SentinelOne Singularity Complete Reviews

We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients. 

Deployment is automatable through the RMM, though a little clunky to do. The provided automation was a little challenging, but once you get it configured it's quite effective. Once we got it deployed to our users, it operates seamlessly and with minimal impact on system resources. Even our clients with lower-end workstations report improved performance since switching from Bitdefender. 

After migrating, this also picked up some latent malware that was not previously detected & cleaned it immediately with almost no interaction required. I was impressed with how little this bogged down the affected system. This was in our pilot run, so I was on-site.

The fact that this runs using AI instead of heuristics provides the best protection I've seen. It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting. 

I tested this by deliberately infecting an unpatched test machine with WanaCry. First of all, SentinalOne blocked the initial infection attempt. I had to put S1 into "notify only" mode on that system to actually infect the machine. Once infected, WanaCry did what it does... encrypted all the documents I had copied to the test machine and put up the background. 

We immediately got a notification on our dashboard that a system was infected. At the same time, we got a popup on the client machine notifying us of the infection, with the option to auto-repair the damage. It took less than a minute (granted, we only had about 200 MB of files on the test system) for S1 to repair the damage and put the machine back to normal with no evidence of the infection.

You also can't remove the client from the local machine without approving it within the dashboard. This is a nice feature to prevent tampering by either hapless users or even skilled threat actors. 

Set up is very labor-intensive. You have to provide multiple codes from multiple places within the S1 dashboard in order to use the provided automation, and it's different for each client (or "sites" as they call it). It very much feels like an enterprise application that has been adapted for SMBs, but not very thoroughly. It would be better if they had a "site package" similar to the one offered by SolarWinds for the RMM. You just run the package on the client machine and done. 

The stability is excellent so far. Once installed, it's "set it and forget it."

Scalability is great if you're scaling up, but scaling down may prove to be challenging.

Technical support is provided for us through SolarWinds, and they're very knowledgable.

We used Bitdefender (also through SolarWinds) previously. SentinalOne was pitched by SolarWinds a few months ago as an alternative with robust ransomware protection. Being a small MSP, a single ransomware infection at a client could spell disaster for our business. We are always looking for the latest technology, but not marginal improvements. 

The setup script provided by SolarWinds (proprietary to their RMM) was a little challenging to get going, but once it worked, it worked perfectly. Except it didn't run on Win7 systems because it uses Powershell commands from a later version than what's available on Win7.

The vendor team provided support, but we did the deployment.

We're making about seventy-five percent over the per-seat cost, and it's easy to sell at that price point.

The per-seat cost is low, but you have to commit to a certain number of licenses for a year.

We really hadn't seen EDR solutions in action before. Our decision was based primarily on the fact that it has SolarWinds integration. 

Definitely worth the money compared to heuristic solutions, especially for clients who tend to "stretch" their hardware as long as possible. The low impact and robust reporting go a long way to make this an easy sell, and the cost is excellent for the price point. 

The solution offers very rich details surrounding threats or attacks.

The price is a bit high. They should make their pricing model more affordable.

The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily.

The solution is stable.

It's hard to give an impression on the stability at this time. We haven't used it on a large scale yet. We're still testing.

We haven't needed to contact technical support yet.

We are currently using Webhook as we test this new solution.

We are using the public cloud deployment model.

I would rate the solution nine out of ten.

We use the public cloud version.

We have a preference for their receptor. It's good at finding many EFC files. Normally, EFC files could have a virus, but we need to exclude some of them.

It corrects all of the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated. 

From the client-side, some scanning and other features can be enabled for scanning viruses better. If they want to scan for an individual reason other than viruses, such as scanning for legal files, they haven't been able to gather that from the client-side.

Some features could be more user-friendly. For instance, setting restrictions in the explorer for what level one must be to use it is not user-friendly. It is difficult to find what we're searching for.

The solution is stable.

Out of ten, I would give this solution 8.5 for scalability.

When we need partners, they support us well. There have been no issues with that.

It's okay. It's a better solution than other competitors.

I would rate this solution as nine out of ten.

We are an IT company that sells solutions, and this is one of the products that we provide to our customers. We work on certain opportunities that require the capabilities of SentinelOne, but we do not use it for our own purposes.

This solution is used to protect endpoints against malware and other threats.

A lot of the deployments are hybrid. In Lebanon, the cloud is not used to a large extent. Most of the customers use on-premises solutions.

The most valuable feature of this solution is the user-friendly interface. Our customers ask for something that is easy to use, easy to manipulate and doesn't require too much intervention. This is where SentinelOne scored big against CrowdStrike and Carbon Black.

This solution is easy to install.

This solution would be more attractive to customers if the price were lower.

The stability seems ok at this point because there is no negative feedback from the customers.

This solution is scalable and expandable with no issues.

We have support from both vendor and distributor, and up to now, it has been satisfactory. The response has been very good, which is something the customers really appreciate and is always considered a plus.

The initial setup of this solution is straightforward. The deployment is very easy and very fast, taking perhaps two or three hours, depending on the size of the project.

It is a centralized deployment.

A maximum of two people are required for the setup and maintenance.

The implementation of this project is a joint effort between our team and the vendor's technical team.

I have done POCs with this solution for two customers and there has been no negative feedback.

My advice for anybody considering this product is to do a POC and check to ensure it fits their environment. In some areas, this may be the best product to use, but in another environment, another product or another solution would be a better fit. It's always a matter of doing the POC and trying to get the most out of the product, depending on the environment.

I would rate this solution an eight out of ten.

Our primary use case of this solution is to have as a next-generation security product for our endpoint devices. 

All of the features are valuable. The way that it integrates into management with fault correction capabilities over is especially valuable. Any of the full gamut of the features that it provides are useful to us.

In terms of improvement, I would like to see better alerting to let us know if there is anything wrong with SentinelOne working on the endpoint of the computer.

It's very stable. 

It's scalable. We don't have any plans to increase usage. 

We haven't had to engage with their technical support. 

We were previously using another solution and it was a corporate decision to switch to this solution. 

The initial setup was straightforward. The deployment took around two weeks. 

We did the integration in-house. 

We didn't evaluate other options before choosing this solution. 

I strongly recommend this solution. I would recommend that you get onto a next-generation endpoint security device like this one. It's much better protection for corporate environments particularly with a lot of cloud integration and platforms like Office 365. If you're going to start using those sort of services, then you really need a next-generation endpoint protection device like SentinelOne.

I would rate it an eight out of ten. 

We're a managed service provider, so it's MSP for our clients.

I have found the activity timeline and threat analysis to be particularly useful.

The automation of certain features could use improvement. For example, it seems common sense to me that if a threat was executed out of a task in your task scheduler that part of neutralizing the threat would be removing that task from the scheduler.

I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage.

In terms of stability, I've seen some issues with the deployment or decommissioning not working the way it's entirely supposed to. I've seen the same thing with other managed antivirus so it's nothing I consider unusual. Occasionally I have to go and clean up an installation or an installation that didn't go off cleanly.

The scale we operate at is pretty small. We've got less than 100 endpoints on this at the moment. Currently, I only have about 80 users. 

We still use our traditional antivirus packages, Vipre and Bitdefender, depending on the customer and their use case.

The initial setup took a little bit of orientation but nothing I would consider unusual for learning a new product like this. The deployment did not take very long at all. From the time when we were introduced, got registered for all the different related sites and services it only took a couple of weeks before we could deploy without really needing to think about it. It was pretty simple.

I would advise someone considering this solution to make sure that you leverage the features. It's particularly very useful in sites such as the threat timeline where it gives you a breakdown of the files and network connections.

Call the SOC, the Security Operations Center, with questions. They're always proactive and very helpful but do not rely on the automation to do everything for you. I had an instance where just glancing at the activity timeline, it was very obvious to me there was something traversing the customer's network. There was an infection that was at least partially taking hold and it was worming its way through their network and I would think that the Security Operations Center should see. If they're seeing multiple infections at the same site they should have the same inference happen and call us and notify us and do something about it.  That required manual intervention and it would've been nice to get an earlier notice on it without manual review of activity by myself.

I would rate SentinelOne an eight out of ten. 

We use it for antivirus.

In the past, we were not able to identify a few viruses, but now we are able to identify them because of the machine learning feature.

The machine learning module is the most valuable feature. 

The reporting needs improvement and I would like to see a more granular level of administrative privileges.

The initial setup was straightforward. It wasn't a long project, it took six months.

I would rate this solution a seven out of ten. 

We don't have a plan to increase the usage, it is purely based on our business requirements.

This product is nothing but different from a traditional anti-virus. We were very apprehensive to try it. Once we tried it, it gave us a good impression.

We use the solution for those with access to sensitive or confidential data. The cost of the solution is prohibitive for all of our users, but we do want to make sure that those with access to critical data have higher levels of protection. 

Users who have SentinelOne are very pleased with the solution and its protection, no complaints.

The forensics analysis feature provides substantial help in determining the extent of the problem and how it affects the machines.

The SentinelOne is one of my daily consoles and I use it regularly to identify the root cause of some infections.  However, when a file is flagged as suspicious it would be very helpful to have the system highlight precisely what event or characteristic of the file SentinelOne considers potentially dangerous.  In this way it would help focus our investigations on the specific characteristics or actions of the file.

We have had 100% uptime with the solution.

Given the way the solution works, I see no issues at all with scalability — both in the number of users or incidents as well as the degree of sophistication of the attacks.

Technical support has attended to our issues quickly and with a good sense of the need to communicate continually throughout an issue.

Yes, we continue to use Kaspersky for our other users.

The setup is very straightforward and simple. Our users who have the solution have spoken so highly about SentinelOne that other users who are not on the target list ask if they too can use the solution.

Our in-house team implemented the solution, working with our local engineers in the different countries where we have offices.

The pricing is rather elevated. However, the solution is the most transparent for the uses I have ever encountered as well as being normally very informative and accurate for our engineers.

We evaluated several other options, including Bromium, Carbon Black, CrowdStrike, Cylance, Forcepoint, Invincea, and some others.

If you have the budget, this is a top-notch solution. We have used the solution for over a year now, and we plan to continue using the solution for our most critical users (those with access to sensitive or confidential data). Truly an excellent solution.