SentinelOne Singularity Identity Reviews

I use the solution in my company as an EDR product. In our company, we use it to protect our endpoints. The tool is pretty famous.

In terms of the most effective feature of the product when it comes to threat detection, I can say that it need not be connected to the management server as the agents work independently. The rollback feature offered by the product is good.

In the future releases of the product, it would be great if the solution allows the use of STAR Rules Engine during on-premises installations. Being able to use STAR custom rules would be wonderful. STAR Rules Engine is a feature that cannot be used during the tool's on-premises installations.

Agent connectivity can be improved, as it is one aspect of the product with certain shortcomings.

I have experience with SentinelOne Singularity Identity.

Stability-wise, I rate the solution an eight out of ten.

It is a scalable solution. Scalability-wise, I rate the solution a ten out of ten.

When it comes to SentinelOne Singularity Identity, I have designed it for multiple clients of our company. My company has clients with a range between 500 and 16,000 endpoints.

The solution's technical support is knowledgeable.

The product's initial setup phase is straightforward.

I am an architect, so I don't deploy any tools. I only design solutions.

The solution is deployed on an on-premises model.

There is a need to make yearly payments towards the licensing charges associated with the product. Whether the product is expensive or not is something that depends on what we need from it. SentinelOne offers multiple options. I think the prices associated with the product are okay and it is not too expensive.

Compared to the other solutions in the market, I can say that SentinelOne Singularity Identity does not work only based on signatures, and it works on API patterns and how a file or link behaves, it tends to catch zero-day attacks, the most advanced malware and ransomware attacks. The product has got less false positives, making it one of the better solutions.

I am an architect and not an administrator. I won't be able to provide details on how SentinelOne Singularity Identity's behavior-based detection impacted our company's response to an incident.

To those who plan to use the product, I would say that it is a straightforward and easy to use solution. Users of the product need to ensure that they maintain the connectivity with the agent.

The artificial intelligence feature in the product enhances the security capabilities very much because it provides alerts. The good part of the product is that our company gets treated as a part of its extended knowledge base, and so we get to know about the attacks that are happening elsewhere in the world.

Considering the agent connectivity keeps going offline, I rate the tool a nine out of ten.

We use SentinelOne Singularity Identity to end AD credential misuse when working from home. We wanted to make sure that our environment was secure and place any defection-based endpoints on lockdown. The solution ensured that we were able to detect AD attacks and steer attackers away. We also wanted to make sure we were hiding our local data.

We're a lot more secure with SentinelOne Singularity Identity. We're more confident that we're going to be on top of any threats, and we'll get alerted right away. Anytime a password expires, my coworker sets up a report. We're really on top of all our user AD accounts.

I was recently able to customize the UI, including the filters, based on my use case. Having high visibility into all of our network concerns and a customizable UI are the most valuable features. The solution only requires one reboot to finish the installation. The solution's real-time protection is also really beneficial for us.

The last time I called to receive support, it wasn't as fast as I wanted. The resolution turnaround from SentinelOne Singularity Identity's support should be improved.

I have been working with SentinelOne Singularity Identity since February 2022.

I found SentinelOne Singularity Identity a lot more friendly in terms of performance. The solution shows no lagging, and it works very well.

SentinelOne Singularity Identity has the ability to work with different operating systems devices.

I rate SentinelOne Singularity Identity's scalability an eight out of ten.

We raised a support case with the solution's technical support team. We called the support team and tried to get help to run a report to see which devices were actually utilizing SentinelOne. We also had another report question about how we could take a look at AD accounts with expired passwords.

The support agent on the other line didn't seem very familiar with the product, and that was pretty much it. When they told us they would get back to us with more information, it took a while. They got back to us three weeks later when we had already figured it out on our own.

Neutral

The solution's initial setup was very straightforward.

I was involved in the solution's deployment in our organization. The rest of our tier two team and I worked with the trainers, implementation coordinators, and agents at SentinelOne. They walked us through the setup, which took around three to four weeks. Since we deployed on the cloud, we didn't need to set up VMs for any SentinelOne servers. We just provided access to our AD and the information they needed, like our server names. We set them up with accounts with which they could get into our AD servers, and that was it.

We have seen a return on investment with SentinelOne Singularity Identity. The comfort level, the reports we get, and our confidence in the security of our AD accounts are definitely worth the investment in the solution.

The solution barely met the budget for this project. SentinelOne could find ways to help healthcare institutes by lowering the solution's cost for hospital implementations. The pricing is a bit high.

We didn't use a different solution before SentinelOne Singularity Identity, we just had an AD. One of the reasons why we chose to go with Singularity Identity is that we moved over our Outlook Mailbox 365 accounts to the cloud. Previously, we had on-site exchange servers with the mailboxes, and we moved all those mailboxes to the cloud.

Since they're all linked with the AD credentials, we needed something a lot more secure. We moved 800 mailboxes to the cloud, and Singularity Identity helped us with that transition. We never had a product like Singularity Identity just to monitor AD.

I would tell users to book a demo first. Then, if they do decide to implement SentinelOne Singularity Identity, they should work with support or even their vendor support for the network firewall.

We had to set up a lot of exclusions on our firewall and even Windows firewalls on our AD server to ensure we weren't blocking any network traffic when a rule was added or deleted. My advice to users would be to ensure they are careful with the network firewalls when deciding to move forward with implementation.

Singularity's console provides a unified view, which works very well. We're able to monitor all of the different areas in our infrastructure. We even have the ability to run reports where we're in touch with support and our trainers from SentinelOne. They ensure that we know how to use the product and show us how to make our infrastructure more visible.

This unified view is very important for our organization. We widened the net for compromised devices to include managed and unmanaged devices. Even if our server runs a different OS, we can get a lot of actionable information related to that asset. If I have a couple of MacBooks, it doesn't really matter what the OS is. I can store that information in Sentinel. The solution really allows us to have more functionality with an active directory.

SentinelOne Singularity Identity is doing a good job of protecting identities from exploitation. Identity-based threats are one of the biggest weaknesses of malicious attacks. We get a lot of spam emails, and at the end of the day, they're just trying to get AD credentials.

SentinelOne Singularity Identity really helps improve our identity security posture. We're able to provide the team and even the managers and IT director here with real-time alerting and deception capabilities. We really trust SentinelOne Singularity Identity.

We're really happy with Singularity Identity's ability to provide visibility into our attack surface risk. The amount of information the solution allows us to get and the real-time alerts are really helpful.

Singularity Identity helped reduce our mean time to detect identity-based attacks. We have reduced the time we take to jump into servers and then run reports on our own because we've got the dashboard on a monitor in our office. We have real-time alerts right on the monitor. Anytime we see a red alert, we're on top of it. It makes monitoring a lot easier.

I would tell someone researching SentinelOne Singularity Identity that they need to do a demo with SentinelOne. There, they will be able to see the solution's pros and cons. They can see for themselves how it's a much more effective tool than Windows Defender.

If they book a demo, they will be convinced to get hold of a SentinelOne agent to look at some cost agreements and implementation. The bottom line is that SentinelOne Singularity Identity is the best anti-malware. It is a lot better than Microsoft Defender, and they would be convinced after a demo.

Overall, I rate SentinelOne Singularity Identity an eight out of ten.

We were using the solution more as an endpoint security. It protects against cyber threats and offers improved protection against particular cyber threats. It has SIM capabilities and XDR. We use the security based-incident management and the capabilities of XDR in terms of threat hunting and threat intelligence.

The XDR capabilities are very good. 

If you get attacks and need to cross-correlate across attacks, it's very helpful.

It offers quality threat intelligence. You can look into it very fast. 

If a threat has happened many times, we can automate remediation for that specific threat.

When it comes to security operations, we can show a complete integrated dashboard that shows risk, score, value, and threat status.

It provides us with a unified view. The cross-sectional correlation is good. That's technically what it is. It shows when attacks are happening or when attacks are happening. We can do comparisons and find resolutions or figure out a time to resolution. You can centralize it or use it from an endpoint. 

Managing the environment is okay. You can't manage it with one singularity console. It doesn't have observability capability or event correlation. As part of a bigger solution, it does its job. However, you need to use multiple solutions for a holistic approach. It will improve the visibility of threats, however, to eliminate blind spots and help you understand threats better.

The threat detection, investigation, response, and hunting are good. It helps provide visibility across the stack. 

Whenever a threat is detected, it can quickly find a resolution with respect to MTTR. It looks into the entire history of the logs and coordinates with the source system. There will be a resolution to resolve the root cause. Then, you can automate it, so that, in the future, if there are any similar attacks, the solution will get triggered. This helps with our overall mean time to resolve. When you have an SLA< you'll need to have a resolution within the SLA. It helps us to ensure there's a workaround so we can get a resolution within 30 minutes. You can achieve 99% of issues if it's already a part of the attack vectors. 

The root cause of automation could be better. If you have a complex ecosystem, you need an automated threat response mechanism. We'd like an automated correlation of threats.

The SOC efficiency could be better. It would help improve the MTTR.

I've been using the solution for the last three or four years.

They still need to work on a fully integrated solution, which they are planning to build over time. 

The solution has been scalable for me. However, it depends on how it is interacting with security-based orchestration. If an organization keeps expanding, there needs to be scalability between vendors in the case of third-party integration. 

Technical support knows the product and its functionality. The problem is during practical scenarios when the product is integrated with third-party products. It's very easy for Microsoft to say it's not their particular problem or that they can't pinpoint the problem due to the third party.

Neutral

There are a lot of good solutions, such as Elastic, which is open-source. With the same agent, you'd get search, security, et cetera, so you won't need multiple licenses. 

Sumo is another good tool that's good for both SMBs and enterprises. It has correlation and search capabilities. The events are correlated, and alerts are separated and that's given to you out of the box.

There are Microsoft solutions that don't have as many tools out of the box. 

Doing a business case analysis, retooling is required for an end-to-end scenario if you use Microsoft. 

I validated the design and configuration. I wasn't hands-on with the implementation. 

If it is a Microsoft shop, it's a straightforward setup.

Integrations make the setup more complex. If the customer has a hybrid scenario, you need to have certain configurations. When you get into SOAR, you may run into issues. Out-of-box integrations will not be clear. 

When you write workflows, these workflows have a breakage, or you have siloed data streams. You don't have a mechanism for monitoring these. There has to be a mechanism for monitoring, otherwise, you won't know something is not working until it has broken down. Microsoft does not offer something like this out of the box. 

We have various people qualified to handle implementations. We have our own integrators. 

It's hard to break down the ROI on an individual product with fewer capabilities. 

If a company is a Microsoft shop, it makes sense to stick with Microsoft tools. It doesn't have mature SIEM capabilities or root cause analysis. It does not have a seamless integrated log management solution within various environments. Large enterprises might have Linux and Unix-based solutions. Then it makes sense to look for solutions that offer more end-to-end security options. Microsoft may look like a cheaper solution; however, when you break it down, it won't be less expensive. You'll need more tools. 

Windows Defender comes by default with Windows. When you are using Sentinel One on top, it depends on the firewall solution you are using in between. From an endpoint perspective, if these are going to your endpoints, you may have a choice of having separate antivirus solutions, and Defender may be disabled. Singularity still works as it's a centralized solution. 

I'd rate the solution six out of ten. 

I primarily use the solution for endpoints. I can monitor if any situations develop.

It's really more of an assurance. We don't need it to solve any issues. We can look at various threats or agents and items of that nature. It helps increase our security posture. 

The product saves us a lot of time so that we can focus on other things.

It gives us a lot of flexibility in terms of agent usage for EDR. I can decommission agents and put them somewhere else. It also gives us deep visibility. 

The incident and threat logs are great. I might have to restart an agent. I might have to decommission an agent. To be able to do that very quickly saves me a lot of time. The product gives me a lot of deep visibility.

The solution provides a good unified view. I do know exactly where I need to go. The layout is good. 

It's extremely easy to handle the management console. I can see what is up and cross-correlate easily.

The product's ability to protect identities from exploitation is good. It does a fair job. I'm not saying it's the best, however, it does a fair job. Vulnerabilities are detected every day.

We do get visibility into our attack surface risk. It is decent. There are other solutions out there that do a little better job. However, it's okay.

Its ability to detect and prevent threats is pretty good. Sometimes we do get a lot of false positives. We'll have to go through it and see things on a deeper level. It's fairly good.

The product has helped reduce our mean time to detect. It has definitely saved us a good couple of hours for a week for sure.

Dealing with customer support, if we do have an issue can take time. In one case, a couple of agents weren't working and we didn't know why. We needed more response customer service. 

Sometimes I get kicked out of the console. I don't know why.

Other than that, the solution is good and there are no missing features. 

I've used the solution for one year and eight months.

The stability is very good.

The solution has good scalability.

Given how fast our industry works, if we could get a response within 24 hours, that would be great. Often, support will refer us to an article. That's great, yet not helpful. We've had situations where we submitted three or four tickets and had to get someone on the phone. We had to go through three levels and in the meantime, we still had the issue with some of our agents. They need to offer a quicker response.

Neutral

I was not involved in deployment.

The solution saves us time and money and therefore we have witnessed a positive ROI.

The pricing is a bit higher than what we expected. However, we were recommended this solution.

We did evaluate other options. 

I'm an end-user.

Windows Defender is great, however, if a company is looking for deeper visibility, this is a good solution. 

I'd rate the solution seven out of ten. 

The product will be different for everybody. People need to go in with their eyes wide open.

We use SentinelOne Singularity Identity for the security of our whole network environment. We use the solution to protect the identity of our company. Before using SentinelOne, we had an incident where we were compromised. We went with SentinelOne to overcome such compromise issues and the safety of our environment because it had some good reviews.

We have not been compromised because of the solution. We have not faced any issues of hacking or malicious incidents. With SentinelOne Singularity Identity, malicious files get directly detected, and the system gets quarantined. The solution keeps our work very smooth. We're not having trouble with it or because of it at all. On the contrary, the solution makes our work easier.

SentinelOne Singularity Identity is very lightweight as an agent or software. It's very lightweight and doesn't consume resources from any computer. It's not a burden on a system, which makes it a very good agent or product to use. It's an efficient solution.

The solution's support is available 24/7. I'm in touch with the solution's support team since we recently got their mobile application protection. SentinelOne's support, APIs, marketplace, and response time are amazing so far.

A query raised with the solution's support team takes a day or two to get resolved. The solution's query resolution time could be reduced further, and a faster resolution could be provided.

We've been using SentinelOne Singularity Identity for one year and two months.

So far, we haven't faced any bugs or stability issues with SentinelOne Singularity Identity. We've been really happy with the solution.

SentinelOne Singularity Identity is a scalable solution.

Before SentinelOne Singularity Identity, we were using CrowdStrike. We switched to SentinelOne Singularity Identity because of functionalities since we were compromised while using CrowdStrike.

SentinelOne Singularity Identity's implementation was simple.

The deployment was done with the assistance of SentinelOne's professional team, and it was not complex. The solution's deployment was done within a few hours, and only I was involved from our company in the deployment process.

It's only been a year since we started using SentinelOne Singularity Identity. Considering the services and peace of mind we are getting against the amount we paid for the solution, the return on investment has been good.

SentinelOne Singularity Identity's pricing is cheaper than CrowdStrike and is really good.

SentinelOne Singularity Identity console provides a unified view. It makes your work faster and easier to get an overview of your whole organization. It helps us to see where the problems are, what needs to be fixed, or if everything's fine. It does help us save time.

It's very easy to manage our environment using the Singularity console.

SentinelOne Singularity Identity’s ability to protect identities from exploitation is very good. We had a few incidents where it blocked even ransomware attacks for us. It did a really great job of protecting us and keeping us safe.

SentinelOne Singularity Identity provides deep visibility into our attack surface risk.

SentinelOne Singularity Identity's ability to detect and prevent threats is really good. It blocks and notifies the IT team if it finds anything malicious or suspicious running in the processes. Then, we can assess whether it's malicious or not. If we analyze something as a false alarm, the solution keeps that thing in mind and does not bother us again for the same issues in the future.

Singularity Identity has helped reduce more than 50% of our mean time to detect identity-based attacks. It gives deep visibility on where and how something initiates so we can directly go to the root cause instead of finding out how or where it started. So, it does give us a boost in our time.

I have not used Windows Defender, so I cannot comment much on it. SentinelOne Singularity Identity has been much easier to use, understand, and contact support than the other third-party protection software we used. I would recommend others to try it at least for a week or a month to see the difference. They can observe how its AI learns, behaves, improves your work environment, protects it, and keeps it safe.

Based on my experience, I have been really enjoying this solution. I recommend that people try SentinelOne Singularity Identity for at least a week and then compare and evaluate it with other competitors. There will definitely be a huge change in their perspective.

Overall, I rate SentinelOne Singularity Identity ten out of ten.