SentinelOne Singularity Complete Reviews

We have deployed SentinelOne Singularity Complete on all of our internal employee workstations. It is our endpoint solution for extended detection and response and all of the components within that scope.

We implemented SentinelOne Singularity Complete to help us address our cybersecurity challenges, mitigate threats to our machines and organization, and protect our data.

SentinelOne Singularity Complete integrates well with other third-party solutions, such as Palo Alto Networks, which we use for VPNs, and Zscaler, which we use for content filtering. The fact that it is not an invasive program is great. Therefore, staying in alignment with what SentinelOne is currently doing with the platform is something I would definitely recommend. Something to avoid when choosing an endpoint protection solution is resource consumption. People develop a bad reputation for a product when they detect it impeding their workflow. So, as long as SentinelOne can avoid this, they are on the right track.

It ingests and correlates data across all of our security solutions. It is a modern solution that I am extremely satisfied with.

SentinelOne Singularity Complete has helped us consolidate our security solutions. It is an extended detection and response solution that provides us with detection and response capabilities, as well as heuristic-based protection. It is a very modern endpoint protection solution. I think it is very competitive with other software such as Trend Micro.

SentinelOne Singularity Complete is a modern endpoint protection solution that addresses the cybersecurity needs of the organization realistically and from a compliance perspective. Since I joined the team a year ago, I have seen the benefits.

SentinelOne Singularity Complete reduces the number of alerts because it is an easy-to-manage solution without thousands of data sources. When we do receive alerts, Singularity Complete provides concise and actionable information.

SentinelOne Singularity Complete is a manageable solution that scales and does not require a dedicated person to handle it.

I am satisfied with SentinelOne Singularity Completes MTTD.

SentinelOne Singularity Complete helps reduce the MTTR because it provides actionable steps when something is detected. It also helped us reduce our organizational risk. It uses modern techniques to identify threat actors and helps us maintain compliance. As a large international company involved in governance, it is important to us that Singularity Complete reduces our organizational risk. 

SentinelOne Singularity Complete does not consume many resources compared to the competition, like McAfee. The external drive scanning is great.

I am not a fan of the UI and feel it has room for improvement.

Heuristic analysis can always be improved. Many companies need to work on this. So, I think the sooner SentinelOne, for example, can get ahead of the curve on that, the sooner we can count on it as a realistic enterprise solution.

I have been using SentinelOne Singularity Complete for over one year.

SentinelOne Singularity Complete is one of the most stable solutions we have in our stack.

SentinelOne Singularity Complete is scalable.

The few times I have used the technical support it has been a good experience.

Positive

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.

We use it for endpoint protection. It is our antivirus and EDR solution. 

We are also using it for device control, such as blocking USBs, and we also use it for network control. We are blocking port access on machines.

Singularity Complete has saved us time. I recently did the agent upgrade. I used their upgrade policy and just specified the maintenance window and things like that. The first two times I updated the agents, I used to sit there and highlight the endpoints and run agent updates, but this time, I used auto-upgrade. With auto-upgrade, it ran between 6 PM to 8 AM, and then it ran all day on the weekend, and it was up in there. In one day, it updated 1,000 endpoints. That was pretty cool. I did not have to sit there and do the manual work. I just watched the system to make sure that the endpoints got updated. That was pretty cool. It is nice to know that I do not have to sit there, and I can just create a policy and let it go. It definitely saves time.

Singularity Complete has reduced our mean time to detect (MTTD). I get an email pretty much right off the bat. When an alert pops up, I get an email from my ticketing system, so it is pretty quick. If I am on my desk. I take care of it pretty quickly. Currently, I am the main person running this, and other people back me up when I am not around. I am hoping I can get somebody else trained on this. 

Singularity Complete has helped reduce our organizational risk. It is somewhere in the middle when it comes to contributing to our security posture.

SentinelOne has been a good partner. We mostly use Mac and Windows systems, and we were able to do device control and network control out of SentinelOne rather than through MDM. We are doing it all through SentinelOne. We did not have any conflict in the apps.

In terms of interoperability, we have plugged it into our Alert Logic MDR. It flags to our MDR. For example, if a threat cannot be mitigated or it is hard to mitigate a threat, then the MDR will notify us. Some of the things related to applications could use some work, but they are in the process of fixing this. We will then be able to update and disable applications through SentinelOne.

Device control and network control are valuable. 

They updated the console, and on the incidents page, we can break down the incidents and see all attack attempts. It is pretty cool and in-depth. 

The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab.

Singularity Complete has not helped reduce alerts. In fact, it produces a lot of false positives. It does its job, but I have spent the last week fine-tuning the system and trying to suppress false positives. I am getting a hang of it.

I have been using SentinelOne Singularity Complete for about a year and a half.

Its stability is very good. Recently, one person had an issue, and I had to reinstall the agent. They had lost their Internet connectivity. We put in some strategy work, and we had to go in there and figure out which ports are open, but other than that, it has been very good.

Its scalability is pretty good. 

I have interacted with their support. They are always pretty easy to get a hold of. I never have to wait. They are helpful. They have resolved any issue that I have ever brought up with them in a timely manner. I would rate them a 10 out of 10.

Positive

It is a cloud solution. I inherited it, so I was not there when they implemented it. It was implemented about six months before I got hired. It was probably deployed in late 2021, and I started in February 2022.

It requires a little bit of maintenance in terms of fine-tuning the false positives and things like that. For example, because people use Logitech devices, I had to suppress the alerts because they kept popping up because the hash was always different. I have noticed that when a new agent comes, it can be a little aggressive in the beginning. I have to fine-tune the alerts a little bit, but that is a part of the process. I update the agents twice a year. I will try to do it more because now I know how the upgrade policy works. The only thing I am not yet good at is reviewing the Mac logs. Windows logs are easy because of the years of Windows experience and the use of Windows Event Viewer. I just got to be better with the Mac logs.

In terms of cost savings, I am starting to get into the budget, but we have not got any malware or serious incidents. There are money savings when you do not have serious incidents.

We have not had any downtime. We have not had anybody's machines compromised. It has been protecting the endpoints pretty well. It has been pretty quiet. We have not had anything that we would consider a major incident, so it is doing pretty well.

I do not know much about it. From what I understand, it is pricey, but it works. It is a very good product. 

I also used SentinelOne five years ago at another company, and I find it to be way better now. It is a much more refined product. It does not actively scan the system the way it used to. It has come a long way in terms of performance on the machines. It does not hinder the performance of developers' machines. I hear no complaints about SentinelOne blocking or grinding machines to a halt with scans when developers are doing builds and things like that. It has improved greatly. Five years ago, I used to hear complaints about SentinelOne slowing down the systems, but I have not heard that once here.

We tested the Ranger functionality a bit. We were demoing it. Ranger was pretty cool for the visibility of devices, but we did not find a use for it.

Overall, I would rate SentinelOne Singularity Complete a 9 out of 10.

SentinelOne Singularity Complete is the best antivirus available, and it also provides a vigilant service, so I don't need to keep an eye on the portal. Someone else monitors my antiviruses and all the threats out there for me.

SentinelOne Singularity Complete helped us address the missed viruses and potential ransomware attacks from a single location for our security needs.

The interoperability with other SentinelOne solutions and third-party tools is good. We have integrated it with Mimecast.

SentinelOne Singularity Complete ingested all the data from Mimecast and displayed it in a single location.

It has helped consolidate our security solutions in one place.

It has helped our organization improve its visibility by allowing us to see which users are risky, which machines are at risk, and which machines are outdated.

SentinelOne Singularity Complete has helped reduce the number of alerts. In addition, we use Vigilance to hide all alerts, so we don't see any of them.

We have freed up 30 percent of our staff time. As the only person in the IT department, I can now focus on other tasks. SentinelOne Singularity Complete is like having an extra pair of hands.

It has reduced our MTTD by up to 80 percent depending on the time of day.

SentinelOne Singularity Complete has reduced our MTTR. We have an SLA with Vigilance, and they respond quickly to alerts.

SentinelOne Singularity Complete has reduced our organizational risk by 40 percent.

The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive.

The adware and pop-up blockers have room for improvement.

I have been using SentinelOne Singularity Complete for six years.

SentinelOne Singularity Complete is stable. The portal has never been down. We occasionally have an agent fall off the network, but this is usually due to the latest version of Windows being installed on an old agent, which causes it to stop working. However, this is very rare.

As a growing company, I'm glad that the SentinelOne Singularity Complete portal will show more and more devices, but I'm not particularly concerned about that because I've paid for Vigilance service. I'm confident that we're covered no matter how many threats or issues arise.

Technical support is quick and provides great documentation to explain issues and remove agents.

Positive

I previously used McAfee and it often caused our machines to blue screen and crash. SentinelOne, on the other hand, is a stable agent. If we install the latest agent on our machines, it will not affect their performance or speed. Many other agents can have adverse effects on our machines, but SentinelOne will not.

SentinelOne Singularity Complete is a next-generation antivirus that is far more innovative than McAfee. One of its selling points is that it constantly improves and looks for new threats, while McAfee has not changed significantly in years.

The initial deployment was straightforward. SentinelOne provides easy-to-follow well-documented instructions. I completed the deployment myself within half an hour.                                   

SentinelOne Singularity Complete has protected us against infected machines, resulting in a 20 percent return on investment.

SentinelOne Singularity Complete is fairly priced. After discussing the per-user cost, we found it to be acceptable for the functionality it offers, and we are happy with the protection it provides.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is deployed across all departments and devices, and everything is in Intune. When anything is deployed to Intune, antivirus is applied first. It is mandatory on all devices. We have 270 endpoints.

No maintenance is required on our end.

SentinelOne, as a strategic security partner, meets all the requirements for being the solution to our cyber risk on devices, which is essential for us to know that we are safe.

I chose SentinelOne Singularity Complete at a previous company and sold it to the company I am with now. It is very easy to do a proof of concept and see everything that is missing from other solutions. I recommend SentinelOne Singularity Complete.

The primary use case for us is to use the lightweight SentinelOne agent on our endpoints. Our previous vendor's agent was heavier, which caused performance issues when scanning our systems. We were impressed with how lightweight the SentinelOne agent is and how few resources it consumes. We also use it for some of our infrastructure, which includes machines with limited resources. We wanted to find a solution that would not impact the performance of these machines.

SentinelOne Singularity Complete has streamlined the mitigation process and the time it takes to analyze and understand whether I have a true positive or a false positive. This has definitely saved me some time. The rollback feature is also a nice addition. Previously, our old solution would link out to services like VirusTotal, but it was difficult to follow these links to determine if an alert was a true positive or a false positive. For example, an alert might be labeled as a potentially unwanted application, which might not be as critical as a true positive. SentinelOne has made it easier to determine the severity of an alert. I have also noticed that SentinelOne has cut down on the number of false alerts. Our old solution would alert us to things like Chrome browser updates, which would download and make registry changes. With SentinelOne I have only encountered one alert that I didn't need to worry about.

We have definitely saved a lot of time. We had to spend some time setting up the environment correctly, scaling up the protections, and setting any exemptions. After that, the most I need to do is troubleshoot issues that are not related to SentinelOne, such as removing the SentinelOne agent if I need to troubleshoot another issue on an end-user device. Application updates, such as when a new installer is released, are the only other times I need to access SentinelOne, besides when I need to review an incident.

It has helped us reduce our MTTD. We are notified of threats quickly, and being able to see the threat on our dashboard has simplified the process. Once a threat is identified and I am on the screen, I can click once to view the visibility and see if the threat is anywhere else on our network. This is fantastic.

SentinelOne Singularity Complete has helped us reduce our MTTR.

Although it is difficult to quantify the direct financial savings of SentinelOne Singularity Complete, we have saved money indirectly through time saved.

Visibility is one of the most valuable features of SentinelOne Singularity Complete. It does not directly replace a dedicated SIM solution, but it works well for our environment and gives us the visibility into our systems that we need.

I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud. From the notification we can click into the incident to start reviewing, it is just a few clicks. I have all the data in a single pane, and I can pivot to other sources of information, such as VirusTotal, with a single click. I can also hunt for the incident on the network with a single click. This makes things much easier and saves me time from having to review logs.

One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves. This could be done in cloud storage or through our mobile device management platform. When they release a new package, whether it's an early release or a general release, I believe they could provide more value by hosting those packages directly. Currently, when they release a new package, I get notified, which is great. However, I then have to go to the portal, download the package, and replace the package that we have posted on our own cloud storage. This is time-consuming. If they could simply provide me with a link to the latest general release installer, that would be fantastic. Even if the link changes, I would only need to change the URL in our cloud storage. This would save me a lot of time.

I have been using SentinelOne Singularity Complete for five months.

I keep the central tab open in my browser. If I click Sign in instead of being signed in, the page refreshes, and I have to sign in again. I think this was just a session token expiring. I have not experienced any stability issues with SentinelOne Singularity Complete, such as crashing or downtime.

SentinelOne Singularity Complete is scalable to our infrastructure and endpoints. Once we figured out the deployment hurdle for Windows and Mac, we were able to push it out to all of our endpoints without any problems. I can break out devices into different sites and groups, and some of those groups can be dynamic. For example, if I'm looking for a Mac computer versus a Windows computer, I can just click on the group and see all of them there. I can also add tags for anything, such as the OS version or if the person might be a specific risk. These are non-relational attributes and values that we can set, so we can define whatever schema we want. It's fantastic.

The technical support team was quick to answer my question and their answer was precise. I didn't have to go back and forth with them or explain things multiple times. They gave me exactly what I needed.

Positive

We previously used BitDefender and Malwarebytes. SentinelOne Singularity Complete was priced similarly, and we felt that it had better support. When we had a support issue, it was answered and resolved quickly. Additionally, the visibility and ability to traverse the logs of all the other devices in our network were invaluable. This allowed us to see if a threat might be present elsewhere in our network. This is what ultimately led us to choose the complete solution over the other SKUs that they offer.

SentinelOne Singularity Complete has a lightweight agent. Additionally, some of our servers are running older operating systems. The agents from our previous vendor did not work well with these older systems. I specifically looked for a new solution that would not be a watered-down solution and would function across our legacy architectures as well as our current modern setup.

Another benefit of the Singularity Complete solution is the increased visibility it provides. We are able to collect data on endpoints that are connecting to specific IP addresses or installing specific files with similar hashes. This allows us to see how far a threat has propagated through the network or if anyone else has it installed. This is something that we could not do with our previous solution.

We use Windows and Mac computers. Deploying SentinelOne on Windows was fairly easy. We were able to do it through our remote management solution. The installation was straightforward and simple. The most difficult part of the process was that the device had to reboot in order for SentinelOne to connect to the visibility service and bring everything online.

Deploying SentinelOne on Mac was a bit different. This is primarily due to the way the macOS operating system works. We need to grant specific privacy permissions to applications in order for them to have full disk access or screen recording capabilities. We found that if we installed SentinelOne on the user profile of a Mac computer, the user's administrator could remove it. This is not ideal, so we had to go back to the drawing board and deploy SentinelOne through our MDM solution.

The biggest headache was that, in order to deploy SentinelOne through MDM so that users did not have to grant privileges to the application, we needed to create a Privacy Preferences Policy Control profile with the specific permissions granted for the SentinelOne bundle ID. We then pushed this profile out to all users. Once we did this, the installation was seamless.

A few colleagues and I completed the implementation in-house.

We have seen a return on investment in the form of time savings. We used to spend more time on incidents, but now we can quickly triage them and move on to other things. This has freed up our time so that we can focus on more important tasks.

We did receive a competitive price for SentinelOne Singularity Complete. However, I believe the retail pricing, or MSRP, is a bit high. I hope we can get the same competitive pricing through our reseller when it comes time to renew. I still believe there are benefits to the solution, even if we had to pay the list price. However, I think they could be more competitive with their upfront pricing.

I would rate SentinelOne Singularity Complete eight out of ten. The room for improvement is to add some additional features, such as Ranger, which they sell separately. I see a lot of value in Ranger, and I wish it was included with the complete purchase.

We do not have any direct plugins for SentinelOne Singularity Complete, such as Ranger. Ranger is an add-on that I believe can be purchased through SentinelOne to expand our visibility. We do not have that, and I wish it was included because there are quite a few nice features that I would hope to see eventually included or trickled down to the complete solution. I feel like those are just a few other cherries on top that would really put this package over the top. One of the struggles I have in a Mac environment is creating a custom application creating the Privacy Preferences Policy Control profile and setting everything correctly so that users do not need to interact with the application when it is pushed to them. SentinelOne has clear documentation and works with a few MDM vendors that have documentation already published. So when we were running a POC for a few of these vendors, it was very easy to get that set up, which is not something I can say for other applications.

SentinelOne Singularity Complete is an intuitive product. I found the getting started guide and active preparation checklist to be very helpful. The checklist is well-documented and comprehensive, and it covers everything from the initial purchase to GoLive. The support team was also able to answer any questions I had about navigating the application. The interface is mature and user-friendly. I have not encountered any major issues so far. Overall, I am very happy with SentinelOne Singularity Complete.

SentinelOne Singularity Complete is definitely valuable as a strategic security partner. SentinelOne Singularity Complete was our top choice, and we are happy with it. I would definitely recommend it to my colleagues if they were looking for a solution for their company.

Maintenance is only required when the vendor releases a new general access version of the installer. I need to download the new version, upload it to our servers, and make sure it deploys successfully to our machines. This is the extent of my maintenance responsibilities. I do not need to directly interact with the application itself.

I would recommend that people evaluating SentinelOne Singularity Complete try it out to see if it is right for their environment. SentinelOne offers a trial that can be set up for their environment. When an organization purchases the product, they will flip a switch and there is no need to set anything else up. This was beneficial for us because we did not have to waste time setting up and deploying the product to a few devices in our environment only to have to do it again after we purchased it. I would also recommend engaging with the resources that SentinelOne provides to get a good understanding of the product. We can tweak the settings and see how it responds to different threats. If organizations have any specific needs, they can talk to an engineer during the trial. This was helpful for us because the engineer was able to make changes to the settings to meet our needs. Overall, I would recommend taking a look at SentinelOne Singularity Complete. I was initially overwhelmed by the different SKU offerings, but I was able to work with sales to find the best package for our needs. The SentinelOne team has been very helpful.

We have the Core version for almost all our endpoints. We will be installing it completely for the US, who wants more products, and India, because we have experienced that India is more exposed to threats.  

We are currently updating our agents from 4.0.5 to 4.2.

Every day, we check threats that come from outside.

The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use. 

Regarding threats, it is very powerful. It highlights them immediately on the console, then you can decide if it's a false positive or an actually real threat. 

SentinelOne's distributed intelligence at the endpoint is very powerful and works well.

I would like to improve the reports because they are not so customizable and we would like more info from them.

I cannot download all the hosts that we have on our tenant, because there is limit of 10,000. I have asked our provider to work with SentinelOne to fix this. For example, my complaint is that if I want to download an Excel file or CSV, I have a limit of 10,000 rows. However, in our tenant environment, we can download more than 16,000 rows. 

We started deploying it in 2018.

It has been a stable product.

The process is completely automatic when an endpoint connects to the console. At that point, the agent will be updated. However, when we install a new machine, we have to install it manually, even the agent.

We have never had an issue with scalability.

We have 15,447 endpoints in total with the Core version. 99.99 percent of the endpoint usage is Windows. We also use it with a few Macs and Linux. It is really powerful from this point of view.

Our SOC has logged some tickets with the technical support. They have never complained about SentinelOne's support.

Previously, we had the McAfee, which was complicated to managed. 

We heard about this SentinelOne and its new antivirus, so we contacted our consultant who organized a PoC. After the PoC, we decided to migrate the solution.

I have been satisfied with the new antivirus.

For deploying, it takes a long time. Our process was first to install SentinelOne with McAfee, having two antiviruses in the same host. Then, we started to uninstall McAfee. That process took about six to nine months because we had a lot of endpoints to deploy.

The antivirus migration was normal. The only thing that was tricky was the removal of the McAfee tool because sometimes it worked incorrectly and didn't uninstall the antivirus.

The installation was done by our SOC and me. Our SOC is comprised of five to six people. The SOC personnel are the same people who currently maintain the solution.

I think the solution has reduced our incident response time and mean time to repair.

SentinelOne is easier to use than McAfee was. With the SentinelOne console, you have everything you need, like the dashboard and configuration, which makes it easier to manage than McAfee. However, I have more experience with McAfee.

We have a SOC managing our environment. They are very happy with features that SentinelOne provides.

We will be upgrading to complete version next year, including Deep Visibility. This includes 2,000 endpoints for the USA and India. However, we currently haven't enabled this feature.

We have never needed the solution’s one-click, automatic remediation and rollback for restoring an endpoint, but the feature is very powerful.

Biggest lesson learnt from using SentinelOne: Never trust anyone.

I would rate this solution as a 10 out of 10.

We use Singularity Complete for end-to-end endpoint security protection, including EDR integrated with other platforms for XDR. The ransomware rollback feature of Singularity is a key reason for its use. 

It is primarily for integration with SIM to have a single pane of view, integration with web security for sharing insights, and automation of remediation tasks. Additionally, network discovery from the Singularity platform is used to identify rogue devices quickly.

Visibility is greatly improved with Singularity Complete as it allows visibility into endpoint devices and the processes running on them. 

The most valuable feature is the ransomware recovery and rollback feature. The platform's ability to easily integrate with various other platforms is also highly valuable.

It also enables integration with other technologies, saving costs associated with having point solutions. The integrated system allows for significant automation, reducing the time and effort needed for management.

The mean time to response has reduced from hours to minutes due to integrated automation systems.

Improvement is needed in terms of product support. The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not.

I've been working with Singularity Complete for three years.

Singularity is a very mature product that supports most assets available in any enterprise environment. It runs seamlessly without challenges.

Singularity Complete is suitable for large and mid-scale enterprises.

Technical support could be better. I would rate it around six on a scale of one to ten.

Neutral

CrowdStrike is a competitor. Singularity is better because it supports the ransomware rollback feature.

The setup process is simple and user-friendly.

Initially, anyone can deploy out of the box. When tuning aligned with the environment is required, assistance from a system integrator is recommended.

Integration helps save costs by reducing the need for point solutions.

Pricing is not pocket-friendly. It can be difficult for small-scale companies.

SentinelOne's main competitor in the market is CrowdStrike. However, Singularity Complete is preferred thanks to its ransomware rollback feature.

We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.

I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.

I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.

Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.

Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.

SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.

I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.

The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.

Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.

I have been using this solution for between two and three years.

Its stability is excellent.

Its scalability is excellent.

I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.

Positive

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others. 

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start. 

There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.

We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.

Overall, I would rate Singularity Complete a nine out of ten.

We are an MSSP.

First of all, it helps us with a better response to the end users. Customers are depending on us to make sure we are making the right call, and then we are leaning on SentinelOne to make sure they are giving us the right call by giving us the right tools.

Singularity Complete has absolutely helped free up our staff for other projects and tasks. The amount of time that we are spending doing work that does not keep us on target is just a waste of time. The more it reduces that noise, the better it is for us and our customers. We have been using it long enough, so it is hard to tell how much time it has saved, but we feel that we have a better solution than most of the competitors that we are dealing with.

Singularity Complete has helped reduce alerts over time. We do not have a lot of the frustrations that some of our competitors do, which is our advantage. We have been using it for so long, so we do not have much to compare it to in terms of alert reduction. We are also partners with a competitor. We had to do that for a contract, and we get a lot of false positive noise coming out of that one.

Singularity Complete has helped reduce our organizational risk, but because we have been with it for so long, it is hard to compare it to others.

Singularity Complete helps us save on costs. We continue to get more volume, reduce our costs, and reduce our waste of time, but it is hard to compare the cost savings because we have been using it for so long. We have smooth operations, and we are just keeping it going. We are enjoying all the added features.

SentinelOne is our main strategic partner when it comes to the protection of our customer's data. We have not had a bad incident, and with the reputation that SentinelOne has in the vertical we deal with, it is the gold standard. We start with that, and then we are viewed as more of a serious partner than some of the lesser products that are out there.

In terms of Singularity Complete’s interoperability with other SentinelOne solutions and other third-party tools, we are an MSSP, so we have to deal with a lot of other tools. The integrations are huge for us. It sounds nice to say this is the only solution and you have to use x tools, but it does not work in the real world, so you have to have those integrations.

The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise. There is just so much noise. It brings us the information we need to look at quickly.

The improvement could be in terms of reducing more noise and continuing to cut that down. AI seems to be the big thing with Purple. We are excited to get our hands on that.

I have been using Singularity Complete since its inception. It was probably 2016.

Its stability is fantastic. We have no problems.

We have not hit the top end. We are probably running 10,000 agents and have not seen any degradation in the portal.

Their support is very good. We have not had anything come up against that, and our staff has learned to depend on SentinelOne, which, as management, is a little uneasy because we are operating without a net besides SentinelOne in some cases. What we are paying for it is worth it. There is this peace of mind. I would rate their support a ten out of ten.

Positive

Years ago, we were probably running four to five solutions, but then we kept comparing it with them. We were like, "This is the noise we are getting from X. Let us load SentinelOne." The noise reduced with SentinelOne. That proof of concept worked for us.

We currently have an agreement with a competitor where we have to pick up the remaining part of their contract. That is not a place where we are going to increase our expenditure, but we are waiting for that contract to come to an end. The customer knows SentinelOne, but they are tied into another solution till the end or mid of 2024. We are just waiting for that. What makes SentinelOne Singularity Complete different from others for us is the peace of mind. We know we are covered, and we feel that we are covered. Anytime we have had an incident or event, they have always been there for us. They have responded quickly, and we have not had any flashbacks or second attempts at it. Usually, we could stop it the first time, and that has worked for us in all the years we have been with SentinelOne.

It is easier now than it was back then. We deploy it every month on somebody new. We have enjoyed that. 

Just yesterday, we had a customer convert from a separate partner to us, and that migration from company to company within SentinelOne was flawless. It was just us doing the migration. We have been there for so long, so we just bring it straight across. The process is very straightforward and easy. This partner of SentinelOne was going to uninstall the agents, and I paused them and asked them to just transfer. They had never gone through that before. We took that over and moved all the agents over without any loss of coverage to the actual customer.

For deployments, we have a staff of 40, but onboarding is a no-brainer.

We have seen an ROI. It is a very profitable investment for us. SentinelOne is very valuable, and with our price being lower than the expectations gives us a great margin.

We have not been beaten in the market by pricing, so we have been feeling good about that. The discussions we have had over the years keep us at a very low price per unit. It can always get better, but we also know there is a cost to the backend.

To someone who is researching Singularity Complete, I would say that you can read all the information, but the proof is in the actual work and the history that it has so far. We have got no complaints about the quality and maturity of this solution. 

Make sure you are comparing it to whatever you have because that gives you comparative data. If you walk in, sometimes, you do not know you are getting the best of breed right there.

It is a ten out of ten for me, and it gives me peace of mind.