Try our new research platform with insights from 80,000+ expert users
Field Technician at Sonrise Technology Solutions
Reseller
The threat timeline feature gives a breakdown of the files and network connections
Pros and Cons
  • "I have found the activity timeline and threat analysis to be particularly useful."
  • "I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage."

What is our primary use case?

We're a managed service provider, so it's MSP for our clients.

What is most valuable?

I have found the activity timeline and threat analysis to be particularly useful.

What needs improvement?

The automation of certain features could use improvement. For example, it seems common sense to me that if a threat was executed out of a task in your task scheduler that part of neutralizing the threat would be removing that task from the scheduler.

I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage.

What do I think about the stability of the solution?

In terms of stability, I've seen some issues with the deployment or decommissioning not working the way it's entirely supposed to. I've seen the same thing with other managed antivirus so it's nothing I consider unusual. Occasionally I have to go and clean up an installation or an installation that didn't go off cleanly.

Buyer's Guide
SentinelOne Singularity Complete
November 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.

What do I think about the scalability of the solution?

The scale we operate at is pretty small. We've got less than 100 endpoints on this at the moment. Currently, I only have about 80 users. 

Which solution did I use previously and why did I switch?

We still use our traditional antivirus packages, Vipre and Bitdefender, depending on the customer and their use case.

How was the initial setup?

The initial setup took a little bit of orientation but nothing I would consider unusual for learning a new product like this. The deployment did not take very long at all. From the time when we were introduced, got registered for all the different related sites and services it only took a couple of weeks before we could deploy without really needing to think about it. It was pretty simple.

What other advice do I have?

I would advise someone considering this solution to make sure that you leverage the features. It's particularly very useful in sites such as the threat timeline where it gives you a breakdown of the files and network connections.

Call the SOC, the Security Operations Center, with questions. They're always proactive and very helpful but do not rely on the automation to do everything for you. I had an instance where just glancing at the activity timeline, it was very obvious to me there was something traversing the customer's network. There was an infection that was at least partially taking hold and it was worming its way through their network and I would think that the Security Operations Center should see. If they're seeing multiple infections at the same site they should have the same inference happen and call us and notify us and do something about it.  That required manual intervention and it would've been nice to get an earlier notice on it without manual review of activity by myself.

I would rate SentinelOne an eight out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
reviewer2310330 - PeerSpot reviewer
Security Analyst at a consumer goods company with 501-1,000 employees
Real User
Top 20
Helps to centralize and mitigate organizational risk
Pros and Cons
  • "The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI."
  • "SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end."

What is our primary use case?

We use the solution for endpoint threat detection. 

How has it helped my organization?

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI. 

What is most valuable?

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening. 

What needs improvement?

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end. 

For how long have I used the solution?

I have been using the product for a year. 

How are customer service and support?

I have not used support yet, which is a good thing. 

What other advice do I have?

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation. 

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario. 

The product has reduced our organizational risk. Any tool designed around security mitigates risk. 

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people. 

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI. 

I rate it an eight out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Complete
November 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Principal Forensics Lead at Dotcom Security
Real User
The most valuable features are Deep Visibility, Remote Script Orchestration, and Ranger
Pros and Cons
  • "The solution is extremely stable."
  • "The solution can improve by adding more granular firewall capabilities."

What is our primary use case?

The primary use case of the solution is cybersecurity. The solution provides endpoint protection against direct threats and insider threats.

What is most valuable?

The most valuable features are Deep Visibility, Remote Script Orchestration, and Ranger.

What needs improvement?

The solution can improve by adding more granular firewall capabilities. I would like to see an interface where I can in one view change the security posture of all groups with one click. I would like to have a listing of all the groups and then apply what's relevant to all the groups at once.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

The solution is extremely stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and support?

The tech support is brilliant.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward. It takes about four weeks to deploy.

What about the implementation team?

The implementation was done in-house.

What was our ROI?

The ROI is good. Once you go through the stabilization phase and get to know and understand the customer's environment and configure accordingly to what the customer needs, the return is there immediately.

What's my experience with pricing, setup cost, and licensing?

The license is paid annually and is competitive. There are features that are not included in the licensing cost but it does include Vigilance and STAR.

What other advice do I have?

I give the solution a nine out of ten.

On average, once the implementation phase is complete the solution only requires two people to maintain it.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Vijay Mohan - PeerSpot reviewer
Senior Manager INFOSEC AND Risk ASSESSMENT Engineering at Atlas Systems
Real User
Top 5
Beneficial ransomware blocking, simple deployment, and easy to use
Pros and Cons
  • "SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control."
  • "The training for SentinelOne Singularity should be free. The solution has a lot of features but we do not know how to use them all. The moment someone purchases the solution they should contact them and provide them with a feature session on how to use the features."

What is our primary use case?

We use SentinelOne Singularity for cybersecurity. For example, ransomware protection. It protects our network against the latest cybersecurity threats, continuous monitoring, and real-time checks of our network. 

There are many things that we consider in a solution, such as how often it updates and does patches, and what issues are there in the network or on the desktop or OS. If any patch is missing, it should inform me and send me CVSS and CVSE scoring of my threat perspective.

What is most valuable?

SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control.

What needs improvement?

The training for SentinelOne Singularity should be free. The solution has a lot of features but we do not know how to use them all. The moment someone purchases the solution they should contact them and provide them with a feature session on how to use the features.

When we connect the solution to our patch management system they should explain to us how to do it. Additionally, it should be notifying me what patch is missing in my system.

For how long have I used the solution?

I have been using SentinelOne Singularity for approximately six months.

What do I think about the stability of the solution?

SentinelOne Singularity is stable.

What do I think about the scalability of the solution?

We have approximately 250 users using this solution in my organization.

How are customer service and support?

I have used the support team from SentinelOne Singularity.

I rate the support from SentinelOne Singularity a four out of five.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used two solutions for the comparison, CrowdStrike and McAfee. We did do tests before going to SentinelOne Singularity in many areas, such as ease of use, technical comparison, scanning capabilities in terms of cybersecurity perspective, and ransomware protection. Ransomware blocking is a better feature in SentinelOne Singularity.

We have a team of people who have a set of parameters that we use to scan all these tools. They perform comparisons on each and every aspect and SentinelOne Singularity scored better. 

How was the initial setup?

The deployment of SentinelOne Singularity is straightforward and very easy. The whole process of deployment took four hours.

What's my experience with pricing, setup cost, and licensing?

When it came to the price compared to other solutions we tested, SentinelOne Singularity gave us the price of our expectations whereas CrowdStrike could not.

What other advice do I have?

First-time users of this solution should prioritize what they want to protect, and establish if they have the expertise to maintain it. The solutions don't require any high-end expertise to be deployed or maintained but a normal IT system administrator is needed to do it.

I would recommend this solution to others.

I rate SentinelOne Singularity a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Software Engineer at a healthcare company with 51-200 employees
Real User
Lets us centrally manage our active endpoints
Pros and Cons
  • "It delivers the type of security which we were hoping for, since we have a lot of different endpoint users utilizing different types of software. We have people who only use Office software, like email, Word, and PDFs. Then, we have people who use some applications that other people wrote. We also write applications in-house using people who develop software. Therefore, we have some machines using very high-end developer software for mechanical development, electronic development, and software development. Those users are used to managing their PC on their own. The centralize platform allows us to differentiate between those three groups of people. We have overall control and can oversee the security levels at all the endpoints. They have not yet been blocked in any way when performing the functions"
  • "We have had one or two occasions when we had to roll back off our Windows machine. Then, we had an issue with SentinelOne where we couldn't let the client make contact with the cloud service anymore. Therefore, the integration with the Windows Service Recovery could be improved in the future."

What is our primary use case?

We are a company with several types of PC users. Our office ranges from marketing to sales, and we also have people who are remote on laptops all over the world, as well as an R&D department. Those people use PCs in different ways. 

We wanted a platform that has ways of dealing with various kinds of users, but we also wanted a central management so we could overview the state of all our endpoints with one view.

We use the central cloud interface to manage all our endpoints.

We only use it on Windows machines.

How has it helped my organization?

It delivers the type of security which we were hoping for, since we have a lot of different endpoint users utilizing different types of software. We have people who only use Office software, like email, Word, and PDFs. Then, we have people who use some applications that other people wrote. We also write applications in-house using people who develop software. Therefore, we have some machines using very high-end developer software for mechanical development, electronic development, and software development. Those users are used to managing their PC on their own. The centralize platform allows us to differentiate between those three groups of people. We have overall control and can oversee the security levels at all the endpoints. They have not yet been blocked in any way when performing the functions.

I have one instance where we had a trigger of an attack. Luckily, it appeared to be in an unregistered program created a lot of threats by renaming files. This was something that the employer developed by his own. This was an unknown program that generated a lot of threats to very quickly rename a thousand files. However, it was not an actual attack, but the behavior of that program was such that the AI protection of SentinelOne kicked in and alarmed us of a possible attack. One of our employees created a program just for his benefit. It had exactly the same behavior as a ransomware attack would have had, then it kicked in. This is why I'm confident that SentinelOne will also detect real ransomware actions. That is the only one instance where I encountered the Behavior AI software kicking in.

We haven't had any real attacks over the last year. We did have some intrusions mainly from suspicious files that people were getting via their browser and some attachments that I tried to open with double extensions. Luckily, in the last year, we haven't had any actual attacks.

The effectiveness of the solution’s distributed intelligence at the endpoint is 100 percent. We haven't had any incidents break through. We only see a very small reduction in PC performance.

What is most valuable?

The main reasons that we use SentinelOne are the antivirus and Behavioral AI protections. We have this solution centrally managed to see what endpoints are active, along with the latest software protection running. It also provides us external control, so we can block machines remotely, even if they are in another country, because we have account managers all over the world. All these features together protect us against strange behavioral programs.

SentinelOne's one-click, automatic remediation and rollback for restoring an endpoint is very handy. We had some issues with programs that were unknown by SentinelOne, then marked as suspicious and quarantined, because we also develop software ourselves and have software packages that were compiled in 1995 and don't conform to the normal rules. SentinelOne always marks those packages as suspicious because they do something different than they should when you compile them with current libraries of Windows, etc. Therefore, we had some interventions of SentinelOne where you can easily whitelist them and rollback the quarantine action so people who use those old-fashioned programs could easily continue with their work. 

This was only an issue during the first month when we rolled out the software, then it starts doing scans mainly on the R&D PCs, which was our great concern. Normal office use is fairly straightforward, but when you develop software (and we also develop software to communicate with our embedded systems), then the demands are a bit different. However, until now, we have been very happy with it.

What needs improvement?

We have had one or two occasions when we had to roll back off our Windows machine. Then, we had an issue with SentinelOne where we couldn't let the client make contact with the cloud service anymore. Therefore, the integration with the Windows Service Recovery could be improved in the future.

For how long have I used the solution?

We have been using it for about a year now. We rolled it out in December 2019.

What do I think about the stability of the solution?

All the endpoints are running without problems. It is very stable. We have deployed several versions of agents. I haven't encountered any issues, apart from when that rollback occurred, and the SentinelOne agents were locked out of the cloud platform, and the only way to retrieve that was by installing it again by hand. 

Up until now, SentinelOne's effectiveness has been 100 percent.

What do I think about the scalability of the solution?

We are a relatively small company with about 80 employees. Most things are offsite. We do not use automated things very much.

There are four users from the admin side.

Together with another colleague, we chose SentinelOne, then tested and deployed it. A few other colleagues have monitoring views in SentinelOne, e.g., if a site has to be whitelisted. 

How are customer service and technical support?

I had one issue that I brought up with customer support. They delivered a solution in about two hours. It was related to the issue with the agent. I just issued an email, and in about an hour, the problem was solved. I was delivered a good solution: an uninstalling procedure and how to go about it. That's the only thing that we needed it, and the only time we needed the technical support.

Which solution did I use previously and why did I switch?

Before this solution, we used McAfee, which was not enough for our use. Then, SentinelOne came into the picture. It not only had static virus checking (antivirus), but it also had the Behavioral AI features, like triggers, that we could investigate.

The McAfee solution that we had was more demanding, more expensive, and had less functionality. Three to four years ago, we had an incident with ransomware, and it wasn't detected at the time by the McAfee on all the points. There were two points that were affected. Since it wasn't noticed by the McAfee. we were considering other software solutions from that point on.

SentinelOne offered a good solution, which is the main reason that we went with them. It was easy to manage, although we didn't use McAfee the way we use SentinelOne right now. McAfee was incorporated in our company about 20 years ago, so we probably didn't use all the facilities that McAfee can offer now. 

SentinelOne made us a good offer, especially regarding the Behavioral AI aspect of the protection. Therefore, we just wanted to see what they could offer us. After a year, we are still very satisfied.

SentinelOne had a smaller footprint, both in resources and time-wise, as in load, than the McAfee solution that we had previously.

How was the initial setup?

The initial setup was fairly straightforward. It was very easy to start up. You didn't have to go into a lot of documentation to roll it out. We used the management from the central platform, not our own central platform on-premise, and did it on the cloud version. This way, it could be delivered and updated remotely.

The deployment took a week. We deployed it to about 90 endpoints.

What about the implementation team?

We just had a discussion with the SentinelOne service provider onsite. He gave a revision of how SentinelOne should be deployed along with some examples. Before we deployed it to the entire company, we had a testing time of about two months. 

What was our ROI?

SentinelOne has reduced incident response time. The two main pillars that SentinelOne helps us with: 

  1. Central management: I can ensure management that if there is a breach all the machines and endpoints are up-to-date and protected. 
  2. SentinelOne allows us to switch off an endpoint remotely, which we could do previously. Most people are on-premises, but there are 15 to 20 people all over the world with laptops connected everywhere. 

It saves a few hours a week for one person, because you can see the statuses of all the machines in one place. 

What's my experience with pricing, setup cost, and licensing?

It was cheaper than McAfee, which was a way to convince management to go with the solution.

What other advice do I have?

At the moment, we are very pleased with the solution.

We saw the Storyline technology briefly. However, the Storyline is only when you have actual attacks, and they are not caught in the beginning. Most of our attacks were caught just by static recognition of the files, so there was no story because the file was not allowed to activate. In the beginning, we did some fake file checks in an enclosed surrounding and in a CM setup, which is how I saw the Storyline facilities, but we don't use it.

I would rate this solution as a nine (out of 10).

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Adam Harling - PeerSpot reviewer
Managing Director at NETITUDE
MSP
Top 20
Quick deployment, effective zero-day detection, and beneficial recovery capabilities
Pros and Cons
  • "The most valuble feature of SentinelOne Singularity Complete is the recovery and zero-day detection."
  • "SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature."

What is our primary use case?

We are using SentinelOne Singularity Complete for an EDR platform for our clients.

What is most valuable?

The most valuble feature of SentinelOne Singularity Complete is the recovery and zero-day detection.

What needs improvement?

SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for approximately one year.

What do I think about the scalability of the solution?

We have approximately 1,000 people using this solution. We have plans to increase our usage.

The scalability of SentinelOne Singularity Complete is great.

How are customer service and support?

We do the implementation of the solution in-house.

Which solution did I use previously and why did I switch?

I have previously used BitDefender.

How was the initial setup?

The initial setup of SentinelOne Singularity Complete is easy. For exciting clients, the deployment of the solution can be done in minutes.

What was our ROI?

I have received a return on investment using SentinelOne Singularity Complete.

We've used SentinelOne Singularity Complete capability to enhance our offering and, therefore, be able to leverage that to increase our pricing.

What's my experience with pricing, setup cost, and licensing?

For our use case, the solution is affordable. There are not any hidden fees.

Which other solutions did I evaluate?

We evaluated Sophos, Carbon Black, and CloudStrike before choosing SentinelOne Singularity Complete.

What other advice do I have?

I rate SentinelOne Singularity Complete a nine out of ten,

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Tallis Newkirk - PeerSpot reviewer
CEO/Team Lead at Intech Computer Solutions
Real User
Top 5
Well designed and does what it says it's going to do
Pros and Cons
  • "The most valuable feature is that it does what it says it will do. It fulfills its claims. It’s not really common for products to do that today."
  • "In terms of improvement, the documentation could be better. I would also like to see SingularityOne compatibility with Huntress, and the tighter integration between them would bring more to the table."

What is our primary use case?

I use it pretty extensively. All of my highest-tier clients use SingularityOne.

How has it helped my organization?

All of my business's machines use SentinelOne complete with Singularity and XDR, which ties into things like Azure AD and whatnot. It's really great. Although I don't get the 24x7 Managed Security Operations Center wonderfulness through it.

It is a well-designed product that does what it says it is going to do. It protects endpoints, finds anomalies, and remediates them based on the automation plans I've set up.

It is a really great product.

What is most valuable?

The most valuable feature is that it does what it says it will do. It fulfills its claims. It’s not really common for products to do that today.

What needs improvement?

In terms of improvement, the documentation could be better. I would also like to see SingularityOne compatibility with Huntress, and the tighter integration between them would bring more to the table.

For how long have I used the solution?

I have been using it for three or four years.

What other advice do I have?

I would give the product a ten out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1935105 - PeerSpot reviewer
Cybersecurity Consulting Lead at a tech services company with 51-200 employees
Real User
Good pricing and security but needs better support
Pros and Cons
  • "The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs."
  • "The only problem I have is they don't manually review the threat files. That's the only thing I'm concerned about."

What is most valuable?

It's pretty good. The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs. That's a pretty cool feature. 

It's pretty much the same as similar typical solutions. It is a CrowdStrike, or SentinelOne, or Windows Defender. They do the same thing. 

The pricing is pretty good. 

What needs improvement?

It's probably not that top-notch like CrowdStrike or Microsoft Defender. However, it's okay, it's not bad. 

The only problem I have is they don't manually review the threat files. That's the only thing I'm concerned about.

The support needs improvement. There are some limitations. 

For how long have I used the solution?

I've used the solution for less than six months. 

What do I think about the stability of the solution?

It is a very stable product. There are no bugs or glitches, and it doesn't crash or freeze. It is reliable. I'd rate it a nine out of ten. 

No matter what software you use, you need to do some fine-tuning.

What do I think about the scalability of the solution?

The solution is scalable. You can pretty much deploy to anywhere.

How are customer service and support?

In terms of if we need to send them some actual threat, they cannot manually verify it. That's the limitation of the company. However, for Microsoft, or Symantec, or CrowdStrike, you can actually submit a threat file, then they can manually review it. That's the only thing I've found so far with SentinelOne. The support is not that good. Obviously, probably eventually, they will get it in one year or two years' time; however, right now, it's not there.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I've used CrowdStrike, Carbon Black, and Microsoft Defender as well. 

SentinelOne, CrowdStrike, and Carbon Black do the pretty much same thing. It all depends on the money.

The good thing about Microsoft and CrowdStrike is they can detect the device based on the traffic they're coming from. This is one of the advantages you have. With SentinelOne, this is where they're lacking. For example, for Windows Defender, if you're using your phone, you can figure out it's coming from your phone, or as long as it's coming to your enterprise network, you will know where it's coming from. This is one of the things I could not find in SentinelOne. You can only define it once you deploy it. However, without a proper deployment, you can't actually see it. For the other technologies, even though you don't deploy them, you can actually have a good understanding of the entire fleet and what's happening. For example, all emails are going to Office 365, so that's another way you get an excellent picture of the inventory assets. That's a very good NDM thing that you got it for free. With SentinelOne, they're not to that level yet.

How was the initial setup?

The initial setup is easy. It's even simpler than, for example, Windows Defender. 

The maintenance is very low. It depends on how big the organization is. The false positive rate is very low. Obviously, it should be maintained by a team. Regardless, if it's Windows Defender, CrowdStrike, SentinelOne, or Symantec, it has to be built and looked after by a soft team.

What's my experience with pricing, setup cost, and licensing?

For the functionality you get, the pricing is pretty good. I'd rate it four out of five in terms of affordability.

Which other solutions did I evaluate?

I was actually evaluating Windows Defender. I just want to check to see the selling points and the advantages of having Defender over Symantec products.

What other advice do I have?

I didn't do a technical job; I just evaluated the product. I don't have a partnership with SentinelOne. 

I'd rate the solution seven out of ten. They are pretty good overall. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros sharing their opinions.