The solution provides endpoint protection for all our desktops, laptops, and servers. We also use it for some of the firewalls on the endpoints. We are also doing asset discovery for devices.
Sr. Security Engineer at a healthcare company with 5,001-10,000 employees
Provides high-quality alerts, easy to use, and discovers threats and mitigates them quickly
Pros and Cons
- "Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product."
- "The filtering features of the application management console could be improved."
What is our primary use case?
What is most valuable?
Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product. So, we can push SentinelOne onto those devices.
What needs improvement?
Recently, the vendor took away my ability to create a ticket, mostly because we're in an MSSP environment. It has created a lot of extra hoops to jump through. I recently had a single sign-on issue on the console. I had to go through my MSSP. It took a month and a half to two months to get any resolution on it because my MSSP can't test our single sign-on. They don't have an account in that system. It has been very detrimental to effectively solving issues. I understand that the vendor does not want the clients of the clients submitting tickets. However, when I'm the one who's doing the majority of the work inside of SentinelOne, removing that from my ability has been very inconvenient.
The filtering features of the application management console could be improved. If I search for applications that shouldn't be installed on our endpoints, filtering is not the most straightforward process. Running through the search process takes a lot of time and effort. It would be hugely beneficial if the tool blacklists the applications that are not allowed to be installed. It would help with the management of unapproved applications or malicious applications that might be installed.
The automated agent upgrade system could use a little bit more fine-tuning. The maintenance windows must be a little bit more robust. I have to manually set what agent we're pushing each time we want to change instead of asking the tool to do N-1 for agent upgrades. It's automatic, but it's not quite automatic.
For how long have I used the solution?
I have been using the solution for two years.
Buyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
We've had fewer issues with stability recently, mostly because they made some changes to the actual agents. Shadow copies were filling up the drives and causing some crashes. However, the more recent agents have been much more stable, which has been wonderful.
What do I think about the scalability of the solution?
The tool is very scalable. If we use all of our agents, it's very easy to ask the vendor to add more agents to our license. They get that taken care of, which is really nice. It's been very easy to change and modify groups as we need to.
Exclusions have been very straightforward. I would love to see the exclusions to look at the machines in a group and inform us when we have exclusions that are not found in the directories on the machines. It will help with the removal of redundant or unused exclusions. It will remove some of that risk.
How are customer service and support?
I don't have access to create tickets. The vendor removed the ability. I need to talk with our MSSP for support. They sometimes send us support articles that we already have access to. It takes an extra three to four days to get things resolved. In the most recent case, it was a month and a half.
Which solution did I use previously and why did I switch?
We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.
How was the initial setup?
The initial deployment was pretty straightforward from my perspective. We were able to take the package and deploy it, which made it really easy to get it on all of our endpoints. About ten people were involved in the deployment.
What about the implementation team?
Our MSSP helped us do the deployment. We used the asset management tool Ivanti to push out the agents.
What's my experience with pricing, setup cost, and licensing?
The pricing is packaged in with our MSSP. The cost of endpoint protection is fairly reasonable. Some of the other systems are a little expensive, but there's still value behind them. It's pretty close to what I would expect.
What other advice do I have?
We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.
The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.
We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.
The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.
It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.
We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.
The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.
The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.
The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.
The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.
It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.
It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.
Overall, I rate the solution an eight out of ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Senior Consultant at a consultancy with 10,001+ employees
Great threat detection and prevention capabilities, but needs to support more common development languages
Pros and Cons
- "The threat detection and prevention capabilities are valuable, providing development programming support that enables us to perform fair investigations."
- "SentinelOne needs to provide more documentation for administrators and analytics."
What is our primary use case?
We use SentinelOne Singularity Complete as our endpoint security solution to detect malicious activity and unusual behavior. It is a great tool for analytics and forensic investigations, and it has a good feature for catching threats. I was particularly impressed with this feature.
We implemented SentinelOne Singularity Complete to secure our endpoints.
How has it helped my organization?
SentinelOne Singularity Complete has helped us consolidate our security solutions. We can create use cases and workflows in SentinelOne, and analyze alerts and logs. We can also create custom policies based on our needs. For example, we can create workflows for post situations, or detect specific types of attacks, such as persistence or defense evasion techniques. We can use these techniques to create our own custom use cases, which can then be deployed in production to detect these types of threats.
After deploying SentinelOne Singularity Complete, we were confident we would not face any endpoint security threats. SentinelOne was able to block the type of events that were a true positive. Sometimes, we have also received false positives, but SentinelOne should detect this activity. So, that was the expectation, and SentinelOne has met it. This is very helpful.
SentinelOne Singularity Complete met our business needs and requirements. It was easy to deploy and manage as an administrator, and we can manage the console without having to constantly connect to the user or machine. We can do many things from the console alone, such as taking remote sessions, uninstalling any other solutions or products, and performing cleanup activities. This has been very helpful. We saw these benefits within one month of deploying Singularity Complete.
SentinelOne Singularity Complete helped reduce the number of false positive alerts we were receiving with our previous solution.
SentinelOne Singularity Complete has helped us save three hours per day of our staff's time. The single console makes it easy to manage compliance, including health check reports and the applications we are managing. We were able to identify and remediate malicious files through the console, without having to resolve the issue directly with users or other teams. This is a significant improvement.
SentinelOne Singularity Complete has helped reduce our MTTD and our MTTR.
SentinelOne Singularity Complete has helped reduce our organizational costs by eliminating the need for other endpoint security solutions. It is a cost-effective solution that provides comprehensive protection.
It has reduced our organizational risk by 90 percent.
What is most valuable?
The threat detection and prevention capabilities are valuable, providing development programming support that enables us to perform fair investigations. SentinelOne also provides security for installed devices for all operating systems, including Mac, Windows, and Linux, for users who cannot install SentinelOne themselves and need to connect with the administrator.
What needs improvement?
SentinelOne Singularity Complete needs to support more common development languages, such as PowerShell and Python so that we can better use the solution.
In the release, I would like to have application management features and pre-defined command features that allow us to take control of the system.
SentinelOne needs to provide more documentation for administrators and analytics.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for six months.
What do I think about the stability of the solution?
I would rate the stability of Singularity Complete eight out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Singularity Complete eight out of ten.
How are customer service and support?
We have 24/7 support, but it is just moderate.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
SentinelOne is more secure and offers better scope for threat hunting on Linux than other security solutions, such as CrowdStrike and Microsoft Defender for Endpoint. SentinelOne Singularity Complete allows us to consolidate solutions and is easy to administer from a single console.
How was the initial setup?
The initial setup is straightforward. After completing the proof of concept, we deploy the Singularity Complete solution for our clients. We install the agent and create group policies for detection and prevention. We use a configuration management solution to deploy Singularity Complete within five to ten minutes.
One person can complete the deployment.
What about the implementation team?
We implemented the solution in-house.
What other advice do I have?
I would rate SentinelOne Singularity Complete seven out of ten.
I would rate SentinelOne Singularity Complete's ability to be innovative eight out of ten.
SentinelOne Singularity Complete has a mature GUI.
We deployed SentinelOne Singularity Complete in one of our client environments with 13,000 machines and 1,000 servers.
SentinelOne Singularity Complete maintenance consists of daily monitoring for updates and prioritizing policies and requires around five administrators.
SentinelOne is a good strategic partner.
SentinelOne Singularity Complete makes it easy to perform operations and investigations.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
SentinelOne Singularity Complete
October 2024
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
IT manager at a outsourcing company with 11-50 employees
Helps reduce risk, reduces our MTTD, and saves our staff time
Pros and Cons
- "The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products."
- "SentinelOne needs to improve its endpoint deployment process."
What is our primary use case?
We use SentinelOne Singularity Complete as an antivirus product. We also use SentinelOne's product called Vigilance, which monitors and takes action on active threats in the environment. So, basically, if someone clicks a file, Vigilance recognizes it and takes action for us, providing recommendations and remediation steps. This is a huge value add, and it's in addition to Singularity Complete's ability to monitor threats on devices from the cloud and offer remediation steps.
Our previous antivirus solution was not providing adequate protection. Threats are evolving and mutating rapidly, making it difficult for older antivirus solutions to keep up.
How has it helped my organization?
We have not experienced any interoperability issues. Initially, SentinelOne flagged some older software that was trying to run, but we could allow an exception to continue using the software. SentinelOne would still scan the software's location, but it would not block the processes from running. This flexibility is very useful.
SentinelOne Singularity Complete gives us peace of mind when it comes to day-to-day threats, knowing that nothing will get past them and they are always vigilant in detecting and responding to active threats on the network. It helps us sleep better at night.
It does not produce many alerts, but it has reduced the number of threats we have. Alerts are good, but only if they are not too frequent. When there is an active threat, the alert is clear about what is happening, who is affected, and the name of the machine. The alerts are also concise.
It allows our staff to focus on other more important items.
SentinelOne has helped reduce our MTTD and our MTTR because we pay for Vigilance.
SentinelOne Singularity Complete reduces our risk of major attacks, lowering costs.
SentinelOne Singularity Complete has reduced our organizational risk.
What is most valuable?
The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products. SentinelOne is more than just an antivirus software, it provides insights into threats and shows the flow of attacks. It also allows us to set policies in the cloud so that any other system that is affected by the same bug or virus will be automatically killed, removed, and rolled back. Cloud automation is truly amazing.
What needs improvement?
I would like to see a privilege access management feature added to SentinelOne Singularity Complete. This would allow us to generate alerts when users try to run applications as administrators to approve or deny these requests and create policies within SentinelOne. I think this would be a great addition to the suite, as it would eliminate the need to purchase a PAM solution from another vendor. It would also give us greater visibility into user activity, as the SentinelOne portal is already very good.
SentinelOne needs to improve its endpoint deployment process. To illustrate, compared to ConnectWise, a remote management software that also has some security features. In ConnectWise, we can generate an installation package based on a group and deploy the software to all endpoints in that group without the need for a script.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for three years.
What do I think about the stability of the solution?
I would rate the stability of Singularity Complete ten out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Singularity Complete ten out of ten.
How are customer service and support?
We pay for Vigilance, which is a 24/7 instant response team. However, if we did not pay for Vigilance and I had a question for technical support, they would usually respond within a few hours or the next business day, depending on the issue. I feel that they ask too many irrelevant questions when we are generating a ticket, but I understand why they do it.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were using Carbon Black before, but SentinelOne Singularity Complete is much easier to use. The portal is more intuitive, the email alerts are more intuitive, and everything about it is easier on the eyes. It has a simpler view. Their cost was comparable to Carbon Black, but the solution was much better.
How was the initial setup?
The initial deployment was moderate. It would be much better if SentinelOne had a better way to induct the site token into the installation process, rather than requiring users to create a script.
The deployment took a couple of weeks to complete and required two people. We captured 80 percent of the endpoints within the first day, and then it took a couple of weeks to catch the more subtle ones.
What's my experience with pricing, setup cost, and licensing?
Nothing good is cheap, and SentinelOne is no exception. However, as a market leader with a great product, they don't have to be so timid with their pricing. I would like to see lower prices, but I understand why they charge what they do. It is what it is when it comes to SentinelOne Singularity Complete.
What other advice do I have?
I would rate SentinelOne Singularity Complete nine out of ten.
I would focus more on how the product is delivered and maintained. Maintenance of any type of antivirus product is always an important question when it comes to how to maintain this product and how to use it without dedicating a lot of resources to it. SentinelOne has just introduced an automatic upgrade feature for their client agent that allows us to set a policy to always keep our agents on the general mobility version. This will automatically upgrade our agents for us, saving IT a lot of time. Before, we had to manually upgrade our agents from the cloud, but now this process is fully automated. This is a huge value-added feature, and the agent is not very disruptive.
We have SentinelOne Singularity Complete deployed on our Windows servers across the country. Around 15 people are using the solution.
We must constantly monitor the portal to review items that Singularity Complete has blocked. Occasionally, we must decide whether to allow or deny access. We must definitely stay engaged with the portal, as it is not a fully hands-off solution. This is appropriate, as some interaction is necessary. However, the level of interaction required does not bother me.
If I were to recommend SentinelOne Singularity Complete to anyone else, I would definitely help them understand these types of products. People who are looking at cloud antivirus are usually coming from on-prem antivirus, so they may be shocked by the price. I would help them understand that yes, cloud antivirus products cost more than normal antivirus, but they offer peace of mind. Once they understand this, they can start to appreciate the value of the product.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
IT Manager at a construction company with 11-50 employees
Alerts us instantaneously, provides granular information, and has competitive pricing
Pros and Cons
- "Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even what we are not talking from a security standpoint."
- "The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network."
What is our primary use case?
We use SentinelOne Singularity Complete as an endpoint protection solution. It is our primary endpoint protection solution for our workstations and servers for protection from any kind of threats that may appear on those systems.
We have some localized virtual machines that it is running on. We do not have any cloud workloads.
How has it helped my organization?
SentinelOne Singularity Complete is pretty good in terms of being able to fine-tune the alerting that you get. It is better than other solutions that are super noisy to the point that it is difficult to drill down. If you get an alert of something that is actionable, it is better than getting one alert and then getting five others right behind it. This solution is pretty good at not being noisy.
Luckily, I do not spend a ton of time with SentinelOne Singularity Complete unless there is an alert or a potential breach, but that just does not happen very often. Email security is the front door of protection, and that takes the brunt of any kind of security concerns. Luckily, most things are not hitting our network right now.
SentinelOne Singularity Complete is pretty good at picking up things that are not necessarily malicious and alerting me that somebody or something is using something that needs attention. That happens instantaneously. It is pretty quick.
SentinelOne Singularity Complete is as fast as we can ask. I can see the alert and get on it. It does not take very long, so I am not sure how we can improve more when it comes to our time to respond. We are a small enterprise. It does not take us too long to respond to things.
What is most valuable?
Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even when we are not talking from a security standpoint.
What needs improvement?
The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network.
For how long have I used the solution?
We have had it for a couple of years now.
What do I think about the stability of the solution?
I have not had any issues related to downtime, uptime, or responsiveness of their infrastructure. I have not seen any reports where something was not working the way it was supposed to.
What do I think about the scalability of the solution?
They would far outpace the scale of what we would be looking at.
How are customer service and support?
I contacted their technical support at the very beginning when I was rolling things out, but it was not a major issue. It was just about me getting up to speed with how they do things. I do not have a negative impression of how that interaction went.
SentinelOne is a good partner. I had a few other technical support questions, and they answered them pretty quickly. They were pretty minor things, and they were always pretty quick to respond.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were using another solution previously. It was long ago. We were using Berkeley, which was bought by Alert Logic. The Berkeley product was pretty good, but when they were bought by Alert Logic, I did not like the way they did things. It was complicated. It was not intuitive. Their sales program was a little shady. We got locked into a contract that was not intentional. It was not a great experience. They have a product that is not a direct competitor to SentinelOne. We tried it, and it was super noisy for alerts. If I tried to clear all the alerts in the system, I would not have time for anything else. We were not necessarily looking for it, but because of the platform that we were on, we tried the other offerings that were included in the platform, and it just was not a good fit.
SentinelOne is a much more robust platform than Berkeley or Alert Logic in terms of endpoint protection. In terms of the ability to be innovative, SentinelOne provides tools. If we had stronger security requirements, they have other tools that we could utilize, such as Ranger.
How was the initial setup?
The portal is cloud-based, but the agents are on-prem.
I was involved in its deployment. I am a one-man IT shop. It was pretty straightforward. You get the agent that you want to install, and there is a code that you put in that locks it to your portal. It installs pretty easily.
It requires very little maintenance. Occasionally, I check to make sure that the agent version is pushed out because that is not automatic. I get to choose when the agent gets pushed out. If there is an update, I update them when I want to.
What about the implementation team?
We did not need any help at all. It was just me.
What was our ROI?
We do not put a price on security, but we have to choose between different products that are on the market. We are constantly evaluating other products every year. Endpoint protection is not something with which there is a huge opportunity cost by moving from one vendor to the next. Our security stack is not so integrated with SentinelOne. If, for some reason, they were not the best option, we could move to another option fairly easily. The fact that we are sticking with SentinelOne is a testament that it is not broken. It is still working for us. It gives us good peace of mind about the product line, where it is going, and the protection that it provides.
What's my experience with pricing, setup cost, and licensing?
It is very competitive with other solutions that are on the market. At least the last time we renewed, it was very competitive.
Which other solutions did I evaluate?
I try to stay abreast of different platforms. I reached out to SentinelOne, and they put me in touch with a reseller, so I went out and found it.
The biggest thing was how well SentinelOne ranked versus the other platforms. There was also a cost-benefit of a solution like SentinelOne. We thought it would be effective for endpoint protection.
It certainly was a cost-effective solution as compared to some of the other endpoint protection solutions that were available at the time. I would not have gone with SentinelOne if it was not a good value.
What other advice do I have?
It is a very robust platform. It is a great candidate to serve small business environments. They do not target small businesses. They do not market it to small business environments with 50 users or less, but being a little more technically-minded, I wanted something that was enterprise-ready. Even though our environment is small, it was a good fit for us.
It did not require a lot of in-place support from the integrator or the reseller, but they did provide a large amount of presale decision-making help in terms of what I was getting into and what they could provide. That was very helpful. Talking to an integrator or a reseller so that you can put a person to the discussion is helpful.
In terms of integrations, we have looked into some of the integrations, such as with Mimecast. We have had some interest in that, but we have not utilized any of those third-party integrations. We also looked at the possibility of using some things with log management and being able to have a single source of how protected we are across the enterprise, but we have not yet pulled the trigger on anything like that.
Overall, I would rate SentinelOne Singularity Complete a nine out of ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Director of information technology at Stuart & Branigin LLP
Allows users to see and manage infections from the web-based admin panel, is reasonably priced, and has more advanced technology and multiple features
Pros and Cons
- "What I like best about SentinelOne Singularity Complete is its web-based admin interface, which allows me to go into the platform, look at the entire organization, particularly all of the sentinels or endpoints, and manage everything from there."
- "SentinelOne Singularity Complete takes up a lot of memory in Google Chrome, which sometimes causes it to lag, so this is an area for improvement. The solution could be improved by increasing its efficiency within the web browser."
What is our primary use case?
SentinelOne Singularity Complete is an endpoint protection solution that my company deployed on all workstations and servers to protect against ransomware, malware, and other types of infection.
What is most valuable?
What I like best about SentinelOne Singularity Complete is its web-based admin interface, which allows me to go into the platform, look at the entire organization, particularly all of the sentinels or endpoints, and manage everything from there. For example, if someone is infected, I can manage the whole operation and process from the admin panel.
I also find SentinelOne Singularity Complete beneficial in its interoperability with other SentinelOne solutions and third-party applications. This helps the solution stand out.
The ability of SentinelOne Singularity Complete to ingest and correlate across security solutions is also a great feature.
The solution has not reduced any of the alerts for my company, but I'm happy to see when the alerts come through on the platform. As for the mean time to detect, SentinelOne Singularity Complete helped reduce it by ninety percent.
I noticed the mean time to respond has been reasonably quicker after using SentinelOne Singularity Complete, plus the organizational risk has been reduced.
In terms of quality and maturity, SentinelOne Singularity Complete has been around for a while and is a trusted solution. I have a colleague who works for another organization that was hit with ransomware, and the consulting company working with his team recommended SentinelOne Singularity Complete as one of the changes to implement immediately so from that standpoint, I truly enjoyed hearing that knowing that my company is also a SentinelOne Singularity Complete customer.
As a strategic security partner, I found the solution great, primarily because all of its features work well.
What needs improvement?
SentinelOne Singularity Complete takes up a lot of memory in Google Chrome, which sometimes causes it to lag, so this is an area for improvement. The solution could be improved by increasing its efficiency within the web browser.
Another area for improvement in SentinelOne Singularity Complete is technical support, particularly the response time when dealing with non-critical issues.
For how long have I used the solution?
We've been using SentinelOne Singularity Complete for over two years now.
What do I think about the stability of the solution?
I didn't experience crashing and downtime from SentinelOne Singularity Complete, so I find it stable.
What do I think about the scalability of the solution?
For my company's use, SentinelOne Singularity Complete is great and has no issues scalability-wise.
How are customer service and support?
The technical support provided for SentinelOne Singularity Complete is a seven out of ten because the team takes longer to deal with non-critical support issues. Response time could be faster.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
My company was looking for a solution encompassing a wide range of protection, and SentinelOne Singularity Complete matched what the company was looking for. The company used another product, particularly Webroot, and then moved to this solution.
Moving to SentinelOne Singularity Complete was my company's decision as it had more features, was more advanced and was more suitable for an enterprise application. Hence, the solution was ultimately a better fit when compared to Webroot.
How was the initial setup?
I was involved in the initial deployment of SentinelOne Singularity Complete, which was very straightforward.
What about the implementation team?
SentinelOne Singularity Complete was implemented in-house. I did it all by myself.
What was our ROI?
Anytime my company doesn't get infected with ransomware, there's ROI from SentinelOne Singularity Complete, as being infected with ransomware is pretty costly.
What's my experience with pricing, setup cost, and licensing?
I find the licensing cost for SentinelOne Singularity Complete fair.
What other advice do I have?
I've never used the Ranger functionality of SentinelOne Singularity Complete.
In my company, SentinelOne Singularity Complete has a hybrid deployment.
From a maintenance perspective, I have to ensure the solution is working and looks good, but I only have to go in and check occasionally. In SentinelOne Singularity Complete, the upgrade is automated.
My rating for SentinelOne Singularity Complete is nine out of ten.
I'd tell others looking into SentinelOne Singularity Complete that it provides complete protection and has yet to fail my company, so it's a solution that I recommend. I'd tell others to go with SentinelOne Singularity Complete.
My company is a SentinelOne customer.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Senior Security Analyst at a pharma/biotech company with 501-1,000 employees
Helps reduce our organizational risk, provides great visibility, and can correlate data across our environment
Pros and Cons
- "The most useful feature of all is deep visibility."
- "We have had cases where Singularity Complete has caused applications to malfunction."
What is our primary use case?
We use SentinelOne Singularity Complete to provide endpoint protection for all endpoint servers and Kubernetes clusters in our environments where SentinelOne is supported. We also use SentinelOne to help manage our systems and provide visibility into the assets in our environment.
How has it helped my organization?
We have found that Singularity Complete integrates well with our existing SIEM solution, Splunk, and some of our other system management tools, such as Okta and Armis. We are also looking forward to the additional future integrations that are planned.
I appreciate Singularity Complete's ability to ingest and correlate data across our security solutions. I use this feature quite often, either to perform deep visibility searches to correlate data across different sources if I have specific concerns about security events, or even to track running or operational issues as well. Singularity is not only a security product but it can also be used for troubleshooting non-security and related issues on devices.
Compared to the previous EDR solution, Cylance Protect, we had substantially fewer false positives when we implemented Singularity Complete.
Singularity Complete has reduced our MTTD.
Singularity Complete has reduced our MTTR somewhat compared to our previous EDR solution.
Singularity Complete has reduced our organizational risk by 20 percent, specifically the risk profile associated with malicious activities on protected devices.
What is most valuable?
The most valuable features, of course, are the protection and support for the devices. In addition to that, the ability to see the last log-on dates for time-tracking purposes has been helpful. The most useful feature of all is deep visibility. I think it was recently renamed to something else, but it is the ability to run IOC queries across all devices and gain information to look at any kind of potential events that might occur.
What needs improvement?
We have had cases where Singularity Complete has caused applications to malfunction. The existing interoperability rules have not necessarily been sufficient to resolve those conflicts. SentinelOne needs to work on interoperability with other systems and on the interoperability rule set.
For how long have I used the solution?
I have been working with SentinelOne Singularity Complete for one year.
What do I think about the stability of the solution?
We have not had any stability issues in our environment with Singularity Complete.
What do I think about the scalability of the solution?
Singularity Complete is scalable.
How are customer service and support?
With any support service, it depends on the person we get on the line. Some are better than others. But overall, I find the technical support team to be good, comparable to other good technical support teams I've seen from other vendors.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We implemented SentinelOne Singularity Complete to move away from a legacy EDR platform, Cylance Protect, that did not perform as well as a modern EDR solution should.
How was the initial setup?
The initial deployment was complex due to the complex environment. I would agree that deploying to a single device would be straightforward, but we have a manufacturing environment that requires bespoke applications, which makes any migration complex.
Fifteen people were required for the deployment.
What about the implementation team?
The implementation was completed in-house.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing make sense. We worked with a third party to help us with licensing, and the licensing we obtained through that process was ultimately reasonable and comparable to other products on the market.
Which other solutions did I evaluate?
We evaluated Microsoft Defender, CrowdStrike, and Cortex XDR by Palo Alto Networks.
What other advice do I have?
I would rate SentinelOne Singularity Complete ten out of ten.
We are considering the possibility of using SentinelOne to consolidate some of our security solutions, but have not moved in that direction just yet.
Singularity Complete has not yet saved our staff time because it takes more time to deploy and migrate to the point where we have time savings. I think it will in the next couple of years.
We see a lot of innovation from SentinelOne. They are acquiring many other products that are integrating with the platform we looked to adopt in the next couple of years if it works out well. New features and functionalities are also regularly released. So, in terms of innovation, that's one of the reasons we chose SentinelOne Singularity Complete in the first place.
Singularity Complete is a mature product that can sufficiently protect our assets. I would say that the core features associated with that functionality are in place and work well.
Maintenance is relatively low, but systems need regular updates, and we need to troubleshoot all of them. So, there is some work involved.
SentinelOne is a good strategic security partner. We appreciate the direction of their product roadmap and its current coverage. One area where they could improve is in having their EDR support teams reach out to us. We don't believe we have an EDR or anything similar setup, but it would be helpful if they offered quarterly or semi-annual meetings to check in, see how we're doing, and give us an opportunity to provide feedback.
People researching Singularity Complete should first understand their environment and deployment goals to ensure compatibility between their existing solutions and the new product. They should also evaluate multiple competitors before making a commitment.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Director of IT at a construction company with 51-200 employees
Saves us time and cost, and is easy to upgrade
Pros and Cons
- "The most valuable features include the agent installation and update processes."
- "The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
What is our primary use case?
We utilize SentinelOne Singularity for endpoint malware protection and to gain visibility into threats across the network.
How has it helped my organization?
SentinelOne Singularity has the potential to ingest and correlate data across our security solutions.
Ranger provides network and asset visibility.
Ranger saves us time by not having to make changes to our hardware and systems.
Ranger helps prevent vulnerable devices from being compromised.
SentinelOne Singularity assisted our organization by saving deployment time and decreasing the volume of support calls.
Singularity helps reduce the number of alerts.
Singularity has helped our staff free up around 15 minutes of their time to focus on other projects.
It has reduced our MTTD.
It has helped our organization save costs through time savings.
What is most valuable?
The most valuable features include the agent installation and update processes.
What needs improvement?
The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for seven months.
What do I think about the stability of the solution?
SentinelOne Singularity is stable. We have not experienced any crashes or downtime.
What do I think about the scalability of the solution?
SentinelOne Singularity scaled easily in terms of deployment. We haven't experienced any performance issues, whether it's installed on a higher-end machine or a low-end machine. SentinelOne Singularity has been excellent.
Which solution did I use previously and why did I switch?
We faced issues with our previous endpoint solution, Panda Adaptive Defense 360. SentinelOne Singularity seemed to be a more reliable and easier-to-manage alternative. Panda Adaptive Defense 360 caused significant downtime during deployments and updates.
How was the initial setup?
The initial setup was straightforward. The deployment required three people.
What about the implementation team?
The implementation was completed in-house.
Which other solutions did I evaluate?
We assessed McAfee, Trend Micro, and BlackBerry. We opted for SentinelOne Singularity due to its smaller footprint and more efficient software that uses fewer resources.
What other advice do I have?
I rate SentinelOne Singularity a nine out of ten.
SentinelOne Singularity is a mature product.
Maintenance is necessary only when we are periodically carrying out updates.
Having a vendor like SentinelOne is crucial for a solid security strategy, as we aim for a product that seamlessly caters to both the IT department and end users. We intend to avoid exacerbating issues more than resolving them. Therefore, I believe SentinelOne is a suitable solution for us – easy to deploy and maintain on a daily basis.
I suggest trying out SentinelOne Singularity and comparing it to more traditional security vendors. SentinelOne Singularity offers a slightly distinct approach, but it's an effective method.
Which deployment model are you using for this solution?
On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
IT Director at a construction company with 501-1,000 employees
Exceptionally proficient at alerting and identifying any anomalies or unusual behaviors on the machines
Pros and Cons
- "Having the capability to gain insights across our network, observe all our machines, and have a centralized view of what's protected and where things are is incredibly advantageous."
- "The process of uninstalling and reinstalling older agent updates needs improvement."
What is our primary use case?
We have deployed SentinelOne Singularity on each end-user machine, as well as on the majority of our servers, utilizing it as an antivirus solution. Additionally, we employ SentinelOne Vigilance for our Security Operations Center. Moreover, we extensively utilize this solution across all our machines for tasks such as inventory control, asset tracking, and software monitoring. Furthermore, we have incorporated Ranger AD to enhance security within our active directory setup.
How has it helped my organization?
We use Ranger and Ranger AD. We incorporate the data from our SentinelOne Singularity into our SIEM. Moreover, in terms of Ranger, they are both accessible through the same console. When I click, the information is readily available. It's quite straightforward. Furthermore, concerning the transmission of logs to our SIEM, I don't believe we've ever encountered any problems with the initial setup or ongoing functionality.
Ranger offers visibility into our network and assets, which is quite significant. While other tools are available, having this functionality integrated is advantageous since we have it incorporated into a couple of our tools. This covers everything from our switches onward; although there are different options available, Ranger stands out because we are already using Singularity for other purposes. Hence, having it included is beneficial. While it may not be a decisive feature, it's something we always keep enabled.
It is important that Ranger does not necessitate new agents, hardware, or network changes. The fact that it's present, and functions seamlessly, alleviates any need for concern on my part. Furthermore, it effectively identifies new elements.
SentinelOne Singularity Complete has helped improve our response time. In areas where we don't have twenty-four-seven support, VigilanceOne will take over. We use VigilanceOne through SentinelOne, and it ensures constant monitoring. This makes me feel more at ease, knowing that there's continuous surveillance. With the addition of Ranger, Ranger AD, and VigilanceOne, I believe we have gained better insight into our entire network. This combination offers us an added layer of comfort.
It has helped reduce our MTTD and MTTR.
It has helped reduce our risk overall.
What is most valuable?
SentinelOne Singularity Complete is exceptionally proficient at alerting and identifying any anomalies or unusual behaviors on the machines. While we do encounter false positives, it has successfully detected several instances of malicious activities on the machines. Having the capability to gain insights across our network, observe all our machines, and have a centralized view of what's protected and where things are is incredibly advantageous.
What needs improvement?
The process of uninstalling and reinstalling older agent updates needs improvement. I am aware that the newer versions of SentinelOne that they have been working on are more effective. One of our major frustrations arises when we attempt to remove SentinelOne Singularity Complete from a machine and it only partially uninstalls.
The initial tier of support, when we call or engage with them in conversation, assigns a representative to assist us. However, we have occasionally encountered difficulties with the initial person, either due to their lack of knowledge or failure to follow through. In such cases, we have had to seek assistance from others or navigate through basic support on our own. Despite this, it appears that everything is progressing in the right direction. This is why we chose to renew our contract with them and even expand our range of products with their company.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for three years.
What do I think about the stability of the solution?
I would rate the stability a nine out of ten.
What do I think about the scalability of the solution?
I would rate the scalability a ten out of ten.
How are customer service and support?
My feelings are moderate towards the technical support.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We had Sophos Intercept X Advanced Cloud Security initially. We had acquired all these tools through a different program. Despite having these tools, a virus managed to get through and bypass all our defenses. This is why we opted for SentinelOne Singularity Complete – we wanted to test the effectiveness of the AI-based approach compared to the traditional signature-based method.
How was the initial setup?
The initial setup was quite straightforward. During the initial phases of deployment, we had a couple of helpful individuals assisting us with the solution deployment, which resulted in a relatively smooth process.
The deployment was carried out by two administrators collaborating with one or two individuals from SentinelOne. Subsequently, we needed to initiate the installation and verify the installs. Consequently, I assembled a team of technicians for this task as well. To be specific, there were around two administrators and possibly four to six technicians dedicated to checking and ensuring the proper functionality of the setup. This was necessary due to the replacement of the old solution across twelve hundred machines within a limited timeframe.
What about the implementation team?
The implementation was completed in-house.
What's my experience with pricing, setup cost, and licensing?
I believe that the current pricing and licensing structure is fair. While it may not be a budget-friendly solution, I think it's reasonable considering what we are receiving.
Which other solutions did I evaluate?
We evaluated other solutions through online research, but we were recommended SentinelOne Singularity Complete by a company with which we were collaborating. Since the solution performed effectively during our cleanup process, we decided to continue using it.
What other advice do I have?
I would rate SentinelOne Singularity Complete a nine out of ten.
SentinelOne Singularity Complete has matured over the last two years and is a more complete product.
Moderate maintenance is required to keep up with the end users.
I do consider SentinelOne a partner. I do believe that their program is developing, but I wouldn't use them for all purposes everywhere. This is due to my mindset. Nonetheless, I do perceive that SentinelOne is increasingly becoming more of a partner.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
Splunk Enterprise Security
Microsoft Defender for Cloud
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Microsoft Defender XDR
IBM Security QRadar
Elastic Security
Symantec Endpoint Security
Trend Micro Deep Security
Buyer's Guide
Download our free SentinelOne Singularity Complete Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?