SentinelOne Singularity Complete Reviews

Singularity Complete has helped reduce alerts. We have one place to go to check them, and there is also a reduction in false alerts.

Singularity Complete helped free up our staff for other projects and tasks. I do not have the metrics, but it saves a lot of time compared to what I have used at other companies.

Singularity Complete has helped reduce our mean time to detect. We only have to look at the portal. We can quickly isolate the user or the device, which also stops the virus from spreading. It also reduces our mean time to respond.

The web portal has a really good web UI, and all the things are well integrated. It is easy for us to increase the number of users because it is pretty simple.

The maintenance window can be improved because once it happened that I had multiple laptops, and the maintenance window caused a lot of laptops to get stuck in the portal, blocking access. This is important to address. The basic functionalities should be up and running even during maintenance windows. I understand that it is a software-as-a-service model, but it becomes a problem if I cannot do anything when issues occur during maintenance.

They could make it simple to have a SIEM integrated with their solution so that we can send logs to their server and then analyze them.

I have been using SentinelOne Singularity Complete for almost one year.

It is stable.

It is scalable. We have 50 users in our company. We have three administrators. We also have a consultant.

I did not have the opportunity to contact them because I had almost no issues.

Neutral

We were probably using Webroot. I was not there when they made the decision to switch.

I did not participate in the initial setup, but our new onboarding process for laptops is really straightforward. You just join the domain, and the software gets installed automatically. It is bound to our site, making it very easy.

It is difficult to measure ROI, but since we started using it, we have not had any problems related to security. We have not experienced any breaches or issues so far.

It has absolutely helped reduce our organizational risk.

Overall, it was a good experience. It is pretty easy for us to increase the number.

SentinelOne is focused on this solution. This is evident in the GUI. The GUI is well done compared to solutions like Microsoft Defender which I have been trying to get into, but it almost repels me. SentinelOne Singularity Complete is very stable and mature. It is one of the best solutions that one can choose.

I would rate SentinelOne Singularity Complete a nine out of ten.

We use Singularity Complete for end-to-end endpoint security protection, including EDR integrated with other platforms for XDR. The ransomware rollback feature of Singularity is a key reason for its use. 

It is primarily for integration with SIM to have a single pane of view, integration with web security for sharing insights, and automation of remediation tasks. Additionally, network discovery from the Singularity platform is used to identify rogue devices quickly.

Visibility is greatly improved with Singularity Complete as it allows visibility into endpoint devices and the processes running on them. 

The most valuable feature is the ransomware recovery and rollback feature. The platform's ability to easily integrate with various other platforms is also highly valuable.

It also enables integration with other technologies, saving costs associated with having point solutions. The integrated system allows for significant automation, reducing the time and effort needed for management.

The mean time to response has reduced from hours to minutes due to integrated automation systems.

Improvement is needed in terms of product support. The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not.

I've been working with Singularity Complete for three years.

Singularity is a very mature product that supports most assets available in any enterprise environment. It runs seamlessly without challenges.

Singularity Complete is suitable for large and mid-scale enterprises.

Technical support could be better. I would rate it around six on a scale of one to ten.

Neutral

CrowdStrike is a competitor. Singularity is better because it supports the ransomware rollback feature.

The setup process is simple and user-friendly.

Initially, anyone can deploy out of the box. When tuning aligned with the environment is required, assistance from a system integrator is recommended.

Integration helps save costs by reducing the need for point solutions.

Pricing is not pocket-friendly. It can be difficult for small-scale companies.

SentinelOne's main competitor in the market is CrowdStrike. However, Singularity Complete is preferred thanks to its ransomware rollback feature.

I am part of the security team, and our strategy is to have this EDR deployed on all of the company's assets, all of our endpoints. We wanted a powerful platform in terms of detection and response to incidents.

It gives us a first layer of security. In addition, we have hired the SentinelOne Vigilance Respond team, a 24/7 SOC that monitors and mitigates. And, in case we need to escalate an alert on any of our assets, it allows us to do a bit of threat intelligence analysis and debug any asset on any topic.

It has helped reduce alerts thanks to the Vigilance service over the last two years. This includes all types of incidents, whether critical, medium, or low priority. Most of the alerts are managed by them, and we do not see them. We only see those that require some information that only our company has, but very few reach that level since Vigilance is directly in charge of managing them. If we had to manage the alerts that Vigilance manages, between 30 and 50 percent of my workday would go to reviewing alerts.

Overall, it has reduced our mean time to detect by about 70 percent, as that is the percentage in which it acts as an autonomous tool. And our mean time to respond has been reduced by 80 to 90 percent because we have SentinelOne's DFIR, Digital Forensics and Incident Response, team involved.

By providing that first layer of detection and response, SentinelOne allows us to have eyes on all our endpoints and, from there, to manage if a machine or a server has been compromised. We can directly isolate it from the network so that malware or ransomware cannot spread broadly.

It has helped us consolidate security solutions, although we did have some problems. The DFIR team responds quickly, and the Vigilance Respond team is continually working with us, managing the alerts. We do quarterly evaluations, and the support team always responds well, plus we interact with the tool ourselves.

The security team has gained a presence and control over the company's equipment that we did not have before.

Every device that does not have SentinelOne installed is a risk, and without SentinelOne, the difference would be significant. It has helped reduce our organizational risk by 70 percent.

SentinelOne has three services that are very well consolidated:

1. Technical support, through which they help you, suggest new configurations, and resolve questions. 
2. The Vigilance Respond service, which is a 24/7 SOC that works on and manages all the alerts that are raised in SentinelOne on our devices. It’s a first layer of defense that filters a lot of the requests. Sometimes we end up escalating something because there are times when we need to understand if the alert is a false positive or not.
3. DFIR, Digital Forensics and Incident Response. This team is in charge of doing all the forensic analysis of an incident, and we have a certain number of hours contracted with them. Their advisors' technical level is very high and enables you to create a high-quality forensic report, in case you have to escalate or report it to senior staff. The DFIR team is excellent.

Another aspect that is very good is the solution’s ingestion and correlation across security solutions. We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer. If you do not have visibility over that computer and the ability to manage it, you cannot block it, restart it, or run a full scan to see if the user has clicked on a link or if any type of malware has been downloaded. This is a layer of visibility and basic management that any company needs.

Also, there is the threat intelligence and activity correlation. They not only detect and respond to incidents but also prevent them.

We started using SentinelOne Ranger, but we found two problems. Perhaps they are particularities, but they should be addressed as they may change the minds of other companies that are considering this feature.

The first problem is that, while it scans all the assets that are on the network, when it comes to discerning whether an asset is a server or a laptop, it tends to fail. It does not have a very high level of precision. We have experienced problems when reporting these types of assets to those responsible for installing the agent, and then they tell us, "Hey, this is not a server, this is a fax," or "this is a printer." When things like that happen, we lose credibility.

The other issue that we saw with the functionality of Ranger is that if, for whatever reason, you have a product with SentinelOne installed but it is on a client's network, the SentinelOne agent starts scanning the ports and the network and goes to a honeypot. As a result, the client may think that it is being attacked because someone has reached its honeypot, when it’s actually us on the client's network. When you don't know that this is happening, it can generate conflict and tension with the clients. Once you know about the problem, you can deactivate that process, but sometimes it can have a negative impact.

Ranger does provide me with visibility of the network, but not completely because the assets it scans are often mistakenly identified regarding what type of device they are. A SentinelOne agent is worth a lot of money, and there is no point in putting it onto a printer, for example. It should have the ability to go a little further and be more precise.

Another very clear area for improvement, one that I don't understand why they haven't deployed it yet, is a self-updating SentinelOne agent. The agent has a version, and what SentinelOne proposed up until one year ago is that you had to be proactive in consulting the dashboard to see if your agent had reached end-of-life and then update it. Now, they've released a new feature where I believe you can schedule updates, so it makes perfect sense for the agent to update itself without any action on our part, and never go out of version. By simply connecting to the network it should be able to download and update.

This idea is not critical because SentinelOne updates many versions of the agent and, when one becomes obsolete, it does not mean that it no longer works. But this is something that SentinelOne should know how to work with. A solution could be that if you do not have the ability to auto-update the agent, SentinelOne would directly tell you which agents are not updated. That way, we would not have to go to the documentation, look at the dashboard, and filter the agents by version. It would be great if it were able to tell if the operating systems are unsupported so that we wouldn't have to look in the official documentation at whether the Windows Server is outdated or not.

If the agents self-updated, maintenance due to the update process would be minimal.

I have been using SentinelOne Singularity Complete for about two years.

SentinelOne is very stable. It has never dropped or caused any problems

We do not have it in any cloud. The agent is located on devices; we manage almost 10,000 computers. Our company has a presence in nine European countries, and SentinelOne is used in all of them. Our department is the group that supervises all regions, including Spain, France, the Nordic countries, Poland, Romania, the Czech Republic, Austria, and Switzerland.

We are continually deploying new agents because we detect more and more devices. SentinelOne will stay in our company until it dies, so to speak. With what it has cost us to get here, we will not change now.

Support responds in less than a day.

SentinelOne is a top partner in the industry.

Positive

Defender for Endpoint is more expensive than SentinelOne. Other solutions are more expensive and others are cheaper, but in terms of cost-benefit ratio, we’ll always stick with SentinelOne.

The detection and visibility over all assets, whether by the agent or Ranger, and the ability to take action as a result are worth it. It is all very intuitive, and for me, these elements are our return on investment.

All the portals, at the end of the day, are "first cousins", such as CrowdStrike and Palo Alto, although that's not exactly an EDR. We went to a global cybersecurity congress in London, and all the solutions were there: SentinelOne and its competition. At the portal, user, and other levels, they are practically the same. Each will have something that is better and something that is worse, but they are quite similar.

You have to do a cost-benefit analysis. Understand the context of your company. It is not the same for a bank or an insurance company compared to a company in the industrial sector that does not manage sensitive data. Understand your particular needs. After a cost analysis, if there is enough budget, choose SentinelOne.

The most important lesson I have learned using SentinelOne is to always listen to what the Vigilance Respond team says.

We are still chasing the benefits of the solution. The model is already deployed, but we are a very large company, and every day we find new devices that do not have SentinelOne. We are still in that phase of continual improvement, of improving the solution and achieving even more benefits. We are getting to the most isolated cases of, for example, servers that have little RAM, and we are debating if we should apply SentinelOne to them because, perhaps, the server will be affected more so. 

We are dealing with these small cases and continuously improving. You don't get all the benefits in two months; it is an ongoing process.

I would recommend SentinelOne, and if, in the end, it is a question of budget, choose it. If I became a CSO tomorrow, that is what I would do.

Foreign Language:(Spanish)

¿Cuál es nuestro caso de uso principal?

Soy parte del equipo de seguridad y nuestra estrategia es implementar este EDR en todos los activos de la empresa, en todos nuestros puntos finales. Queríamos una plataforma potente en términos de detección y respuesta a incidencias.

¿Cómo ha ayudado a mi organización?

Nos da una primera capa de seguridad. Además, hemos contratado al equipo SentinelOne Vigilance Respond, un SOC 24 horas al día, 7 días a la semana que monitorea y mitiga. En caso de que necesitemos escalar una alerta sobre cualquiera de nuestros activos, nos permite realizar un poco de análisis de inteligencia de amenazas y depurar cualquier activo sobre cualquier tema.

Ha ayudado a reducir las alertas gracias al servicio de Vigilance durante los dos últimos años. Esto incluye todo tipo de incidentes, ya sean críticos, de prioridad media o baja. La mayoría de las alertas las gestionan ellos y nosotros no las vemos. Solo vemos aquellos que requieren alguna información que solo nuestra empresa tiene, pero muy pocos llegan a ese nivel ya que Vigilance se encarga directamente de gestionarlos. Si tuviéramos que gestionar las alertas que gestiona Vigilance, entre el 30 y el 50 por ciento de mi jornada laboral se dedicaría a revisar alertas.

En general, ha reducido nuestro tiempo promedio de detección en aproximadamente un 70 por ciento, ya que actúa como una herramienta autónoma. Ademas, nuestro tiempo promedio para responder se ha reducido entre un 80 y un 90 por ciento porque contamos con el equipo DFIR, análisis forense digital y respuesta a incidentes de SentinelOne involucrado.

Al proporcionar esa primera capa de detección y respuesta, SentinelOne nos permite vigilar todos nuestros puntos finales y desde allí, gestionar si un equipo o un servidor se ha visto comprometido. Podemos aislarlo directamente de la red para que el malware o el ransomware no puedan propagarse ampliamente.

Nos ha ayudado a consolidar soluciones de seguridad, aunque si tuvimos algunos problemas. El equipo de DFIR responde rápidamente y el equipo de Vigilance Respond trabaja continuamente con nosotros, gestionando las alertas. Hacemos evaluaciones trimestrales y el equipo de soporte siempre responde bien, además interactuamos con la herramienta nosotros mismos.

El equipo de seguridad ha ganado una presencia y control sobre los equipos de la empresa que antes no teníamos.

Todo dispositivo que no tenga SentinelOne instalado es un riesgo y sin SentinelOne, la diferencia sería significativa. Ha ayudado a reducir nuestro riesgo organizacional en un 70 por ciento.

¿Qué es lo más valioso?

SentinelOne cuenta con tres servicios que están muy bien consolidados:

1. Soporte técnico, a través del cual te ayudan, sugieren nuevas configuraciones y resuelven dudas.

2. El servicio Vigilance Respond, que es un SOC 24 horas al día, 7 días a la semana, que trabaja y gestiona todas las alertas que se generan en SentinelOne en nuestros dispositivos. Es una primera capa de defensa que filtra muchas de las solicitudes. A veces terminamos escalando algo porque hay ocasiones en las que necesitamos entender si la alerta es un falso positivo o no.

3. DFIR, Análisis Forense Digital y Respuesta a Incidentes. Este equipo se encarga de hacer todo el análisis forense de un incidente, y tenemos contratada una determinada cantidad de horas con ellos. El nivel técnico de sus asesores es muy alto y te permite crear un informe forense de alta calidad, en caso de que tengas que escalar o informar a tu personal superior. El equipo de DFIR es excelente.

Otro aspecto que es muy bueno es la incorporación de la solución y la correlación entre las soluciones de seguridad. Optamos por SentinelOne porque te brinda visibilidad y control sobre todos los dispositivos en los que tienes implementado el agente. Esto es muy valioso porque, al final, todos los ataques entran sólo a través de una puerta de enlace, que suele ser la computadora del usuario y si no tienes visibilidad sobre esa computadora o capacidad de administrar, no podrás bloquear, reiniciar o ejecutar un análisis completo para ver si el usuario ha hecho clic en un enlace o si se ha descargado algún tipo de malware. Esta es una capa de visibilidad y gestión básica que cualquier empresa necesita.

Además, cuenta con una gran inteligencia de amenazas y correlación de actividades. No sólo detecta y responde a incidentes sino que también los previene.

¿Qué necesita mejorar?

Empezamos a utilizar SentinelOne Ranger, pero encontramos dos problemas. Quizás sean particularidades, pero conviene abordarlas ya que pueden hacer cambiar de opinión a otras empresas que estén considerando esta característica.

El primer problema es que, tal vez escanea todos los activos que hay en la red, pero la hora de discernir si un activo es un servidor o un portátil, tiende a fallar. No tiene un nivel de precisión muy alto. Hemos experimentado problemas al informar este tipo de activos a los responsables de instalar el agente y luego nos dicen: "Oye, esto no es un servidor, esto es un fax" o "esto es una impresora". Cuando suceden cosas así, perdemos credibilidad.

El otro problema que vimos con la funcionalidad de Ranger es que si, por cualquier motivo, tiene un producto con SentinelOne instalado pero está en la red de un cliente, el agente SentinelOne comienza a escanear los puertos y la red y va a un honeypot. Como resultado, el cliente puede pensar que está siendo atacado porque alguien ha llegado a su honeypot, cuando en realidad somos nosotros en la red del cliente. Cuando no sabes que esto está pasando, puede generar conflicto y tensión con los clientes. Una vez que conozcas el problema, puedes desactivar ese proceso, pero a veces puede tener un impacto negativo.

Ranger me proporciona visibilidad de la red, pero no completamente porque los activos que escanea a menudo se identifican erróneamente con respecto al tipo de dispositivo que son. Un agente SentinelOne vale mucho dinero y no tiene sentido ponerlo en una impresora, por ejemplo. Debería tener la capacidad de ir un poco más allá y ser más preciso.

Otra área de mejora muy clara, una que no entiendo por qué no la han implementado todavía, es que el agente de SentinelOne sea autoactualizable. El agente tiene una versión, y lo que SentinelOne proponía hasta hace un año es que había que ser proactivo al consultar el panel para ver si su agente había llegado al final de su vida útil y luego actualizarlo. Ahora, han lanzado una nueva función en la que creo que se pueden programar actualizaciones, por lo que tiene mucho sentido que el agente se actualice sin ninguna acción de nuestra parte y nunca se quede sin versión. Simplemente conectándose a la red debería poder descargarse y actualizarse.

Esta idea no es crítica porque SentinelOne actualiza muchas versiones del agente y cuando una queda obsoleta, no significa que ya no funcione. Pero esto es algo que SentinelOne debería saber cómo ejecutar. Una solución podría ser que, si no tiene la capacidad de actualizar automáticamente el agente, SentinelOne te indique directamente qué agentes no están actualizados. De esa forma, no tendríamos que ir a la documentación, mirar el panel y filtrar los agentes por versión. Sería fantástico si pudieras saber que sistemas operativos no son compatibles para que no tuviéramos que buscar en la documentación oficial si Windows Server está desactualizado o no.

Si los agentes se autoactualizaran, el mantenimiento debido al proceso de actualización sería mínimo.

¿Durante cuánto tiempo he usado la solución?

He estado usando SentinelOne Singularity Complete durante dos años aproximadamente.

¿Qué pienso sobre la estabilidad de la solución?

SentinelOne es muy estable. Nunca se ha caído ni ha dado ningún problema.

¿Qué pienso sobre la escalabilidad de la solución?

No lo tenemos en ninguna nube. El agente está ubicado en los dispositivos; Gestionamos casi 10.000 ordenadores. Nuestra empresa tiene presencia en nueve países europeos y SentinelOne se utiliza en todos ellos. Nuestro departamento es el grupo que supervisa todas las regiones, incluidas España, Francia, los países nórdicos, Polonia, Rumanía, República Checa, Austria y Suiza.

Continuamente implementamos nuevos agentes porque detectamos cada vez más dispositivos. SentinelOne permanecerá en nuestra empresa hasta que muera, por así decirlo. Con lo que nos ha costado llegar hasta aquí no vamos a cambiarlo ahora.

¿Cómo es el servicio y soporte al cliente?

El soporte responde en menos de un día.

SentinelOne es un socio líder en la industria.

¿Cómo calificaría el servicio y soporte al cliente?

Positivo

¿Cuál fue nuestro Retorno de Inversión?

Defender for Endpoint es más caro que SentinelOne. Otras soluciones son más caras y otras más baratas, pero en términos de relación coste-beneficio, siempre nos quedaremos con SentinelOne.

La detección y visibilidad de todos los activos, ya sea por parte del agente o del Ranger y la capacidad que tiene de tomar medidas valen la pena. Es todo muy intuitivo y para mí, estos elementos son nuestro retorno de la inversión.

¿Qué otras soluciones evalué?

Todos los portales, al fin y al cabo, son "primos hermanos", como CrowdStrike y Palo Alto, aunque no sean exactamente EDR. Asistimos a un congreso global de ciberseguridad en Londres y todas las soluciones estaban allí: SentinelOne y su competencia. A nivel de portal, usuario y otros niveles son prácticamente iguales. Cada uno tendrá algo mejor y algo peor, pero son bastante similares.

¿Qué otro consejo tengo?

Tienen que hacer un análisis coste-beneficio. Comprende el contexto de tu empresa. No es lo mismo un banco o una compañía de seguros que una empresa del sector industrial que no gestiona datos sensibles. Comprende tus necesidades particulares. Después de un análisis de costos, si hay suficiente presupuesto, elije SentinelOne.

La lección más importante que he aprendido al utilizar SentinelOne es escuchar siempre lo que dice el equipo de Vigilance Respond.

Todavía estamos descubriendo más beneficios en la solución. El modelo ya está implementado, pero somos una empresa muy grande y cada día encontramos nuevos dispositivos que no tienen SentinelOne. Todavía estamos en esa fase de mejora continua, de mejorar la solución y lograr aún más beneficios. Estamos llegando a los casos más aislados de, por ejemplo, servidores que tienen poca RAM y estamos debatiendo si debemos aplicarles SentinelOne porque, quizás, el servidor se verá más afectado.

No obtienes todos los beneficios en dos meses; es un proceso continuo.

Yo recomiendo a SentinelOne. Si al final es una cuestión de presupuesto, elígelo. Si mañana me convirtiera en un OSC, eso es lo que haría.

We need to provide a form of antivirus for our cybersecurity insurance. The new term now is EDR or endpoint detection response. I tested out several vendors including CrowdStrike, SentinelOne, and Cisco. SentinelOne definitely stood out. My use case is pretty for much protecting all of my end-user devices and all of my servers on-premise and in our virtual environment.

We were trying to solve for visibility and license management. We used to use other products, and licensing became an issue. We would have issues where clients would not really be connected all the time. They would just randomly lose connection. And that was with McAfee. 

ESET was another one that we used in the past, and we just kept running the issues with the physical server. So having a cloud-managed EDR solution, the agent-based, cloud-managed solution, has worked very well for a few years now at multiple companies. It's the first thing I bought when I came to my new company.

I really like Ranger. I like the deep dive of Ranger in an incident section. Diving into each incident and being able to see complete visibility of when the action was taken against something that it deemed a threat is valuable. Using those incidents in Ranger is definitely up there on my list of favorite features. I have multiple locations all across the globe. Being able to separate my devices, per location, is super helpful.

It's good at ingesting data and correlating. It has zero issues with ingesting data with the agents installed. I've had no issues with that. Being able to go through and create exclusions for specific types of data, like SQL has been really tough in our environment. Being able to just go through and customize those exclusions and working with the support team is great. We also have Vigilance, which is another SOC that they offer. That's a fantastic service.

Everywhere I have an agent, it sees everything, and it does so when I deep dive into a threat or a proposed threat. It does pick out host names, and IP addresses, and it just gives you a really clear picture where you can read it.

I like that Ranger requires no new agents or hardware. Anytime you can keep it lightweight enough. If you add a function and you only pay for your yearly fee for an extra function without making changes in your environment, that's huge. 

I love the reporting. The reporting definitely helps me see the entire network and find what open ports are out there. I can work with my network team to get those things closed, which is fantastic. I like the ease of looking at the graphs and the reports.

The solution has helped reduce our alerts. Instead of waiting on a monthly basis and then executing a plan, I'm able to keep up with it all throughout and day to day. That granular control has left me very impressed.

It gives me peace of mind. My staff isn't really using it. I know I have 24/7 eyes on it. 

It has helped me reduce my mean time to detect. I would be lost without the tool. It definitely helps me figure things out really quickly. I can figure out the whole story very quickly. 

It helps with my mean time to respond. It definitely helps with that. I get an alert in my email immediately, which lets me just know that something happened to my environment. That's something that I previously did not have in my old tool set.

I do want to see Vigilance reach out with that Identity. I don't have Identity, however, it's a very good tool. There is another tool that I use called Purple Knight that does very similar things. I'd like to see adding Vigilance to the visibility of Identity. 

One thing I don't like is the exportable report. They're not as useful as I'd hoped they would be. I always feel like I have to finagle them a little bit before I can present them to the executive board. The reporting needs to be beefed up a bit more. Everything feels a little lacking. They're trying to keep it simple, yet it is a little oversimplified. 

I really wish it could be an app on my phone. If I could open up an app on my phone and get all the alerts or look at my environment and see the health real quick, that would be ideal. It doesn't have to be a full feature.

I'd like the ability to have text alerts, for example, if something gets quarantined. 

The website, if you are trying to figure out what all the products are, it's kind of busy. I don't know what all the products are. The marketing is a little tough to follow. 

I've been using the solution for three years.

I haven't experienced any stability issues. 

The solution is extremely scalable. It's super easy to push out to thousands of clients if you really need to. I haven't had any issues. It scales very well.

Usually, technical support is very good. They are very knowledgeable. It's usually 24 hours for a response. I've had a couple of phone conversations with them. Right now, we're going basically through email. They give me a ton of information. They're open to working with my third-party MSP. Right now, the MSP brought up a concern about a very specific function that needs a little bit more tending to in the exclusion arena. 

Positive

We had Defender at this company before.

I was involved in the initial setup.

The deployment is very straightforward. It's super easy to just download your agent, and you get your site token, you install, and you push it out. We use the PDQ at my last company. Here, we use SCCM. We push it out with the MSI, with the site token pre-installed. I see it on my dashboard. It's easy.

My last deployment was handled by myself.

The solution does not require any maintenance anymore. It used to be kind of a headache to go through and have to update the agent. And just to remember to do it. Now I get the email. It tells me there's a new agent out there. I go read up on what the changes are, which is great. Then I go in there and set up the auto-install on the agents, and it just hits them on the schedule. You only have to really pay attention to it once in a blue moon when a new agent is installed or there's a general release.

I installed the solution myself.

I can pay, for my environment, between $30,000 and $40,000 a year, and that's a pretty good deal.

I'm a customer and end-user.

I haven't really done any third-party tools. I've looked into their Identity tool which is one of the newer offerings that they have. It's a very nice offering. It is rather expensive. That said, it is very nice to be able to see Active Directory all in one pane of glass. Honestly, the hardest thing about my job as a security professional is having all these different tools so the more I can see everything in one area, the better it is.

The quality and maturity are important. The company is relatively new in the space, however, they are pretty mature in the market and pretty well-respected. 

SentinelOne is a great strategic partner. I can't see myself doing security without them at this point. They are one of the backbones of my security platform. They were the first pieces even before I bought Cisco Duo or Meraki. 

I'm excited to see where this will be in the next ten years. I can just see this platform just going crazy. I would love to see maybe a little bit more focus. We have to deal with a lot of sensitive equipment that run specific jobs and I love how SentinelOne, and specifically Ranger, is very passive in its ability. It complements our OT. I would love to see some way of getting away from the super expensive platforms of Tenable and bringing in some of these functions that Tenable offers from a scanning platform fully into SentinelOne in the future.

I'd rate the solution nine out of ten.

This is a best-in-breed solution. If you're looking at anything in comparison, do your due diligence, do proof of concept between whatever companies you're looking into. However, SentinelOne is the best-in-breed.

We use the tool for malware protection and the XDR portion to track intrusions and possible exploitations.

I find the product very easy to maintain and troubleshoot. Their engineers are very helpful if you need additional assistance. It's one of the best products I've used. It's easy to use from my standpoint, both for troubleshooting and with the support we get from their team if necessary.

I find its interoperability with other solutions very good. When there are issues, because everything eventually has issues, the team is very good about running logs and finding out what portion is having issues. We can either exclude a portion of it or make it work. They find a solution.

We haven't had any issues with how we ingest or correlate data across security solutions. We use APIs and things like that to ingest data. For us, we haven't had any issues with the tools we use, but I can't speak for other organizations.

We now have threat hunting, visibility, and malware protection in one console. There are other portions we don't leverage because we choose to keep them separate, like our firewall, but we could if we wanted to.

The solution has helped us reduce false positives. We still get alerts, but I think they're more dynamic now. We have fewer issues with systems. It doesn't take as many resources, so we don't have outages caused by hijacking resources. We've probably reduced our issues with that by 90 percent from the previous program we were using.

The tool has helped free up our team's time. Especially when it comes to upgrades, I went from taking several months with the previous software to getting it done in a week or two for 15,000 to 17,000 assets. It's freed up months.

While I don't track mean time to detect specifically, I know it's very quick because of the way it detects intrusions. It's anomaly-based, not signature-based. It will flag something, review it, determine whether it's a false positive or actually malicious, and then quarantine it. It's pretty instantaneous. We've averted several ransomware attempts before they could infect anything.

Our mean time to respond has decreased significantly. The response is much quicker now, especially since very little gets reverted to us for handling. The Vigilance AI portion usually takes care of most of it, determining the severity of something and whether it needs human attention.

It has helped us save costs, particularly regarding fewer infections throughout the network. While I don't have exact numbers, we've had a reduction in costs associated with reimaging machines due to malware.

It would be nice to be able to adjust the canned reports manually and choose the specific data we want to report on instead of being limited to their pre-set reports.

I have been using the product for three years. 

In terms of stability, we have no downtime from SentinelOne Singularity Complete. We may have some complications with interoperability when we deploy something new that didn't get tested, but that's usually not SentinelOne's fault. It's usually because a third party changed something that had already been whitelisted.

We haven't had any issues with scalability. It scales very well from small to large. We're at 16,000 endpoints, and it's very easy to deploy and manage.

I've contacted technical support myself. Their response time depends on the severity with which you submit the case. For low priority, it takes about a day or two. For high priority, it's within an hour or two, according to their SLA. They're very prompt.

Positive

We switched from Symantec to SentinelOne Singularity Complete mainly because of cost and technology changes. Symantec wasn't changing quickly enough as technology moved toward the cloud, and things were going faster. Broadcom was still using heavy, clunky on-premises agents that used a lot of resources. SentinelOne Singularity Complete was new, next-gen, smoother, and quicker with less downtime. They manage their end in the cloud, so we don't have to maintain our console.

We saw the benefits immediately after deployment. The deployment was seamless, easy to learn, and easy to use—very intuitive. The initial deployment was pretty seamless and easy. It took us about six months to fully deploy, but that was because we did it in segments. We're a global organization with many different entities, so we had to do it segmented. It probably would have taken us a quarter if we had just set it out all at once.

The only maintenance we require is keeping our agents up to date. We do this manually because we go through a change approval process to ensure we don't introduce anything that will harm the system. We then test and deploy.

We used SentinelOne's guidance, but we did the deployment ourselves in-house.

My impression of SentinelOne Singularity Complete as a strategic security partner is that it's state-of-the-art, easy, and uncomplicated. As an engineer, I find the product easy to deploy, maintain, and efficiently. I rate the overall solution a ten out of ten. 

I advise new users to read the manual before they start using it. Understand all the different modules to utilize them as intended and get the best out of them. Also, use their support if you have questions before you deploy. Get a game plan and follow their recommendations.

I use SentinelOne Singularity Complete to prevent and mitigate attacks on my laptop.

While traditional antivirus programs can offer some protection, they often fall short against advanced cyber threats. This means having an antivirus doesn't guarantee my laptop's safety, as I've experienced with viruses, blue screens, and even complete crashes. Therefore, finding a more comprehensive security solution that actively prevents infections and stops attacks before they happen is crucial. The repeated blank screens on my laptop are a clear sign of a compromised system and so I implemented SentinelOne Singularity Complete to mitigate these problems.

The interoperability of SentinelOne Singularity Complete is one of the key features. I integrated SentinelOne Singularity Complete with another solution for a customer and it was seamless.

SentinelOne Singularity Complete integrates well with my existing security solutions and provides effective data correlation. While our company has a smaller security stack, the larger customers who've incorporated Singularity across their entire security infrastructure have experienced seamless integration.

It streamlines our security posture by consolidating disparate solutions into a unified platform. This eliminates the need to navigate siloed interfaces for attack visibility, while automated response capabilities minimize the manual effort required for mitigation.

I sold the Ranger functionality to a customer who is an ISP and needed more network visibility.

Customers appreciate the ease of use of SentinelOne Singularity Complete's Ranger functionality, as it doesn't require installing new agents, or hardware, or making network changes.

SentinelOne Singularity Complete provides us with the confidence of knowing we're protected when connecting to external networks. Its user-friendly interface and seamless integration enable us to easily add more security features as our needs evolve, without incurring significant costs.

The number of alerts has been reduced. We used to get a lot of false positives and the solution has reduced our alerts by over 60 percent.

By quietly resolving most issues in the background, SentinelOne Singularity Complete frees up our time for other projects and tasks. This way we don't have to call our support team and we don't lose any productivity. We can save around four hours a day when an issue is detected.

Our MTTD has been drastically reduced by SentinelOne Singularity Complete to less than 30 seconds.

Our MTTR has been reduced thanks to the automated AI response from SentinelOne Singularity Complete. What we do after that is use the insights provided by the endpoints and the management console to help guide the client on what steps should be taken moving forward.

Switching to SentinelOne Singularity Complete significantly reduced our security costs. Previously, our solution was both expensive and insufficient for our needs. By moving to SentinelOne, we achieved a 40 percent cost saving. Additionally, we benefitted from time savings and increased productivity, further contributing to our overall cost reduction.

SentinelOne Singularity Complete has helped to reduce our organizational risk by over 70 percent.  

The offline protection offered by SentinelOne Singularity Complete for my devices is valuable.

The automatic mitigation features are incredibly valuable. Over the past two months, receiving alerts on my laptop about mitigated attacks has been one of the key benefits. It's fantastic that I don't have to manually intervene in the mitigation process, yet I'm still informed about potential threats and assured that I'm protected.

The detailed history logs allow us to easily detect malicious behavior within the network.

I would like to have firewall functionality within SentinelOne Singularity Complete.

I have been using SentinelOne Singularity Complete for eight months.

SentinelOne Singularity Complete is extremely stable in the cloud.

SentinelOne Singularity Complete is highly scalable. We have had many clients easily scale their number of endpoints.

The technical support is good.

Positive

We previously used Sophos and Fortinet for the firewall but switched to SentinelOne Singularity Complete because of its more robust capability, ease of integration, and lower cost.

SentinelOne Singularity Complete stands out as the most innovative and forward-thinking solution in the market. Through strategic acquisitions, SentinelOne has gained a distinct edge over its competitors.

In the beginning, our technical team did not have a lot of information but once they received some guidance from SentinelOne the deployment was easy.

The efficiency gains and enhanced security delivered by SentinelOne Singularity Complete consistently ensure a positive return on investment.

SentinelOne Singularity Complete's pricing is affordable. They offer licenses from zero to a hundred making it accessible even for smaller businesses.

We evaluated CrowdStrike but we didn't have much information about how it worked, its functionality, or cost.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is a mature solution that takes care of most of our use cases for EDR and the Ranger functionality provides visibility into our network. SentinelOne Singularity Complete as a first line of defense gives us peace of mind.

No maintenance is required from our end.

SentinelOne is my go-to as a strategic security partner when it comes to anything EDR-related.

SentinelOne Singularity Complete is a great solution and I recommend it. SentinelOne Singularity Complete can easily be deployed in any environment and is cost-effective.

We use SentinelOne Singularity Complete as our server and endpoint security solution.

We sought to consolidate our security solutions, lower maintenance, and operational costs, and streamline scalability and configuration. Implementing SentinelOne Singularity Complete enabled us to achieve these goals.

SentinelOne Singularity Complete's interoperability is excellent. The solution can correlate with various threats and provide us with granular information across our landscape. Singularity Complete is fully integrated and can be scaled and expanded to all of our devices.

Singularity Complete's ability to ingest and correlate across our security solutions is good.

Singularity Complete has enabled us to consolidate our security solutions. We can now consolidate all of our Linux and Windows security servers, as well as display various touchpoints and our laptops and desktop devices.

We use the Ranger functionality. The network and asset visibility provided is important because we can see the types of devices connecting to our enterprise network.

Ranger's ability to prevent vulnerable devices from becoming compromised is good.

Singularity Complete has increased our security score. We were able to see the benefits within four months.

Once we can configure and fine-tune Singularity Complete, we can eliminate the false positives that are generated.

Singularity Complete has helped free up our staff's time to work on other projects. We have saved around two months in total.

Singularity Complete has helped reduce our MTTD by 30 percent.

Singularity Complete has helped reduce our MTTR.

Singularity Complete has helped reduce our organizational risk by 50 percent.

SentinelOne Singularity Complete is easy to configure.

The protection SentinelOne Singularity Complete provides to our endpoint devices in terms of cybersecurity is valuable.

The support has room for improvement. They take a lot of time to respond.

The documentation provided for implementation is not adequate and has caused us challenges.

The pricing is also high and can be improved.

I have been using SentinelOne Singularity Complete for three years.

SentinelOne Singularity Complete is stable.

SentinelOne Singularity Complete is easily scalable.

The technical support takes time to respond to our tickets.

Neutral

Previously, we utilized McAfee for our servers and Microsoft Defender for our endpoint protection on desktops and laptops. However, we desired a unified EDR solution to streamline our security management. Upon evaluating SentinelOne Singularity Complete and confirming it met all our requirements, we transitioned to this comprehensive solution.

The initial deployment was straightforward. The deployment took two months, and three of us including two engineers were involved in the process. We first deployed Singularity Complete to our test servers to ensure everything worked properly before proceeding with the full deployment.

The consolidation of multiple solutions into Singularity Complete, along with improved response times and smoother business functionality, has resulted in a return on investment.

The price is costly compared to what we were previously paying with Microsoft Defender and McAfee.

After evaluating CrowdStrike and other solutions, we ultimately chose SentinelOne Singularity Complete due to its user-friendly functionality, efficient logging, and rapid response times.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete is a comprehensive, integrated solution for endpoint protection across the enterprise.

Singularity Complete is deployed across our campus with around 200 users.

SentinelOne Singularity Complete is a good solution that meets our enterprise needs.

I recommend organizations first evaluate SentinelOne Singularity Complete to see the kind of visibility it can provide into their endpoints.

SentinelOne Singularity Complete has reduced our operational costs and response time while enhancing our business efficiency.

My company uses SentinelOne Singularity Complete for general endpoint security. The solution is excellent at solving problems many other vendors don't solve properly. My company runs on multiple platforms and software in various environments. My company is a Microsoft company with Azure AD and many Windows computers, and SentinelOne Singularity Complete is terrific for that. The company also has MacBooks, Linux machines, and clusters of Linux containers with various distros and types. SentinelOne Singularity Complete is surprisingly good at supporting the platforms, and the enterprise needs my company has.

The best feature of SentinelOne Singularity Complete is that you don't need to configure a lot with it because it provides an unmatched layer of protection out of the box.

Implementing SentinelOne Singularity Complete is a competitive bid process. As part of the competitive bid process, SentinelOne Singularity Complete stands alone. I work for an enterprise, and the company has old software. CrowdStrike Falcon Pro is a great competitor of SentinelOne Singularity Complete, but CrowdStrike Falcon Pro doesn't fit my company's needs because of its very aggressive deportation policy. If you ever run any software not in the standard manufacturer support or some support package, Crowdstrike cuts you off from updates. In real life, that doesn't work because my company builds software. Some of the company's cluster apps run on Red Hat 7, old Linux kernel,   CentOS, or other distros around that era. My company has significant old technologies that it needs to secure.

A pro of SentinelOne Singularity Complete is the approach that it knows isn't the best, but it will still give you the best it has.

I also find that SentinelOne Singularity Complete gives a significant layer of security on top of SD-WAN, mandatory access control, and general information management, which is very helpful.

In assessing the solution's interoperability with other Sentinel One solutions and third-party tools, my company started utilizing Scalar and has a history of using Scalar and other providers. SentinelOne acquired Scalar, an enterprise log management platform, which is very good for the price. Scalar may not be the best platform in the world, but it's very good for the price. SentinelOne, having acquired Scalar, has gone and built an excellent integration for all logging so that you can get the SIEM logs into the Scalar pipeline and run it through a general log analysis platform, so it's unmatched.

In general, I'm pleased with the ability of SentinelOne Singularity Complete to ingest and correlate across my company's security solutions, especially with its price point. I only found very few antivirus or EDR solutions that can compete with SentinelOne Singularity Complete, but I generally prefer working with the solution because of its interoperability.

Another reason why I like the solution is because it works. It doesn't require an Internet connection. The remediation is automated, and the alerting function is excellent. Support for the platform is also great, including multi-tenancy, role-based access control, and automated deployments.

I don't have much bad feedback about SentinelOne Singularity Complete, while in contrast, I've been quite disappointed by many technical aspects of other antivirus solutions, such as the Deep Instinct Antivirus. As for MSP machines, I used to work at MSP and had many problems. I also find the CrowdStrike sales representative incredibly annoying.

I find that SentinelOne Singularity Complete works pretty well for what I want, and it always hits the right price point and options that suit my company's general, overall security platform and management of that platform.

The Ranger functionality of SentinelOne Singularity Complete works well in providing network and asset visibility, especially as my company is a Microsoft Azure AD company at the core, so most of the company's Mac and Windows endpoints are managed, and monitoring the cloud ID and posture is essential. However, I don't need to check it daily because the solution manages itself well. SentinelOne Singularity Complete works very well for active directory management and posture matching.

I appreciate that the solution can consume at an API level, but I don't care as much whether it runs an agent or doesn't because I can automate agent deployment to the fleet. If the agent works, then great. An agentless solution is suitable for old platforms that don't have the most up-to-date technologies. Whenever you try to run an agent on various environments, it might not be the ideal platform for that agent so you could run into unexpected problems. Being agentless makes SentinelOne Singularity Complete better, but I wouldn't be upset if it were a good and solid agent-based solution.

In terms of how significantly the solution helped reduce alerts depends on how many alerts my company was paying attention to before and how many alerts it is paying attention to now. I'm unsure about that because one reason for implementing the SentinelOne Singularity Complete stack at the company has been to increase the security footprint and security posture. My company might have had several useless alerts before and maybe fewer alerts now, but did the company pay more attention to the alerts now? I'm unsure if the alert reduction or paying more attention to the alerts makes a difference.

About SentinelOne Singularity Complete helping to free up staff for other projects and tasks, that isn't easy to tell, as I have a team of four, and some of the work changed upon implementation. For example, instead of fighting with specific agent installs or trying to figure out how to get logs into another system, some of that workload is reduced, but now my team may be paying more attention and uses the same amount of time for alerts, remediations, or other more important aspects, so it is possible that the amount of time spent after the SentinelOne Singularity Complete implementation wasn't really reduced. That would depend on your perspective.

As to SentinelOne Singularity Complete helping the company reduce the mean time to detect, my company didn't record the mean time to detect before implementing the solution. I feel that it is effective, but right now, I don't have a basis of comparison that allows me to point to that periodically says my company reduced the meantime to detect or that it was increased by some percentage.

SentinelOne Singularity Complete has been very effective in helping reduce organizational risk for my company, especially regarding budgetary footprint. The solution has been very effective at what it does and has helped reduce the company's cyber insurance premium. My company is a SOC 2-certified institute and has to go through an annual compliance process with auditors, so going through and being able to explain and show how the company has automated and deployed solutions and minimized its risk profile has been very helpful.

The company I work with now spends slightly less than it did and gets more value from SentinelOne Singularity Complete. Though the cost may not be that different from others, the value provided by the solution is very different. In the past, my company had several decentralized alerts and platforms. Still, after implementing SentinelOne Singularity Complete, the solution could bring and tie them together through an automated platform. It works, and when it comes to enterprise security, for every company you work for, you're not the one who built that network or solution. You have no idea what's going on, so your ability to maintain control relies on understanding the threat surface and how to control it, which SentinelOne Singularity Complete is good at.

My background is in Linux administration, and I've gone through several security tools over the years. I built out mandatory access controls and messy Linux policies. I've worked with a lot of different companies over time. SentinelOne Singularity Complete supports Linux systems really well, which is crucial because I work for a company that builds software with an ecosystem of applications, cluster apps, and containers on Linux.

Some other solutions were stuck a decade ago, particularly running Windows and .NET and other affordable systems, and though I love Windows and Mac, those are user endpoints, and endpoints extend beyond user endpoints, for example, endpoints include servers and the full scope of internet-connected devices in a company.

If you're trying to implement a zero-trust framework and a system resilient to failure across a Swiss cheese layer of multiple problems. In that case, finding one solution capable of dealing with that kind of threat is complicated. You look at Microsoft Defender, and Microsoft has improved its security over the last decade. Obviously, Microsoft still has ways to go, given that it still keeps losing its signing keys. Still, the reality is that, similar to Windows and Azure, Microsoft has improved its security footprint. Microsoft Defender went from being a joke of a product to a very viable solution. That's great, but I can't run that on Mac, and I can't run that on Linux clusters.

Looking at CrowdStrike Falcon Pro, it is a great product. It has a very annoying sales team, but it is excellent. The problem in enterprise, however, is that sometimes, you have to run old technology, and when you cut off the solution from working on old technology, that's not helpful and makes everything worse, so I appreciate the aspect of SentinelOne Singularity Complete supporting even the old technology my company is on, which is a significant differentiator that is very useful about the platform.

When you think of Carbon Black and VMware, each platform is good, works quite well on Mac and Windows, and has some capabilities, but the level is not the same as SentinelOne Singularity Complete. SentinelOne Singularity Complete can be a stand-alone product versus other products.

If you're running a decent company, you should be able to invest in security and be willing to spend whatever it takes to have a very competent solution. Since I control the budget, SentinelOne Singularity Complete provides more value for the dollars spent and a more cohesive structure than what you can get from other solutions.

I'm unsure if SentinelOne Singularity Complete is amazingly the best, but it's the best overall product because it fits my company's needs. I work for a SaaS building enterprise company that does financial transactions, which has public internet-facing applications that get constantly attacked. If I can't run a comprehensive security product across all systems, I'd have to look in three different places, which means I lose some of that robust information. I lose some of that ability to correlate threats and figure out what's happening, and so do automated platforms. An automated platform can lose the ability to correlate the different events it doesn't know about, and this is where SentinelOne Singularity Complete really shines. It's a cohesive, widespread solution that's great in various aspects.

In terms of being innovative, SentinelOne Singularity Complete is quite innovative. I grew up with the internet and have seen different generations of security products and ideas. When SentinelOne Singularity Complete came to market, it was significantly different than the other solutions. SentinelOne could either be acquired or build very useful products, taking interoperability between different products to a level you won't find in other companies.

With how my company uses SentinelOne Singularity Complete and the Scalar platform for all its servers, the company logs into Scalar and runs alerts and rejects, flags alerts, and also gets to ingest all SIEM logs from SentinelOne Singularity Complete into Scalar, and then gets automated alerts. This means that my company gets multiple layers of visibility across its stack and analysis pipeline. My company then gets to log push to S3 after the hot tier access is over, which means it gets to retain all security alerts and problems for up to seven years, just in case, which is essential for a financial services company like the one I work for. Doing that is much more complex with other solutions versus SentinelOne Singularity Complete, so I chose it because, currently, it is the best.

I care about aspects that other people don't care about, such as supporting old Linux distros and being able to run the solution in some weird cloud environments easily. I care about SentinelOne Singularity Complete working with my company's log analysis platform, which makes the process easier.

It's difficult to pinpoint areas for improvement in SentinelOne Singularity Complete because I always like to see certain aspects. Still, if I look into the EDR solution itself, I don't have many negative thoughts about it, as it is very good.

If something could be improved in the solution, I'd say better pricing, as I'd always take better pricing. I would appreciate lower pricing. The lower the pricing, the easier it is for me to sell it. A solution with lower pricing tends to sell itself at some point.

Building a more advanced "if this, then that" logic in SentinelOne Singularity Complete, in terms of when to cold shutdown, particularly when it detects a threat, would isolate it from the network, could be an improvement. There could be a better way of saying "yes" or "no" to doing an action or specific actions unless it's one of the exceptions on your list. Having an additional logic layer could improve the solution, mainly because I run multiple systems with different layers. For example, if I'm running a very important server with this agent, and that server gets infected, I may not necessarily be sure that I want to shut it down right away. Maybe I want to isolate some of the connectivity but not do the entire security remediation automatedly or curtail network access type of activity.

If I could have a more advanced control layer where I could say, "Hey, I want to do that on almost every system, but these systems are so important, and they have to keep running, so maybe if there is a problem, you can do these things instead," then that would make SentinelOne Singularity Complete better.

We've been onboarding SentinelOne Singularity Complete as our primary EDR solution this year.

We implemented Scalar last year as the first step, and then it became a natural step to move as we wanted to have all of our logs flow into our general login analysis platform so that we could build and consume our own software platform. We build many SaaS apps, and we have about a thousand web servers facing the Internet, so what better way to analyze all of these than to get our internal logs, such as browser, local events, and all of the data into one place and one data plane?

Stability-wise, I haven't run into many problems with SentinelOne Singularity Complete, except for one case where the agent was short-cycle restarting, but that was due to some problems I caused. I can't really complain about that.

I wouldn't say I liked the SELinux policy that you force out over Ansible configurations, which naturally conflicted with the SentinelOne Singularity Complete agent. Still, once that got flagged and tagged, it was fine.

Overall, I'm satisfied with the stability of the solution, which was why my company implemented it.

SentinelOne Singularity Complete is a scalable solution, which is another reason my company chose it.

I don't contact technical support very often, but when I have, I haven't been disappointed. For example, the Scalar data center team has provided excellent technical support whenever I've asked for help with query matching strings and building RigX, so I'm very happy.

I found the technical support for SentinelOne Singularity Complete very good, and I'd probably reach out to the support team with more questions, which the team would probably answer.

My rating for technical support is nine out of ten.

Positive

Previously, we used Microsoft Defender, but I also used SentinelOne Singularity Complete in a former company. I like it a lot, and that's part of why my company uses SentinelOne Singularity Complete now. 

Deploying SentinelOne Singularity Complete didn't take long for a small global company like ours. My company has offices in the US, Canada, France, and India, and working between different locales took more time, but generally, the process didn't take very long, as it only took about two weeks.

SentinelOne Singularity Complete is a commercial solution that I found easy to implement, which is another reason my company paid for a commercial solution.

Myself and two other people were involved in the deployment.

In terms of getting ROI from SentinelOne Singularity Complete, some factors must be considered. There is a requirement for a few layers to start with. My company has to spend some money just as a baseline.

One requirement is to be SOC 2 compliant, which means an auditor will come in and ask about the company's antivirus software, whether it's running an EDR, including analyzing logs.

Another player is the cyber risk insurance, as the company tries to get the premiums as low as possible and takes security as seriously as possible, by demonstrating to insurance partners that the company is a very low risk in terms of threats becoming problems.

In terms of cost-effectiveness, mainly based on adjustments to your premium, which either raises or lowers the price, SentinelOne Singularity Complete is quite effective.

SentinelOne Singularity Complete is aggressively priced compared to smaller solutions. Still, in the past, as I worked for a SentinelOne reseller partner that deployed SentinelOne solutions to a lot of different customers, I was able to appreciate its capabilities and full features, which is part of the reason my company has implemented SentinelOne Singularity Complete.

The solution is a bit cheaper than CrowdStrike Falcon Pro and more expensive than smaller solutions. Still, it has a pretty reasonable pricing point, as I appreciate the flexibility SentinelOne Singularity Complete offers. I haven't been disappointed with its pricing because I'm more of a "not everything cheaper is better" person. It's not better if it makes the worst product.

I'm very satisfied with SentinelOne Singularity Complete, especially its price because I've worked with various companies. Yet, I found that no one provides a really good solution for the price except for SentinelOne.

When I started at this company, an MSP recommended a legacy type of antivirus, and I felt it was not up to par with what SentinelOne Singularity Complete provides. SentinelOne Singularity Complete is an excellent enterprise product with an excellent price point that's hard to argue with in terms of results and efficiency per dollar spent, so it's a no-brainer.

My company is mainly a cloud-based company. Very few solutions in the company have been deployed on-premises.

SentinelOne Singularity Complete is managed across different layers and all verticals, such as the web, firewall, etc.

Between two hundred to two thousand five hundred people use SentinelOne Singularity Complete within the company.

My rating for SentinelOne Singularity Complete overall is a nine out of ten. I don't give tens because there's always room for improvement, but the solution is pretty good.