SentinelOne Singularity Complete Reviews

We are using SentinelOne Singularity Complete for an EDR platform for our clients.

The most valuble feature of SentinelOne Singularity Complete is the recovery and zero-day detection.

SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature.

I have been using SentinelOne Singularity Complete for approximately one year.

We have approximately 1,000 people using this solution. We have plans to increase our usage.

The scalability of SentinelOne Singularity Complete is great.

We do the implementation of the solution in-house.

I have previously used BitDefender.

The initial setup of SentinelOne Singularity Complete is easy. For exciting clients, the deployment of the solution can be done in minutes.

I have received a return on investment using SentinelOne Singularity Complete.

We've used SentinelOne Singularity Complete capability to enhance our offering and, therefore, be able to leverage that to increase our pricing.

For our use case, the solution is affordable. There are not any hidden fees.

We evaluated Sophos, Carbon Black, and CloudStrike before choosing SentinelOne Singularity Complete.

I rate SentinelOne Singularity Complete a nine out of ten,

The single agent feature in the modules is valuable.

The solution does not have an application security and control module.

We have been using the solution for two years.

It is a very stable solution.

It is a scalable solution. Everyone is using this solution in our organization, with almost 2000 users. It's mandatory for us to install this EDR solution on all the inputs.

The technical support is good, and I rate it a nine out of ten.

We switched to SentinelOne because Trend Micro was too complex.

The initial setup was straightforward. We use the SaaS model, cloud-based solution, and console on cloud, so it's very straightforward. I rate the setup a 4.8 out of five, and I would give it a five if they added application control.

Pricing is okay and costs almost the same as Trend Micro. We have a partnership with SentinelOne, and it costs about $30 to $35 per user per year.

I rate this solution a ten out of ten. SentinelOne is the next-generation EDR solution. Once it is installed, no action is required from the end user. It's machine learning and AI integrated, and 95% of threats are blocked. It's a great product.

It's pretty good. The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs. That's a pretty cool feature. 

It's pretty much the same as similar typical solutions. It is a CrowdStrike, or SentinelOne, or Windows Defender. They do the same thing. 

The pricing is pretty good. 

It's probably not that top-notch like CrowdStrike or Microsoft Defender. However, it's okay, it's not bad. 

The only problem I have is they don't manually review the threat files. That's the only thing I'm concerned about.

The support needs improvement. There are some limitations. 

I've used the solution for less than six months. 

It is a very stable product. There are no bugs or glitches, and it doesn't crash or freeze. It is reliable. I'd rate it a nine out of ten. 

No matter what software you use, you need to do some fine-tuning.

The solution is scalable. You can pretty much deploy to anywhere.

In terms of if we need to send them some actual threat, they cannot manually verify it. That's the limitation of the company. However, for Microsoft, or Symantec, or CrowdStrike, you can actually submit a threat file, then they can manually review it. That's the only thing I've found so far with SentinelOne. The support is not that good. Obviously, probably eventually, they will get it in one year or two years' time; however, right now, it's not there.

Neutral

I've used CrowdStrike, Carbon Black, and Microsoft Defender as well. 

SentinelOne, CrowdStrike, and Carbon Black do the pretty much same thing. It all depends on the money.

The good thing about Microsoft and CrowdStrike is they can detect the device based on the traffic they're coming from. This is one of the advantages you have. With SentinelOne, this is where they're lacking. For example, for Windows Defender, if you're using your phone, you can figure out it's coming from your phone, or as long as it's coming to your enterprise network, you will know where it's coming from. This is one of the things I could not find in SentinelOne. You can only define it once you deploy it. However, without a proper deployment, you can't actually see it. For the other technologies, even though you don't deploy them, you can actually have a good understanding of the entire fleet and what's happening. For example, all emails are going to Office 365, so that's another way you get an excellent picture of the inventory assets. That's a very good NDM thing that you got it for free. With SentinelOne, they're not to that level yet.

The initial setup is easy. It's even simpler than, for example, Windows Defender. 

The maintenance is very low. It depends on how big the organization is. The false positive rate is very low. Obviously, it should be maintained by a team. Regardless, if it's Windows Defender, CrowdStrike, SentinelOne, or Symantec, it has to be built and looked after by a soft team.

For the functionality you get, the pricing is pretty good. I'd rate it four out of five in terms of affordability.

I was actually evaluating Windows Defender. I just want to check to see the selling points and the advantages of having Defender over Symantec products.

I didn't do a technical job; I just evaluated the product. I don't have a partnership with SentinelOne. 

I'd rate the solution seven out of ten. They are pretty good overall. 

This is an anti-malware and threat management product. We are customers of SentinelOne and I'm a system engineer.

We chose SentinelOne because of the protection it offers against ransomware. It provides good security that gives peace of mind.

We sometimes have issues with the disc space and that's because of the anti-ransomware technology they use. The volume of shadow copies becomes too large and we have to manage that. 

I've been using this solution for two years. 

This is a stable product. 

The solution is scalable, we have around 500 users in the company. 

I have issued some tickets to technical support and they were very responsive. 

Positive

We use an in-house person along with a third-party consultant for implementation.

I believe that SentinelOne is quite an expensive solution. 

This is a good product, but it has some issues so I rate it eight out of 10. 

It is an endpoint solution. It is for our workstations and other devices to alert us to any kind of malware threats that might be lurking. 

In terms of deployment, it is through a managed service.

It is a good endpoint solution. That's the reason we chose it. We looked at other solutions, such as CrowdStrike, and based on the cost and the services it delivers, it was the better choice.

I would like to see a better control panel for the managed service side of it.

We have been working with it for about six to eight months. 

It is stable.

As far as I know, it is easily scalable.

It is through a managed service.

It takes a little time to put it in.

It is a good solution. You just need to check out the managed service part of it.

I would rate it a nine out of ten.

We use SentinelOne as an endpoint protection solution.

The overall integration functionality for this solution could be improved. 

I have been using this solution for three years. 

This is a scalable solution.

The customer support for this solution is good.

The initial setup is straightforward.

I would recommend that anyone considering using this solution first understand exactly how this solution works and what their business needs. 

I would rate this solution a nine out of ten. 

We are a company with several types of PC users. Our office ranges from marketing to sales, and we also have people who are remote on laptops all over the world, as well as an R&D department. Those people use PCs in different ways. 

We wanted a platform that has ways of dealing with various kinds of users, but we also wanted a central management so we could overview the state of all our endpoints with one view.

We use the central cloud interface to manage all our endpoints.

We only use it on Windows machines.

It delivers the type of security which we were hoping for, since we have a lot of different endpoint users utilizing different types of software. We have people who only use Office software, like email, Word, and PDFs. Then, we have people who use some applications that other people wrote. We also write applications in-house using people who develop software. Therefore, we have some machines using very high-end developer software for mechanical development, electronic development, and software development. Those users are used to managing their PC on their own. The centralize platform allows us to differentiate between those three groups of people. We have overall control and can oversee the security levels at all the endpoints. They have not yet been blocked in any way when performing the functions.

I have one instance where we had a trigger of an attack. Luckily, it appeared to be in an unregistered program created a lot of threats by renaming files. This was something that the employer developed by his own. This was an unknown program that generated a lot of threats to very quickly rename a thousand files. However, it was not an actual attack, but the behavior of that program was such that the AI protection of SentinelOne kicked in and alarmed us of a possible attack. One of our employees created a program just for his benefit. It had exactly the same behavior as a ransomware attack would have had, then it kicked in. This is why I'm confident that SentinelOne will also detect real ransomware actions. That is the only one instance where I encountered the Behavior AI software kicking in.

We haven't had any real attacks over the last year. We did have some intrusions mainly from suspicious files that people were getting via their browser and some attachments that I tried to open with double extensions. Luckily, in the last year, we haven't had any actual attacks.

The effectiveness of the solution’s distributed intelligence at the endpoint is 100 percent. We haven't had any incidents break through. We only see a very small reduction in PC performance.

The main reasons that we use SentinelOne are the antivirus and Behavioral AI protections. We have this solution centrally managed to see what endpoints are active, along with the latest software protection running. It also provides us external control, so we can block machines remotely, even if they are in another country, because we have account managers all over the world. All these features together protect us against strange behavioral programs.

SentinelOne's one-click, automatic remediation and rollback for restoring an endpoint is very handy. We had some issues with programs that were unknown by SentinelOne, then marked as suspicious and quarantined, because we also develop software ourselves and have software packages that were compiled in 1995 and don't conform to the normal rules. SentinelOne always marks those packages as suspicious because they do something different than they should when you compile them with current libraries of Windows, etc. Therefore, we had some interventions of SentinelOne where you can easily whitelist them and rollback the quarantine action so people who use those old-fashioned programs could easily continue with their work. 

This was only an issue during the first month when we rolled out the software, then it starts doing scans mainly on the R&D PCs, which was our great concern. Normal office use is fairly straightforward, but when you develop software (and we also develop software to communicate with our embedded systems), then the demands are a bit different. However, until now, we have been very happy with it.

We have had one or two occasions when we had to roll back off our Windows machine. Then, we had an issue with SentinelOne where we couldn't let the client make contact with the cloud service anymore. Therefore, the integration with the Windows Service Recovery could be improved in the future.

We have been using it for about a year now. We rolled it out in December 2019.

All the endpoints are running without problems. It is very stable. We have deployed several versions of agents. I haven't encountered any issues, apart from when that rollback occurred, and the SentinelOne agents were locked out of the cloud platform, and the only way to retrieve that was by installing it again by hand. 

Up until now, SentinelOne's effectiveness has been 100 percent.

We are a relatively small company with about 80 employees. Most things are offsite. We do not use automated things very much.

There are four users from the admin side.

Together with another colleague, we chose SentinelOne, then tested and deployed it. A few other colleagues have monitoring views in SentinelOne, e.g., if a site has to be whitelisted. 

I had one issue that I brought up with customer support. They delivered a solution in about two hours. It was related to the issue with the agent. I just issued an email, and in about an hour, the problem was solved. I was delivered a good solution: an uninstalling procedure and how to go about it. That's the only thing that we needed it, and the only time we needed the technical support.

Before this solution, we used McAfee, which was not enough for our use. Then, SentinelOne came into the picture. It not only had static virus checking (antivirus), but it also had the Behavioral AI features, like triggers, that we could investigate.

The McAfee solution that we had was more demanding, more expensive, and had less functionality. Three to four years ago, we had an incident with ransomware, and it wasn't detected at the time by the McAfee on all the points. There were two points that were affected. Since it wasn't noticed by the McAfee. we were considering other software solutions from that point on.

SentinelOne offered a good solution, which is the main reason that we went with them. It was easy to manage, although we didn't use McAfee the way we use SentinelOne right now. McAfee was incorporated in our company about 20 years ago, so we probably didn't use all the facilities that McAfee can offer now. 

SentinelOne made us a good offer, especially regarding the Behavioral AI aspect of the protection. Therefore, we just wanted to see what they could offer us. After a year, we are still very satisfied.

SentinelOne had a smaller footprint, both in resources and time-wise, as in load, than the McAfee solution that we had previously.

The initial setup was fairly straightforward. It was very easy to start up. You didn't have to go into a lot of documentation to roll it out. We used the management from the central platform, not our own central platform on-premise, and did it on the cloud version. This way, it could be delivered and updated remotely.

The deployment took a week. We deployed it to about 90 endpoints.

We just had a discussion with the SentinelOne service provider onsite. He gave a revision of how SentinelOne should be deployed along with some examples. Before we deployed it to the entire company, we had a testing time of about two months. 

SentinelOne has reduced incident response time. The two main pillars that SentinelOne helps us with: 

1. Central management: I can ensure management that if there is a breach all the machines and endpoints are up-to-date and protected. 
2. SentinelOne allows us to switch off an endpoint remotely, which we could do previously. Most people are on-premises, but there are 15 to 20 people all over the world with laptops connected everywhere. 

It saves a few hours a week for one person, because you can see the statuses of all the machines in one place. 

It was cheaper than McAfee, which was a way to convince management to go with the solution.

At the moment, we are very pleased with the solution.

We saw the Storyline technology briefly. However, the Storyline is only when you have actual attacks, and they are not caught in the beginning. Most of our attacks were caught just by static recognition of the files, so there was no story because the file was not allowed to activate. In the beginning, we did some fake file checks in an enclosed surrounding and in a CM setup, which is how I saw the Storyline facilities, but we don't use it.

I would rate this solution as a nine (out of 10).

We were looking for an EDR solution to get the best protection available, especially against ransomware. For us, any EDR solution needed to be supported by a 24/7 SOC.

We deploy it on-premise, in all of our factories and branch offices, worldwide.

Security operations have been improved as SentinelOne is easier to manage and update compared to most traditional anti-malware products. It enables us, for the first time, to have global knowledge of what's happening in all of our subsidiaries. Previously, each of them had a local antivirus solution.

• Easy to install and update
• Management Console in the cloud
• Ability to partition it in "sites" (our subsidiaries) with local site admin
• Overall good quality protection

Also, in terms of impact on the endpoint, we carefully manage endpoints for specific purposes (such as for connection to industrial machines) to avoid the false positives that are quite typical in a behavioral engine like SentinelOne. But generally, the impact is quite low, and the Management Console and SOC support allow us to check if everything is working properly or not.

In addition, one of the features that convinced us to adopt SentinelOne was that the solution can recognize and respond to attacks with or without a network connection. That is very important.

We started to install SentinelOne on the first endpoints in August of 2019.

Generally, the stability is good, but I would like to see better stability from the solution. The stability issue is partially a con of a behavioral-based product, but being behavioral-based, it also has a lot of pros.

The scalability is good. At present, I can't see scalability limits.

We have SentinelOne installed on almost 1,700 endpoints and have one main admin for deployment and maintenance and about 20 local site admins.

We have some factories and branch offices where the solution is not yet installed. We hope to complete most of them by the end of this year and, by then, have it installed on about 2,300 endpoints.

Support is quite fast to solve problems. The SOC is very good and really operates 24/7. When necessary, they contact SentinelOne support directly and their replies, generally, are quite fast.

We used traditional antivirus solutions. None of them could stop ransomware attacks and that's the main reason we choose SentinelOne.

In terms of the time it takes for SentinelOne to catch malware compared to our previous platform, the results are similar, with an advantage of SentinelOne being its discovering of Zero-day threats and ransomware.

A SOC provider showed us the product, and we worked out a global agreement for EDR and SOC with them.

The initial complexity was mainly related to finding the right exclusions to avoid false positives, especially with endpoints running technical and industrial software.

The rollout in our main company, with about 600 endpoints, was completed in about three months, including the initial fine-tuning for the AI engine.

In terms of our deployment strategy, in the first company where we installed SentinelOne, we chose to maintain our traditional antivirus product, and run SentinelOne together with it. The decision came about because we were not initially confident with SentinelOne. When we deployed it later to all of our subsidiaries, SentinelOne replaced the local antivirus solution.

Main support was provided by the SOC company, working together with our IT Staff.

We have seen a good ROI about the SOC service and the product.

The solution's price/performance ratio is reasonable.

In addition to the standard licensing fees there is, of course, the SOC service fee.

We evaluated main SOC companies and the solutions they provide. Most of them required a SIEM platform but not specifically an EDR solution. In the end, we chose the best and most affordable combination of SOC and EDR.

My advice is to start with a few endpoints and become comfortable with SentinelOne, and test the exclusion rules for endpoints running specific software.

At present, it looks like the most advanced EDR solution on the market, but I think we have to stay tuned to the market and to what's happening in cybercrime, as 100 percent security doesn't exist.