SentinelOne Singularity Complete Reviews

I use SentinelOne Singularity Complete on our servers, specifically in our remote desktop services environment. I also use it alongside ESET for our workstations. Our environment isn't huge, with about 30 people, although we've had up to 50 users. I mostly use it as a security solution.

We have noticed a reduction in alerts since implementing SentinelOne Singularity Complete. 

As a company with 30,000 employees and 26,000 endpoints worldwide, we have diverse operational needs that SentinelOne Singularity Complete effectively addresses.

SentinelOne Singularity Complete effectively addresses numerous challenges. As a cloud-based SaaS solution, it seamlessly protects office and remote workers, safeguarding laptops and other devices. Its comprehensive coverage extends to cloud infrastructure across multiple operating systems like iOS, Linux, and Windows, including Kubernetes environments. This versatility, coupled with its ability to fulfill various use cases, has made SentinelOne Singularity Complete our trusted security solution for the past four years.

SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point.

SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack.

We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action.

SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging.

Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure.

SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level.

Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent.

Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete.

SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response.

SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.

We have it for all of our client machines and servers. It is the antivirus solution for all clients and servers. We are also looking into going further with their log analysis portion. We are working with them in terms of pricing.

The overhead on the CPU is minimalistic, not taking up too many system resources.

Making exceptions and exclusions through the console interface is smooth, providing a very good experience. The clients communicate with the web console in less than a minute, which is much faster than other solutions such as Malwarebytes.

SentinelOne has helped us with consolidation. We have Malwarebytes installed along with SentinelOne, and we are moving just to SentinelOne. SentinelOne has the most widespread and up-to-date coverage because of the fact that we can deploy it fairly quickly. Its rogue detection feature helps catch systems missed during initial deployment. We are the most up-to-date now. 

It saves time for the staff once it is up and running. Once the system has gotten used to everything, it just works. There is a six to eight-month learning curve for the system to get used to your servers and software.

In the beginning, we had a fair number of false positives coming across, but once the system got set up, it has been pretty much running on its own. If we are running a lot of internal IT scripts for applications that are triggering the antivirus, it might detect that as suspicious. We have to configure it to exclude things. Overall, it is pretty smart. Its automation is working fairly well for us that way. 

As a strategic partner, they have been very vocal with us. They have been communicative and supportive. The product itself is robust. We have not had any situation where it failed and broke the computer. There is no CrowdStrike-type scenario going on.

Based on the updates they have done, they are focused on advancing the product. There is a constant evolution going on. The system is getting more robust. We are advancing and not digressing anywhere in terms of technology.

We primarily use the solution for EDR, which it does in a brilliant way. We are also using it for log management. We can use it for investigations, reporting, and security incident management.

The most important aspect of the solution is that the load on the machine is not very high. It doesn't take up battery resources.

The solution prevents ransomware and other threats.

So far, it is working brilliantly. The dashboards and UI are user friendly, as is the ability to configure as needed.

It seems to have a lot more capabilities. The XDR capabilities, in particular, look very strong. We're currently looking into that.

If we want to do integrations with third parties, we don't have very many challenges around that.

The ability to ingest and correlate across our security solutions is very useful. It's impressive. The AI engine it has is excellent.

It helps us consolidate our security solutions.

While it does not allow us to reduce alerts per se, it does a good job of correlating. The way it's integrated into the SIM, it's working to the expectations we have.

The solution helps free up people so that they can work on other tasks. We don't have to grow our team too much now. My security team is actually quite small - about five people. We all get more time to handle other tasks.

We've noted that it does help reduce mean time to respond. We can identify events easier and those that are most critical are brought to the forefront. Previously, we were in the dark. Now we have so much more visibility. It's been a huge improvement. 

It's effectively helped to reduce organizational risk. 

It's endpoint protection that also takes care of the server.

Mainly, we [my company] have a lot of systems on Linux. So when we were looking for an EDR solution, we evaluated all three top options: SentinelOne, CrowdStrike, and Carbon Black. We found CrowdStrike to be slightly better than SentinelOne in terms of features. But the only reason we chose SentinelOne was that its Linux agent was far superior.

We review our EDR solution every year. So far, it's been SentinelOne. Earlier, it was Trend Micro, I think. So we evaluate and change our protection software almost every year.

It is quite easy to manage our environment with the Singularity console.

We have policies in place to isolate any suspicious behavior from the network immediately. There's even a zero-trust option that we utilize.

Moreover, visibility into the attack surface and risk is good. It's protecting quite well. We do have incidents regularly, but no major ones at all.

When it comes to threat detection and prevention, it's quite sensitive and quite good.

We do the evaluation every year, so we always see something new that comes in. We evaluate across products and then choose the best one.

Singularity Complete integrates well. We have changed our monitoring solution, and SentinelOne supports that solution. We are using SecureWorks to monitor our system. It is directly using the SentinelOne agent. All security logs for SentinelOne and other security products are being pushed to that one. SecureWorks consolidates all the logs and alerts, and we are getting 24/7 monitoring.

Singularity Complete significantly reduces alerts. It has reduced false positives by 30% to 40%.

Singularity Complete helps free up our staff for other projects and tasks. We have fewer false positives. We are very comfortable with it. Before, we had to provide extensive technical support for endpoint protection, but after installing the agent, administration became much easier.

Singularity Complete has been excellent, and we have not faced any issues in the last three to four years. It has reduced critical risks significantly.

Singularity Complete has reduced our mean time to remediate to a good level. It has also reduced the organizational risk.

We have used Ranger, but it is not always useful for us because most of our users are working from remote areas. It is a bit difficult for Ranger to identify them because they are working with some local networks. However, we are protecting our endpoints with the agents. It is mandatory for our technicians to install this agent.

APT and ransomware protection is valuable. We also use the Vigilance service from SentinelOne. It is a complete XDR platform for us.

I use it for our XDR solution, managing various endpoints including Windows and Deepak. There are around twenty-five hundred endpoints where SentinelOne EDR or the Synchrony Solution is installed, helping me manage all my files. It is a next-generation antivirus solution with zero-day protection using AI or ML-based logic running in the backend to protect endpoints. Currently, there is no integration. It's an independent solution supporting my endpoint protection.

The XDR is a valuable feature. The AI-based engine protects against various behaviors and takes action on files being accessed. In terms of protection, I have an advanced app providing visibility of all my endpoints, which was not the case before. My time to respond to incidents has reduced, making it much more complete. I have the ability to isolate endpoints if identified as having malicious files or serious activity.

We use SentinelOne as an EDR solution and for our cloud-based endpoints.

SentinelOne's data integration has made the incident response process more efficient and faster The solution has decreased our response time. SentinelOne's third-party marketplace has connectors that enable the solution to integrate with many tools. We can monitor the data Singularity generates and seamlessly export it.

I come from a larger organization. Once we fully deployed and started tuning the tool, we began to see more of its potential. I worked with the tool for almost two years. It took about a year for us to deploy it into all of our systems fully. We realized its value once we started getting alerts and information.

It hasn't reduced our alerts. The tool is pretty noisy out of the box. If anything, it has increased our alerts, but we can address that through tuning.