscription is controlled by the cloud.

I'd rate the solution seven out of ten. Depending on the use case and if it makes sense for the company, I'd recommend the product.

The primary use case is as an endpoint detection and response software. Basically, it is an enhanced antivirus, anti-malware, and anti-ransomware solution. It protects from ransomware attacks and other types of cyber attacks. It protects the endpoint from malicious actions.

Protection from cyber attacks is the feature we find the most valuable.

It's a stable product.

We find the solution to be scalable.

Technical support is good. 

The pricing is not too high.

It has a pretty simple user interface and is user-friendly.

They need to improve how we install the software. For the agent of SentinelOne in the endpoint, it's not an automated process. We have to download it and then upload it on the endpoint. That is something that can be made simple. The uploading of the software in the endpoint, if that can be done publicly, would be great. The setup should be available publicly. The agent installation should all be done in the cloud.

I've been using the solution for more than a year.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

The solution scales well. You can expand it as needed. 

We are a small organization and have around 200 to 250 people on the solution. 

The management is outsourced, and I find they are doing a very good job. We are satisfied with how we are able to get help if we need it. 

This is the first EDR solution we used. We did not have another solution in place beforehand. We only used basic antivirus software previously.

The initial setup is annoying since you have to download the agent and then upload it to the endpoint. 

For maintenance, basically, I'm the admin for SentinelOne. Also, there is a different organization altogether to whom we have outsourced the management of SentinelOne. They have their own employees. Their particular team would be working for our organization. They are an SoC organization, and they work 24/7 for various clients. We are one of their clients.

The pricing is reasonable. 

I'm not sure of the exact costs, as those are managed by a different team.

I'm a client and end-user. 

The solution is pretty easy to implement and administrate. We have not tried to integrate it with other solutions. While the pricing is reasonable, it's a bit more than typical antivirus software. That said, it has advanced functionalities that make the price worthwhile. Therefore, I would rate it nine out of ten. 

My primary use case for this solution to protect my clients and sites that I support from malware and ransom ware. It is installed on the end point clients and servers as a client and then it clean and protects after a reboot. As a managed service provider we found it instrumental at preventing viruses and especially preventing ransom ware. We went from 30% ransom ware infections to zero. The software stops the infection before it executes.

It has saved hundreds of hours fixing destroy and encrypted computers. In the old days even if you restored the files Windows was still damaged. This stops the software from executing.

The valuable feature of this solution is the ability for it to stop a virus or ransom ware. It uses a SOC for active monitoring and AI software that watches where you go and what gets executed. If it sees danger I get alerted and the machine is frozen. If the SOC believes it to be a virus the machines network card is frozen or the machine is automatically returned to the state before the file was executed and the file is erased. If it's safe the machine is auto unfrozen. I can go in look at the logs, verify if it's a false positive and unfreeze the machine. If I believe it is a virus I can return the machine to before the file got executed. Erasing any damage. If I believe it's a false positive I can mark it benign and re execute the file. So far it's stopped four ransomware cases from getting through, so it's doing a good job.

I think communication and documentation could be improved in the solution. When you get a virus alert, there's not a lot of upfront training to let you know how to resolve a situation when it occurs. The first couple of times you're flailing a little bit until you get it sorted. I would probably also suggest that the interface could use a little bit of help. It's a little hunt and peck. 

For additional features, I'd like to see the ability to control it on a cell phone. It would be great if I could have it in the palm of my hand so that if I get a false positive, I can just look at the dashboard on my phone.

I've been using this solution for seven months. 

The solution seems super stable, although you do get some false positives, especially when it encounters a new piece of software. But the SOC is able to quickly whitelist and adopt to the new software fairly quickly.

The solution is scalable. I'm able to put it both in a script and I can see it being able to be deployed in a large environment as well as a small one. I have 285 end points and the roles are anywhere from financial traders to insurance agents. All employees have access to the solution, it's actually turned into my main route for antivirus end protection and the product doesn't require any maintenance except for when it finds a virus.

I've used technical support a few times and it's very good. They're very responsive and they alert you very quickly when there's an issue. They lean heavier on protection, which can sometimes be a problem. A lot of times, by the time I'm logged in to look at it, they've already figured out that it's a false positive and they mark it and whitelist it and put the machine back online. All that can take less than a couple of seconds.

I've previously used several antivirus programs and then I got to the point where I wanted to use an artificial intelligence program. Originally I used CrowdStrike, which I also liked, but the main reason I switched to SentinelOne is because it's incorporated as part of my MSP solution suite.

The initial setup is very straightforward. When you implement, it goes through and does the initial scan and it makes the configuration changes that it needs. I haven't had a problem with any deployment at all and it's a very quick process. 

It's deployed in house

The cost of the solution varies and depends on your relationship with the supplier. My cost is USD $6 per end point. I don't have additional costs on top of that.

I evaluated, Norton 360, Windows antivirus, Webroot, Crowdstrike, and ESET

With solutions like these it's important to keep in mind that any automated system can give false positives, especially when they first encounter your software. Be patient, work with the SOC and the technical support team. If your work is implementation, then do whole sites at one time. It's best to do it in sections, let it sit for a couple of weeks and then do the rest.

I would rate this solution a ten out of 10.