SentinelOne Singularity Complete Reviews

I use SentinelOne Singularity Complete to prevent and mitigate attacks on my laptop.

While traditional antivirus programs can offer some protection, they often fall short against advanced cyber threats. This means having an antivirus doesn't guarantee my laptop's safety, as I've experienced with viruses, blue screens, and even complete crashes. Therefore, finding a more comprehensive security solution that actively prevents infections and stops attacks before they happen is crucial. The repeated blank screens on my laptop are a clear sign of a compromised system and so I implemented SentinelOne Singularity Complete to mitigate these problems.

The interoperability of SentinelOne Singularity Complete is one of the key features. I integrated SentinelOne Singularity Complete with another solution for a customer and it was seamless.

SentinelOne Singularity Complete integrates well with my existing security solutions and provides effective data correlation. While our company has a smaller security stack, the larger customers who've incorporated Singularity across their entire security infrastructure have experienced seamless integration.

It streamlines our security posture by consolidating disparate solutions into a unified platform. This eliminates the need to navigate siloed interfaces for attack visibility, while automated response capabilities minimize the manual effort required for mitigation.

I sold the Ranger functionality to a customer who is an ISP and needed more network visibility.

Customers appreciate the ease of use of SentinelOne Singularity Complete's Ranger functionality, as it doesn't require installing new agents, or hardware, or making network changes.

SentinelOne Singularity Complete provides us with the confidence of knowing we're protected when connecting to external networks. Its user-friendly interface and seamless integration enable us to easily add more security features as our needs evolve, without incurring significant costs.

The number of alerts has been reduced. We used to get a lot of false positives and the solution has reduced our alerts by over 60 percent.

By quietly resolving most issues in the background, SentinelOne Singularity Complete frees up our time for other projects and tasks. This way we don't have to call our support team and we don't lose any productivity. We can save around four hours a day when an issue is detected.

Our MTTD has been drastically reduced by SentinelOne Singularity Complete to less than 30 seconds.

Our MTTR has been reduced thanks to the automated AI response from SentinelOne Singularity Complete. What we do after that is use the insights provided by the endpoints and the management console to help guide the client on what steps should be taken moving forward.

Switching to SentinelOne Singularity Complete significantly reduced our security costs. Previously, our solution was both expensive and insufficient for our needs. By moving to SentinelOne, we achieved a 40 percent cost saving. Additionally, we benefitted from time savings and increased productivity, further contributing to our overall cost reduction.

SentinelOne Singularity Complete has helped to reduce our organizational risk by over 70 percent.  

The offline protection offered by SentinelOne Singularity Complete for my devices is valuable.

The automatic mitigation features are incredibly valuable. Over the past two months, receiving alerts on my laptop about mitigated attacks has been one of the key benefits. It's fantastic that I don't have to manually intervene in the mitigation process, yet I'm still informed about potential threats and assured that I'm protected.

The detailed history logs allow us to easily detect malicious behavior within the network.

I would like to have firewall functionality within SentinelOne Singularity Complete.

I have been using SentinelOne Singularity Complete for eight months.

SentinelOne Singularity Complete is extremely stable in the cloud.

SentinelOne Singularity Complete is highly scalable. We have had many clients easily scale their number of endpoints.

The technical support is good.

Positive

We previously used Sophos and Fortinet for the firewall but switched to SentinelOne Singularity Complete because of its more robust capability, ease of integration, and lower cost.

SentinelOne Singularity Complete stands out as the most innovative and forward-thinking solution in the market. Through strategic acquisitions, SentinelOne has gained a distinct edge over its competitors.

In the beginning, our technical team did not have a lot of information but once they received some guidance from SentinelOne the deployment was easy.

The efficiency gains and enhanced security delivered by SentinelOne Singularity Complete consistently ensure a positive return on investment.

SentinelOne Singularity Complete's pricing is affordable. They offer licenses from zero to a hundred making it accessible even for smaller businesses.

We evaluated CrowdStrike but we didn't have much information about how it worked, its functionality, or cost.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is a mature solution that takes care of most of our use cases for EDR and the Ranger functionality provides visibility into our network. SentinelOne Singularity Complete as a first line of defense gives us peace of mind.

No maintenance is required from our end.

SentinelOne is my go-to as a strategic security partner when it comes to anything EDR-related.

SentinelOne Singularity Complete is a great solution and I recommend it. SentinelOne Singularity Complete can easily be deployed in any environment and is cost-effective.

It's endpoint protection that also takes care of the server.

Mainly, we [my company] have a lot of systems on Linux. So when we were looking for an EDR solution, we evaluated all three top options: SentinelOne, CrowdStrike, and Carbon Black. We found CrowdStrike to be slightly better than SentinelOne in terms of features. But the only reason we chose SentinelOne was that its Linux agent was far superior.

We review our EDR solution every year. So far, it's been SentinelOne. Earlier, it was Trend Micro, I think. So we evaluate and change our protection software almost every year.

It is quite easy to manage our environment with the Singularity console.

We have policies in place to isolate any suspicious behavior from the network immediately. There's even a zero-trust option that we utilize.

Moreover, visibility into the attack surface and risk is good. It's protecting quite well. We do have incidents regularly, but no major ones at all.

When it comes to threat detection and prevention, it's quite sensitive and quite good.

We do the evaluation every year, so we always see something new that comes in. We evaluate across products and then choose the best one.

SentinelOne supports both Linux and macOS. All SentinelOne features were equally supported across Windows, Linux, and Mac, whereas CrowdStrike was more heavy on the Windows side. They did not support all features on Linux.

The Singularity console provides a unified view. But we already had similar dashboards available to the ones we had engineered ourselves. So it's not a deal-breaker. For us, it was about supporting multiple operating systems. That was more important. So, these dashboards we have are third-party tools integrated with SentinelOne.

SentinelOne could work on a more centralized dashboard.

Also, it didn't have much incident management built in.

We've been using it all across for the last three years.

So far, I didn't face any major issue with stability. They communicate in advance about any maintenance downtime or updates. But so far, we haven't faced any outages.

Scalability is quite seamless. We have people who work from home also. There are no issues. It scales across geographies, and we haven't had any problems.

The customer service and support are good. Their responses are quick. We normally interact with them only over emails or their forums.

We never had to talk to them or call anybody. It's always been emails or forums, and it's been efficient.

The forums are really good, actually. As long as you follow their forums, that's more than enough, at least for us. I don't know about others, but for us, we found that asynchronous communication is more than sufficient.

Positive

CrowdStrike was a bit better in terms of features. They had a much more centralized dashboard for tracking, In case of investigating incidents, the evaluating mitigation plans from the community were also good. They were much more mature in those incident management scenarios. 

SentinelOne was just detection and isolation; it didn't have much incident management built in. But we have our own incident management function, so that wasn't a deal-breaker.

The initial setup was quite easy and very straightforward. 

My team is familiar with most of these products, so for them, it was a breeze. There were no issues.

We normally take an evaluation period of 45 days. That's the trial period they give, during which we test everything and then give them the results.

Overall, the price is very competitive. It's just relatively low compared to other products. The team told me it's something like 12% cheaper than CrowdStrike.

SentinelOne is much more cost-effective compared to other software because they offer a lot of flexibility in terms of licenses, which you can scale every month.

But others might have a more user-friendly, centralized console. If that's a need, then you have to pay a premium for that.

Overall, I would rate the solution a nine out of ten. Considering what happened with CrowdStrike recently, it is all over the news. 

The main point is that if you want feature parity across Mac and Linux, they should go with SentinelOne, not CrowdStrike. CrowdStrike may be very good for Windows, but that's also in question right now. We feel SentinelOne is a little better for Windows.

I typically deploy it into typical business environments such as law offices, doctors' offices, and marketing companies. I have clients of all walks of life, including accountants, attorneys, doctors, and veterinarians. I work in a very simple environment and am not dealing with high security, such as CIA-level security. For example, I use it in a doctor's office where it does a good job staying HIPAA compliant.

The best aspects of SentinelOne Singularity Complete for these clients are its ability to detect malicious activity. While there are sometimes false positives, they are minimal, making it quite effective. It recently stopped a ransomware attack at one of my clients, proving its reliability. The clients do not see immediate efficiency gains or significant time savings.

I haven't done any integrations, as I'm just in the beginning stage of ramping up the product implementation and mastering the product. I don't qualify myself as a master in the use of SentinelOne Singularity Complete, so I cannot offer great insight on this.

I have dealt with SentinelOne Singularity Complete for less than a year.

The stability of SentinelOne Singularity Complete is demonstrated through its ability to detect malicious activity. While there are sometimes false positives, they are minimal. It recently stopped a ransomware attack at one of my clients, proving its reliability.

My clients are mostly small, and my largest client has about thirty computers. I do the deployment myself, and it's not a huge effort. It's not comparable to dealing with a company that has three thousand computers.

In the past, I used another product that malfunctioned and caused high processor activity which required stopping and reinstalling it. However, this hasn't happened with SentinelOne Singularity Complete. I used to have many false positives with other products that would block good programs, but I haven't experienced that with SentinelOne Singularity Complete, making it more quiet and efficient.

The initial setup was very simple; deployment is straightforward. Fine-tuning it is a bit more involved, but overall, it's a very simple product to get started with.

I was a part of the setup and deployment process.

The return on investment for my clients isn't visible until there is an incident or an attack that gets stopped. Then they realize the value of prevention. The challenge with security products is that ROI isn't apparent until an incident demonstrates the potential for loss. Clients often think they are immune, especially small ones, believing they're too small to be attacked. They don't realize that the cost of an attack could be a hundred thousand dollars, while they perceive the likelihood as very low.

The pricing for SentinelOne Singularity Complete is good. There are other products that are less expensive, but I tell my clients that in security, they cannot cut corners or look for the cheapest solution. If they want security, looking for the cheapest solution means they have the wrong approach, because good products are not cheap.

I don't have hands-on experience with CrowdStrike, Cisco, or Palo Alto products, but I know the companies. I do not have experience with AI features or AI analytics yet. I don't think there is real-time threat intelligence within SentinelOne Singularity Complete, and if there is, I'm not using it. I'm just getting to learn the product, so I cannot offer any deep insightful opinion. On a scale of one to ten, I would rate it a nine or a ten, as I'm very happy with it currently.

We use SentinelOne as an EDR solution and for our cloud-based endpoints.

SentinelOne's data integration has made the incident response process more efficient and faster The solution has decreased our response time. SentinelOne's third-party marketplace has connectors that enable the solution to integrate with many tools. We can monitor the data Singularity generates and seamlessly export it.

I come from a larger organization. Once we fully deployed and started tuning the tool, we began to see more of its potential. I worked with the tool for almost two years. It took about a year for us to deploy it into all of our systems fully. We realized its value once we started getting alerts and information.

It hasn't reduced our alerts. The tool is pretty noisy out of the box. If anything, it has increased our alerts, but we can address that through tuning. 

SentinelOne has many capabilities out of the box. The setup process is smooth. It's easy to install on various systems and keep track of them. It did not cause any major instability.

As with any security tool, SentinelOne has slight issues with our third-party tools, but it does a good job of providing exclusions. Their support team walked us through configuring the agent to handle other third-party tools properly.

I would suggest improving the RBAC for user access. It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level. Additionally, the exclusions seem overly broad or very specific, making it hard to tune the SentinelOne agent. The solution is noisy out of the box, so you must tune it to weed out the noise and find what's useful. It's a complex process.

We have been using Singularity for almost two years now.

The agent itself does not cause any major instability, but it has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.

SentinelOne scales well. The tool's built-in automation for deploying the agents works well for large infrastructures like mine.

I rate SentinelOne support nine out of 10. Customer service is usually prompt with their responses. They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.

Positive

I have used CrowdStrike and a tool called F5 Threat Stack. 

The initial setup was extremely easy. The total deployment took nearly a year due to the deployment processes and our large infrastructure, not SentinelOne. The maintenance includes addressing the false positives and tuning them as necessary. We also need to update the agents and the scanning engines that they use.

We handled the deployment with an in-house team of four developers and assistance from a SentinelOne team. No third party was involved.

Pricing seemed reasonable at first. However, the way SentinelOne handles its licensing did not work for our environments and led to secondary discussions around cost. They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.

I rate SentinelOne Singularity Complete seven out of 10. Singularity is a fairly mature solution, but there's still some growth to do. It's better than most competitors, but others have some features that SentinelOne lacks.

We use SentinelOne's EDR platform. We use Ranger for network discovery. It helps to find out any endpoints that do not have an agent or rogue devices that may come up on the network that are not protected. It allows us to isolate them until we have the proper protections in place.

We are starting to delve into Identity.

The EDR platform has helped us achieve our business goals by providing the best security against ransomware, which is the number one threat to our business.

We have seen a lot of benefits since we deployed SentinelOne many years ago. We were able to consolidate around eight different antiviruses globally. It saved us licensing costs, human capital, and the amount of time it takes to keep up with some of the legacy technologies.

Other than that, the product gives us so much visibility to things. We did not have that visibility before. It also gave us access to every endpoint globally from a single platform. My engineers and my SOC operators are able to touch every endpoint globally in a matter of seconds. We are able to consolidate all the data that we are getting from the platform. We then build rule sets and protections and automate playbooks to be able to help save time so that we can focus on some of the bigger threats that we have.

SentinelOne has had a huge impact on our risk management posture. In my viewpoint, any threats, especially with ransomware being the biggest threat to our business, can lead to downtime for operations. If manufacturers are not making the product, we are not making money.

SentinelOne has helped us improve our analyst efficiency because of the simple fact that it is a single singular platform where they have access to every endpoint data that is out there in the world in our scope of devices. It gives them the ability at their fingertips to dive deep into the telemetry data that they need to make a justification or make a decision about a threat.

SentinelOne helps us reduce noise. We also leverage SentinelOne Vigilance as a managed service provider, which takes away the load from my analysts. It enables us to develop playbooks to cut down the noise and helps us to prioritize what matters the most, which makes us way more efficient. It makes us speedier when it comes to the time to react to a threat.

SentinelOne, especially the Vigilance team, helps us to reduce false positives. It is not only because the technology itself is so good at what it does; it is also because of the information that we get related to a threat or an alert. The information is enough for us to have some sort of disposition on what that is. We can then write a rule or mute that through a click of a button so that it is not constantly coming to the surface.

SentinelOne helps us with our incident response process tenfold. We have so many options, from automation to using Purple AI, to give my analysts more confidence in their abilities. It is an amplifier. It is not a replacement. It is a way for them to build their confidence and skill set, but it also increases our efficiency and our time to respond to threats. The storylines with SentinelOne were probably one of the first things that caught my attention back when EDR was new to the market. They help the analyst develop a storyline or improve the storyline that they have already developed.

SentinelOne helps us with our mean time to detect by the fact that we have every endpoint consolidated into one platform. We have the prioritization based on the rule sets, the type of devices, the classification of the data it holds, or the classification of the department or the sensitivity of a manufacturing process in that environment. These methods help to cut the detection time for my analysts.

The platform provides multiple ways to communicate. With the addition of Vigilance and their main services, there is a very drastic reduction in the mean time to respond based on the information they give us. The information that we receive from those methods helps us to make a lot quicker decisions with the threats.

From an organizational perspective, SentinelOne helps me and empowers my team to be able to communicate to the business about some of the adversarial threats that we have in our environment. A lot of times when an endpoint or a production or line unit is impacted, the teams come to us with reports of a false positive, but in fact, it is not. SentinelOne helps us to educate, inform, and reinforce to the organization why we are here. We are here to help. We are here to help the business grow.

When we first looked at SentinelOne, we had a very distributed legacy antivirus environment. Through SentinelOne's platform, we were able to consolidate about eight different antiviruses globally, thus saving money and time. There were savings in terms of human capital or the amount of time it takes to keep up with some of those legacy technologies.

Like any vendor, SentinelOne had its challenges, but throughout our history as a partner and as a customer, they followed through with every commitment they made. That is huge. I do not look for a vendor, I look for a partner—a long-term partner. CISOs need partners to be successful. We have to lean on each other. There are things that they can do to improve the console or improve the product, and they are making strides in it. One value that I can bring to them is the fact that I am on the advisory board. As a customer, we bring problems or challenges or even opportunities to them that they take back to their product teams and marketing teams to come up with a solution. Being able to ride side by side with some of the developments they are making now, in the near future, or in the far future is pivotal to the success of a security organization.

We have been using SentinelOne's EDR platform since 2018.

The support teams speak various languages worldwide, which is beneficial for a multinational corporation like ours. We have teams across the world, and having support in native languages saves us time and increases efficiency.

Positive

We had a very distributed legacy antivirus environment before and selected SentinelOne for its consolidated platform.

We are also using a different SIEM solution currently but are considering migrating to full XDR in the future. We rely very heavily on managed services and Vigilance. We have a small security team, but over time, we will be able to build some hybrid models or hybrid approaches and start to go towards XDR.

When we looked at the EDR, having a single agent was a big deal. We have come a long way since then, but one of the primary reasons why we chose SentinelOne was their ability to package everything from a single agent.

The ROI is significant with SentinelOne, as it saves us money, time, and human resources by consolidating eight different antiviruses into one unified platform globally.

SentinelOne makes licensing easy by reducing the number of modules or packages that they have to offer. A lot of other vendors make licensing very complicated with separate modules or separate costs. By bundling necessary features, SentinelOne ensures that security leaders are not left confused by options. This bundling of necessities has served our needs well.

As they bring on more technologies and more offerings, they are either bundled with the premium packages or other packages they have or they are bundled separately as another SKU.

We compared SentinelOne against its competitors while evaluating EDR solutions. SentinelOne stands out to me from the competition because they stand by every commitment they make. They are extremely transparent and extremely collaborative with the customer base. They take back everything that the customers bring to the table and make the product better. It is a two-way street. We also have to give. We are giving that money for a product, so we are investing in them. At the same time, we want to have a voice. They allow us to have a voice. The fact that they are a true partner sets them apart from the competition.

Their transparency, their willingness to work with customers and receive feedback, and the humility to admit their faults but figure out a way forward with their trusted partners or customers set them apart from the competition. They have done a good job of getting the endpoints correct. They have done a good job at saturating the market with such a good endpoint product. The endpoint data is the most critical telemetry data that we have. If you think about network and email, those are all delivery methods, but a crime is only committed at the target location, which is the endpoint. With that being the most valuable information we have, they have done such a good job with that. They are already there at the endpoint. There are a lot of other things they can do to improve the data that they have with things like identity and network discovery. There are opportunities where you take Purple AI out and put it on top and extend the width or breadth of your security team. You can extend the breadth of reach across multiple facets or multiple layers of defense from one single platform.

AI is huge. It is a topic that comes with a lot of different variables. Some are good, and some are not so good. AI as a whole is not something to fear. It is no different than what mobile computing or cloud computing was. We have to embrace it. Embracing it empowers security organizations, security leaders, and security teams. It empowers them to make more and better decisions, and it also saves some time because a lot of the things that they are doing can be automated through the use of AI. It empowers the defenders, and by empowering them, it saves them time and allows them to focus on more important projects, more important topics, or more important threats. AI can help us cut down our mean time to detect and mean time to respond.

I have had several colleagues looking at SentinelOne and comparing them against some of the competitors, which is what you are supposed to do. To those who are considering purchasing SentinelOne, I would advise moving beyond the product. Do not just consider the product when evaluating SentinelOne. Focus on the leadership, product development teams, and their commitment to working closely with customers for long-term success.

SentinelOne is a true partner. We have had our issues. We have had our incidents. There were some times when I was desperate and needed help. They have been there. They are not there at the meat of it. They have traveled that road all the way to the end with me. That speaks volumes. To colleagues and people who are not yet using SentinelOne, I would recommend taking a look. Go beyond the curtain, the actual product, and the marketing. Look into the teams. Look into the leadership. Look into the success of other customers out there like myself. Call them. Talk to them. Challenge the product and challenge the teams, but do not let the first responses ever be the answer you go with. Continue to develop that relationship. That is what you should look for as a partner.

On a scale of one to ten, SentinelOne is definitely a ten. That is not just product-specific, customer support-specific, or road map-specific. A lot of different areas combined give it that score. Having a true partnership means that you are bringing everything to the table. You are helping each other grow.

We use SentinelOne Singularity Complete as our EDR to monitor our network. We incorporated SentinelOne Singularity Complete into our SIEM to mitigate threats.

We implemented it because we needed more insight into the interactions that occurred on our endpoints.

SentinelOne Singularity Complete's interoperability with third-party tools enables seamless data exchange and effortless information extraction or export between them.

Its ability to ingest and correlate data across our security solutions simplifies the process considerably. It's akin to pulling data into a SIEM and correlating timestamps, IP addresses, MAC addresses, and any other metric that would link the two machines.

It helps reduce alerts which is one of the things that attracted us to the solution. It has reduced the alerts by around 75 alerts per week.

Singularity Complete frees up our staff for other projects and tasks, thanks to its out-of-the-box setup and automated operation. I only need to intervene when a real threat emerges.

It helps reduce our mean time to detect and our mean time to respond.

Singularity Complete helps our organization save on costs by preventing malware from entering our machines which would result in downtime and machine repairs.

It helped reduce our organizational risk by 20 percent. 

The most valuable features are threat hunting, the ability to disconnect or disable a machine's network connection in real time, and the ability to restore the connection once the issue is resolved quickly.

Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run.

I have been using SentinelOne Singularity Complete for four years.

I would rate the stability of SentinelOne Singularity Complete a nine out of ten.

I would rate the scalability of SentinelOne Singularity Complete an eight out of ten.

The technical support is difficult to contact.

Neutral

In my previous company, I used VMware Carbon Black. When I changed jobs, my new company was already using SentinelOne Singularity Complete. 

We've seen a positive return on investment with SentinelOne Singularity Complete. The key benefit for me was the ability to proactively prevent suspicious activity on our endpoints. As a practitioner rather than a manager, I dealt with an incident on an endpoint and was impressed by the solution's capabilities. Singularity Complete automatically contained the threat, allowing me ample time to clean the infected machine. Most importantly, it prevented the need to rebuild any other machines, even the affected ones in most cases. I often resolved issues on endpoints within an hour or two, minimizing downtime and ensuring user productivity.

The pricing for SentinelOne Singularity Complete is competitive. SentinelOne has a better price out of the box compared to Carbon Black and CrowdStrike.

Carbon Black lacked the same level of back-end support as CrowdStrike Falcon Complete.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is an innovative solution that is ahead of Carbon Black and on par with CrowdStrike.

It is a high-quality mature solution that will help improve any security stack.

We are deploying it across eight locations, encompassing all departments and protecting our 500 employee endpoints.

I am an IT security analyst and I update the sensors myself.

We have the Singularity Endpoint Detection platform along with the MDR service. We are using their Singularity Enterprise offering along with Vigilance Pro.

We are currently in the process of deploying it. We started with the deployment earlier this calendar year with a goal of reaching 30,000 endpoints this year. We have deployed to about 25,000 endpoints to date. Our end goal is 100,000, but that will be phased in over the next year.

Our deployment experience has been excellent. We have received a ton of support from their customer success team. We are using this initial deployment to tune the product to make sure it is not causing performance issues on our endpoints. We are going about it in a very methodical fashion.

It has helped us achieve business goals in a few areas. Even though we are early in our adoption, there are a few areas where I have seen benefits. One is around the technology, the solution itself. It provides our security analysts with a very succinct and usable interface that they can use to effectively and efficiently manage incidents and investigations. 

The second area is around the MDR. This has been a huge benefit to us compared to our prior solution. We used to get a lot of false positives. That took up the time of our security analysts, which then took away time from addressing real problems.

The risk management at Lenovo has improved greatly over our prior toolset. We have identified risks that we would not have otherwise identified with our prior implementation.

Our analysts' efficiency has gone up tremendously. We are not chasing false positives. The tool provides timely and relevant information to our analysts so that they can address the events with confidence. They know they are working on the right activities, and then along with the managed service, they are not chasing rudimentary incidents. Those are being resolved before they can get to our team.

It has definitely helped us reduce noise. In the prior platform, which we are phasing out, the false positive rate was tremendously high. That caused a huge amount of inefficiency in the team.

It has helped us increase our incident response because we are working as a team. We not only have an improved platform for detecting and managing incidents; we are also partnering with SentinelOne on the MDR and the managed service aspect of it.

It has helped us improve our mean time to respond from a perspective of seeing what is happening. I do not have any metrics related to the percentage of that improvement.

It has highlighted the risk of insider threats, and we have found that on multiple occasions. It is hard to compare if they would have been caught in our prior solution, but we have increased visibility into what is going on across our network and the machines that are connected to it.

SentinelOne is an integral part of our AI strategy. We have recently got a chief AI officer in our organization. He happened to be our chief security officer, so we take AI very seriously. There are two things that AI can impact. We can leverage SentinelOne to help us protect the AI models that we develop and use, but we can also leverage AI for endpoint protection in the product itself. We can utilize the AI offering to improve our response rate and mean time to respond.

We are freeing up our resources and our security analysts' time to focus on the most critical threats to our landscape by not having to chase down false positives. In conjunction with the MDR, many of those incidents and events are mitigated and resolved without any intervention from our team.

SentinelOne can continue to make the presentation of relevant and timely data to the analysts as succinct and clear as possible. It will allow analysts to execute remediation or resolution with the least amount of clicks.

We started with the deployment earlier this calendar year.

The support from SentinelOne has been second to none, exceeding expectations. Maybe we are in the honeymoon period, but they have definitely exceeded expectations. I have been part of many deployments, not just of cybersecurity platforms but also of other platforms, and SentinelOne, in comparison, has been second to none.

Positive

We purchase it through CDW.

One of the primary considerations in evaluating EDR and identity security vendors was around the effectiveness of the detection and the ability to tune the solution to fit our needs. The presentation of the data to our analysts and the ability to detect events and threats that were not detected by our prior platform played a big role in that. We also were able to test out the MDR service as part of our proof of concept. That pushed it over the edge from anything we experienced with other vendors.

Earlier, we had a high false positive rate coming in, which would take up our analysts' time. In addition to that, our prior vendors or other vendors would report threats and incidents to our team but not what action to take to resolve them. The huge difference that we have seen is that we are now getting feedback from SentinelOne and the MDR team, and it is coming back completely resolved and completed. We are more on an information basis, and we do not have to spend any time on resolution or investigation.

Anyone considering changing their endpoint detection or SIEM solution should consider SentinelOne. It offers benefits in the product and technology aspect, service aspect, and partnership, allowing us to influence the roadmap and plan our cyber defenses.

Even though we are early on in our adoption, we have had a direct line of contact with the product team. We have been able to provide feature requests. We are not simply a customer of SentinelOne. We view it as a partnership. We can influence the roadmap. Likewise, SentinelOne is providing us a vision of their roadmap, and we can plan accordingly how to steer our cyber defenses.

As it stands today, I would rate SentinelOne Singularity Complete a nine out of ten simply because we are so early in our adoption that we are not taking full advantage of all the aspects of the solution. We will continue to grow and mature alongside the product.

We use the solution for endpoint protection. Our clients are fintech companies, banks, and other organizations. The tool helps to pick up malicious files in the endpoint and protects the endpoint.

The Ranger feature is valuable. It helps us manage variable assets in our environment. The endpoints and nodes have SentinelOne engines on them.

The product must provide the ability to update applications from the SentinelOne Management Console. Using SentinelOne Management Console to patch applications will be quite useful.

I have been using the solution for 3 years.

I rate the solution's stability 7 out of 10. I've only had issues with the agents once. I reported it through the management console.

We use the solution in endpoints in different departments across the organization. The tool does not require maintenance. We can auto-update it from SentinelOne Management Console. We can push the auto-update agent from the console. I rate the solution's scalability 9 out of 10.

The support personnel always want to share links instead of joining sessions. Getting them on sessions that would probably help resolve the situation is quite hard. They don't always want to do it. That's the only issue I have with them. When we raise a support case, they get back to us and point us to a link to a community guide or solution. They don't respond quickly if the problem requires us to join a virtual session.

Neutral

The initial setup is not complex. The deployment takes about 30 minutes. It is quite fast.

Our customers have seen an ROI on the product. It takes them 4 months to see ROI.

The tool's price is reasonable.

We are partners and resellers. Singularity Complete’s interoperability with other SentinelOne solutions is fine. I've been able to push logs into our SIEM solution. We used our API. It was quite easy to do. The API token expires, so we have to regenerate and integrate it.

The solution’s ability to ingest and correlate across security solutions is quite fast. I don't have any issues with it. The Ranger functionality provides network and asset visibility. It's quite important. We can identify when endpoints that are not permitted or allowed on the network are active. It helps us isolate or deploy an agent on the endpoints. It's quite useful.

Ranger requires no new agents, hardware, or network changes. It is used for existing agents or endpoints. We can also identify neighboring endpoints that do not have agents. It's easy because we do not have to do any additional configurations. It leverages the current agents that we have deployed across endpoints. It's a good feature. We need not deploy another agent to work for Ranger.

A computer that doesn't have an agent is vulnerable to exploits. When Ranger helps to find the computer and network, it helps to prevent vulnerable devices from becoming compromised. We can identify and isolate the computer and deploy the agent on it. Singularity Complete does not reduce alerts.

The solution saves deployment time. We can push agents from the management console to the endpoint. It will save us time from physically going to the endpoint and installing the agent ourselves. The product reduces MTTD by 20%. The product reduces MTTR by 20%.

If an endpoint gets compromised, we will have to spend money. The tool generally helps us stay safe and protects computers. Thus, the solution reduces costs in the long run. Unprotected endpoints are risky endpoints. Singularity Complete has helped reduce our organizational risk.

Singularity Complete is quite a good tool. I'm quite confident in its ability to detect threats. It is good to have SentinelOne as a strategic security partner. People planning to use the tool must go for it. It's a good solution. It does what it claims.

Overall, I rate the product 8 out of 10.