No more typing reviews! Try our Samantha, our new voice AI agent.
reviewer2218470 - PeerSpot reviewer
Co-Founder & VP Sales and Marketing at a tech services company with 11-50 employees
Reseller
Top 5
Dec 15, 2025
The evolution of the S1 AI-SIEM is a game changer
Pros and Cons
  • "The most valuable aspect, in any scenario, was the rollback feature."
  • "Native integration with the mobile console is an area that can be improved."

What is our primary use case?

We utilize SentinelOne Singularity Complete to manage the endpoints, including workstations on both Windows and Mac platforms. This enables us to detect any anomalous behavior and threats on these workstations. Essentially, it empowers us to safeguard our enterprise, effectively replacing our conventional antivirus solution.

We aimed to bolster our security and achieve more comprehensive coverage, which is why we adopted SentinelOne Singularity Complete.

How has it helped my organization?

Singularity Complete's interoperability with third-party tools is good. The integration with the Singularity AI-SIEM platform enables us to collect logs from various other platforms and consolidate them into a single console. This greatly facilitates swift issue diagnosis and identification, making it an advantageous perspective.

We have recently begun using the ingestion and correlation functionalities of Singularity Complete. Currently, we are in the process of integrating it with our existing networking equipment, namely Palo Alto and Fortinet. Our objective is to ingest specific data from these sources and derive meaningful insights from the collected information. The integration processes are quite straightforward and user-friendly. It seems that any challenges we are facing might be attributed to configuration issues on our side, which we need to improve upon.

Singularity Complete has assisted us in consolidating our security solutions. With Singularity Complete, we now have a centralized platform for monitoring alarms. We are gradually phasing out the other solutions we had in place.

It has enabled us to gain more confidence and autonomy. The solution is comprehensive as it effectively manages both workstations and threats. Consequently, it significantly reduces the burden of dealing with operational issues and reacting to problems. This approach eliminates the need for excessive proactivity, as we trust the platform to handle these tasks on our behalf. Thus, we no longer need to spend time searching for threats, as the platform efficiently performs this task for us.

It helped reduce false positives. We fine-tuned the solution by creating some exclusions that have reduced the number of alerts.

Singularity Complete has freed up two to three hours per week of our staff's time to work on other projects and tasks.

Singularity Complete has reduced our MTTD by around five hours and has reduced our MTTR by around three hours on average.

It has indirectly helped save costs because we spend less time having to deal with configuration and proactively configuring alarms and alerts.

Singularity Complete has reduced our organizational risk by around 40 percent.

What is most valuable?

It is now a toss up between the AI-SIEM platform and the the rollback feature. There were instances when some workstations detected infections, and having the rollback feature proved to be incredibly valuable.

What needs improvement?

Native integration with the mobile console is an area that can be improved.

I'd like to see more operations with the XDR platform.

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one year.

What do I think about the stability of the solution?

I would rate the stability of Singularity Complete a ten out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of Singularity Complete a nine out of ten.

How are customer service and support?

The technical support is of high quality, strong, and responsive.

Which solution did I use previously and why did I switch?

We previously used ESET but we were often missing threats and not finding out until after the fact.

How was the initial setup?

The initial setup is straightforward. We collected several samples for each department, and subsequently, we distributed them to ensure their functionality among the users in different departments. After conducting the necessary tests, we proceeded to implement the final version.

Two individuals were engaged in the deployment: a Cyber Hunter and an administrator.

What about the implementation team?

The implementation was completed in-house.

What was our ROI?

We have observed a return on investment through the time saved managing our workstations and addressing threats. This has provided us with additional time to dedicate to operational projects.

What's my experience with pricing, setup cost, and licensing?

The pricing was very similar in terms of its competitors, but I believe SentinelOne's capability and willingness to attract new business allowed us to save some extra money. I think the pricing aligns well with the market. They encountered competition, so their pricing was slightly more adaptable. That's where we gained an advantage from it.

Which other solutions did I evaluate?

We evaluated CrowdStrike and Microsoft Defender. We didn't find microsoft Defender to be a strong enough technology. CrowdStrike was more expensive, while SentinelOne offered a combination of good technology and affordability.

What other advice do I have?

I would rate SentinelOne Singularity Complete ten out of ten.

SentinelOne is ahead of the curve. They are certainly leading the way. When we consider the kinds of integrations being developed and the AI integrated into the platform, it's evident that they are the latest entrants to the market. This current position enables them to be more innovative in their approach.

SentinelOne Singularity Complete is extremely mature at this level.

We have 50 end users based out of multiple locations. A lot of our users work from home. Singularity Complete is deployed on laptops, workstations, and our servers.

The maintenance is minimal and is overseen by one person.

We're very satisfied with SentinelOne as a strategic partner. They've given us what we need, and we see a long-term future relationship with them.

Planning the rollout is crucial because we need to effectively manage the changes with the users. Therefore, meticulous planning of the rollout, organized by department, ensures a seamless transition and allows us to anticipate any potential issues. Adopting a staggered approach, rolling it out per department, is likely the most effective strategy for deploying Singularity Complete.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Dec 15, 2025
Flag as inappropriate
PeerSpot user
Sr. Cyber Security Analyst at a retailer with 10,001+ employees
Real User
Top 20
Dec 9, 2025
Good functionality, provides improved visibility, and had great support.
Pros and Cons
  • "It provides network and asset visibility for us."
  • "The grouping feature needs improvement."

What is our primary use case?

This is our primary and only EDR in our environment. We have this deployed to corporate workstations and servers, utilizing a variety of operating systems including Windows, macOS, and various Linux distributions. The data ingested into Deep Visibility provides great insight into what is going on in our environment. The XDR capabilities in there almost make you not even need a traditional SIEM anymore. The Identity solutions involing Active Directory security provide great information on our environment for continuously auditing and remediating threats.

How has it helped my organization?

SentinelOne's ability to prevent, detect, and respond to threats like ransomware and zero-days without requiring immediate human intervention saves us a lot of time and manpower. We have seen multiple occasions of rogue applications, suspicious downloads, and unauthorized USB drives get flagged and quarantined before anything could happen.

We have gained 2-3x more visibility into our endpoints with the benefits from Deep Visibility. The timelines created from incidents paint a very accurate picture of what happened in a given time window.

What is most valuable?

The platform has significantly enhanced our security posture through three key areas:

  1. Unified Visibility and Simplified Integration (XDR):
    • Excellent Data Correlation: The solution excels at ingesting and correlating data across multiple security tools (we integrate it with three to four other platforms) inside of Deep Visibility. It doesn't just receive data; it processes it to provide actionable insights, saving us significant manual parsing time.
    • Seamless Integration: We rarely need custom API work due to its strong native integration support with our common platforms, streamlining our security architecture and allowing us to consolidate several tools into the platform itself.
  2. Network Visibility (Ranger):
    • The Ranger functionality provides comprehensive network and asset visibility without requiring new agents, hardware, or network changes. 
    • Ranger has enabled us to quickly identify and manage numerous unknown endpoints, successfully reducing our unknown endpoints count from hundreds down to single digits.
  3. Improved Security Metrics and Risk Reduction
    • Thee solution has measurably improved our Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), giving our SOC quick alert times and the ability to react almost immediately to incidents.
    • We estimate it saves us several days' worth of analyst time overall. While direct financial savings are hypothetical, the platform has clearly and significantly reduced our organizational risk compared to our previous security posture.

What needs improvement?

The grouping feature needs improvement. There are many times I've wanted to do blacklisting or exclusions for specific people in a group, however, I don't want to remove them from the group itself. Giving admins the ability to create subgrouping would allow for all parent exclusions to be applied without the need to create all new scopes. 

The integration of an MFA push when signing into the admin console. I know this is a small thing but it is much more convenient to accept a push versus scroll through my many 2FA profiles to find the code for SentinelOne's platform.

For how long have I used the solution?

I've been using the solution about 5 years while being on both an IT support team and Cyber Security team.

What do I think about the stability of the solution?

They are pretty stable. The company is expanding at a good rate and they are releasing new features to maintain the stability effectively. Downtime on their end has been very minimal.

How are customer service and support?

Technical support is quick and helpful. They do a good job of addressing issues at level one and escalating if needed.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?


How was the initial setup?

We are at about 98% deployment. There are endpoints that pop up that don't have the agent to get it, however, we're past the deployment phase or past the initial configuration phase. It's all just maintaining and tweaking, and as new features come out, we adjust.

I wasn't here for the initial deployment process. I've done a lot of configurations for new features that they've implemented.

Our team does general maintenance. They do a really good job of giving you the information you need to troubleshoot. Their knowledge base is very helpful to those brand new to the console and even more experienced users of SentinelOne.

What was our ROI?


What's my experience with pricing, setup cost, and licensing?


What other advice do I have?

The solution seems to be quite innovative. They are coming out with new features every month and continue to roadmap impressive products for the future as well.

This is a great product. If a company is unhappy with its current EDR, SentinelOne is a good choice. They are acquiring a lot of companies and solutions to add to their roster in order to provide a more centralized platform. I look forward to what they will bring in the future.

I'd rate the solution nine out of ten. It's going to be a good one-stop-shop and I enjoy working with them.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Dec 9, 2025
Flag as inappropriate
PeerSpot user
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
Manager, Information Technology at a consumer goods company with 11-50 employees
Real User
Top 20
Jun 30, 2024
Effectively ingests and correlates data from all our security solutions
Pros and Cons
  • "SentinelOne Singularity Complete stands out for its threat-hunting abilities and the agility of its agents in detecting malicious content across our gateways and endpoints."
  • "SentinelOne Singularity Complete offers competitive pricing, but there's always potential for even better value."

What is our primary use case?

We use SentinelOne Singularity Complete for network protection and response.

How has it helped my organization?

SentinelOne Singularity Complete effectively ingests and correlates data from all our security solutions, providing a unified view for better threat detection and response.

SentinelOne Singularity Complete aggressively identifies and quarantines potential threats. It effectively catches threats that other EDRs might miss. Overall, we find this level of aggressiveness acceptable for an endpoint protection solution and are satisfied with SentinelOne Singularity Complete's performance. We saw the benefits immediately.

SentinelOne Singularity Complete significantly reduces alerts by filtering out many false negatives. This allows us to identify actual threats as soon as they are categorized, separating true positives from the filtered noise. This helps us focus on the real threats, eliminating the need to sort through irrelevant alerts. The number of alerts has been reduced by 75 percent. It also helped to free up a significant amount of our time to work on other tasks.

SentinelOne Singularity Complete has significantly improved our ability to detect threats, even those previously unknown. This advanced EDR solution provides alerts for any suspicious activity, regardless of classification, allowing us to proactively assess and mitigate potential risks.

While SentinelOne Singularity Complete shows promise in reducing our organization's costs, the solution is still new to us and we haven't quantified the exact savings yet.

It improved our organization's security posture by enabling us to proactively identify and neutralize emerging cyber threats, thereby reducing overall risk in the ever-present threat landscape.

What is most valuable?

SentinelOne Singularity Complete stands out for its threat-hunting abilities and the agility of its agents in detecting malicious content across our gateways and endpoints. We're impressed by the breadth of threats covered by their constantly updated signature base, providing full protection against new cyber threats. While we're still exploring the platform's full potential, Singularity Complete's extensive capabilities, and superior coverage compared to our previous solution have already given us a significant security advantage.

What needs improvement?

SentinelOne Singularity Complete offers competitive pricing, but there's always potential for even better value.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one year.

How are customer service and support?

SentinelOne's technical support was good at assisting with onboarding through troubleshooting actions and resolving configuration problems.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

After using Symantec and Fortinet's EDR solutions, we migrated to SentinelOne Singularity Complete seeking a more comprehensive defense. SentinelOne's aggressive threat detection capabilities were a major factor in our decision.

How was the initial setup?

The initial setup was seamless thanks to the SentinelOne support team. We had three people involved with the deployment from our local team and the support engineers online.

What about the implementation team?

The SentinelOne support team helped us with the implementation in-house and it was seamless.

What's my experience with pricing, setup cost, and licensing?

The pricing for SentinelOne Singularity Complete is competitive.

Which other solutions did I evaluate?

We evaluated several endpoint detection and response solutions, including Symantec, SentinelOne, CrowdStrike, and Bitdefender. While Symantec offered a phased migration option from on-premises to cloud and maintained endpoint interoperability, its EDR and threat-hunting capabilities fell short compared to SentinelOne. SentinelOne's robustness ultimately outweighed the advantages of the other options, including CrowdStrike's strong detection capabilities but higher price point, and Bitdefender's overall offering.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

We're in the process of consolidating our security solutions by migrating some services to the SentinelOne platform. While SentinelOne is a strong contender, we're also evaluating other tools to diversify our security posture and avoid vendor lock-in. This multi-platform approach will ensure we have the full protection needed.

As of now, no maintenance has been required for SentinelOne Singularity Complete.

SentinelOne is a strategic partner for our security operations. Their solution helps us maintain the safety of our internal systems, applications, and users. As security is a top priority, we consider them a top-tier partner in our overall operations.

I recommend SentinelOne Singularity Complete for anyone needing a robust Endpoint Detection and Response solution. However, to ensure it meets your specific needs, thoroughly evaluate its capabilities against your current operational requirements. If it aligns with your needs, consider a trial to experience SentinelOne's operation firsthand before committing to a contract.

Considering our sensitive data and security needs, we require a top-tier endpoint protection solution. SentinelOne Singularity Complete stands out as a market leader, achieving high ratings and verification from industry experts like Gartner.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
ArjitYadav - PeerSpot reviewer
SME for Cybersecurity at Locuz Enterprise Solutions Ltd
Real User
Jun 3, 2024
Helps reduce our MTTD and MTTR while improving our network visibility
Pros and Cons
  • "SentinelOne offers several valuable features for threat detection and response."
  • "SentinelOne Singularity Complete needs more connectors for integration with more solutions."

What is our primary use case?

Our organization is leveraging SentinelOne Singularity Complete to achieve a comprehensive endpoint security solution. This involves utilizing SentinelOne's EDR functionality across all our endpoints, including IT, OT, and legacy systems. By integrating additional log sources, we're expanding to XDR which will further enhance threat detection, investigation, and response capabilities. This enriched data will also enable the creation of custom workflows to streamline security operations and improve the overall effectiveness of SentinelOne alongside existing security solutions like Office 365, proxy servers, and firewalls, allowing for better correlation and incident response.

Our previous antivirus solution wasn't strong enough to keep up with the growing number and complexity of cyberattacks. Traditional antivirus struggles to monitor all endpoint processes and activities. SentinelOne Singularity Complete addresses this issue with its Endpoint Detection and Response capabilities. EDR collects comprehensive endpoint data and stores it centrally, allowing us to monitor all running processes, identify evolving threats and their techniques, and take appropriate action. Additionally, SentinelOne's built-in AI and ML can detect suspicious behavior that traditional antivirus solutions might miss, providing advanced protection against modern cyberattacks.

Our organization utilizes a two-pronged approach to cybersecurity with SentinelOne. On-premises, SentinelOne Singularity Complete safeguards our sensitive big data that never leaves our network. Additionally, we leverage the cloud-based SentinelOne SaaS solution for further protection.

How has it helped my organization?

SentinelOne offers a marketplace that expands its XDR capabilities. This marketplace allows for seamless integration with various security solutions, including Azure AD, email gateways, threat intelligence platforms, firewalls, and proxies. By integrating these tools, we can create automated response playbooks within the XDR platform, streamlining our security posture.

SentinelOne Singularity Complete excels at gathering and analyzing data from various security solutions. Its built-in marketplace offers over 120 connectors that automatically ingest logs, enabling correlation and better incident response through custom workflows. This integration streamlines security operations by minimizing manual effort and allowing security personnel to focus on faster remediation.

We leverage Ranger to secure our raw networks and functionalities that SentinelOne has limited coverage for. Additionally, we actively search for vulnerabilities in our systems.

Ranger is a valuable tool for improving network and asset visibility. It helps us identify gaps in our coverage by highlighting raw networks and unmonitored endpoints. These blind spots represent areas where we lack agent deployment, and Ranger essentially acts as a roadmap for prioritizing where to install them for a full view of our environment.

Ranger has a seamless integration process. From the console, we enable Ranger, triggering the installation of a lightweight agent on our endpoints. This agent then monitors traffic to identify coverage gaps and potential vulnerabilities within our system.

Integrating all log sources and creating a custom workflow will streamline analyst workloads. This will automate most of the basic tasks currently handled manually, freeing up the team for other projects. The analysts performing investigations and remediation will see a significant reduction in time spent on repetitive tasks.

Since implementing SentinelOne Singularity Complete, our mean time to detection has been drastically reduced, going from two full days down to just ten minutes each month.

SentinelOne Singularity Complete has reduced our mean time to remediation.

SentinelOne Singularity Complete has been a valuable asset in reducing our organization's security risks. Its features, including device control and firewall management, provide us with the tools we need to effectively manage and secure our endpoints.

What is most valuable?

SentinelOne offers several valuable features for threat detection and response. Correlation, static analysis, and other detection engines work together to identify and address security issues. Additionally, the STAR Rules feature allows us to create custom alerts based on specific attacker behaviors or indicators of compromise. This empowers us to not only respond to built-in threats but also proactively detect and prevent emerging ones by defining custom actions for abnormal activity. In short, SentinelOne goes beyond native threat detection, offering customization to tackle even the newest threats.

What needs improvement?

SentinelOne Singularity Complete needs more connectors for integration with more solutions.

It seems there are currently two separate installers for the same device, one in MSI format likely for Windows and another in a potentially custom EXP format. Ideally, these could be combined into a single installer. If that's not feasible, the EXP format could be used as a self-extracting archive that automatically installs the software using the MSI installer. This would eliminate the need for two separate agents and provide a more streamlined installation experience.

SentinelOne endpoint protection enters a reduced functionality mode during certain resource-intensive events. This mode temporarily limits some features and may require a machine restart. In some cases, the agent might even get disabled. To restore full functionality, we need to re-enable the agent and reboot the machine, which can be inconvenient. Ideally, SentinelOne should improve its handling of resource usage to avoid these disruptions.

The technical support response time has room for improvement.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for three months.

What do I think about the stability of the solution?

The current version of SentinelOne Singularity Complete is stable.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is highly scalable.

How are customer service and support?

The technical support response time is slow.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Our previous antivirus solution, Symantec Endpoint Security, struggled to keep up with evolving cyber threats. Additionally, integrating it with other security tools proved to be a slow and cumbersome process. Since switching to SentinelOne, we now benefit from seamless integration with various log sources and other security solutions, enabling a more holistic and responsive security posture.

How was the initial setup?

The initial deployment was straightforward and took four months to complete in our large environment but it was not complex to onboard the machines based on our policies.

Four people were required for the deployment. 

What's my experience with pricing, setup cost, and licensing?

While the cost of SentinelOne Singularity Complete might seem high at first glance, it's important to consider the value it offers. This helps to average out the cost.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete offers a comprehensive security solution for cloud workloads and endpoints. While it excels at covering all these areas, it could benefit from more granular control and further enhancements. The ability to extend its protection to cloud security or cloud servers, similar to CSPM tools, would be valuable for taking action within cloud or microservice environments.

Maintenance is required for updates.

SentinelOne is a good strategic security partner.

Before implementing SentinelOne Singularity Complete, it's crucial to understand how it will integrate with your existing systems. This ensures compatibility and avoids any unintended consequences. Make sure to create exclusions for any applications that might conflict with SentinelOne to prevent disruptions.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2310309 - PeerSpot reviewer
Enterprise Security Director at a comms service provider with 5,001-10,000 employees
Real User
Feb 7, 2024
Provides deep analytics for threat hunting, but the speed of investigation of the service team should be improved
Pros and Cons
  • "The tool saves 50% of the staff's time."
  • "The speed of investigation of the MDR service team must be improved."

What is our primary use case?

SentinelOne Singularity Complete is an MDR solution. It is used mainly to detect advanced threats in our teams and on-site teams.

How has it helped my organization?

I have used two different vendors before Singularity. Each had its pros and cons. However, Singularity is the most complete tool for EPP and EDR. From a financial, operational, and performance point of view, it is very efficient to have a single solution.

What is most valuable?

Ranger is a good feature. The XDR functionality provides the timeline of the attack. The product provides deep analytics for threat hunting. My team uses it to detect incidents and for threat hunting. I like the app inventory feature. It is very good for detecting unauthorized apps by our security policy.

What needs improvement?

I have raised a couple of comments regarding the speed of investigating incidents and performing analysis by the MDR service team. We are a telecom company. We are sensitive to the information of the users. The speed of investigation of the MDR service team must be improved.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

The product is pretty stable. It didn't create any issues on the endpoints, laptops, and PCs.

What do I think about the scalability of the solution?

We haven't tried to scale the tool yet, but the solution will be scalable after we increase our license.

How are customer service and support?

The support team is very collaborative. We have a dedicated account manager who is also a part of our support line. We do not face any delays or major inconveniences from the support team. I rate the support an eight out of ten. I will give it a ten out of ten when SentinelOne has better coverage in the Middle East.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have used Kaspersky, CrowdStrike, and Carbon Black. After using these solutions for a year, I chose Singularity Complete. The other solutions are existing products and are leaders. However, Singularity Complete is better than them from a financial and technological perspective.

How was the initial setup?

The initial setup is not complex. It's similar to any endpoint solution implementation. We require one staff to deploy the solution. We mainly use AWS as our cloud provider. We also use GCP.

What about the implementation team?

We did the implementation ourselves. It was like any other solution. We faced similar issues. They were not big issues, though. It doesn't require a lot of technical expertise.

What was our ROI?

We have seen a return on investment because we have saved at least 50% to 60% since we bought the tool. It is an achievement when we get one solution instead of two at 50% less cost. It improved our KPIs.

What's my experience with pricing, setup cost, and licensing?

The licensing is convenient, straightforward, and very clear. I care more about the breakdown of the license than the licensing itself. Some vendors have very complex licensing schemes. SentinelOne's licensing scheme is very clean.

Which other solutions did I evaluate?

Carbon Black has a competitive version of Singularity Complete, but it is not at the same level as Singularity Complete. It lacks features like threat hunting and Ranger. So, I chose Singularity.

What other advice do I have?

We didn't have any major issues related to the integration. However, we had some issues related to the implementation on the server site. It was solved by upgrading the agents. Initially, we had a couple of issues related to integration, but after that, it was solved.

The solution gives us more visibility into alerts but doesn't reduce them. It might help after we conduct the patching and vulnerability management, but we haven't tested it yet.

Singularity Complete has helped free up our staff for other projects and tasks. We have a full-fledged SOC team that uses SIEM tools. We use it to complement our SOC and our XDR and MDR solutions. We have Singularity Complete as a technology for further investigation and threat hunting.

When we get an alert from the SOC team, we use the tool to do the analysis and threat hunting in 30 minutes per incident. It is a considerable saving in the team's time because we have limited engineers and security analysts. The tool saves 50% of the staff's time.

The product has helped us save on operation and acquisition costs by 70%. We have replaced two solutions from other vendors with Singularity Complete. Singularity Complete has surely helped reduce our organizational risk. We had a lot of alerts from the previous vendors. Now, we see fewer alerts.

Compared to its competitors, Singularity Complete is very mature. It exceeds in some areas, especially in threat hunting. I have seen other solutions. They have very strong capabilities in detection but not in threat hunting. Singularity Complete makes a difference with our analysts when they perform threat hunting and threat analysis.

I like the product's vision very much. Everything has to be on a single agent, and the integration is very much worked on. It has a very good integration roadmap. It has a very complete and strategic vision. It doesn't sell only endpoint products. I like the completeness of its vision.

People who want to buy the tool must test all the features to see how they will get value from the product because it's very complex and feature-rich.

Overall, I rate the solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2260857 - PeerSpot reviewer
Sr. Security Engineer at a healthcare company with 5,001-10,000 employees
Real User
Jan 11, 2024
Provides high-quality alerts, easy to use, and discovers threats and mitigates them quickly
Pros and Cons
  • "Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product."
  • "The filtering features of the application management console could be improved."

What is our primary use case?

The solution provides endpoint protection for all our desktops, laptops, and servers. We also use it for some of the firewalls on the endpoints. We are also doing asset discovery for devices.

What is most valuable?

Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product. So, we can push SentinelOne onto those devices.

What needs improvement?

Recently, the vendor took away my ability to create a ticket, mostly because we're in an MSSP environment. It has created a lot of extra hoops to jump through. I recently had a single sign-on issue on the console. I had to go through my MSSP. It took a month and a half to two months to get any resolution on it because my MSSP can't test our single sign-on. They don't have an account in that system. It has been very detrimental to effectively solving issues. I understand that the vendor does not want the clients of the clients submitting tickets. However, when I'm the one who's doing the majority of the work inside of SentinelOne, removing that from my ability has been very inconvenient.

The filtering features of the application management console could be improved. If I search for applications that shouldn't be installed on our endpoints, filtering is not the most straightforward process. Running through the search process takes a lot of time and effort. It would be hugely beneficial if the tool blacklists the applications that are not allowed to be installed. It would help with the management of unapproved applications or malicious applications that might be installed.

The automated agent upgrade system could use a little bit more fine-tuning. The maintenance windows must be a little bit more robust. I have to manually set what agent we're pushing each time we want to change instead of asking the tool to do N-1 for agent upgrades. It's automatic, but it's not quite automatic.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the stability of the solution?

We've had fewer issues with stability recently, mostly because they made some changes to the actual agents. Shadow copies were filling up the drives and causing some crashes. However, the more recent agents have been much more stable, which has been wonderful.

What do I think about the scalability of the solution?

The tool is very scalable. If we use all of our agents, it's very easy to ask the vendor to add more agents to our license. They get that taken care of, which is really nice. It's been very easy to change and modify groups as we need to.

Exclusions have been very straightforward. I would love to see the exclusions to look at the machines in a group and inform us when we have exclusions that are not found in the directories on the machines. It will help with the removal of redundant or unused exclusions. It will remove some of that risk.

How are customer service and support?

I don't have access to create tickets. The vendor removed the ability. I need to talk with our MSSP for support. They sometimes send us support articles that we already have access to. It takes an extra three to four days to get things resolved. In the most recent case, it was a month and a half.

Which solution did I use previously and why did I switch?

We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.

How was the initial setup?

The initial deployment was pretty straightforward from my perspective. We were able to take the package and deploy it, which made it really easy to get it on all of our endpoints. About ten people were involved in the deployment.

What about the implementation team?

Our MSSP helped us do the deployment. We used the asset management tool Ivanti to push out the agents.

What's my experience with pricing, setup cost, and licensing?

The pricing is packaged in with our MSSP. The cost of endpoint protection is fairly reasonable. Some of the other systems are a little expensive, but there's still value behind them. It's pretty close to what I would expect.

What other advice do I have?

We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.

The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.

We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.

The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.

It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.

We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.

The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.

The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.

The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.

The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.

It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.

It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.

Overall, I rate the solution an eight out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2299671 - PeerSpot reviewer
Cyber Security Engineer at a manufacturing company with 10,001+ employees
Real User
Oct 31, 2023
Uses low resources, reduces alerts, and reduces organizational risk
Pros and Cons
  • "The external drive scanning is great."
  • "I am not a fan of the UI and feel it has room for improvement."

What is our primary use case?

We have deployed SentinelOne Singularity Complete on all of our internal employee workstations. It is our endpoint solution for extended detection and response and all of the components within that scope.

We implemented SentinelOne Singularity Complete to help us address our cybersecurity challenges, mitigate threats to our machines and organization, and protect our data.

How has it helped my organization?

SentinelOne Singularity Complete integrates well with other third-party solutions, such as Palo Alto Networks, which we use for VPNs, and Zscaler, which we use for content filtering. The fact that it is not an invasive program is great. Therefore, staying in alignment with what SentinelOne is currently doing with the platform is something I would definitely recommend. Something to avoid when choosing an endpoint protection solution is resource consumption. People develop a bad reputation for a product when they detect it impeding their workflow. So, as long as SentinelOne can avoid this, they are on the right track.

It ingests and correlates data across all of our security solutions. It is a modern solution that I am extremely satisfied with.

SentinelOne Singularity Complete has helped us consolidate our security solutions. It is an extended detection and response solution that provides us with detection and response capabilities, as well as heuristic-based protection. It is a very modern endpoint protection solution. I think it is very competitive with other software such as Trend Micro.

SentinelOne Singularity Complete is a modern endpoint protection solution that addresses the cybersecurity needs of the organization realistically and from a compliance perspective. Since I joined the team a year ago, I have seen the benefits.

SentinelOne Singularity Complete reduces the number of alerts because it is an easy-to-manage solution without thousands of data sources. When we do receive alerts, Singularity Complete provides concise and actionable information.

SentinelOne Singularity Complete is a manageable solution that scales and does not require a dedicated person to handle it.

I am satisfied with SentinelOne Singularity Completes MTTD.

SentinelOne Singularity Complete helps reduce the MTTR because it provides actionable steps when something is detected. It also helped us reduce our organizational risk. It uses modern techniques to identify threat actors and helps us maintain compliance. As a large international company involved in governance, it is important to us that Singularity Complete reduces our organizational risk. 

What is most valuable?

SentinelOne Singularity Complete does not consume many resources compared to the competition, like McAfee. The external drive scanning is great.

What needs improvement?

I am not a fan of the UI and feel it has room for improvement.

Heuristic analysis can always be improved. Many companies need to work on this. So, I think the sooner SentinelOne, for example, can get ahead of the curve on that, the sooner we can count on it as a realistic enterprise solution.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for over one year.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is one of the most stable solutions we have in our stack.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is scalable.

How are customer service and support?

The few times I have used the technical support it has been a good experience.

How would you rate customer service and support?

Positive

What other advice do I have?

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT manager at a outsourcing company with 11-50 employees
Real User
Oct 24, 2023
Helps reduce risk, reduces our MTTD, and saves our staff time
Pros and Cons
  • "The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products."
  • "SentinelOne needs to improve its endpoint deployment process."

What is our primary use case?

We use SentinelOne Singularity Complete as an antivirus product. We also use SentinelOne's product called Vigilance, which monitors and takes action on active threats in the environment. So, basically, if someone clicks a file, Vigilance recognizes it and takes action for us, providing recommendations and remediation steps. This is a huge value add, and it's in addition to Singularity Complete's ability to monitor threats on devices from the cloud and offer remediation steps.

Our previous antivirus solution was not providing adequate protection. Threats are evolving and mutating rapidly, making it difficult for older antivirus solutions to keep up.

How has it helped my organization?

We have not experienced any interoperability issues. Initially, SentinelOne flagged some older software that was trying to run, but we could allow an exception to continue using the software. SentinelOne would still scan the software's location, but it would not block the processes from running. This flexibility is very useful.

SentinelOne Singularity Complete gives us peace of mind when it comes to day-to-day threats, knowing that nothing will get past them and they are always vigilant in detecting and responding to active threats on the network. It helps us sleep better at night.

It does not produce many alerts, but it has reduced the number of threats we have. Alerts are good, but only if they are not too frequent. When there is an active threat, the alert is clear about what is happening, who is affected, and the name of the machine. The alerts are also concise.

It allows our staff to focus on other more important items.

SentinelOne has helped reduce our MTTD and our MTTR because we pay for Vigilance.

SentinelOne Singularity Complete reduces our risk of major attacks, lowering costs.

SentinelOne Singularity Complete has reduced our organizational risk.

What is most valuable?

The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products. SentinelOne is more than just an antivirus software, it provides insights into threats and shows the flow of attacks. It also allows us to set policies in the cloud so that any other system that is affected by the same bug or virus will be automatically killed, removed, and rolled back. Cloud automation is truly amazing.

What needs improvement?

I would like to see a privilege access management feature added to SentinelOne Singularity Complete. This would allow us to generate alerts when users try to run applications as administrators to approve or deny these requests and create policies within SentinelOne. I think this would be a great addition to the suite, as it would eliminate the need to purchase a PAM solution from another vendor. It would also give us greater visibility into user activity, as the SentinelOne portal is already very good.

SentinelOne needs to improve its endpoint deployment process. To illustrate, compared to ConnectWise, a remote management software that also has some security features. In ConnectWise, we can generate an installation package based on a group and deploy the software to all endpoints in that group without the need for a script.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for three years.

What do I think about the stability of the solution?

I would rate the stability of Singularity Complete ten out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of Singularity Complete ten out of ten.

How are customer service and support?

We pay for Vigilance, which is a 24/7 instant response team. However, if we did not pay for Vigilance and I had a question for technical support, they would usually respond within a few hours or the next business day, depending on the issue. I feel that they ask too many irrelevant questions when we are generating a ticket, but I understand why they do it.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were using Carbon Black before, but SentinelOne Singularity Complete is much easier to use. The portal is more intuitive, the email alerts are more intuitive, and everything about it is easier on the eyes. It has a simpler view. Their cost was comparable to Carbon Black, but the solution was much better.

How was the initial setup?

The initial deployment was moderate. It would be much better if SentinelOne had a better way to induct the site token into the installation process, rather than requiring users to create a script.

The deployment took a couple of weeks to complete and required two people. We captured 80 percent of the endpoints within the first day, and then it took a couple of weeks to catch the more subtle ones.

What's my experience with pricing, setup cost, and licensing?

Nothing good is cheap, and SentinelOne is no exception. However, as a market leader with a great product, they don't have to be so timid with their pricing. I would like to see lower prices, but I understand why they charge what they do. It is what it is when it comes to SentinelOne Singularity Complete.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

I would focus more on how the product is delivered and maintained. Maintenance of any type of antivirus product is always an important question when it comes to how to maintain this product and how to use it without dedicating a lot of resources to it. SentinelOne has just introduced an automatic upgrade feature for their client agent that allows us to set a policy to always keep our agents on the general mobility version. This will automatically upgrade our agents for us, saving IT a lot of time. Before, we had to manually upgrade our agents from the cloud, but now this process is fully automated. This is a huge value-added feature, and the agent is not very disruptive.

We have SentinelOne Singularity Complete deployed on our Windows servers across the country. Around 15 people are using the solution.

We must constantly monitor the portal to review items that Singularity Complete has blocked. Occasionally, we must decide whether to allow or deny access. We must definitely stay engaged with the portal, as it is not a fully hands-off solution. This is appropriate, as some interaction is necessary. However, the level of interaction required does not bother me.

If I were to recommend SentinelOne Singularity Complete to anyone else, I would definitely help them understand these types of products. People who are looking at cloud antivirus are usually coming from on-prem antivirus, so they may be shocked by the price. I would help them understand that yes, cloud antivirus products cost more than normal antivirus, but they offer peace of mind. Once they understand this, they can start to appreciate the value of the product.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1525839 - PeerSpot reviewer
Senior security consultant at a computer software company with 51-200 employees
MSP
Oct 2, 2023
Reduces organizational risk, saves time, and is easy to deploy
Pros and Cons
  • "The anti-ransomware capability to analyze the threats and user-friendliness are the most valuable features."
  • "When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools."

What is our primary use case?

We are a partner of SentinelOne and we provide demo proofs of concept to customers. Most of our customers use traditional antivirus software, which does not have the capability to perform zero-day analysis, block ransomware, or block zero-day attacks. SentinelOne, on the other hand, is an endpoint detection and response and endpoint protection platform solution, which means that it has the capability to block zero-day attacks, ransomware, and machine learning-based threats. SentinelOne Singularity Complete does not have antivirus technology, but rather it is an anti-malware solution.

Our customers switched to Singularity Complete primarily for security and ease of use. It is easy to install, troubleshoot, and upgrade. Singularity Complete is purely cloud-based for our customers.

How has it helped my organization?

Singularity Completes' interoperability is straightforward. They have easy API integrations with all major integration platforms, so it's simple. There are no complications.

SentinelOne can ingest and correlate data well. It has its own EDR and XDR technologies, so it provides threat defense, detection, and monitoring. The models work like a SIEM for endpoints, so customers can correlate logs, identify patterns, and visualize everything. It is very visible.

I deployed Ranger for one of our customers with a large infrastructure. Ranger provides clear network and asset visibility.

Singularity Complete was very helpful to our customers during the COVID-19 pandemic because many of their employees were working from home. When employees work from home, they often need to open ports from outside to active networks, which can make those networks more vulnerable to ransomware attacks. One of my customers had a traditional antivirus running, but it was unable to detect the ransomware. I deployed Singularity Complete to understand the attack pattern and block it. The customer was so happy with SentinelOne Singularity Complete that they renewed their subscription for four years in a row.

Singularity Complete increases the number of true positive alerts by detecting attacks that antivirus software misses.

Singularity Complete helps save time.

Singularity Complete has reduced the MTTD by ten percent.

Singularity Complete has reduced the MTTR. Where a traditional antivirus may take ten minutes, Singularity Complete takes two to three minutes.

Singularity Complete helps reduce organizational risk.

What is most valuable?

The anti-ransomware capability to analyze the threats and user-friendliness are the most valuable features.

What needs improvement?

When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools. It offers a variety of Falcon tools, including deep inspection, while Singularity Complete does not have all of these features. It still sticks to EDR or EDP. Therefore, I need improvements to match the features that CrowdStrike offers, such as a higher level of vulnerability assessment and a better understanding of the IOCs in our system so that we can apply fixes.

SentinelOne Singularity Complete needs improvement on Linux machines. We identified a few issues with most of our Linux customers' machines. Specifically, the application is not working properly after installation.

A major area of Singularity Complete that needs improvement is the restart option. We do not need a restart after installing a CrowdStrike agent. So for organizations that are running 24/7 and can't restart their machines, we do not recommend SentinelOne Singularity Complete.

For how long have I used the solution?

I have been working with SentinelOne Singularity Complete for five years.

What do I think about the stability of the solution?

I would rate the stability of Singularity Complete nine out of ten.

What do I think about the scalability of the solution?

Singularity Complete can scale easily. 

How are customer service and support?

Overall the technical support is good but we sometimes have difficulty getting a hold of them.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used CrowdStrike Falcon, but SentinelOne Singularity Complete is easier to deploy. CrowdStrike Falcon has many features and policies that need to be configured, while Singularity Complete is straightforward. It has a single policy and is very easy to deploy compared to CrowdStrike Falcon. However, CrowdStrike Falcon offers more features.

How was the initial setup?

The initial deployment is straightforward. We receive a URL extension from the company and we set the policies and install the agent.

I deploy the solution for POCs using 20 machines. We demonstrate the deployment methods, and the customer completes the rest of the process. We typically complete this task in two days. For larger organizations that have a lot of departments and branches, the deployment can take up to 15 days.

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete is cheaper than CrowdStrike but more expensive than any traditional anti-virus solution.

What other advice do I have?

I would rate SentinelOne Singularity Complete eight out of ten.

The Ranger functionality is not that important because it is optional, and most customers already have a solution for understanding their environment.

I would say that 90 percent of SentinelOne Singularity Complete is a quality product with only ten percent with room for improvement.

SentinelOne will not sell to organizations with fewer than 100 endpoints. Most of our clients are mid- to enterprise-level.

Maintenance is required, but the SentinelOne team maintains the cloud deployments, so we don't need to worry about it. The endpoint agents must be upgraded whenever an upgrade is available or when we have to fine-tune policies for customers to reduce false positives. One IT support person can handle any maintenance for the endpoints.

I suggest always doing a POC. If the customer is currently using traditional antivirus technology, they may not understand EDD, EPP, or EDR technology. Therefore, I always recommend a POC to help the customer understand these technologies. Customers should never implement an endpoint solution without a POC, because we don't know what endpoints are running on their system or how compatible the new solution will be with other endpoints. For example, if we are implementing a DLP solution, we should ask for a POC with all available agents, or we can deploy a test machine to understand the solution before implementing it in production.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer2282151 - PeerSpot reviewer
Senior Security Analyst at a pharma/biotech company with 501-1,000 employees
Real User
Oct 2, 2023
Helps reduce our organizational risk, provides great visibility, and can correlate data across our environment
Pros and Cons
  • "The most useful feature of all is deep visibility."
  • "We have had cases where Singularity Complete has caused applications to malfunction."

What is our primary use case?

We use SentinelOne Singularity Complete to provide endpoint protection for all endpoint servers and Kubernetes clusters in our environments where SentinelOne is supported. We also use SentinelOne to help manage our systems and provide visibility into the assets in our environment.

How has it helped my organization?

We have found that Singularity Complete integrates well with our existing SIEM solution, Splunk, and some of our other system management tools, such as Okta and Armis. We are also looking forward to the additional future integrations that are planned.

I appreciate Singularity Complete's ability to ingest and correlate data across our security solutions. I use this feature quite often, either to perform deep visibility searches to correlate data across different sources if I have specific concerns about security events, or even to track running or operational issues as well. Singularity is not only a security product but it can also be used for troubleshooting non-security and related issues on devices.

Compared to the previous EDR solution, Cylance Protect, we had substantially fewer false positives when we implemented Singularity Complete.

Singularity Complete has reduced our MTTD.

Singularity Complete has reduced our MTTR somewhat compared to our previous EDR solution.

Singularity Complete has reduced our organizational risk by 20 percent, specifically the risk profile associated with malicious activities on protected devices.

What is most valuable?

The most valuable features, of course, are the protection and support for the devices. In addition to that, the ability to see the last log-on dates for time-tracking purposes has been helpful. The most useful feature of all is deep visibility. I think it was recently renamed to something else, but it is the ability to run IOC queries across all devices and gain information to look at any kind of potential events that might occur.

What needs improvement?

We have had cases where Singularity Complete has caused applications to malfunction. The existing interoperability rules have not necessarily been sufficient to resolve those conflicts. SentinelOne needs to work on interoperability with other systems and on the interoperability rule set.

For how long have I used the solution?

I have been working with SentinelOne Singularity Complete for one year.

What do I think about the stability of the solution?

We have not had any stability issues in our environment with Singularity Complete.

What do I think about the scalability of the solution?

Singularity Complete is scalable.

How are customer service and support?

With any support service, it depends on the person we get on the line. Some are better than others. But overall, I find the technical support team to be good, comparable to other good technical support teams I've seen from other vendors.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We implemented SentinelOne Singularity Complete to move away from a legacy EDR platform, Cylance Protect, that did not perform as well as a modern EDR solution should.

How was the initial setup?

The initial deployment was complex due to the complex environment. I would agree that deploying to a single device would be straightforward, but we have a manufacturing environment that requires bespoke applications, which makes any migration complex.

Fifteen people were required for the deployment.

What about the implementation team?

The implementation was completed in-house.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing make sense. We worked with a third party to help us with licensing, and the licensing we obtained through that process was ultimately reasonable and comparable to other products on the market.

Which other solutions did I evaluate?

We evaluated Microsoft Defender, CrowdStrike, and Cortex XDR by Palo Alto Networks.

What other advice do I have?

I would rate SentinelOne Singularity Complete ten out of ten.

We are considering the possibility of using SentinelOne to consolidate some of our security solutions, but have not moved in that direction just yet.

Singularity Complete has not yet saved our staff time because it takes more time to deploy and migrate to the point where we have time savings. I think it will in the next couple of years.

We see a lot of innovation from SentinelOne. They are acquiring many other products that are integrating with the platform we looked to adopt in the next couple of years if it works out well. New features and functionalities are also regularly released. So, in terms of innovation, that's one of the reasons we chose SentinelOne Singularity Complete in the first place.

Singularity Complete is a mature product that can sufficiently protect our assets. I would say that the core features associated with that functionality are in place and work well.

Maintenance is relatively low, but systems need regular updates, and we need to troubleshoot all of them. So, there is some work involved.

SentinelOne is a good strategic security partner. We appreciate the direction of their product roadmap and its current coverage. One area where they could improve is in having their EDR support teams reach out to us. We don't believe we have an EDR or anything similar setup, but it would be helpful if they offered quarterly or semi-annual meetings to check in, see how we're doing, and give us an opportunity to provide feedback.

People researching Singularity Complete should first understand their environment and deployment goals to ensure compatibility between their existing solutions and the new product. They should also evaluate multiple competitors before making a commitment.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.