SentinelOne Singularity Complete Reviews

We are an IT company that sells solutions, and this is one of the products that we provide to our customers. We work on certain opportunities that require the capabilities of SentinelOne, but we do not use it for our own purposes.

This solution is used to protect endpoints against malware and other threats.

A lot of the deployments are hybrid. In Lebanon, the cloud is not used to a large extent. Most of the customers use on-premises solutions.

The most valuable feature of this solution is the user-friendly interface. Our customers ask for something that is easy to use, easy to manipulate and doesn't require too much intervention. This is where SentinelOne scored big against CrowdStrike and Carbon Black.

This solution is easy to install.

This solution would be more attractive to customers if the price were lower.

The stability seems ok at this point because there is no negative feedback from the customers.

This solution is scalable and expandable with no issues.

We have support from both vendor and distributor, and up to now, it has been satisfactory. The response has been very good, which is something the customers really appreciate and is always considered a plus.

The initial setup of this solution is straightforward. The deployment is very easy and very fast, taking perhaps two or three hours, depending on the size of the project.

It is a centralized deployment.

A maximum of two people are required for the setup and maintenance.

The implementation of this project is a joint effort between our team and the vendor's technical team.

I have done POCs with this solution for two customers and there has been no negative feedback.

My advice for anybody considering this product is to do a POC and check to ensure it fits their environment. In some areas, this may be the best product to use, but in another environment, another product or another solution would be a better fit. It's always a matter of doing the POC and trying to get the most out of the product, depending on the environment.

I would rate this solution an eight out of ten.

Our primary use case of this solution is to have as a next-generation security product for our endpoint devices. 

All of the features are valuable. The way that it integrates into management with fault correction capabilities over is especially valuable. Any of the full gamut of the features that it provides are useful to us.

In terms of improvement, I would like to see better alerting to let us know if there is anything wrong with SentinelOne working on the endpoint of the computer.

It's very stable. 

It's scalable. We don't have any plans to increase usage. 

We haven't had to engage with their technical support. 

We were previously using another solution and it was a corporate decision to switch to this solution. 

The initial setup was straightforward. The deployment took around two weeks. 

We did the integration in-house. 

We didn't evaluate other options before choosing this solution. 

I strongly recommend this solution. I would recommend that you get onto a next-generation endpoint security device like this one. It's much better protection for corporate environments particularly with a lot of cloud integration and platforms like Office 365. If you're going to start using those sort of services, then you really need a next-generation endpoint protection device like SentinelOne.

I would rate it an eight out of ten. 

We're a managed service provider, so it's MSP for our clients.

I have found the activity timeline and threat analysis to be particularly useful.

The automation of certain features could use improvement. For example, it seems common sense to me that if a threat was executed out of a task in your task scheduler that part of neutralizing the threat would be removing that task from the scheduler.

I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage.

In terms of stability, I've seen some issues with the deployment or decommissioning not working the way it's entirely supposed to. I've seen the same thing with other managed antivirus so it's nothing I consider unusual. Occasionally I have to go and clean up an installation or an installation that didn't go off cleanly.

The scale we operate at is pretty small. We've got less than 100 endpoints on this at the moment. Currently, I only have about 80 users. 

We still use our traditional antivirus packages, Vipre and Bitdefender, depending on the customer and their use case.

The initial setup took a little bit of orientation but nothing I would consider unusual for learning a new product like this. The deployment did not take very long at all. From the time when we were introduced, got registered for all the different related sites and services it only took a couple of weeks before we could deploy without really needing to think about it. It was pretty simple.

I would advise someone considering this solution to make sure that you leverage the features. It's particularly very useful in sites such as the threat timeline where it gives you a breakdown of the files and network connections.

Call the SOC, the Security Operations Center, with questions. They're always proactive and very helpful but do not rely on the automation to do everything for you. I had an instance where just glancing at the activity timeline, it was very obvious to me there was something traversing the customer's network. There was an infection that was at least partially taking hold and it was worming its way through their network and I would think that the Security Operations Center should see. If they're seeing multiple infections at the same site they should have the same inference happen and call us and notify us and do something about it.  That required manual intervention and it would've been nice to get an earlier notice on it without manual review of activity by myself.

I would rate SentinelOne an eight out of ten. 

We use it for antivirus.

In the past, we were not able to identify a few viruses, but now we are able to identify them because of the machine learning feature.

The machine learning module is the most valuable feature. 

The reporting needs improvement and I would like to see a more granular level of administrative privileges.

The initial setup was straightforward. It wasn't a long project, it took six months.

I would rate this solution a seven out of ten. 

We don't have a plan to increase the usage, it is purely based on our business requirements.

This product is nothing but different from a traditional anti-virus. We were very apprehensive to try it. Once we tried it, it gave us a good impression.

We use the solution for those with access to sensitive or confidential data. The cost of the solution is prohibitive for all of our users, but we do want to make sure that those with access to critical data have higher levels of protection. 

Users who have SentinelOne are very pleased with the solution and its protection, no complaints.

The forensics analysis feature provides substantial help in determining the extent of the problem and how it affects the machines.

The SentinelOne is one of my daily consoles and I use it regularly to identify the root cause of some infections.  However, when a file is flagged as suspicious it would be very helpful to have the system highlight precisely what event or characteristic of the file SentinelOne considers potentially dangerous.  In this way it would help focus our investigations on the specific characteristics or actions of the file.

We have had 100% uptime with the solution.

Given the way the solution works, I see no issues at all with scalability — both in the number of users or incidents as well as the degree of sophistication of the attacks.

Technical support has attended to our issues quickly and with a good sense of the need to communicate continually throughout an issue.

Yes, we continue to use Kaspersky for our other users.

The setup is very straightforward and simple. Our users who have the solution have spoken so highly about SentinelOne that other users who are not on the target list ask if they too can use the solution.

Our in-house team implemented the solution, working with our local engineers in the different countries where we have offices.

The pricing is rather elevated. However, the solution is the most transparent for the uses I have ever encountered as well as being normally very informative and accurate for our engineers.

We evaluated several other options, including Bromium, Carbon Black, CrowdStrike, Cylance, Forcepoint, Invincea, and some others.

If you have the budget, this is a top-notch solution. We have used the solution for over a year now, and we plan to continue using the solution for our most critical users (those with access to sensitive or confidential data). Truly an excellent solution.

I use it for policy fine-tuning.

SentinelOne uses behavioral analysis and artificial intelligence to detect unknown malware. That is what all enterprises require today. They don't want to go with some normal anti-malware tool, which has less sophisticated detection. Even if something suspicious or a Zero-day enters the environment, SentinelOne will be able to identify it.

It has good visibility features and it's straightforward. It's not so complex.

There is not much flexibility in terms of policy fine-tuning. We can turn it off or turn it on, but there's nothing much else to do. Everything is predefined. It's good in a way, but you don't get much flexibility if you want to do something particular.

We do not have any issues with stability at the moment. Before I joined the company, I heard that there were some issues with the agent, that they were having some performance issues, a portlet application was crashing. There were minor issues which are fine now.

In my organization, we are planning to deploy some 30,000 agents. I would say that it's scalable. I don't see any problem with scalability.

I just had a conversation with a colleague who has bought McAfee ePO. He was saying that he was able to do much more in that tool than in SentinelOne. For example, he mentioned that he was able to see traffic on a particular port on a particular system, using ePO. We cannot do that using SentinelOne. In this tool, everything is already in place and there's not much that we can do. 

Before it was a challenge for us to know who had an existing endpoint issue or who had the most attacks within the corporate network. Since SentinelOne was introduced, it has provided overall endpoint status visibility for us. Giving us the ability to easily pinpoint endpoints which had the most attacks and respond at a faster rate.

SentinelOne’s Rollback is its best feature. No solution can ever provide a 100% protection, but their rollback feature closes this gap in endpoint security giving end users a ray of hope in the event of a worst case scenario endpoint breach, especially in ransomware attacks.

They need to improve their UI and the way they show that the scanning is running on the endpoint. Sometimes users wanted to see whether their AV is working via visual context.

They could add “right click>scan” where most users were trained to do so in handling flash drives.

Also, add remote code execution via the management console, application control, device control, and all other common features found on the legacy antiviruses. This would help administrators to fully shift from legacy to Next Gen EPP without sacrificing usable features.

There have been a few cases where the agent cannot report to the management console, thus this requires a manual restart of the agent via a command prompt.

There are no problems with scalability, I could say that the product is easily scalable, since it is not limited to a physical server.

The technical support is quick and very helpful. They often response within the day or by the next business day.

As of now, SentinelOne still serves as an augmentation for our existing AV, but some of our devices are now using it as their sole endpoint protection.

The setup is very easy and straightforward. It is just like installing an ordinary program and it automatically reports back to the management console.

The price for it is very competitive compared to other Next Gen EPP. You can really get a great value for it when it is integrated with EDR.

No, since we already had experience with other products. As of today, we have tested one of its competitor using AI, but their overall protection still cannot be compared to how SentinelOne protects your endpoint. 

They have an impressive product.

Understand how endpoint protection technologies work, since they do not rely on signature databases anymore. Also, follow deployment guidelines, such as initially deploying it in their production environment using a monitor only policy and giving the agents maturity of at least one to two weeks to allow the management console to build a solid behavior base for their environment.

If I am breached, they will pay the ransom on my behalf.

Cybercrime is growing in the world of technology, the defense in today’s world has no accountability. If breached, all that is said is that it is zero-day, and you still pay license fees to those vendors. The solution can search for hidden and dormant threats on encrypted traffic in your environment.

With automation, the time wasted on malware, like ransomware, is dealt with on a scale where everything is centralized. The IT Technician does not have to wait for a user to bring the machine to IT, as all they need is an active internet connection.

• Deployment strategy for large organizations that do not use active directory (AD).
• Windows updates have not been done on the client side, so minimum requirements stop the installation.

One year.

None.

None.

Excellent, they have customized reports on threats in our environment that we do not have knowledge of.

Yes, Sophos, I switched because SentinelOne does more things and guarantees against ransomware and can find hidden threats that other solution could not find.

It is both straightforward and complex to install.

Machines on Windows 10 are easy and seamlessly installed.

Users machines that are not updated require updates to be done first before the solution can be installed.

Spend money on the security for the endpoint. That is where the data lies and where hackers try an attack, not the network or firewalls.

Sophos, AVG, Avast, McAfee, Kaspersky, and ESET.

Ask about accountability for hidden and dormant threats that could be in your network.