SentinelOne Singularity Complete Reviews

We use the solution for antivirus protection. We do know it does more, however, we're trying to just get the antivirus program up and working and functioning at this point.

It's allowed us to really cover all of our endpoints, including servers, Macs, and services. We're hoping to do a kiosk mode in some of these services for our labs and facilities, and we're hoping that SentinelOne can actually do that. We're going to work with them to make sure we can get that rolled out.

The fact that they have a lot of search features is very helpful. We can go into their filters and we can filter out by specific computer name, for example. We can specify if we want Macs or we want Windows computers, or if we want just laptops, or desktops. There's just a lot of versatility as to how we can look up the devices and really drill down.

The interoperability with other SentinelOne solutions and other third-party tools is good. For other third-party tools, I've used other antivirus software that doesn't have this type of interface. This gives you a lot more latitude to control the computer to basically push out updates and monitor what's going on with the endpoints immediately. It really helps with everything that you need to be on top of quickly, and it really helps that we can monitor everything in real-time.

It integrates smoothly with other solutions. We were able to push out the software and the agent to all the endpoints rather easily. There were only a few stragglers who just weren't physically on and weren't getting the endpoint, however, the rollout went pretty smoothly. The few endpoints not covered were ones that weren't turned on or not in use.

My impressions of the solution's ability to ingest and correlate across our security solutions are positive. It works really well. 

We like the fact that we actually have a dedicated person at SentinelOne that we can talk with and work with.

It's helped to reduce alerts. The alerts have really gone down. We've actually had a lot of good coverage. There really haven't been that many alerts or issues. They've actually caught a lot of issues and threats before it's even been a problem. It's really helped cut down on the amount of work that we have to do on our end for troubleshooting and the prevention of viruses or phishing attempts.

This solution helped us to free up the time for other projects and tasks for your team members. We just rolled out a new software program, and it allowed us to focus on that more rather than having to deal with virus alerts that come through from our previous virus program. They've really managed it for us and really helped us find more time to work on the projects that we really need to focus on to advance our business rather than worry about threats that are coming through. It's been quite a time saver. 

It helped to reduce our organization's mean time to detect. It's got a much nicer interface to work with, and it's really helped to have them as a working partner rather than our previous vendor which was just a little harder to get a hold of and not as easy to work with.

The mean time to respond is much quicker than what we did have. 

It has helped to reduce our organizational risks. We save a lot of hours by not having to deal with all the alerts and managing them. It has saved us many hours of work and really helped us focus on what we really are there to do rather than working on the threats that come our way.

The solution does allow us to be innovative. The product has a nice interface and is quite robust in comparison. We like the options and availability and how it allowed us to manage our endpoints.

Using the filters takes a little bit of time to get used to. There are so many. You have to scroll from side to side in the filter section to find them. It's not very user-friendly. 

Some of the options they have up top are a bit much. It is a bit daunting. It minimizes, and then you have to click on select filters for it to completely open, and then you've got a scroll to the right or scroll to the left. Even if you maximize your screen from left to right, there are still more filters to scroll through. They're not well laid out.

I haven't used the reporting feature much, however, having a little bit more options in reporting would be helpful.

I started using the solution about six months ago. 

The solution is very stable. 

We have about 400 endpoints. They are all deployed in one location.

It is a scalable product. If we need to add more endpoints, we can. That said, we have yet to scale. 

Technical support has been really good. 

Positive

We had a current vendor called Carbon Black who did our antivirus software, however, it wasn't it wasn't working as well as we would have liked. So we went with SentinelOne to give us a more complete solution.

There is just a lot of functionality on the end of SentinelOne that we just didn't have with Carbon Black, and it just made a lot more sense to go with this. Even though it was priced a little bit more.

I was involved in the deployment of the solution. The process was very simple. SentinelOne took care of most of it for us. 

SentinelOne pushed out the agent for us. 

We did not need a lot of resources in terms of staff members. We were involved in the planning yet not too much of the implementation. We're still working on covering the last few machines. 

There is some maintenance, however, they are mostly updates and those are pushed out by SentinelOne. 

We had a representative from the vendor who helped with the deployment. 

I can't speak to the exact numbers in terms of ROI. However, other programs do not have as much support and in that sense, support, along with savings, has provided some form of ROI. 

My understanding is the pricing is reasonable. 

We evaluated other options as well. We looked at Norton, McAfee, and Avast, which were built-in. We went with this product based on the support we would get and the fact that they were personable and easy to work with. We have a dedicated customer service rep that we can talk with about any issues.

We do not use the Ranger feature at this time. We would need to upgrade if we wanted to use that, apparently. So we just decided not to go with that.

The quality is good. I like the way it works and the amount of options it has. However, it has so many options and functionalities you need to really figure out how it works. It takes care of a lot of things for you. You can just set it and forget it. 

They are great as a strategic security partner. They worked closely with us and were good at explaining the layout and how the solution would work. They are very helpful.

I'd recommend the solution for users looking for antivirus or endpoint management. It's got great features for both small and large companies. I'd talk with SentinelOne about a company's individual needs. They are quite flexible.  

I'd rate the solution eight out of ten. 

We primarily use it the same way we would use Bitdefender. It's for security.

When it comes to security, the telemetry, the information that you get from the EDR part of it, and the ability to be able to parse it and use it is great. I really like their platform. You're able to go in and do some of the research and study. If there's an incident response needed, you can handle it with SentinelOne. That's what I really like about it.

It's just as good, if not better, than Bitdefender. The one thing I do like more about SentinelOne is working with their tech support. It's really easy to get to them and easy to work with them. 

Their platform is really easy to work with. It's easy to navigate and use. 

I really haven't done enough to really see any improvements. It really has all the telemetry markers that I look for. 

I just started using the solution. I've used it for five or six months. 

The scalability is very good. I'd rate it nine out of ten. It can expand well. 

We have about ten people, admins, who are on the solution. 

Technical support has been great. They are helpful and responsive. I've only used them for onboarding assistance. I've never had an issue I needed help troubleshooting with.

I've also used Bitdefender. I didn't stop liking Bitdefender. I love Bitdefender. I have nothing against Bitdefender. The only reason I did move to this product is due to the SOC that I work with. Bitdefender doesn't work with the stock that I use as well as SentinelOne does. SentinelOne also offers better support. Bitdefender's platform can be a bit more cumbersome to try to get through in terms of getting your agents to install, for example. SentinelOne is very simple. 

The initial setup is very easy. I'd rate the ease of implementation ten out of ten. 

There is one person that handles maintenance on the solution. That would be me.

There are a couple of different solutions that they offer. The one I use is $6 a month per device. Some are $4 and there are some that are more than that, and those offer an MDR part, which is the managed detection and response. 

I'm a partner.

To anyone using any of these MDR-type scenarios, one of the things they need to recognize with SentinelOne is that, only looking at SentinelOne telemetry, when it comes to the stock solution that they offer, it's not a true SOC. It is an internal SOC solution. That's why it's an MDR. So they're only looking at what their solution finds. If their solution finds ransomware and stops it, then you're only looking at that telemetry. That's why I offer an outside external stock since the external stock is looking at everything. If you have one device that has something on it or something with nothing on it, it's going to see it all. That's the big difference between an internal SOC as opposed to an external SOC.

I'd rate the solution ten out of ten. 

I mainly focus on endpoint security. Customers often ask me about solutions to detect malware threats, and SentinelOne is one of the options I recommend. The main focus is detecting malware threats on endpoints.

The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.

I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions.

I have been using the solution for one year.

Our clients range from small, medium, to large scale and the solution is stable for all of them. I give the stability a ten out of ten.

The solution is highly scalable. I give the scalability a ten out of ten.

The technical support is very good, and quick.

The initial SentinelOne setup is easy to set up in the environment and also easy to download the packet to install. 

We do not encounter a lot of issues with the pricing of SentinelOne. The pricing is reasonable.

The solution offers a standard licensing fee.

I give the solution a ten out of ten.

We primarily use the solution for security. 

Cyber threats are growing. I have some other colleagues from other companies that have had some attacks. For us, SentinelOne or EDR solution was something appropriate.

It's pretty easy to implement. 

It gives you good visibility of any threats or vulnerabilities that you might have on your network. 

It's very simple to use, and user-friendly as well.

I don't know how complicated it would be, however, a patch solution should be included inside of this. If we find a vulnerability, we should also be capable of patching the PC right away.

Some reports could be better. Sometimes you need to search inside of SentinelOne to get some information. Only then could one be done. 

A daily report would be helpful.

I've been using the solution for six months. 

The software looks to be okay right now. It is very stable. I have no complaints regarding that.

It is very scalable. Most of the software that is on-demand is scalable.

We have about 350 licenses for the solution right now. If the company grows, we will increase usage. 

We use the SUP team that is provided by the provider of SentinelOne. However, I've never directly dealt with them. 

Previously we had an antivirus. That was Kaspersky. However, we didn't have an EDR solution. It can't be really compared. 

Of course, with Kaspersky, now, with what's happening in Ukraine, there has been a break in trust.

The implementation process is quite straightforward. It's not complex at all. 

The deployment process took a maximum of a month. That said, we were doing very slowly since there were some computers that we knew would not have any attacks on it. However, there were others that were using acquisition data. We needed to install it and maybe wait a week to ensure everything conformed, and after that, we patched the rest.

Maybe five or six people are maintaining. However, no one really has to worry about it full-time. Really, only one to two people would be required. 

We did a third-party integration. Another company is hosting SentinelOne. 

Since we are a French company in France, we partnered with a company called Arrange which is our vendor. We did some quotes and found they have a reasonable price for this kind of technology. SentinelOne offers one of the best software quotes and has excellent reviews and everything.

The licensing is done per device.

I'm not directly involved in the licensing process and can't speak to the exact costs. 

This is an on-demand product. We are always on the latest version. 

I'd rate the solution eight out of ten. It's a good product. We like working with it. 

We're a partner of SentinelOne, but we're also a partner of many other companies. We're not a vendor per se. We sell SOC as a service, and as a part of that service, we provide protection solutions. My area is around antivirus. So, we are not a reseller in that sense.

I am using its latest version. It can be deployed on-prem as well as on the cloud. I have customers with a requirement for both. SentinelOne provides their own cloud because that's where they do their artificial intelligence (AI).

SentinelOne is what they call extended detection and response (XDR). So, it is the next generation of endpoint detection. The main difference between Endpoint Detection and Response (EDR) and XDR is that in XDR you have visibility on how something is executing. An EDR solution detects a suspicious or malicious package based on its signature or its behavior and sends an alert, but the problem is that you only see the file that it alerts on. For example, if it is an attachment to an email, you'll see the trigger on the attachment when you try to open it, but what you don't always know is from where that came. With an XDR solution like SentinelOne, you can see the whole process execution. You can say that it was executed from inside Word, Outlook, or something else. For example, when you opened an attachment in Outlook, it triggered Word and got opened in Word. This whole process execution is visible with XDR. It also offers the possibility to suspend or respond intelligently. So, you can use it not only to detect that the package is suspicious, but you could also suspend it so that when the person comes to investigate, the suspended process is still there.

The process visualization, automated response, and snapshotting are valuable. The integration and automation possibilities are also valuable.

The update process can be better. It is very easy to deploy, but over a long period, the updating process can be a little messy. In some EDR solutions, you end up with a very good mechanism to push new versions. It could do with a little work in that area. It is not particularly difficult, but it could do with a little work.

I have been using it for about a year and a half.

It gives good stability. It can have an impact on the performance of the workstation, but that is usually a question of tuning. From a stability point of view, I've never had a machine with a blue screen.

It scales very well.

They're excellent. I would rate them a five out of five.

Positive

We are technology agnostic in the sense that if a customer doesn't have a solution, we'll make a recommendation. If they don't have a solution, then our recommendation goes along the lines of SentinelOne, Palo Alto Cortex, Microsoft Defender ATP, or ESET. These are the ones that I typically would recommend, but Microsoft Defender ATP is problematic because you have to have the Azure and Office licenses to get it. For the other ones, you can buy the licenses separately. We also take over other solutions. I have some customers on Kaspersky and other solutions.

It is straightforward. If we deploy it from a URL where it downloads, it can be done in 10 minutes. If it is coming from an internal deployment server, it can be a few minutes. It is essentially headless. There are no prompts.

I have six people, but they normally work with the customers. As an MSSP, we normally work with the customer IT teams to deploy the agents in large companies. In small companies, it could be our people who do it. 

The number of people required depends on the number of endpoints, but generally, the number is low because it is a very simple installation. In fact, we even have end users running this.

It has the best ROI that I've seen. If I compare it to Microsoft Defender ATP or Defender for Endpoint, which a lot of people compare it against because it's included with the E3 or E5 Office licenses, Defender is three to five years behind SentinelOne. You're also tied to Microsoft's licensing scheme, whereas SentinelOne is independent of all of them. The ROI is very good. For me, its closest direct competitor is either Cybereason or Palo Alto's Cortex.

Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender.

Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one.

The Singularity product has three versions: Singularity Core, Singularity Control, and Singularity Complete. The Singularity Complete one is really what I consider an enterprise rate solution. The middle one, Control, is more than adequate. In terms of price, it works out very similar to what you would pay for Kaspersky or for any other solution. The licensing per endpoint, per year, and per version is progressively more expensive for the Core, Control, and Complete versions. 

The interesting thing is that it is possible to upgrade across the versions without a major change. If a customer buys the most basic installation and would like some of the features out of the middle, it is possible.

You have a choice between an on-premise console and the cloud. My advice would be to use the cloud, but it is a consideration of whether your endpoints can connect to the cloud or not. One of my customers is in the military defense area, and they have no connection to the internet. So, we had to deploy on-prem. What you don't get with the on-prem is all the AI. So, if you're deploying on-prem, you get the core features of SentinelOne, but you don't get all of the bells and whistles that you get from the cloud environment. The same is true for Cisco AMP and other solutions that are deployed on-prem. So, you need to consider how you're going to consume it if you have a disconnected network. If you're in the financial world, a lot of the production networks are not connected to the internet. So, solutions like Microsoft Defender are not an option because they're cloud-based, whereas SentinelOne is an option in those environments.

I would rate it an eight out of ten. It is a very good solution, but you have to compare it to understand it better.

We have been growing, but we are still a pretty small team. We have integrated it with our other software, and we are getting logs out of it. We go into threat hunting and do a deep watch. We go in there, see those logs, and make more sense of things. It has been a real help.

In terms of its deployment model, we have private companies. It is mostly on-prem, but each plant is a little bit different. Anything and everything that touches our corporate environment gets it.

For the most part, it gives us time to react by getting things off the network and getting that account locked down for a minute. We can let a member of our team take a look at it and move on from there instead of letting something fly under the radar and letting the incident take place or continue to happen. We can put the spotlight on the incident, make someone take a look at it, and then we can get going.

The integrations I have been working with work great. They do exactly as advertised, and they have been helping me with my threat hunting and seeing what is out there. There are always things lurking in the weeds that you just do not know about, so being able to have that correlation and more insights is always helpful.

Singularity Complete has helped free up our staff for other projects and tasks. It is a small team. I am more of a one-man SOC. A lot of the incidents either come through me or someone else on the team if I am not there for vigilance, so being able to dive down and get an issue resolved quickly is helpful. I can then go back to another incident. Usually, they come in batches, so being able to go to the next one or go back to working on a major project has helped a great bit.

Singularity Complete has not helped to reduce alerts. To my knowledge, it stayed about the same. We have fewer false positives, but there are some other ones that I would rather look into. They are more on the identity side. Now that we have Singularity Identity, I am intrigued by what we will see there in terms of weird logins and other things. Now that we have the integration set up, I will get some alerts from there to go track down.

Singularity Complete has helped reduce our organizational risk. When you get these new tools, you see everything that is wrong, and then you are like, "Oh, man," but at least we are seeing them and fixing them. In that sense, it has helped to reduce risks. I do not have the metrics, but we have been able to tackle some vulnerabilities and issues that have been big known ones.

Singularity Complete would help our organization save on its costs if we were not trying to expand so much. We are into manufacturing, and we grow a lot by mergers and acquisitions, so anywhere we can get security funding is a great point. It has helped us identify some things that we can do without. We can either reduce or eliminate those other tools and cascade down, so overall, it has reduced costs.

The Microsoft integrations are most valuable right now. One that I still have in the testing is putting user accounts into the high risk and letting our policies on that take place, and then have SentinelOne put it into network isolation as well until an incident is resolved.

There could be more integrations with more software. We have been looking at Palos and getting those put into the data lake. If there was a native integration for that, that would help a lot. They can just continue adding more integrations with these big brands and software security products. 

I have been with the company for two years, and it has been there since the time I have been there, so I can only say two years at most.

I would rate it a ten out of ten in terms of stability. It is great in terms of stability and agents working as long as you do your due diligence and you do not leave it there to run just like every other product. If you leave it there with no attendance, it is going to do what it does, but if you are in there, doing your due diligence and making sure things are set, it is great. Auto updates are something I know that was implemented. That has been super helpful, so if you are doing what you need to do, it is a ten out of ten.

I would rate it a ten out of ten in terms of scalability, especially because we have Ranger deployed. If we need to or if we have a merger, we can get them to put SentinelOne on a couple of devices for us and give us creds so that we can deploy to the rest from there in case they cannot get us in the SCCM or whatever else they are using.

Their support is great. Keith Fields and Mitch Milligan are always there. They have been super helpful. I knew Keith before Mitch was even part of our account. I have been working with Keith for a little bit, and he has been super insightful on different things that I did not know the tool could do or quicker ways to do things. Mitch has also been super helpful in getting us set up. 

We just bought Singularity Identity, and Keith, Mitch, and Paul have been there to give us those meetings on what we need. They really understand what our business is, and they look into our console to help us out at times as well. It has been great. I would rate their support a ten out of ten.

Positive

It was already in place when I joined the organization. We run Defender as well. It is like a dual-stack. We have E5 for other reasons, and we use it because it is already there, but our team has gone for SentinelOne. We have had other people, especially the research teams, who want to use their own agent, but we are so comfortable with SentinelOne's abilities and what we have set up to keep us secure that we have looked away from those other SIEMs who want their agent. We have looked away from other software in the realm of MDR that may not work with SentinelOne. It is a staple piece for us that would be a hard buy to remove.

It works great. One thing I wish I had done more in college is hands-on with EDR agents. I went to Purdue for the cybersecurity network engineering major. They had classes and labs for forensics, but one thing we did not get too much hands-on was EDR. I believe they lived in the world of Microsoft for their operations there. Since I have been working here, Singularity Complete has been a great product. We are expanding. We have gone into these other modules and platforms, and we have always had a great experience.

It is a mature solution. It has been here longer than ten years. I graduated from college in 2021 and from high school in 2017. It has been around longer than I have known cyber practices. It is a good one. Always do your research and compare, but it is definitely a top one. I believe it is up there on the Gartner's Quadrants as well. It is up there for a reason.

We will use it more as we get more tools and integrate it. Currently, some of the things are still in beta. I am not leveraging it to its full capability because things are either in testing or we are looking at the software that is going to be connected. From what I have seen and based on the demos and how the beta is going, I have to give it a ten out of ten.

It is used in my customer's companies. It handles incident management, firewall implementation, and device control.

The most valuable feature is the rollback. 

Remediation is great. 

The ranger feature for work devices is most useful.

The reporting part is awesome.

It is easy to deploy the product. 

It should not limit itself to EDR. I need some other solutions to integrate into it. It should give us more visibility by integrating other solutions with it.

I want some other solutions like email security. Email security should also integrate with it to get more visibility on it.

Agent upgrades might cause some issues. Most of the time, an agent gets removed after it is not communicating with the server. After every three months, it will get automatically removed. That might cause an issue.

The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR.

I've used the solution for around six months.

The solution is stable. We've found the performance to be good. It's light. There are no bugs or glitches. 

We have 1500 users on the solution right now. It is pretty scalable. 

With technical support, I've got an immediate response, and when I log a ticket, I get good assistance. 

I had worked on Palo Alto XDR as well. However, the remediation is not so good. There is no option with the rollback as well. That might cause data loss during a ransomware attack.

I'm also aware of the Trend Micro solution. 

It's easy to set up and has a very lightweight agent. It's very easy to deploy.

The time it takes to deploy all depends upon the number of uses, the number of clients, which machines are there, et cetera. In the Ranger, you have options. If you have advanced features for deployment, Ranger deployment, it is easy.

The solution is a bit pricey and they should look at the costs involved. You have to pay extra for certain features, such as the Ranger feature. Everything should be included in the subscription. 

We are partners. 

It's a good solution as compared to others. In terms of MML features, it is fine.

I'd rate it eight out of ten. 

We use SentinelOne daily for endpoint protection and restriction on using USB devices. 

The protection and management provided by SentinelOne is good.

I would like to see the reports from SentinelOne more customizable, as there are very few options.

I have been using SentinelOne for four months. I work as a senior network security engineer.

The management of SentinelOne is easy, it does not put too much burden on the machine. We will be upgrading to Windows 11 in the upcoming months, we will be able to better comment on stability after that.

Our organization has close to 3,000 machines with approximately 2,000 users. It is easy to scale.

We were using McAfee prior to SentinelOne. McAfee has a wide range of reports and is more customizable than SentinelOne. We switched from McAfee because we were no longer satisfied with the support they provided. They were no longer providing prompt responses, tickets were taking too long to get resolved.

The other reason we switched was that McAfee was a traditional antivirus working on a definition basis. They have not moved on to the next generation of antivirus. McAfee needs to focus on the behavior of the program and machine files. If you want this, you need to choose a different McAfee product. They were not putting everything in one place, but rather offering a buffet of offerings, driving the cost up.

The initial setup of this solution was simple. We did the setup ourselves, but did require a little help from the vendor.

I would give SentinelOne a four out of five for ease of setup.

The deployment of SentinelOne is easy. If you calculate the installation of the product and make all the packages ready, it takes about a week. Implementation was another month to go through and replace the older systems and install the new ones.

The pricing of SentinelOne is less than McAfee.

I would advise anyone looking to implement SentinelOne to look before you set up. Know how many machines are working in your network and which type of communication they are doing, whether it is internal or on the internet. No matter what solution you pick if it is SentinelOne, Carbon Black, McAfee, or Symantec check the usage of your machines.

I would rate SentinelOne a nine out of ten overall.