SentinelOne Singularity Cloud Security Reviews

We use the product across all of our entities for EDR, threat detection, and response methods.

We wanted a solution for protection. We had a number of entities with various EDR solutions. We wanted to centralize under one EDR solution, and we wanted one that was efficient and easy to manage with a small team.

The biggest thing for us was getting to a single platform. A single pane of glass has been nice. The ability to segment various sites out. The R-Back involved is super helpful for us as we are a multi-company organization. In general, the time has been greatly reduced for incidents.

The ease of use of the platform is very nice. The console provides excellent visibility into events that occur and, in general, the wide range of tools that are built into the agent itself.

My impression of the product's real-time detection and response capabilities is good. It definitely is a little bit different. It takes a little bit more time to learn than some of the other solutions that we have worked with in the past. Once you do understand it and once you're capable of running through the GUI and you understand what the logs and various windows they're trying to tell you, it's fairly straightforward.

The solution's automated remediation is good. I like that you can segment it into four options. You can choose to kill it at any time in the kill chain, so you can choose to quarantine it, you can choose to remediate, you can choose to roll back, you can choose to let it run. Being able to choose how far along you want those events to get is pretty nice.

The historical data record provided by the solution after an attack is decent. It gives you a flowchart of the attack. All along the processes you get good visibility and see all that were detected. Definitely, from a post-incident analysis perspective, it's very strong.

The solution has helped reduce our organization's mean time to detect by 20% to 30%. Given that extra 20% to 30%, it frees us up to focus on other items. 

The solution's impact on our organization's productivity is good. It provides robust whitelisting capabilities and improves our productivity. 

Agent releases need to be more stable before being pushed out. 

Bugs need to be disclosed quickly.

The reporting, and the logging visibility, are not there. It's very, very crude and simple. It needs to be drastically expanded. 

They need to expand their third-party integrations with SIM tools, and sites need to be given the option to expire at the end of the contract as well.

They could expand their integration with Kubernetes. They are trying to build out their third-party integrations. It does work well on Windows and Mac. 

I've used the product for three and a half years. 

Agent stability and communication with the console and agents going offline can be an issue. It can be time-consuming to coordinate and fix. However, the cloud console is very resilient. It's mostly the agent releases where we might have issues. CrowdStrike agents seem a little more stable. 

We have about 3,000 users using the solution.

Scaling is no issue. 

Technical support is hit or miss. We have worked with some good agents and some less knowledgeable. 

Positive

We have used different solutions, including the fact that we still CrowdStrike at a couple of companies. We are now moving more fully towards SentinelOne.

The simplicity and ease of use were big and where SentinelOne stands out. It's a set-and-forget policy. Based on what we saw in testing, it was the best option. 

In terms of telemetry data, we were all over the board.

The initial setup was a little more complex when we first started. However, they've smoothed a lot of their implementation out and so it's gotten easier over time. It took us a couple of weeks to a month to deploy. About 20 were involved in the deployment. We have 30 to 40 companies around the world and it's across every company and every department. 

The solution does require maintenance. You need to have agents up to date and cases closed properly. It does require you to be invested. 

We have witnessed ROI. It's comprehensive in its detection capabilities and has saved us from multiple attacks. We've likely saved 30% based on prevented attacks. 

The solution is relatively cheaper and is willing to work with companies on pricing. 

We are customers.

For those who believe they already have a continuous monitoring solution in place, I'd advise that SentinelOne knows its own product. They can provide that extra confidence that nothing gets missed. And if you see a high number of alerts, they're able to really help you discern those and get down to the ones that matter most.

The solution doesn't affect our ability to innovate one way or another. It doesn't hold us back.

I'd recommend the solution and advise running a POC in your environment. It's good to run against CRowdStrike. They are seriously contending against CrowdStrike.

I'd rate the solution eight out of ten. 

The most beneficial aspect of adopting these solutions is gaining visibility. We manage false positives efficiently, using tools like Tenable, which also provide visibility and help differentiate between actual risks and false positives concerning vulnerabilities.

Visibility is the most important aspect. Azure Monitor, SentinelOne Singularity Cloud Security, and other tools help gain visibility into our environments. Previously, we did not have any information about our environment. We now have visibility.

Evidence-based reporting is essential as it guides us in deciding and prioritizing vulnerability by improving our understanding of our environment. Before implementing these tools, obtaining information about our environment was challenging.

The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializing in the implementation of SentinelOne Singularity Cloud Security is very important, as it can save time during the implementation process.

I have used this solution for four or five years.

In my previous company, we once discovered a problem in one of our environments using SentinelOne, but I do not remember exactly what the problem was.

I have not used any similar solution. SentinelOne offers a comprehensive solution for the complete environment. It is very difficult to get the same results from different partners and manufacturers.

It is easy; it is not difficult.

Usually, we make a deal with a specific partner specializing in implementation. We do not implement it on our own.

Most security solutions are easy to use but require minimal knowledge to implement and maintain them.

Overall, I would rate this solution a nine out of ten.

We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by SentinelOne Singularity Cloud Security for best practices and good security. In the past, we've had code exposed to the internet, and SentinelOne Singularity Cloud Security has been able to catch such instances. Basically, it is for security and monitoring purposes. 

We've been able to integrate SentinelOne Singularity Cloud Security with out AWS and deployed their agents to Kubernetes. For production and compliance purposes, it allows us to monitor actively for issues from one place. 

The solution reduces notifications.

We mainly use it for monitoring and security guidelines only. It's been really useful for us in terms of the developer accounts. If any have been exposed, we get notified and we can take care of issues before anything happens. 

We haven't seen any server downtime. It's always been available when we've needed it. 

The UI is very nice, and feature-wise, it's very good.

It has very good documentation. 

Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful. 

The solution is very easy to use. We have not had to spend much time customizing or integrating items. We were able to integrate all four AWS accounts in order to centrally monitor everything.

There is evidence-based reporting which can help prioritize and solve cloud security issues. We haven't actively used it or set it up.

We use the infrastructure as code scanning feature. It's good for identifying pre-production issues. 

About six months ago, there was a major upgrade. We can see the containers running and which vulnerabilities appear, et cetera. 

We haven't seen any increase in false positives since using the solution. 

It's helped us improve our risk posture. We're more confident now that things aren't happening and getting missed. We're on the right track to adapting proper security rules.

More than saving engineering time, this solution has helped promote confidence is the security of our cloud accounts. We're more sure of our configurations and security posture. Since we don't have a cloud expertise team that might identify issues, it has helped us gain confidence in SQL deployments. 

There should be more documentation about the product. Sometimes we have to go to customer support to get clarification.

I've been using the solution for 1.5 years. 

The solution is stable. I have not seen any downtime.

We have around 15 users leveraging SentinelOne Singularity Cloud Security. They are mainly admins and engineers.

Technical support is very helpful. However, the documentation needs to be better.

They tend to resolve issues within an hour or so. With most issues, they are very helpful 

Positive

We have a different pipeline product working in parallel to this solution that is also helping us reduce vulnerabilities. Something else, for example, monitors compliance for us. SentinelOne Singularity Cloud Security is more of an additional tool than our main solution. We have been using open-source tools for scanning.

The development was just one configuration, and we were able to implement SentinelOne Singularity Cloud Security in about an hour.

The solution does not require any maintenance. 

We have noted an ROI based on the amount of confidence we've gained having visibility into our vulnerabilities. I do not have specific metrics on hand to illustrate that, however. 

The pricing is reasonable.

We're a customer and end-user. I'm a DevOps engineer.

I'd recommend the solution to others. I would rate it 10 out of 10 as it currently meets all of our requirements. I can't speak to other companies that may have different requirements. 

We have an environment in the cloud where we have a bunch of EC2 instances and S3 buckets. We have the SentinelOne agent installed on all of our EC2 instances, to monitor our environment, so we use it quite frequently.

We needed cloud-based endpoint protection that we could install to get a single pane of glass into our security environment. Specifically, we needed to see the version usage of the applications to ensure we didn't have any outdated applications.

It has definitely helped reduce our mean time to detect. It's much quicker than with our last platform. Singularity has also helped free up our staff to work on other projects. We don't usually come into the console unless we get an alert. In that sense, we have been working on many other projects in the last year. Now that everything is set up and running smoothly, we haven't had to spend as much time in the console as before.

And when I consider the solution's impact on overall productivity, features such as the reporting have helped. When we need to run a report on how many endpoints we have in our environment for regulatory requirements, we use the reporting feature of Singularity because we know it's installed on every endpoint, giving us full visibility. From a reporting standpoint, it has certainly helped us.

We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate. The third feature we use most often is the VirusTotal integration. That allows us to take the hash of a threat or virus and open it up in VirusTotal.

Also, it's amazing how quickly its real-time detection and response capabilities come through. There have been multiple times where either my coworker or I will be working on something—even in our elevated environment, and even just running a script. We wouldn't expect a pop-up, but it's good to know that it's checking for those anomalies, detecting them, and notifying us of them instantly. We love that feature.

In terms of the historical data record provided by Singularity after an attack, we like to use the Storyline feature for deep dives and threat hunting if needed. It has been very useful in our operations. We can see different event types on each endpoint, which comes in handy. Using the Storyline feature, we can dig in much quicker, connect the dots, and see what caused the alert. So it has quickened remediation.

And the SentinelOne Cloud engine detection types are useful when trying to determine whether a threat could be legitimate or a false positive.

One of our use cases was setting up a firewall for our endpoints, specifically for our remote users. We have a firewall on-premises that comes into play when someone is at our main campus. But we needed something more for our remote users. We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to.

I have been using SentinelOne Singularity Cloud for about two years.

Singularity has been very stable. It has never lagged or crashed that I've noticed. In my experience, there has been 100 percent uptime.

The interoperability with AWS has been very straightforward and streamlined, without any major bugs or issues that I've come across.

Its scalability is one of the main reasons we chose SentinelOne. Because it's hosted in the cloud, we can install as many agents as we're licensed for. We've never gone over that limit. As new servers and endpoints come online, it's easy to deploy. It's built into the image.

We do have a unique use case regarding scalability. We use a VDI environment in Azure, and it works. We haven't had any issues. But when we need to run updates on those machines, we have to rebuild the image. We can't have the agent built into the image because of our rebuild process. That makes it a manual process for us every month when we redeploy those desktops. We have it scripted out with a PowerShell script that helps, but it's a manual step for us. That's one area we're trying to address from a scalability standpoint.

As for auto-scaling, we're more of a static environment for most of our endpoints. The VDI is our only more fluid environment, since our VDI endpoints go up and down based on usage. Once the agent has been deployed to those images, the auto-scaling works flawlessly, and we haven't had any issues there.

We used ESET, but the decision to go with Singularity was made before my time with the company.

We have a couple different deployments: our end-user endpoints and our server fleet. I was involved with the server deployment. It was very straightforward, and we didn't run into any issues during that deployment.

The only maintenance involved is when we need to whitelist an application. For example, if a new user installs an application, we might get a false-positive pop-up. That's really the only maintenance we have to do.

We did it ourselves, and there were four people involved.

It's a fair price for what you get. We are happy with the price as it stands.

My advice is that if you want an easy-to-deploy solution where you can have a single pane of glass to get visibility into all of your endpoints and applications, and run reports on those application versions, Singularity makes it a very easy-to-use, straightforward, and streamlined process that has helped us over and over again.

If someone thinks they don't need Singularity because they already have a continuous security monitoring solution in place, using SentinelOne gives us an overarching view from the single console, giving us the entire picture of the timeline of events that happened. Going through the timeline and connecting those dots really helps when threat hunting. It helps to get the full picture instead of just a specific point in time, which is the way some of the legacy antivirus programs work.

The solution has an automated remediation feature, but we don't currently use it because we are a smaller team. We like to remediate manually. For the time being, we haven't had a reason to use the automation feature yet.

One area we're trying to innovate more in is the AWS Security Hub. Singularity, in their marketplace, has a couple of apps related to that. We're trying to build more automations within AWS Security Hub to get better overall visibility, not only of our EC2 endpoints but of our applications as well.

We utilize SentinelOne Singularity Cloud to safeguard our clients and servers from viruses and to perform forensic analysis on threats.

We are a service integrator in the public sector in Italy, and we implemented SentinelOne Singularity Cloud because we lacked an antivirus solution.

The real-time detection and response capabilities of SentinelOne Singularity Cloud are excellent. We have implemented automated remediation on the Singularity platform. I have tested this on both our tenant and our customers' tenant, and we haven't encountered any issues with this method.

Singularity offers profound forensic visibility, which proves highly advantageous for in-depth analysis of events. Through a single console, we can observe comprehensive event details from start to finish.

The historical data record provided by Singularity after an attack is valuable. It allows us to identify any misconfigurations and has assisted us in rectifying errors during the deployment of group policies in Active Directory. This capability helps us manage group policies more effectively, particularly in terms of security policy deployment.

SentinelOne Singularity Cloud has been immensely helpful in mitigating issues for us. Our organization consists of approximately five hundred employees, including technicians and administrators, and Singularity has played a vital role in safeguarding our organization.

It has helped us reduce our MTTD. 

Singularity helps us reduce our MTTR.

We have saved time. The automatic remediation helped me a lot when an event occurred, as it analyzed and remediated the issue automatically. This saved a significant amount of time.

Singularity operates smoothly and does not cause our laptops to experience any performance degradation, which has been very beneficial.

Deploying SentinelOne Singularity Cloud is a simple process that requires only three clicks. 

The management console is highly intuitive to comprehend and operate.

The cost has the potential for improvement. I would appreciate it if the full edition could be made more affordable, allowing me to upgrade from the intermediate version.

I have been using SentinelOne Singularity Cloud for more than three years. 

SentinelOne Singularity Cloud is incredibly reliable. I have never come across a crash or experienced any downtime. I have never needed to initiate a support case.

The SentinelOne Singularity Cloud exhibits high scalability. We only need to incorporate licenses to facilitate scaling, eliminating concerns regarding servers or databases, as it functions as a cloud-based platform.

The initial setup is straightforward because the platform is cloud-based, allowing accessibility from anywhere, and deploying the agent is as easy as clicking three times.

Two people were involved in the deployment.

We are a system integrator and we implemented the solution in-house.

As a partner, we receive a discount on the licenses. Currently, we possess over 250 licenses, but there is potential for the licenses to become even more affordable.

We evaluated various products such as Trend Micro, Symantec, and Sophos. SentinelOne Singularity Cloud stood out among the solutions we evaluated as the easiest to manage and with the best performance.

I rate SentinelOne Singularity Cloud a nine out of ten.

SentinelOne is a novel form of endpoint detection and response that has assisted us in effectively managing our clients and servers. It provides us with substantial visibility and aids in safeguarding our infrastructure against emerging threats.

Regarding maintenance, I check the event logs every two weeks, in addition to reviewing emails, and I update the schedule to manage the agents.

The interoperability with third-party solutions is good. We don't have any compatibility issues.

SentinelOne Singularity Cloud is updated bi-weekly or monthly and the signature to the client is updated every two days.

Evaluating SentinelOne Singularity Cloud is made simple by installing the client and logging into the console.

We are using it for endpoint detection on all of our EC2 instances and hosts in the cloud. Along with it, we are also going to be using it for AV.

We do not have any EDR protection on our host. We would like to utilize it for AV to put some protection on our host. The pricing for the tool that we are using for AV has gone up, and they are not giving us a lot of things we need. Also, to use their EDR tool, we have to install a secondary agent, whereas, with SentinelOne, everything is included in the same agent.

Singularity Cloud Workload Security helps with forensics and extra protection on our host. We have not had any incidents where we had to fully use it or fully go into action with it, but we are hoping that it will provide the extra protection that we need to help resolve some blind spots that we have specifically on our hosts.

Singularity Cloud Workload Security has forensic visibility or deep visibility into the Linux kernel, but we have not used it. It is something that we will work on and use with our SOC team and the implementation team if an incident were to ever happen.

The historical data record provided by Singularity Cloud Workload Security after an attack will be useful if an incident happens. It will help us build a timeline of historical reference. It is easy to have it all in one place to build a timeline. We can see from start to finish where the incident started and where it occurred versus having to go in and do things manually by sifting through logs. The fact that SentinelOne is able to have that information or data and a single pane of glass is something that we like about the tool.

Singularity Cloud Workload Security helps to cut down the mean time to detect by having the historical reference and by being able to stop the incident with the hit of a switch. We can see from where it started, which is helpful. When you are an organization managing hundreds of accounts, it is hard to sieve through logs and get that information together, which increases our mean time to detect, whereas with SentinelOne, from the things we have seen and tested out, it seems simple and easy, and we are hoping that it will help us cut down on that time.

We are also hoping that it will reduce our mean time to remediate. We have not come across any actual incident to be able to fully know, but based on what we have seen so far in the tool, it seems it would.

Singularity Cloud Workload Security has not necessarily freed up staff to work on other projects, but it does reduce some time. It helps cut down on things. It does provide an easier capability. We have come from the old-school way of looking at logs. It seems that this tool will provide something much sleeker and easier for our SOC team to use.

Singularity Cloud Workload Security has not yet had much effect on our productivity. We have only had it for two months, but we like what we are seeing. We like implementing it. We like that it has a single agent and we can use it as AV. It seems to make things easy. It seems to be a more productive tool for us, but until we have an incident, I would not be able to say for sure. As of now, it looks like it has the capability.

Its interoperability with third-party solutions, such as Kubernetes, seems top-notch. We have integrated it with a couple of our solutions here, such as Kubernetes and containers, and we have not had any incidents or any problems to follow up or dig deep into. So far, the ability to look at our containers and to see into those clusters is something that puts Singularity above all others. With CrowdStrike or Trend Micro, we were not able to do that. We were not able to have the same visibility. SentinelOne Singularity made that easier for us.

Singularity Cloud Workload Security supports our ability to innovate from a standpoint where we know that our application teams and developers will be protected. When new applications are created, we will have some sense of security and some sense of safeguard for our teams. We did not have the visibility and the tools to protect us in the manner we would like, but with Singularity Cloud Workload Security, it looks like we can just put it on our endpoints and tell the teams to go and do as they wish because we know at least on this end, they will be protected.

From our tests and the things that we have done, we find Singularity Cloud Workload Security’s real-time threat detection and response capabilities attractive. We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek. Those are the things that are attractive to us.

We like the automated remediation feature. It is not something that we are going to use for automated remediation, but we do like the fact that it is there and can be utilized.

If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have.

We have been using it for two or three months. We went through a test trial, and we are finalizing the official purchase request to purchase it and start using it fully.

We have not experienced any issues so far.

We have not interacted with their support. We have only contacted our customer manager and our onboarding specialist. We have not had to submit any tickets.

We have not used any other similar solution previously.

It is a cloud deployment. I was involved in its initial setup. Its deployment was straightforward. There were a couple of questions that we had. Some of the documentation was not written in the best way. There were some hurdles when moving to the tool and understanding it, but for the most part, it was straightforward. We got all the instructions on how to deploy or install it. We were presented with a customer service rep who was an onboarding specialist. This customer service rep specialized in deployment for us, so everything was a simple setup.

We mainly did it ourselves, but we also had an integrator consultant from SentinelOne who was on the site. They answered all of our questions for anything that came up. For anything we needed, they were there to help us. We had three individuals full-time, and then we had a contractor.

In terms of maintenance, there is nothing required from the SentinelOne side. Once we onboard a lot of our hosts, we just need to organize it in a way that is easy for us, but from the SentinelOne or Singularity folks, nothing is required.

The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost.

We did evaluate other options. We tried Trend Micro Vision One. We also looked at CrowdStrike.

We went for Singularity Cloud Workload Security because it was built and made for the cloud. That was a big thing. The second big thing was that they utilize all of these different features with one agent.

The CrowdStrike solution is not built for the cloud. They have a cloud add-on, so it did not translate for us. The Trend Micro solution is somewhat built for the cloud. It is more of an on-prem tool that is moved to the cloud, but we have to utilize at least two agents to get all of the coverage, meaning AV and endpoint detection. With Singularity Cloud Workload Security, it is all covered in one agent. There is no need to put multiple agents on our host and go through that with our customers. It also allows us to place that agent using AWS Systems Manager, so the implementation in the cloud and launching of the agent is intuitive and easy. It was a no-brainer once we started looking at the tools in terms of how to implement them and what we would like in our organization. Singularity Cloud Workload Security took the top place.

It has a single agent to cover all aspects. You can save money and costs with data ingestion by using the Security DataLake from Singularity. There is also the ease of use of its console. There is also the ease of deployment by it being cloud-based. If you are looking for a tool that is perfect for cloud solutions and protects your cloud host, Singularity Cloud Workload Security would be at the top of my list.

To someone who does not think that they need a Singularity Cloud Workload Protection Platform (CWPP) because they have a continuous security monitoring (CSM) solution in place, I would recommend looking again at Singularity because there is one agent and the ease of transitioning and deploying into the cloud. Another big thing about Singularity is the holding of the data. We utilize Splunk. However, with Singularity, we do not need to ingest all the data because we can also utilize their data lake. The query or the information that we can look up at Splunk can also be looked up in Singularity, so there is no need to take all that data from Singularity and ingest it into our Splunk and increase our license. We can utilize our license and capabilities. We can just use the data lake that comes with Singularity and utilize logs in that manner. In the end, it is saving us costs when it comes to our SIEM tool ingestion, so I would recommend looking at these top aspects. It is easy in the cloud. It helps save data on your SIEM tool. It saves the ingestion costs. There is also a single agent.

I would rate Singularity Cloud Workload Security a nine out of ten.

We have deployed SentinelOne Singularity Cloud Workload Security to our servers and clients. 

Singularity's real-time detection and response capabilities so far have been great.

I like the way we have options in how we set up the automated remediation. We can set it up to automatically take action, or we can set it up to just flag or let us know that there is something that needs to be investigated. It has been really good in that regard. There are many, many options in how we can configure it, and I have liked that quite a lot.

Compared to my previous solution, I am more comfortable with SentinelOne Singularity Cloud Workload Security. I was always concerned that the previous solution was not catching everything. There were a lot of false positives, and there were several cases where it did not catch everything. Even when it did catch something, the logging and forensic details were very limited. SentinelOne Singularity Cloud Workload Security is the opposite of that. It gives us deep visibility into what is going on and what has happened. The mediation is great, and the logging is much more detailed. It has been a huge improvement over what I was using before. Singularity Cloud Workload Security has given me peace of mind.

To date, all threats detected were false positives or test threats. No actual threats have been encountered, but test threats were detected quickly.

One thing I particularly like about Singularity Cloud Workload Security is that it supports older legacy operating systems that we have been unable to eliminate. This is a valuable feature that other clients do not offer.

The visibility is the best part of the solution. To see exactly what's going on in all the clients, and processes that are running, I have got a few false positives, but those are relatively easy to investigate and remedy, and flag them as false positives.

We use Singularity Cloud Workload Security with Citrix and a non-persistent VDI. It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear. We eventually got it sorted out with the help of support, and I give credit to SentinelOne for that.

I have been using SentinelOne Singularity Cloud Workload Security for ten months.

I have not experienced any stability issues, client issues, or rogue agents causing problems. I have also not had any crashes. Overall, it has been great.

We have a relatively small environment, with fewer than a hundred endpoints deployed. So, scalability is easy for us. I don't know how it would work with thousands or even tens of thousands of clients, but I haven't had any issues so far.

The technical support is helpful.

Positive

Our previous solution, Trend Micro Worry-Free, in comparison, is quite poor. It did not give me very good visibility into what was happening with my clients, on the network, or what processes were running. If something happened, I was very limited in my ability to figure out what happened. In other words, the forensic capabilities of my previous solution were lacking.

There is no way to compare the turnaround time of obtaining telemetry data between the two solutions because Trend Micro Worry-Free did not provide any telemetry data. We would receive an email about a possible virus, but when we logged into the system to view the logs, there would be nothing there. Or, it would tell us that there was a virus, but it would not tell us which client was infected until we logged into the console. It was lacking in so many areas.

During the deployment, we conducted a test case. One of SentinelOne's sales engineers assisted us in setting up the software, configuring everything, and setting up notifications. They walked us through the process of setting everything up to my liking and how they would recommend setting up the software. They were instrumental in helping us deploy the system, and all of their assistance was included in the price of the system. We did not have to pay any additional fees. I found their assistance to be very helpful.

Without SentinelOne's help, the initial setup would likely be very complex. There are many options for configuring the product, which can be both beneficial and detrimental. On the one hand, it is beneficial if we are familiar with the software and know how to best configure it. This flexibility is a great advantage. On the other hand, if we are coming from a different product and do not know SentinelOne's software, it would be very helpful to have their assistance in walking us through the setup process and recommending a configuration.

I was the only person from our organization involved in the deployment.

I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought.

I also evaluated Carbon Black. I read a lot of reviews, both official and user-generated, to learn what people were saying about the product. What really drew me to SentinelOne was its legacy software support. This was a key factor for me, and it helped me eliminate some of the other options.

I would rate Singularity Cloud Workload Security eight out of ten.

The software itself is very good. Singularity Cloud Workload Security provides deep visibility and support. I have found the support team to be very responsive and helpful whenever I have engaged with them.

One of our requirements was that the solution was simple enough for me to maintain myself without spending a lot of time managing the software. There are software agent packages that become available, and I need to go in and approve them and push them out. There are occasional false positives, but overall, it's not a lot of work.

For straightforward clients on a PC or laptop, Singularity Cloud Workload Security works well. However, in edge-case scenarios like ours with Citrix and non-persistent VDI, we need to test it out to see if it works well enough in our environment. We had some initial problems getting it started, but we were able to resolve them. So, my advice is that if the scenario is straightforward, there should be no problems.

I use it to monitor and update my clients. We have about seventy users, which we run the client on, and we pretty much just monitor the activities and update the agents when possible. We use it to make sure that there are no viruses or malware on the user end, the endpoint machines. It's an antivirus.

We were looking for a solution that wasn't hard to manage and wasn't intrusive on the client end. We needed something users couldn't make changes to or take up too much CPU. We wanted to make sure that when we loaded this on the user machine it wasn't going to tax it. 

The ease of use is great.

The portal is great. It's not complicated. I can find what I need and it's straightforward. It's not over complicated. 

The real time detection and response capabilities are good. I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on. 

They have an automated remediation feature that I have used. You can resolve issues on the portal. 

The forensic visibility into the Linux kernel is very good. It helps to catch things early on. They've been able to remediate situations pretty quickly.

The historical record after the attacks is informative. It gives me the information I need. It's done really well.

The solution has helped me free up time. I go maybe once a week to see a status and if I get any alerts via email, I'll action something. My users are pretty educated and I haven't had to really worry too much. There's barely anything getting caught as the staff is all very diligent.

When it catches something, we're able to quickly get a handle on it. It's doing its job and we haven't had to worry about any attacks.

There isn't anything I don't like. It's really easy to use, for example. 

Their search feature could be better. When I go in and try to search for stuff, it could be a bit easier. It can be a little cumbersome. 

I've been using the solution for two years. We're going to be renewing our contract soon. 

I've had no stability issues at all.  

It's easy to scale. Scaling is straightforward.

We're a non-profit, so we won't grow too much. We don't really have use for the auto scaling feature. However, the feature does make scaling easy for those who need to grow.

I've barely contacted technical support. I've only spoken to sales in regard to demos. I had to call support once when an agent didn't install correctly. I had them get a cleaner to remove it from the machine. That only happened once. They were very helpful and it was easy to contact them. I was done in ten minutes. 

Positive

I did previously use McAfee. When we had to renew, we were looking for something simple on the client end and pretty light. McAfee tends to tax the machine a bit. It had a clunky client as well. The reputation of Sentinel was also better than McAfee's. 

I was involved with the initial deployment. The setup was straightforward. I had no issues with the setup.

Outside of occasionally upgrading the agents, there is no maintenance needed. 

I handled the setup myself and my boss. 

The pricing and licensing are competitive. 

We were evaluating McAfee and Symantec and a few other companies. I can't recall the others. Sentinel just stood out. 

To those who have a continuous monitoring solution in place, I'd advise them to have something running on their client end as well. Otherwise, you don't have full coverage. 

I haven't really integrated the solution with any third-party solutions.

I'd rate the solution ten out of ten. It's straightforward and not that hard to work with. You don't have to do too much prep work before jumping in. It's an easy solution to implement.