The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We use SentinelOne Singularity Complete as our endpoint security solution to detect malicious activity and unusual behavior. It is a great tool for analytics and forensic investigations, and it has a good feature for catching threats. I was particularly impressed with this feature.
We implemented SentinelOne Singularity Complete to secure our endpoints.
SentinelOne Singularity Complete has helped us consolidate our security solutions. We can create use cases and workflows in SentinelOne, and analyze alerts and logs. We can also create custom policies based on our needs. For example, we can create workflows for post situations, or detect specific types of attacks, such as persistence or defense evasion techniques. We can use these techniques to create our own custom use cases, which can then be deployed in production to detect these types of threats.
After deploying SentinelOne Singularity Complete, we were confident we would not face any endpoint security threats. SentinelOne was able to block the type of events that were a true positive. Sometimes, we have also received false positives, but SentinelOne should detect this activity. So, that was the expectation, and SentinelOne has met it. This is very helpful.
SentinelOne Singularity Complete met our business needs and requirements. It was easy to deploy and manage as an administrator, and we can manage the console without having to constantly connect to the user or machine. We can do many things from the console alone, such as taking remote sessions, uninstalling any other solutions or products, and performing cleanup activities. This has been very helpful. We saw these benefits within one month of deploying Singularity Complete.
SentinelOne Singularity Complete helped reduce the number of false positive alerts we were receiving with our previous solution.
SentinelOne Singularity Complete has helped us save three hours per day of our staff's time. The single console makes it easy to manage compliance, including health check reports and the applications we are managing. We were able to identify and remediate malicious files through the console, without having to resolve the issue directly with users or other teams. This is a significant improvement.
SentinelOne Singularity Complete has helped reduce our MTTD and our MTTR.
SentinelOne Singularity Complete has helped reduce our organizational costs by eliminating the need for other endpoint security solutions. It is a cost-effective solution that provides comprehensive protection.
It has reduced our organizational risk by 90 percent.
The threat detection and prevention capabilities are valuable, providing development programming support that enables us to perform fair investigations. SentinelOne also provides security for installed devices for all operating systems, including Mac, Windows, and Linux, for users who cannot install SentinelOne themselves and need to connect with the administrator.
SentinelOne Singularity Complete needs to support more common development languages, such as PowerShell and Python so that we can better use the solution.
In the release, I would like to have application management features and pre-defined command features that allow us to take control of the system.
SentinelOne needs to provide more documentation for administrators and analytics.
I have been using SentinelOne Singularity Complete for six months.
I would rate the stability of Singularity Complete eight out of ten.
I would rate the scalability of Singularity Complete eight out of ten.
We have 24/7 support, but it is just moderate.
Neutral
SentinelOne is more secure and offers better scope for threat hunting on Linux than other security solutions, such as CrowdStrike and Microsoft Defender for Endpoint. SentinelOne Singularity Complete allows us to consolidate solutions and is easy to administer from a single console.
The initial setup is straightforward. After completing the proof of concept, we deploy the Singularity Complete solution for our clients. We install the agent and create group policies for detection and prevention. We use a configuration management solution to deploy Singularity Complete within five to ten minutes.
One person can complete the deployment.
We implemented the solution in-house.
I would rate SentinelOne Singularity Complete seven out of ten.
I would rate SentinelOne Singularity Complete's ability to be innovative eight out of ten.
SentinelOne Singularity Complete has a mature GUI.
We deployed SentinelOne Singularity Complete in one of our client environments with 13,000 machines and 1,000 servers.
SentinelOne Singularity Complete maintenance consists of daily monitoring for updates and prioritizing policies and requires around five administrators.
SentinelOne is a good strategic partner.
SentinelOne Singularity Complete makes it easy to perform operations and investigations.
I have extensive experience with SentinelOne products and am particularly impressed with SentinelOne Singularity Complete. The solution integrates effectively with third parties.
I find it extremely reliable. For instance, I report monthly for compliance and other security metrics across our multi-cloud platforms. Primarily, we rely on Microsoft, especially with Entra ID and MFA. While Microsoft provides decent reporting tools, they can make it difficult to get high-level summaries. In contrast, Singularity allows me to pull insights across various platforms, not just Microsoft and Azure. Whether I’m using it within AWS, with single sign-on, or with one of our partners, I can see all the relevant data.
It has improved significantly with its upgrades, especially in threat hunting and analysis. Now, when it identifies a threat, it efficiently kills the process and attempts to quarantine the affected items. If it cannot, the system continues its automated threat hunting. This feature is fantastic because it remediates issues while maintaining a clear audit trail, which is great for compliance. However, a drawback is that although it handles threats effectively, I sometimes cannot access the necessary data quickly enough to address recurring problems and prevent them from escalating. The good news is that the platform is robust and supports our security needs. While it's not perfect, it certainly has its strengths.
The analytics and reporting can be a bit overwhelming. I love the dashboards, but I find that I need to better understand PowerQuery—specifically when to turn it on and off and its limitations. It's similar to SharePoint in that regard. As a former SharePoint instructor, I know it like the back of my hand. The best thing about SharePoint is that it can do whatever you want; the worst part is also that it can do whatever you want. You really need to know what you want before diving in. Most people usually have a good idea of what they need. SharePoint offers a lot out of the box, but you can customize it further if you wish. However, customization often requires hiring someone, which can be risky since you never know if it will work as intended. On the other hand, PowerQuery can help bridge some of those gaps within Singularity. The challenge arises when you want to incorporate what you've done into dashboards and charts, as there are limitations. For instance, I want more clickable drill-down options that allow me to filter on specific sections of the data, but that's currently not possible. It’s not to say that improvements won’t come in the future; it's just that it feels a bit early at this stage.
Additionally, I find some navigation features frustrating, like the back button in certain contexts. For example, if you open PowerQuery from a chart, it doesn't open in a new window or tab. Clicking the back button takes you all the way back to the previous state, causing you to lose whatever progress you made. However, I'm actively providing this feedback to my partner, Pro Circular, through whom we access SentinelOne. They take our input seriously, and I've been sharing my observations. They have their own views but are addressing the issues I raise. It's good to see that suggestions occasionally lead to updates and improvements.
I have been using SentinelOne for approximately three and a half to four years, with particularly intensive use in the last two and a half years.
Though I wasn't present for the implementation, the success of SentinelOne Singularity Complete migration heavily depends on having a quality partner. Prior to the purchase and recent changes, experiences with SentinelOne's support and product were not positive.
I obviously want it to be more affordable, and I believe we should be able to achieve that. However, my main concern is partner pricing; that's where they really need to focus. While we can manage it ourselves, if we're going back to the traditional service management model with trusted service providers, I depend heavily on ProCircular as our SOC partner. They offer a few different solutions, but SentinelOne Singularity appears to be the preferred choice.
Similarly, SHI can provide various options as well, but according to my account representative, SentinelOne is gaining momentum and improving significantly. However, it’s important to note that we're only talking about a timeframe of around six months. I'm happy to share this feedback because insights like these can impact future purchasing decisions for other tech leaders like myself who have decision-making authority.
As for pricing, it’s essential to address that. Reputation and quality are important, but especially in today’s economy, price is a significant factor. Unfortunately, many organizations are prioritizing price right now. My hope is that SentinelOne and Singularity can recognize the importance of partner pricing and economies of scale.
Right now, I'm focusing on the basics of cloud integration. I have established a standard that I need to recreate, particularly with SentinelOne. It serves two main purposes: it is our primary antivirus solution for both Windows and Linux. There are various ways to forward logs from other systems where SentinelOne cannot be installed, such as firewalls and databases. However, they all provide similar functionality. There are two types of integrations available: you can use a plug-in, or you can utilize the standard Singularity integration. For AWS specifically, I've standardized the ingestion of AWS CloudTrail data across all platforms. Azure has a similar capability, so now I can view all my cloud reports in one place instead of having to switch between different dashboards, like SentinelOne's or AWS's Security Hub and GuardDuty. I can consolidate everything into one platform, which is very convenient. The integrations are robust, and from a plug-in perspective, I realize that I might not even need to use them. Some older systems, such as Cisco, can forward logs to a log management system, and SentinelOne Singularity Complete handles those logs seamlessly, which is fantastic. There's still a lot more I want to accomplish, but I'm pleased with the progress so far.
It has evolved significantly. Prior to SentinelOne Singularity's acquisition of DataSet, there were numerous issues and negative feedback. Previously, common complaints involved having to implement exclusions due to lack of thorough investigation. However, these complaints have ceased since the changes were implemented.
They offer a lot of options, especially when it comes to integration. With the recent upgrades they've made to their platform, it truly appears cohesive, almost like a single pane of glass. There is a lot of consistency, which makes navigation easier. However, the challenge lies in the distinction between EDR and XDR. SentinelOne is still part of the product, but it’s important to recognize that SentinelOne and Singularity operate separately. This situation is both a positive and a negative. The positive aspect is the uniformity of the interface, which you would expect to make it more intuitive and user-friendly. I know they’re working toward that, but the systems are fundamentally different. Your EDR, XDR, and other tools need to be considered separately; one involves installation and monitoring logs, while the other focuses on ingestion. They do an impressive job of bringing together commonalities among EDR, XDR, and the managed extended detection response, but if you choose one path over the other, you need to understand that the approach may vary. It’s a bit of a blessing and a curse at the same time.
I would rate it an eight out of ten. For ten, it has got to be rock solid all over the place.
