SentinelOne Vigilance's integration capabilities with other products can be considered as an area with certain shortcomings where improvements are required. The product's integration capabilities with SaaS platforms need to improve because most of the applications right now are being hosted on the cloud.
I suspect that the areas for improvement may not necessarily lie within the tool itself but rather in our organization's lack of knowledge and understanding of cybersecurity. Cybersecurity is a complex area, and our organization has a skill set deficit. Therefore, we rely on our cybersecurity support company to help us manage the tool and handle incidents. Our limited expertise sometimes prevents us from fully utilizing them or identifying potential gaps.
My customers who use the tool mostly want a summary of the monitoring activities of the product in a report form, which can be useful. A report from SentinelOne Vigilance can help my company's customers identify what happened in their IT environment, and it can be useful for our customers to identify the threats and incidents encountered by the product. The tool's stability can be improved.
SentinelOne Vigilance is an MDR meant to manage cybersecurity, but it doesn't do a good job. SentinelOne Vigilance doesn't have a direct connection with MSPs. They go only through a big reseller or RMM vendor instead of directly going to the MSP. You always feel that you are behind, and you have to call someone to call someone to get to them. People pay $ 5,000 to $ 6,000 monthly for the solution, and they don't have a QBR for their customers to review the security and recommendations.
I am not sure if there are a lot of improvements needed in the solution since my company is very pleased with the solution. SentinelOne Vigilance doesn't actively monitor incoming emails or offer an email plugin for Outlook. It would be fantastic if the solution could actively monitor incoming emails or offer an email plugin for Outlook. I don't say the aforementioned details as a downside of the product, but as an additional feature that might be very useful.
Senior Systems Engineer at a tech services company with 11-50 employees
Real User
Top 5
2023-07-27T10:51:02Z
Jul 27, 2023
The antivirus products embedded with EDR have one weakness: they are very resource-intensive and challenging to replicate exclusions. Let me elaborate on it with an example of a list of exclusions from an accounting firm. Let’s say Company A is a finance company that uses Microsoft and some accounting applications. Company B is also a finance company that uses the same products, but they have their back-end database capturing the data. As an IT engineer managing different clients, I will try to see if there's a way to export the rules I created for Company A to save time when setting up Company B. Presently, this process is not user-friendly. A forward-thinking approach will reduce the time spent onboarding new clients and increase revenue by reducing engineering time.
The update process has room for improvement because customers may be temporarily without protection during a software update, resulting in issues with stable performance.
Assistant Manager - Security Architect at a computer software company with 5,001-10,000 employees
Real User
Top 20
2023-03-17T10:26:00Z
Mar 17, 2023
I have found issues with the solution’s stability and implementation. The solution has performance issues. I would like the solution to launch the rollback plan for ransomware on Linux and Mac. It should be something similar to the support that Windows gets.
The solution should add endpoint clients for mobile and Linux devices because it currently doesn't support them. We currently have to use an alternative product for mobile devices but would prefer to use one product for physical PCs, servers, and all mobile devices such as phones and iPads.
Manager Product, Partner Relations & Consulting at Telenor
Reseller
2022-08-24T14:56:22Z
Aug 24, 2022
It's too early to say what needs improvement. It has been six months and I have two guys working on it at the moment. They need additional time to give me that kind of feedback.
Senior Security Engineer at a tech services company with 1,001-5,000 employees
Real User
2022-02-23T10:11:00Z
Feb 23, 2022
Every product has room for improvement. I can't single out anything within SentinelOne Vigilance that would need to be updated or improved, only because I haven't used it in a while. For the most part, there's no problem with how SentinelOne Vigilance works, but the toughest challenge that customers find is with the deployment and tuning of the product. Getting it tuned properly takes some time, so that's a challenge. You can deploy the product with just about anything, but deployment is always a challenge. An additional feature I'd like to see across the board, in the next release of SentinelOne Vigilance, is more integration with artificial intelligence. I'd like to see more integration with SIEM and/or SOAR solutions. I'd also like to see better event formatting, so if they can format their events using CEF (common event formatting), that would be fantastic. These are the top three or four additional features I'd like to see. I'd also like to see predictive analytics. The market isn't there yet, with the exception of Carbon Black, but predictive analytics would be phenomenal. We'll get there in the next five to 10 years, e.g. that market is going to explode here in the next few years. As we build more artificial intelligence into all these products, including endpoint protection, we're going to be able to predict the type of attack. It's not just malware. It's this type of attack, and they're going to know what it is, but that'll come in time.
When upgrades are required on the server, you need to almost remove SentinelOne Vigilance completely off the system. We put SentinelOne Vigilance on silence for the monitor mode, but we were having trouble upgrading the server. I had to remove SentinelOne Vigilance completely from the server, but that meant that all the previous logs of attacks I wanted to look at on the server were gone. This is one thing they need to improve, they need better compatibility with the Microsoft Windows service. I should not have to remove the agent completely to upgrade the service.
SentinelOne Vigilance's integration capabilities with other products can be considered as an area with certain shortcomings where improvements are required. The product's integration capabilities with SaaS platforms need to improve because most of the applications right now are being hosted on the cloud.
I suspect that the areas for improvement may not necessarily lie within the tool itself but rather in our organization's lack of knowledge and understanding of cybersecurity. Cybersecurity is a complex area, and our organization has a skill set deficit. Therefore, we rely on our cybersecurity support company to help us manage the tool and handle incidents. Our limited expertise sometimes prevents us from fully utilizing them or identifying potential gaps.
My customers who use the tool mostly want a summary of the monitoring activities of the product in a report form, which can be useful. A report from SentinelOne Vigilance can help my company's customers identify what happened in their IT environment, and it can be useful for our customers to identify the threats and incidents encountered by the product. The tool's stability can be improved.
SentinelOne Vigilance is an MDR meant to manage cybersecurity, but it doesn't do a good job. SentinelOne Vigilance doesn't have a direct connection with MSPs. They go only through a big reseller or RMM vendor instead of directly going to the MSP. You always feel that you are behind, and you have to call someone to call someone to get to them. People pay $ 5,000 to $ 6,000 monthly for the solution, and they don't have a QBR for their customers to review the security and recommendations.
I am not sure if there are a lot of improvements needed in the solution since my company is very pleased with the solution. SentinelOne Vigilance doesn't actively monitor incoming emails or offer an email plugin for Outlook. It would be fantastic if the solution could actively monitor incoming emails or offer an email plugin for Outlook. I don't say the aforementioned details as a downside of the product, but as an additional feature that might be very useful.
The antivirus products embedded with EDR have one weakness: they are very resource-intensive and challenging to replicate exclusions. Let me elaborate on it with an example of a list of exclusions from an accounting firm. Let’s say Company A is a finance company that uses Microsoft and some accounting applications. Company B is also a finance company that uses the same products, but they have their back-end database capturing the data. As an IT engineer managing different clients, I will try to see if there's a way to export the rules I created for Company A to save time when setting up Company B. Presently, this process is not user-friendly. A forward-thinking approach will reduce the time spent onboarding new clients and increase revenue by reducing engineering time.
The update process has room for improvement because customers may be temporarily without protection during a software update, resulting in issues with stable performance.
I have found issues with the solution’s stability and implementation. The solution has performance issues. I would like the solution to launch the rollback plan for ransomware on Linux and Mac. It should be something similar to the support that Windows gets.
The SentinelOne platform has potential for improvement. The solution's memory forensics capabilities and hard disk capacities are quite basic.
The solution should add endpoint clients for mobile and Linux devices because it currently doesn't support them. We currently have to use an alternative product for mobile devices but would prefer to use one product for physical PCs, servers, and all mobile devices such as phones and iPads.
SentinelOne Vigilance could improve if it provided us with more control over the dashboard.
It's too early to say what needs improvement. It has been six months and I have two guys working on it at the moment. They need additional time to give me that kind of feedback.
Every product has room for improvement. I can't single out anything within SentinelOne Vigilance that would need to be updated or improved, only because I haven't used it in a while. For the most part, there's no problem with how SentinelOne Vigilance works, but the toughest challenge that customers find is with the deployment and tuning of the product. Getting it tuned properly takes some time, so that's a challenge. You can deploy the product with just about anything, but deployment is always a challenge. An additional feature I'd like to see across the board, in the next release of SentinelOne Vigilance, is more integration with artificial intelligence. I'd like to see more integration with SIEM and/or SOAR solutions. I'd also like to see better event formatting, so if they can format their events using CEF (common event formatting), that would be fantastic. These are the top three or four additional features I'd like to see. I'd also like to see predictive analytics. The market isn't there yet, with the exception of Carbon Black, but predictive analytics would be phenomenal. We'll get there in the next five to 10 years, e.g. that market is going to explode here in the next few years. As we build more artificial intelligence into all these products, including endpoint protection, we're going to be able to predict the type of attack. It's not just malware. It's this type of attack, and they're going to know what it is, but that'll come in time.
When upgrades are required on the server, you need to almost remove SentinelOne Vigilance completely off the system. We put SentinelOne Vigilance on silence for the monitor mode, but we were having trouble upgrading the server. I had to remove SentinelOne Vigilance completely from the server, but that meant that all the previous logs of attacks I wanted to look at on the server were gone. This is one thing they need to improve, they need better compatibility with the Microsoft Windows service. I should not have to remove the agent completely to upgrade the service.
My only complaint is that the knowledge base is not accessible to the customer.