SentinelOne Primary Use Case
Network Support at a university with 1,001-5,000 employees
SentinelOne performs primary functions for our endpoint antivirus and anti-malware solutions. It's a centralized managed version of an antivirus product that gives real-time information on any kind of threat we might receive. It's very broad. It not only protects through signature defense, which is like what most common antivirus products do, but it also does behavioral which has been absolutely lifesaving here a couple of times.
It has saved our bacon more than once by detecting threats. It even detects zero-day threats because it detects them through their behavior. It doesn't need a signature. It actually keeps me busy with this and the insight into the agents that are installed. Our level of protection around here has never been this high.
By comparison, we're also running Windows Defender, which comes with Windows 10 operating systems. We collect that data through our SCCM and SentinelOne finds threats that are at a rate of 25:1 to 30:1. It's not even close. SentinelOne has made a tremendous difference in our ability to protect our endpoints and servers.
Director - Global Information Security at a manufacturing company with 10,001+ employees
In general, we replaced our entire antivirus and anti-spyware with SentinelOne. We use it across all platforms, from servers to workstations, to Macs, to Windows, to Linux, Virtual Desktop Infrastructure, and embedded systems - on-premise and in the cloud. We also use their console and their threat-hunting. We needed a solution that was simple and intuitive, without having multiple agents.
We have also started evaluating their IoT, for the discovery of all IoT devices. This isView full review »
Enterprise Security Architect at a recruiting/HR firm with 10,001+ employees
We use it for endpoint protection. It's an active EDR endpoint protection tool. Think of it as an antivirus and endpoint protection solution with machine learning, like McAfee on steroids.
In our company it is deployed in 83 countries and on over 40,000 workstations and servers.View full review »
We are mainly using it to replace a product we used before for antivirus. My specific use case for SentinelOne is threat hunting. I'm a security professional in our organization, doing offensive security. I do pen tests and analysis, and I'm hunting for intruders in our network. That's the context in which I'm using SentinelOne.View full review »
We are a managed services provider. We are not just using it for ourselves, but we are also supporting it and deploying it for a number of our customers.
The primary use case is that it's endpoint protection software and we use it to protect our end customers' endpoints, whether they are Apple or computers, laptops or servers.
SentinelOne is software as a service, but it has an agent that has to be installed on a computer or a server onsite.View full review »
We are a solution provider and this is one of the products that we implement for our clients.
Sentinel One is being deployed as a replacement for any antivirus solution. In our case, we use it to primarily prevent ransomware and other malware from entering networks or computers, as they're deployed across the entire world now, in this new post-COVID environment.
We no longer have the luxury of the corporate firewall protecting everyone equally. This means that having SentinelOne on each box is providing a solution where we stop the badness before it can spread.
This is a cloud-based platform that we use in every capacity you can imagine. We use it on cloud components in both Azure and Amazon.View full review »
Information Security & Privacy Manager at a retailer with 10,001+ employees
Our use cases are for client and server visibility in our enterprise and operational technology environments, as EPP and EDR solutions.View full review »
There are four use cases:
- Endpoint visibility.
- Endpoint protection, which includes detection, protection, and error response. We use this for protection endpoints as well.
- Provides historical loss of any events or changes in files that may have happened in the last 90 days.
- Threat hunting, which we use to troubleshoot applications.
There are different versions. The SaaS portal has a different version. The agents for each operating system have a different version. For the SaaS platform, we are on the current release. For the agents, we are one behind the current GA release.View full review »
Network and Security Engineer at a energy/utilities company with 1,001-5,000 employees
SentinelOne monitors our infrastructure 24/7.View full review »
Network & Cyber Security Manager at a energy/utilities company with 51-200 employees
We have the solution deployed on-premises and, for the last year, on the cloud as well. We have two systems.
Over the last year of Corona, we provided a lot of laptops to our workers to work at home. But because they're not connected, at first, to our network, they can't connect to the SentinelOne instance on-premises. We wanted something that would protect them when they're on the internet, and not only after they connected to our network. That is why we got the system that is in the cloud, to protect all the company laptops.
We don't have a lot of incidents because ours is a very closed network. We don't connect directly to the internet. So SentinelOne is only a barrier between us and the emails or between us and the files that go into our network.
Sr. Information Security Manager at a computer software company with 1,001-5,000 employees
SentinelOne has completely replaced the antivirus solution that we used before. It's also an EDR solution. In the case of any suspicious malware, we can control the system with this agent.View full review »
Software Engineer at a healthcare company with 51-200 employees
We are a company with several types of PC users. Our office ranges from marketing to sales, and we also have people who are remote on laptops all over the world, as well as an R&D department. Those people use PCs in different ways.
We wanted a platform that has ways of dealing with various kinds of users, but we also wanted a central management so we could overview the state of all our endpoints with one view.
We use the central cloud interface to manage all our endpoints.
We only use it on Windows machines.View full review »
It's for our regular laptop users, desktops, and our production servers. For the production servers we use it to make sure there is nothing coming from the outside. And for our regular users it works everywhere, so they can do everything with a laptop.
It's a cloud solution. We don't have a large business. We have a lot of services but we don't have many users. Everything is in the cloud and we have about 20 clients or 20 agents for normal users in the Netherlands and we have between 100 and 200 users in the Philippines. The rest is for server safety.View full review »
Head of IT at a transportation company with 501-1,000 employees
Our primary uses are endpoint protection and application inventory.
The management is done through the SentinelOne web interface.
We work strictly in a Windows environment, using it for both workstations and servers.View full review »
IT Manager at Telecorp Inc.
My primary use case for this solution to protect my clients and sites that I support from malware and ransom ware. It is installed on the end point clients and servers as a client and then it clean and protects after a reboot. As a managed service provider we found it instrumental at preventing viruses and especially preventing ransom ware. We went from 30% ransom ware infections to zero. The software stops the infection before it executes.
CIO at a manufacturing company with 1,001-5,000 employees
We were looking for an EDR solution to get the best protection available, especially against ransomware. For us, any EDR solution needed to be supported by a 24/7 SOC.
We deploy it on-premise, in all of our factories and branch offices, worldwide.View full review »
Security Expert at a healthcare company with 5,001-10,000 employees
We have the Core version for almost all our endpoints. We will be installing it completely for the US, who wants more products, and India, because we have experienced that India is more exposed to threats.
We are currently updating our agents from 4.0.5 to 4.2.
Managing Member at Pender & Associates
The product is used to provide cybersecurity protection to SMBs predominantly in the financial, manufacturing, and retail industry as well as private individuals.
SentinelOne is key in achieving compliance with the General Data Protection Regulation (GDPR) in the European Union and the Protection of Personal Information (POPI) Act in South Africa.
Resolving ransomware encrypted servers or personal computers is costly to the customer, both in repair costs and loss of business due to downtime. In addition, the customer may suffer reputational damage if any of its customer data is compromised.
VP at a tech services company with 11-50 employees
We have SentinelOne installed on all of our workstations and servers. It is set up with the maximum protection except that Active is in Alert Mode, and everything else is blocked.View full review »