I mainly focus on endpoint security. Customers often ask me about solutions to detect malware threats, and SentinelOne is one of the options I recommend. The main focus is detecting malware threats on endpoints.
The solution is agent-based, so it's on service, and it's a cloud solution. We are using its API capabilities for our server for protecting us from cyber security threats and attacks.
Our company is a platinum partner and uses the solution to provide endpoint protection for customers. A few new customers require the on-premises solution but others use the cloud technology.
Learn what your peers think about SentinelOne Singularity Complete. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Engineer II, Enterprise Client Support at a media company with 10,001+ employees
Real User
2020-01-07T15:40:00Z
Jan 7, 2020
We use SentinelOne to secure our entire environment, including all user endpoints and servers. We are also currently testing the Deep Visibility addon. We were using a definition-based AV prior to SentinelOne, and we were getting daily/weekly infections of a variety of malware. We are a mix of PC, Mac, and Linux. We have on-premises machines and servers, as well as cloud VMs that we were wanting to protect. We wanted to purchase a Next Generation AV client that would be algorithm-based instead of definition file-based.
Security Head at a financial services firm with 11-50 employees
Real User
2022-08-01T13:40:51Z
Aug 1, 2022
We use the solution for anti-malware, policy enforcement, and blocking USBs, for example. It's used for detection in general, and for protection and threat blocking.
IT Project Manager at Rajiv Gandhi Cancer Institute In India
Real User
Top 10
2022-07-14T06:50:22Z
Jul 14, 2022
The most important feature is the roll-back feature because when any system is corrupted, we can easily restore it within a few seconds. Also, if an end-user is not connected to your network, they can communicate with the central manager. We can be notified of any end-user activity with a central dashboard. The solution is also a very lightweight agent model compared to other solutions like Sophos, Carbon Black and the app action from X-microsite product. SentinelOne does not use the RAM SCP installation for the agent, and the user interface is also straightforward.
Cyber Security Services Operations Manager at a aerospace/defense firm with 201-500 employees
Real User
2022-07-11T15:37:00Z
Jul 11, 2022
We're a partner of SentinelOne, but we're also a partner of many other companies. We're not a vendor per se. We sell SOC as a service, and as a part of that service, we provide protection solutions. My area is around antivirus. So, we are not a reseller in that sense. I am using its latest version. It can be deployed on-prem as well as on the cloud. I have customers with a requirement for both. SentinelOne provides their own cloud because that's where they do their artificial intelligence (AI).
Head of Information Technology at a healthcare company with 201-500 employees
Real User
2022-07-10T04:47:51Z
Jul 10, 2022
We primarily use the solution for security. It’s for endpoint and response detection. It is primarily protecting all my servers now, and most of the end users are connected to SharePoint OneDrive and emails, which are already taken care of from Microsoft through endpoint security. I don't have to really worry too much from the end-user point of view. Still, in case if they ever happen to click on any of the phishing emails or malicious files, it will block their computer immediately without even coming through the server level.
Product Manager at a comms service provider with 51-200 employees
Real User
Top 10
2022-06-02T07:59:00Z
Jun 2, 2022
In comparison to CrowdStrike, they use a lot of ICANN fees in the UI. But this isn't a problem for me because I am already familiar with CrowdStrike's interface and navigation panel. I still don't use the hamburger mini version of CrowdStrike because I am used to the old panels. The rollback issue isn't marketed by CrowdStrike. I'm certain of it. We can, however, do it indirectly. If you want to do rollback in craft with RTR over Windows shadow copies, there is a workaround. This is an argument I occasionally use against SentinelOne. If you use rollback, your system has already been infected. CrowdStrike claims, that they don't do this, they are not a backup solution, and they don't allow any ransomware to work in their systems. By the way, rollback is a plus in the eyes of customers. If CrowdStrike can do it with a single click, it will be a great turn of events.
Sentinel One protects our endpoints from malware, viruses, trojans, and other cyber attacks. We outsource the management of Sentinel One to another organization. They monitor for infections at any endpoint on the console and work to determine if it's a false positive or an actual attack. Most of the time, Sentinel One can automatically identify an attack, and it quarantines the process to block the attack. If Sentinel One can't make that determination on its own, the third-party team will further investigate the suspicious traffic.
Chief Information Security Officer at Lone Star National Bank
Real User
2022-05-05T14:48:50Z
May 5, 2022
It is an endpoint solution. It is for our workstations and other devices to alert us to any kind of malware threats that might be lurking. In terms of deployment, it is through a managed service.
Everyone who is a client of ours gets SentinelOne by default. It provides ransomware protection, malware protection, and increased security. Those are our top-three selling points for SentinelOne when we talk to clients.
Deputy Chief Information Officer at a computer retailer with 201-500 employees
Real User
2021-10-22T04:24:00Z
Oct 22, 2021
We are a solution provider and this is one of the products that we implement for our clients. Sentinel One is being deployed as a replacement for any antivirus solution. In our case, we use it to primarily prevent ransomware and other malware from entering networks or computers, as they're deployed across the entire world now, in this new post-COVID environment. We no longer have the luxury of the corporate firewall protecting everyone equally. This means that having SentinelOne on each box is providing a solution where we stop the badness before it can spread. This is a cloud-based platform that we use in every capacity you can imagine. We use it on cloud components in both Azure and Amazon.
The product is used to provide cybersecurity protection to SMBs predominantly in the financial, manufacturing, and retail industry as well as private individuals. SentinelOne is key in achieving compliance with the General Data Protection Regulation (GDPR) in the European Union and the Protection of Personal Information (POPI) Act in South Africa. Resolving ransomware encrypted servers or personal computers is costly to the customer, both in repair costs and loss of business due to downtime. In addition, the customer may suffer reputational damage if any of its customer data is compromised.
Senior Information Security Engineer at a retailer with 5,001-10,000 employees
Real User
2021-04-13T13:19:00Z
Apr 13, 2021
There are four use cases: * Endpoint visibility. * Endpoint protection, which includes detection, protection, and error response. We use this for protection endpoints as well. * Provides historical loss of any events or changes in files that may have happened in the last 90 days. * Threat hunting, which we use to troubleshoot applications. There are different versions. The SaaS portal has a different version. The agents for each operating system have a different version. For the SaaS platform, we are on the current release. For the agents, we are one behind the current GA release.
Network & Cyber Security Manager at a energy/utilities company with 51-200 employees
Real User
2021-02-10T02:06:00Z
Feb 10, 2021
We have the solution deployed on-premises and, for the last year, on the cloud as well. We have two systems. Over the last year of Corona, we provided a lot of laptops to our workers to work at home. But because they're not connected, at first, to our network, they can't connect to the SentinelOne instance on-premises. We wanted something that would protect them when they're on the internet, and not only after they connected to our network. That is why we got the system that is in the cloud, to protect all the company laptops. We don't have a lot of incidents because ours is a very closed network. We don't connect directly to the internet. So SentinelOne is only a barrier between us and the emails or between us and the files that go into our network.
Head of IT at a transportation company with 501-1,000 employees
Real User
2020-12-31T07:26:00Z
Dec 31, 2020
Our primary uses are endpoint protection and application inventory. The management is done through the SentinelOne web interface. We work strictly in a Windows environment, using it for both workstations and servers.
Offensive Security Certified Professional at Schuler Group
Real User
2020-12-01T05:04:00Z
Dec 1, 2020
We are mainly using it to replace a product we used before for antivirus. My specific use case for SentinelOne is threat hunting. I'm a security professional in our organization, doing offensive security. I do pen tests and analysis, and I'm hunting for intruders in our network. That's the context in which I'm using SentinelOne.
Enterprise Security Architect at a recruiting/HR firm with 10,001+ employees
Real User
2020-11-01T09:42:00Z
Nov 1, 2020
We use it for endpoint protection. It's an active EDR endpoint protection tool. Think of it as an antivirus and endpoint protection solution with machine learning, like McAfee on steroids. In our company it is deployed in 83 countries and on over 40,000 workstations and servers.
Security Expert at a healthcare company with 5,001-10,000 employees
Real User
2020-11-01T09:42:00Z
Nov 1, 2020
We have the Core version for almost all our endpoints. We will be installing it completely for the US, who wants more products, and India, because we have experienced that India is more exposed to threats. We are currently updating our agents from 4.0.5 to 4.2.
Network Support at a university with 1,001-5,000 employees
Real User
2020-10-29T10:12:00Z
Oct 29, 2020
SentinelOne performs primary functions for our endpoint antivirus and anti-malware solutions. It's a centralized managed version of an antivirus product that gives real-time information on any kind of threat we might receive. It's very broad. It not only protects through signature defense, which is like what most common antivirus products do, but it also does behavioral which has been absolutely lifesaving here a couple of times. It has saved our bacon more than once by detecting threats. It even detects zero-day threats because it detects them through their behavior. It doesn't need a signature. It actually keeps me busy with this and the insight into the agents that are installed. Our level of protection around here has never been this high. By comparison, we're also running Windows Defender, which comes with Windows 10 operating systems. We collect that data through our SCCM and SentinelOne finds threats that are at a rate of 25:1 to 30:1. It's not even close. SentinelOne has made a tremendous difference in our ability to protect our endpoints and servers.
Software Engineer at a healthcare company with 51-200 employees
Real User
2020-10-27T06:41:00Z
Oct 27, 2020
We are a company with several types of PC users. Our office ranges from marketing to sales, and we also have people who are remote on laptops all over the world, as well as an R&D department. Those people use PCs in different ways. We wanted a platform that has ways of dealing with various kinds of users, but we also wanted a central management so we could overview the state of all our endpoints with one view. We use the central cloud interface to manage all our endpoints. We only use it on Windows machines.
It's for our regular laptop users, desktops, and our production servers. For the production servers we use it to make sure there is nothing coming from the outside. And for our regular users it works everywhere, so they can do everything with a laptop. It's a cloud solution. We don't have a large business. We have a lot of services but we don't have many users. Everything is in the cloud and we have about 20 clients or 20 agents for normal users in the Netherlands and we have between 100 and 200 users in the Philippines. The rest is for server safety.
CIO at a manufacturing company with 1,001-5,000 employees
Real User
2020-10-07T07:04:00Z
Oct 7, 2020
We were looking for an EDR solution to get the best protection available, especially against ransomware. For us, any EDR solution needed to be supported by a 24/7 SOC. We deploy it on-premise, in all of our factories and branch offices, worldwide.
We are a managed services provider. We are not just using it for ourselves, but we are also supporting it and deploying it for a number of our customers. The primary use case is that it's endpoint protection software and we use it to protect our end customers' endpoints, whether they are Apple or computers, laptops or servers. SentinelOne is software as a service, but it has an agent that has to be installed on a computer or a server onsite.
SentinelOne has completely replaced the antivirus solution that we used before. It's also an EDR solution. In the case of any suspicious malware, we can control the system with this agent.
My primary use case for this solution to protect my clients and sites that I support from malware and ransom ware. It is installed on the end point clients and servers as a client and then it clean and protects after a reboot. As a managed service provider we found it instrumental at preventing viruses and especially preventing ransom ware. We went from 30% ransom ware infections to zero. The software stops the infection before it executes.
VP at a tech services company with 11-50 employees
Reseller
2020-06-28T08:51:00Z
Jun 28, 2020
We have SentinelOne installed on all of our workstations and servers. It is set up with the maximum protection except that Active is in Alert Mode, and everything else is blocked.
Director - Global Information Security at a manufacturing company with 10,001+ employees
Real User
2020-01-29T11:22:00Z
Jan 29, 2020
In general, we replaced our entire antivirus and anti-spyware with SentinelOne. We use it across all platforms, from servers to workstations, to Macs, to Windows, to Linux, Virtual Desktop Infrastructure, and embedded systems - on-premise and in the cloud. We also use their console and their threat-hunting. We needed a solution that was simple and intuitive, without having multiple agents. We have also started evaluating their IoT, for the discovery of all IoT devices. This is
We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients.
Managing Partner at a tech services company with 11-50 employees
Real User
2019-09-11T10:12:00Z
Sep 11, 2019
We are an IT company that sells solutions, and this is one of the products that we provide to our customers. We work on certain opportunities that require the capabilities of SentinelOne, but we do not use it for our own purposes. This solution is used to protect endpoints against malware and other threats. A lot of the deployments are hybrid. In Lebanon, the cloud is not used to a large extent. Most of the customers use on-premises solutions.
CISO at a religious institution with 501-1,000 employees
Real User
2019-02-01T14:36:00Z
Feb 1, 2019
We use the solution for those with access to sensitive or confidential data. The cost of the solution is prohibitive for all of our users, but we do want to make sure that those with access to critical data have higher levels of protection.
SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.
SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels...
I mainly focus on endpoint security. Customers often ask me about solutions to detect malware threats, and SentinelOne is one of the options I recommend. The main focus is detecting malware threats on endpoints.
The solution is agent-based, so it's on service, and it's a cloud solution. We are using its API capabilities for our server for protecting us from cyber security threats and attacks.
Our company is a platinum partner and uses the solution to provide endpoint protection for customers. A few new customers require the on-premises solution but others use the cloud technology.
Our company serves as resellers and solution engineers for our enterprise customers. We deploy and support the solution in customer environments.
We are using SentinelOne within our company in servers and endpoints and we have deployed it for some of our clients.
SentinelOne is an antivirus and an EDR platform. We are using is simply for its antivirus and EDR features.
We use SentinelOne to secure our entire environment, including all user endpoints and servers. We are also currently testing the Deep Visibility addon. We were using a definition-based AV prior to SentinelOne, and we were getting daily/weekly infections of a variety of malware. We are a mix of PC, Mac, and Linux. We have on-premises machines and servers, as well as cloud VMs that we were wanting to protect. We wanted to purchase a Next Generation AV client that would be algorithm-based instead of definition file-based.
I use SentinelOne for security.
I use SentinelOne to protect against ransomware attacks, validate incoming emails, and ensure websites don't have any malicious coding.
We use the solution for anti-malware, policy enforcement, and blocking USBs, for example. It's used for detection in general, and for protection and threat blocking.
This is an anti-malware and threat management product. We are customers of SentinelOne and I'm a system engineer.
We primarily use the solution for endpoint detection.
The most important feature is the roll-back feature because when any system is corrupted, we can easily restore it within a few seconds. Also, if an end-user is not connected to your network, they can communicate with the central manager. We can be notified of any end-user activity with a central dashboard. The solution is also a very lightweight agent model compared to other solutions like Sophos, Carbon Black and the app action from X-microsite product. SentinelOne does not use the RAM SCP installation for the agent, and the user interface is also straightforward.
We're a partner of SentinelOne, but we're also a partner of many other companies. We're not a vendor per se. We sell SOC as a service, and as a part of that service, we provide protection solutions. My area is around antivirus. So, we are not a reseller in that sense. I am using its latest version. It can be deployed on-prem as well as on the cloud. I have customers with a requirement for both. SentinelOne provides their own cloud because that's where they do their artificial intelligence (AI).
We primarily use the solution for security. It’s for endpoint and response detection. It is primarily protecting all my servers now, and most of the end users are connected to SharePoint OneDrive and emails, which are already taken care of from Microsoft through endpoint security. I don't have to really worry too much from the end-user point of view. Still, in case if they ever happen to click on any of the phishing emails or malicious files, it will block their computer immediately without even coming through the server level.
We use SentinelOne to collect logs and data. We will connect it to other tools and places in the future.
We use SentinelOne daily for endpoint protection and restriction on using USB devices.
We primarily use the solution for endpoint protection.
In comparison to CrowdStrike, they use a lot of ICANN fees in the UI. But this isn't a problem for me because I am already familiar with CrowdStrike's interface and navigation panel. I still don't use the hamburger mini version of CrowdStrike because I am used to the old panels. The rollback issue isn't marketed by CrowdStrike. I'm certain of it. We can, however, do it indirectly. If you want to do rollback in craft with RTR over Windows shadow copies, there is a workaround. This is an argument I occasionally use against SentinelOne. If you use rollback, your system has already been infected. CrowdStrike claims, that they don't do this, they are not a backup solution, and they don't allow any ransomware to work in their systems. By the way, rollback is a plus in the eyes of customers. If CrowdStrike can do it with a single click, it will be a great turn of events.
My client uses the solution for endpoint security and email security.
Sentinel One protects our endpoints from malware, viruses, trojans, and other cyber attacks. We outsource the management of Sentinel One to another organization. They monitor for infections at any endpoint on the console and work to determine if it's a false positive or an actual attack. Most of the time, Sentinel One can automatically identify an attack, and it quarantines the process to block the attack. If Sentinel One can't make that determination on its own, the third-party team will further investigate the suspicious traffic.
It is an endpoint solution. It is for our workstations and other devices to alert us to any kind of malware threats that might be lurking. In terms of deployment, it is through a managed service.
We use SentinelOne as an endpoint protection solution.
SentinelOne is for users wanting an enhanced level of endpoint security.
We are a system integrator. We provide this solution to the end-users.
Everyone who is a client of ours gets SentinelOne by default. It provides ransomware protection, malware protection, and increased security. Those are our top-three selling points for SentinelOne when we talk to clients.
We are a solution provider and this is one of the products that we implement for our clients. Sentinel One is being deployed as a replacement for any antivirus solution. In our case, we use it to primarily prevent ransomware and other malware from entering networks or computers, as they're deployed across the entire world now, in this new post-COVID environment. We no longer have the luxury of the corporate firewall protecting everyone equally. This means that having SentinelOne on each box is providing a solution where we stop the badness before it can spread. This is a cloud-based platform that we use in every capacity you can imagine. We use it on cloud components in both Azure and Amazon.
The product is used to provide cybersecurity protection to SMBs predominantly in the financial, manufacturing, and retail industry as well as private individuals. SentinelOne is key in achieving compliance with the General Data Protection Regulation (GDPR) in the European Union and the Protection of Personal Information (POPI) Act in South Africa. Resolving ransomware encrypted servers or personal computers is costly to the customer, both in repair costs and loss of business due to downtime. In addition, the customer may suffer reputational damage if any of its customer data is compromised.
There are four use cases: * Endpoint visibility. * Endpoint protection, which includes detection, protection, and error response. We use this for protection endpoints as well. * Provides historical loss of any events or changes in files that may have happened in the last 90 days. * Threat hunting, which we use to troubleshoot applications. There are different versions. The SaaS portal has a different version. The agents for each operating system have a different version. For the SaaS platform, we are on the current release. For the agents, we are one behind the current GA release.
We have the solution deployed on-premises and, for the last year, on the cloud as well. We have two systems. Over the last year of Corona, we provided a lot of laptops to our workers to work at home. But because they're not connected, at first, to our network, they can't connect to the SentinelOne instance on-premises. We wanted something that would protect them when they're on the internet, and not only after they connected to our network. That is why we got the system that is in the cloud, to protect all the company laptops. We don't have a lot of incidents because ours is a very closed network. We don't connect directly to the internet. So SentinelOne is only a barrier between us and the emails or between us and the files that go into our network.
Our primary uses are endpoint protection and application inventory. The management is done through the SentinelOne web interface. We work strictly in a Windows environment, using it for both workstations and servers.
Our use cases are for client and server visibility in our enterprise and operational technology environments, as EPP and EDR solutions.
We are mainly using it to replace a product we used before for antivirus. My specific use case for SentinelOne is threat hunting. I'm a security professional in our organization, doing offensive security. I do pen tests and analysis, and I'm hunting for intruders in our network. That's the context in which I'm using SentinelOne.
SentinelOne monitors our infrastructure 24/7.
We use it for endpoint protection. It's an active EDR endpoint protection tool. Think of it as an antivirus and endpoint protection solution with machine learning, like McAfee on steroids. In our company it is deployed in 83 countries and on over 40,000 workstations and servers.
We have the Core version for almost all our endpoints. We will be installing it completely for the US, who wants more products, and India, because we have experienced that India is more exposed to threats. We are currently updating our agents from 4.0.5 to 4.2.
SentinelOne performs primary functions for our endpoint antivirus and anti-malware solutions. It's a centralized managed version of an antivirus product that gives real-time information on any kind of threat we might receive. It's very broad. It not only protects through signature defense, which is like what most common antivirus products do, but it also does behavioral which has been absolutely lifesaving here a couple of times. It has saved our bacon more than once by detecting threats. It even detects zero-day threats because it detects them through their behavior. It doesn't need a signature. It actually keeps me busy with this and the insight into the agents that are installed. Our level of protection around here has never been this high. By comparison, we're also running Windows Defender, which comes with Windows 10 operating systems. We collect that data through our SCCM and SentinelOne finds threats that are at a rate of 25:1 to 30:1. It's not even close. SentinelOne has made a tremendous difference in our ability to protect our endpoints and servers.
We are a company with several types of PC users. Our office ranges from marketing to sales, and we also have people who are remote on laptops all over the world, as well as an R&D department. Those people use PCs in different ways. We wanted a platform that has ways of dealing with various kinds of users, but we also wanted a central management so we could overview the state of all our endpoints with one view. We use the central cloud interface to manage all our endpoints. We only use it on Windows machines.
It's for our regular laptop users, desktops, and our production servers. For the production servers we use it to make sure there is nothing coming from the outside. And for our regular users it works everywhere, so they can do everything with a laptop. It's a cloud solution. We don't have a large business. We have a lot of services but we don't have many users. Everything is in the cloud and we have about 20 clients or 20 agents for normal users in the Netherlands and we have between 100 and 200 users in the Philippines. The rest is for server safety.
We were looking for an EDR solution to get the best protection available, especially against ransomware. For us, any EDR solution needed to be supported by a 24/7 SOC. We deploy it on-premise, in all of our factories and branch offices, worldwide.
We are a managed services provider. We are not just using it for ourselves, but we are also supporting it and deploying it for a number of our customers. The primary use case is that it's endpoint protection software and we use it to protect our end customers' endpoints, whether they are Apple or computers, laptops or servers. SentinelOne is software as a service, but it has an agent that has to be installed on a computer or a server onsite.
SentinelOne has completely replaced the antivirus solution that we used before. It's also an EDR solution. In the case of any suspicious malware, we can control the system with this agent.
My primary use case for this solution to protect my clients and sites that I support from malware and ransom ware. It is installed on the end point clients and servers as a client and then it clean and protects after a reboot. As a managed service provider we found it instrumental at preventing viruses and especially preventing ransom ware. We went from 30% ransom ware infections to zero. The software stops the infection before it executes.
We have SentinelOne installed on all of our workstations and servers. It is set up with the maximum protection except that Active is in Alert Mode, and everything else is blocked.
In general, we replaced our entire antivirus and anti-spyware with SentinelOne. We use it across all platforms, from servers to workstations, to Macs, to Windows, to Linux, Virtual Desktop Infrastructure, and embedded systems - on-premise and in the cloud. We also use their console and their threat-hunting. We needed a solution that was simple and intuitive, without having multiple agents. We have also started evaluating their IoT, for the discovery of all IoT devices. This is
We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients.
We use the public cloud version.
We are an IT company that sells solutions, and this is one of the products that we provide to our customers. We work on certain opportunities that require the capabilities of SentinelOne, but we do not use it for our own purposes. This solution is used to protect endpoints against malware and other threats. A lot of the deployments are hybrid. In Lebanon, the cloud is not used to a large extent. Most of the customers use on-premises solutions.
Our primary use case of this solution is to have as a next-generation security product for our endpoint devices.
We're a managed service provider, so it's MSP for our clients.
We use it for antivirus.
We use the solution for those with access to sensitive or confidential data. The cost of the solution is prohibitive for all of our users, but we do want to make sure that those with access to critical data have higher levels of protection.
I use it for policy fine-tuning.