The primary use case for us is to use the lightweight SentinelOne agent on our endpoints. Our previous vendor's agent was heavier, which caused performance issues when scanning our systems. We were impressed with how lightweight the SentinelOne agent is and how few resources it consumes. We also use it for some of our infrastructure, which includes machines with limited resources. We wanted to find a solution that would not impact the performance of these machines.
Sr. IT Systems Security Admin at a consultancy with 51-200 employees
Provides great visibility, is easy to review incidents, and saves us time
Pros and Cons
- "I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud."
- "One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves."
What is our primary use case?
How has it helped my organization?
SentinelOne Singularity Complete has streamlined the mitigation process and the time it takes to analyze and understand whether I have a true positive or a false positive. This has definitely saved me some time. The rollback feature is also a nice addition. Previously, our old solution would link out to services like VirusTotal, but it was difficult to follow these links to determine if an alert was a true positive or a false positive. For example, an alert might be labeled as a potentially unwanted application, which might not be as critical as a true positive. SentinelOne has made it easier to determine the severity of an alert. I have also noticed that SentinelOne has cut down on the number of false alerts. Our old solution would alert us to things like Chrome browser updates, which would download and make registry changes. With SentinelOne I have only encountered one alert that I didn't need to worry about.
We have definitely saved a lot of time. We had to spend some time setting up the environment correctly, scaling up the protections, and setting any exemptions. After that, the most I need to do is troubleshoot issues that are not related to SentinelOne, such as removing the SentinelOne agent if I need to troubleshoot another issue on an end-user device. Application updates, such as when a new installer is released, are the only other times I need to access SentinelOne, besides when I need to review an incident.
It has helped us reduce our MTTD. We are notified of threats quickly, and being able to see the threat on our dashboard has simplified the process. Once a threat is identified and I am on the screen, I can click once to view the visibility and see if the threat is anywhere else on our network. This is fantastic.
SentinelOne Singularity Complete has helped us reduce our MTTR.
Although it is difficult to quantify the direct financial savings of SentinelOne Singularity Complete, we have saved money indirectly through time saved.
What is most valuable?
Visibility is one of the most valuable features of SentinelOne Singularity Complete. It does not directly replace a dedicated SIM solution, but it works well for our environment and gives us the visibility into our systems that we need.
I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud. From the notification we can click into the incident to start reviewing, it is just a few clicks. I have all the data in a single pane, and I can pivot to other sources of information, such as VirusTotal, with a single click. I can also hunt for the incident on the network with a single click. This makes things much easier and saves me time from having to review logs.
What needs improvement?
One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves. This could be done in cloud storage or through our mobile device management platform. When they release a new package, whether it's an early release or a general release, I believe they could provide more value by hosting those packages directly. Currently, when they release a new package, I get notified, which is great. However, I then have to go to the portal, download the package, and replace the package that we have posted on our own cloud storage. This is time-consuming. If they could simply provide me with a link to the latest general release installer, that would be fantastic. Even if the link changes, I would only need to change the URL in our cloud storage. This would save me a lot of time.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for five months.
What do I think about the stability of the solution?
I keep the central tab open in my browser. If I click Sign in instead of being signed in, the page refreshes, and I have to sign in again. I think this was just a session token expiring. I have not experienced any stability issues with SentinelOne Singularity Complete, such as crashing or downtime.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete is scalable to our infrastructure and endpoints. Once we figured out the deployment hurdle for Windows and Mac, we were able to push it out to all of our endpoints without any problems. I can break out devices into different sites and groups, and some of those groups can be dynamic. For example, if I'm looking for a Mac computer versus a Windows computer, I can just click on the group and see all of them there. I can also add tags for anything, such as the OS version or if the person might be a specific risk. These are non-relational attributes and values that we can set, so we can define whatever schema we want. It's fantastic.
How are customer service and support?
The technical support team was quick to answer my question and their answer was precise. I didn't have to go back and forth with them or explain things multiple times. They gave me exactly what I needed.
Which solution did I use previously and why did I switch?
We previously used BitDefender and Malwarebytes. SentinelOne Singularity Complete was priced similarly, and we felt that it had better support. When we had a support issue, it was answered and resolved quickly. Additionally, the visibility and ability to traverse the logs of all the other devices in our network were invaluable. This allowed us to see if a threat might be present elsewhere in our network. This is what ultimately led us to choose the complete solution over the other SKUs that they offer.
SentinelOne Singularity Complete has a lightweight agent. Additionally, some of our servers are running older operating systems. The agents from our previous vendor did not work well with these older systems. I specifically looked for a new solution that would not be a watered-down solution and would function across our legacy architectures as well as our current modern setup.
Another benefit of the Singularity Complete solution is the increased visibility it provides. We are able to collect data on endpoints that are connecting to specific IP addresses or installing specific files with similar hashes. This allows us to see how far a threat has propagated through the network or if anyone else has it installed. This is something that we could not do with our previous solution.
How was the initial setup?
We use Windows and Mac computers. Deploying SentinelOne on Windows was fairly easy. We were able to do it through our remote management solution. The installation was straightforward and simple. The most difficult part of the process was that the device had to reboot in order for SentinelOne to connect to the visibility service and bring everything online.
Deploying SentinelOne on Mac was a bit different. This is primarily due to the way the macOS operating system works. We need to grant specific privacy permissions to applications in order for them to have full disk access or screen recording capabilities. We found that if we installed SentinelOne on the user profile of a Mac computer, the user's administrator could remove it. This is not ideal, so we had to go back to the drawing board and deploy SentinelOne through our MDM solution.
The biggest headache was that, in order to deploy SentinelOne through MDM so that users did not have to grant privileges to the application, we needed to create a Privacy Preferences Policy Control profile with the specific permissions granted for the SentinelOne bundle ID. We then pushed this profile out to all users. Once we did this, the installation was seamless.
What about the implementation team?
A few colleagues and I completed the implementation in-house.
What was our ROI?
We have seen a return on investment in the form of time savings. We used to spend more time on incidents, but now we can quickly triage them and move on to other things. This has freed up our time so that we can focus on more important tasks.
What's my experience with pricing, setup cost, and licensing?
We did receive a competitive price for SentinelOne Singularity Complete. However, I believe the retail pricing, or MSRP, is a bit high. I hope we can get the same competitive pricing through our reseller when it comes time to renew. I still believe there are benefits to the solution, even if we had to pay the list price. However, I think they could be more competitive with their upfront pricing.
What other advice do I have?
I would rate SentinelOne Singularity Complete eight out of ten. The room for improvement is to add some additional features, such as Ranger, which they sell separately. I see a lot of value in Ranger, and I wish it was included with the complete purchase.
We do not have any direct plugins for SentinelOne Singularity Complete, such as Ranger. Ranger is an add-on that I believe can be purchased through SentinelOne to expand our visibility. We do not have that, and I wish it was included because there are quite a few nice features that I would hope to see eventually included or trickled down to the complete solution. I feel like those are just a few other cherries on top that would really put this package over the top. One of the struggles I have in a Mac environment is creating a custom application creating the Privacy Preferences Policy Control profile and setting everything correctly so that users do not need to interact with the application when it is pushed to them. SentinelOne has clear documentation and works with a few MDM vendors that have documentation already published. So when we were running a POC for a few of these vendors, it was very easy to get that set up, which is not something I can say for other applications.
SentinelOne Singularity Complete is an intuitive product. I found the getting started guide and active preparation checklist to be very helpful. The checklist is well-documented and comprehensive, and it covers everything from the initial purchase to GoLive. The support team was also able to answer any questions I had about navigating the application. The interface is mature and user-friendly. I have not encountered any major issues so far. Overall, I am very happy with SentinelOne Singularity Complete.
SentinelOne Singularity Complete is definitely valuable as a strategic security partner. SentinelOne Singularity Complete was our top choice, and we are happy with it. I would definitely recommend it to my colleagues if they were looking for a solution for their company.
Maintenance is only required when the vendor releases a new general access version of the installer. I need to download the new version, upload it to our servers, and make sure it deploys successfully to our machines. This is the extent of my maintenance responsibilities. I do not need to directly interact with the application itself.
I would recommend that people evaluating SentinelOne Singularity Complete try it out to see if it is right for their environment. SentinelOne offers a trial that can be set up for their environment. When an organization purchases the product, they will flip a switch and there is no need to set anything else up. This was beneficial for us because we did not have to waste time setting up and deploying the product to a few devices in our environment only to have to do it again after we purchased it. I would also recommend engaging with the resources that SentinelOne provides to get a good understanding of the product. We can tweak the settings and see how it responds to different threats. If organizations have any specific needs, they can talk to an engineer during the trial. This was helpful for us because the engineer was able to make changes to the settings to meet our needs. Overall, I would recommend taking a look at SentinelOne Singularity Complete. I was initially overwhelmed by the different SKU offerings, but I was able to work with sales to find the best package for our needs. The SentinelOne team has been very helpful.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Information Security Analyst at Point Loma Nazarene University
Helps reduce our threat detection time, response time, and improve our security
Pros and Cons
- "I find the application inventory feature to be extremely useful."
- "Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful."
What is our primary use case?
We use SentinelOne Singularity Complete to manage incidents that come in.
How has it helped my organization?
We wanted a solution that could help protect all of our endpoints. SentinelOne Singularity Complete is on all of our servers, and all of our endpoints, to protect against threats to the university.
SentinelOne Singularity Complete has aided our organization by offering a centralized platform for comprehensive visibility. It has enabled us to conveniently monitor all threats and manage our devices through the antivirus, all within a single interface.
SentinelOne Singularity Complete has certainly reduced the number of alerts over the past two years in my experience. We receive very few alerts now, which is excellent.
It has helped us free up our time to focus on other tasks. The solution is very helpful for configuring various exclusions. This ensures that the alerts we do receive, which are false positives, will not pester us in the future. This definitely provides us with more freedom and time to work on other matters.
Singularity Complete has helped reduce our MTTD and our MTTR, which is now just a few minutes after detection.
It has helped our organization save costs.
Singularity has certainly reduced the risk for our organization. With its installation across all endpoints and servers, we are confident that it will effectively protect us against malware or intrusions attempting to breach our environment.
What is most valuable?
I find the application inventory feature to be extremely useful. We utilize GreenMile for MAC management, and it's not as straightforward to locate the inventory of the applications installed on our computers. As a result, I have been using the application inventory feature more frequently to accurately identify the programs installed on each machine.
What needs improvement?
One aspect to consider is the SentinelOne network firewall they have in place. I believe they implemented it approximately a year ago. Initially, we faced challenges during the setup phase, which consumed a considerable amount of time. Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful. While the idea behind it appears promising, I think SentinelOne should consider removing it.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for almost two years.
What do I think about the stability of the solution?
Singularity Complete is stable and I have not seen any downtime.
What do I think about the scalability of the solution?
We don't possess as many endpoints in comparison to, I suppose, other companies and universities. However, I believe that if we were to double them today, scaling Singularity Complete would become quite effortless.
How are customer service and support?
The times I've contacted customer support, it has been really good. There was only one instance when the support was very poor. However, after my concern was escalated to a supervisor or someone on the management team, my issue was resolved. So, I believe that was the only occurrence out of numerous customer interactions.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used ESET.
What other advice do I have?
I would rate SentinelOne Singularity Complete a nine out of ten.
We currently only have a couple of integrations with Singularity Complete. I believe there is potential for more integration. As of now, we have only installed two apps that integrate with Singularity Complete.
No maintenance is required from our end.
SentinelOne is excellent as a strategic security partner. There have been numerous advancements, and since I began using the platform two years ago, they have undergone substantial changes. They have introduced many new features, and I have witnessed significant company growth over the past two years.
I suggest examining the various features available in SentinelOne's complete version. We have experienced numerous advantages with it. Often, when SentinelOne introduces new features, we don't notice them until they are fully developed. It's beneficial to explore some of the new features that are in beta. This allows us to experiment with them and assess how they can enhance our environment.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
Vice President of Technology at J&N Stone
Provides great visibility, real-time detection, and time savings
Pros and Cons
- "The visibility component is the most valuable feature."
- "I would have liked the dashboard to be more user-friendly."
What is our primary use case?
One of the companies we conduct business with received ransomware. As a result, we sought to enhance our security posture, commencing with our employees. SentinelOne Singularity Complete was procured to gain visibility into our company's resources. We aimed to possess the capability to detect whether our users were encountering malware, viruses, or incidents.
How has it helped my organization?
We used to employ Norton antivirus on all our assigned desktops and laptops. Unfortunately, we had no visibility in this setup. Consequently, if a user were to acquire a virus or download malware or anything suspicious, we wouldn't be informed. While users do receive prompts indicating suspicious activities, they might not always report them. Hence, gaining visibility became our top priority. I required a solution that would allow me to monitor such activities. For example, if a user were to download something malicious or suspicious unrelated to their daily tasks, or even if they were to download malware, I needed immediate visibility. This would enable me to promptly quarantine the threat, resolve the issue on the affected device, and collaborate with the respective employee. The goal was to raise awareness about their downloads, educate them on safe practices, and enhance their overall understanding of their actions. SentinelOne Singularity Complete helps address our requirements.
The primary advantage of SentinelOne Singularity Complete for our organization is enhanced visibility. The secondary benefit is my belief in the product having a much stronger support system. This implies that no one in the company has the necessary resources to identify and address malware effectively, resulting in their product not being up to par in terms of providing comprehensive protection for end users. While our previous endpoint management, Norton, was good, it fell short of greatness. I strongly feel that no other product truly excels. I've gone through numerous reviews, made comparisons with alternative solutions, and utilized other options. This wasn't just a slight improvement in polish; it genuinely ensures the safeguarding of end users and the entire company.
I haven't received many alerts. Ironically, of the alerts that I have received, most were originating from my device. As I am the technology leader for the organization, there were certain tools on my laptop that were flagged almost immediately upon installing the agent. So, in an ironic twist, I was flagged. However, it's actually quite positive that my end users haven't engaged in any activities that could be deemed malicious or suspicious. I receive emails and reports promptly, so I'm genuinely surprised that the tool behaves this way. Interestingly, when it did flag certain processes and software on my devices, they were actually legitimate pieces of software that I regularly use. Nonetheless, I'm pleased that SentinelOne Singularity Complete was able to promptly detect these instances.
I am the sole technical person in the company, and the solution has enabled me to concentrate more on enhancing the organization's security posture. This foundation and framework have paved the way for me to pursue additional projects in the field of security for our organization.
The mean time to detect is nearly real-time. When I identified potential threats, the response was nearly instantaneous after installing the agent and running the initial scan. It promptly identified all issues. I received an immediate notification to quarantine those processes and applications. This allowed me to conduct a more in-depth investigation and confirm that these processes should not be present on the device.
SentinelOne Singularity Complete has unquestionably aided in diminishing our organizational risk. The solution significantly reduces overall risk, just as it claims. I have examined numerous white papers and engaged in discussions with numerous individuals within the organization to establish a sense of confidence in recognizing SentinelOne as a market leader. Their enduring presence is apparent, coupled with their commitment to thorough research, which is consistently integrated into their products to ensure their relevance and continued usefulness for consumers.
What is most valuable?
The visibility component is the most valuable feature. Having the capability to delve into the specific resources that the devices are actively using provides us with the breadth and visibility that we seek. Additionally, being able to accurately track our users' activities, such as identifying when they are downloading PDF attachments, enables us to promptly detect any potential issues.
What needs improvement?
I would have liked the dashboard to be more user-friendly. I often have to navigate through several menus to locate exactly what I'm searching for. I had difficulty finding the site token required for device installation or agent installation on devices. It actually took me quite a while to locate these menus. Instead of having them at the top after selecting from the left-hand side, they list the sub-menus at the top. This forces me to scroll through my screen to access all the different sub-menus. If they were placed underneath the main menu or bookmarked on the left-hand side, it would make navigation significantly easier.
I would appreciate having more comprehensive reporting. While I believe the current reporting is accurate, I find it slightly simplistic in my view. However, I want to note that I've been using the product for only about a month, so it might take more time to fully process the information and generate detailed reports.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for 2.5 years.
What do I think about the stability of the solution?
SentinelOne Singularity Complete is stable. I haven't encountered any crashes or errors during installation. There have been no unusual glitches on the management console. Over the l;ast 2.5 years I'm extremely satisfied with the solution.
What do I think about the scalability of the solution?
I don't have any issues with the console scaling. When I logged in earlier today, SentinelOne performed a complete site upgrade in the background, and I didn't even notice it. Scalability is also not a problem with agent inflation in my company. I have been able to deploy agents without any trouble. Initially, there was a minimum purchase requirement, which was slightly higher than our install base's cost. However, I was comfortable with purchasing the additional licenses. Therefore, if we do experience growth, licensing won't be an issue. I want to ensure that we remain within the appropriate range for that.
I have been informed that even if we experience a sudden surge in growth among our customers and we continue scaling and deploying agents, we will catch up with the licensing costs beyond our initial purchase price within the year. So, I am confident that they can scale effectively. Although my installation is relatively small in comparison to some larger organizations I've worked with in the past, I am aware that these products can scale to accommodate thousands of devices. I have full confidence that if we were to experience explosive growth within our company, I would be able to manage it without any issues.
How are customer service and support?
I only had to use technical support once because my email address had not been added to various websites they have, such as their tech support and community website. For that issue, I had to contact my account manager because the tech support site hadn't recognized it yet. However, that single email was corrected almost immediately. Within five minutes, a community manager contacted me, informing me that I had been added, and I could proceed to log in to all the different sub-websites of SentinelOne to access the various resources they provide. The matter was resolved extremely quickly.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Norton AV. We chose to switch to SentinelOne as a more advanced NextGen AV that was enterprise ready. We made the switch as our company began to grow.
How was the initial setup?
The initial setup is extremely easy. I collaborated with my team to grant trial access, allowing me to configure a single device and assess its functionality. Furthermore, the website's cloud segment was established automatically by SentinelOne. Upon downloading the package, it was promptly recognized, and the device was seamlessly incorporated into the cloud-based management console. This enabled me to effectively oversee, configure, and comprehend its settings. The overall process struck me as remarkably straightforward, even when I noticed that there was an error in the naming of my management console. A quick email to my account manager rectified the issue, with their prompt resolution at their end.
I completed the deployment on my own.
What about the implementation team?
No 3rd party was used for the deployment. After the initial portal was set up for us, the installation on the devices was straight forward.
What was our ROI?
No real ROI, however, I do feel more secure as a company knowing our devices and servers are protected with a terrific solution from SentinelOne.
What's my experience with pricing, setup cost, and licensing?
Licensing and pricing were inline with my expectations. There was a minimum license requirement, but as we continue to grow, we were ok with that minimum purchase requirement.
Which other solutions did I evaluate?
SentinelOne (Winner), Carbon Black, Trend Micro.
What other advice do I have?
I would rate SentinelOne Singularity Complete as a ten out of ten. The reason is that I found the visibility I was looking for. It identifies suspicious software immediately; I experienced this firsthand when it detected such software on my device while I was using certain tools. This assures me of the solution's effectiveness. The management dashboard is largely user-friendly and provides all the information I require. It allows me to search deep within the processes of the running instances. Therefore, I consider it a strong offering, especially since many competitors provide similar services. In terms of knowledge, SentinelOne Singularity Complete competes well with these other vendors. I am highly satisfied with my purchase.
SentinelOne Singularity Complete's ability to save us costs is currently unknown. The purchase of SentinelOne Singularity Complete was significantly more expensive than the Norton software we had previously been using on our other devices. However, there is a balance, and I have visibility into this. I have the agent and the support of a much larger organization that is specifically focused on this. Therefore, the increased cost is justified for what we are aiming to achieve. While it might potentially save us a significant amount of money if one of those devices becomes infected with serious malware that leads to ransomware or similar issues, its primary purpose is also to prevent such situations. In conclusion, whether it will ultimately save us costs is a complex question with both positive and negative aspects.
I downloaded the package from the cloud and had to search extensively to find the site token for proceeding with the installation. It would probably be easier if the package were downloaded directly from the cloud. The solution would recognize that it has been downloaded from my account on the cloud and wouldn't require applying that token. I think that might be simpler from an administrator's point of view. I appreciate the ability to create automation for updating the agents. I found that feature very useful, as it eliminates the need to update each device individually to a newer version or to manually check the cloud for a newer version. Once I approve the update, the automation tool handles the update process automatically. I really like that aspect.
Maintenance is straightforward. I accomplish this by creating automation for the agent upgrades whenever new versions are released. Once I receive the email notifying me of a new version, I access the console. In a matter of five minutes, I can generate automation that will proceed to update all the agents within our console automatically. Therefore, performing this task doesn't require much effort from my end.
I value SentinelOne as a strategic security partner. I have experience with other security products within much larger enterprises, some of which are significantly more expensive. Certain products require an entire team to initiate and run, demanding a substantial amount of time and effort to set up the infrastructure, create the necessary site, and proceed with deploying project management, involving multiple meetings. My engagement with SentinelOne was quite streamlined. I had only two meetings with them: one to familiarize myself with the product and a second one to make the purchase and understand the procurement process. Everything was handled by their team from the backend. If I remember correctly, these interactions took place on the same day. I had a meeting around ten o'clock, and by approximately three o'clock, the management console was prepared for my access. This allowed me to start deploying the agent for testing purposes. In my view, SentinelOne exhibits a customer-centric approach. They not only focus on the security aspects of their consumable product but also prioritize their customers. The professionals I collaborated with demonstrated a clear understanding that their clients come first. Overall, I am deeply impressed with SentinelOne. While I have experience with other vendors and larger corporations that hold more industry recognition, my comprehensive impression of SentinelOne over the month and a half of evaluating the product, and the subsequent month of using it, is exceptionally positive. They indeed offer a highly effective product that aids consumers in maintaining the security of their devices.
I recommend that organizations conduct their own thorough research and due diligence. Don't solely rely on marketing speeches. The security field has numerous players, many of whom offer similar services. Personally, I have experience with some of these other solutions that function very similarly to SentinelOne Singularity Complete, including their management platforms and agent-based solutions. What stood out to me was the depth of SentinelOne's research. They delve into the core aspects of security, beyond just product user-friendliness, easy installation, or a visually pleasing dashboard. Their commitment involves meticulous research into prevalent malware and viruses. They ensure that the solutions they provide can rapidly detect zero-day attacks and malware, offering immediate protection to their customers. In my view, SentinelOne stands out because they genuinely prioritize their customers' interests. They demonstrate their commitment through their dedicated research and development, and by offering applications that effectively safeguard customers.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Dec 10, 2025
Flag as inappropriateAssociate Director at a financial services firm with 10,001+ employees
Ransomware recovery enhances security while product support needs improvement
Pros and Cons
- "The platform's ability to easily integrate with various other platforms is highly valuable."
- "The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not."
What is our primary use case?
We use Singularity Complete for end-to-end endpoint security protection, including EDR integrated with other platforms for XDR. The ransomware rollback feature of Singularity is a key reason for its use.
It is primarily for integration with SIEM to have a single pane of view, integration with web security for sharing insights, and automation of remediation tasks. Additionally, network discovery from the Singularity platform is used to identify rogue devices quickly.
How has it helped my organization?
Visibility is greatly improved with Singularity Complete as it allows visibility into endpoint devices and the processes running on them.
What is most valuable?
The most valuable feature is the ransomware recovery and rollback feature. The platform's ability to easily integrate with various other platforms is also highly valuable.
It also enables integration with other technologies, saving costs associated with having point solutions. The integrated system allows for significant automation, reducing the time and effort needed for management.
The mean time to response has reduced from hours to minutes due to integrated automation systems.
What needs improvement?
Improvement is needed in terms of product support. The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not.
For how long have I used the solution?
I've been working with Singularity Complete for three years.
What do I think about the stability of the solution?
Singularity is a very mature product that supports most assets available in any enterprise environment. It runs seamlessly without challenges.
What do I think about the scalability of the solution?
Singularity Complete is suitable for large and mid-scale enterprises.
How are customer service and support?
Technical support could be better. I would rate it around six on a scale of one to ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
CrowdStrike is a competitor. Singularity is better because it supports the ransomware rollback feature.
How was the initial setup?
The setup process is simple and user-friendly.
What about the implementation team?
Initially, anyone can deploy out of the box. When tuning aligned with the environment is required, assistance from a system integrator is recommended.
What was our ROI?
Integration helps save costs by reducing the need for point solutions.
What's my experience with pricing, setup cost, and licensing?
Pricing is not pocket-friendly. It can be difficult for small-scale companies.
Which other solutions did I evaluate?
SentinelOne's main competitor in the market is CrowdStrike. However, Singularity Complete is preferred thanks to its ransomware rollback feature.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Network and Systems Team Lead at Utilibill Pty Ltd
The solution performs well and is less resource-intensive than other products
Pros and Cons
- "Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory."
- "SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan."
What is our primary use case?
We use Singularity to secure our workstations and servers.
How has it helped my organization?
Singularity has added some features to our security setup. It adds layers of protection to our security servers and workstations. One advantage of Singularity over other traditional antivirus products I use is that it doesn't use as many resources as other products.
If you resolve them permanently, the solution can reduce the number of alerts. Some applications keep triggering alerts, and you need to remove them, or they will continue to do so. We need physical signatures to prevent them from alerting again in the future. We can reduce the alerts by about 80 to 90 percent annually. Our old antivirus wouldn't flag some applications as malicious, but SentinelOne detected them, so we removed those applications, and it reduced our alerts.
Singularity has reduced our organizational risk by about 80 to 90 percent. We were able to address those alerts and remove a lot of malicious files that our previous solution didn't recognize. We saw a significant advantage in the first year. We've experienced a massive improvement in our mean time to detect. We have a large user base, but Singularity Complete performs better than our previous solution.
What is most valuable?
Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory. We can consolidate our security solutions into one centralized platform, and monitor all our workstations and servers from one place.
What needs improvement?
SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan.
For how long have I used the solution?
I have used Singularity for 4 or 5 years.
What do I think about the stability of the solution?
I rate Singularity Complete 9 out of 10 for stability.
What do I think about the scalability of the solution?
I rate Singularity Complete 9 out of 10 for scalability.
How are customer service and support?
I rate SentinelOne support 9 out of 10 because they're very responsive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously worked with Sophos and ESET. The primary reason we prefer SentinelOne is that it doesn't consume a lot of resources.
How was the initial setup?
Deploying Singularity is straightforward, and it doesn't require you to restart the servers in the latest version.
What's my experience with pricing, setup cost, and licensing?
Singularity isn't cheap, but it's worth what we pay for it.
What other advice do I have?
I rate SentinelOne Singularity Complete 9 out of 10 overall. Singularity performs as well as expected, and it's less resource-intensive than other products.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Security Consultant at First Technology
High-quality, cost-effective, and stable
Pros and Cons
- "The most valuable feature of Singularity Complete is the Ranger function."
- "Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions."
What is our primary use case?
I use the solution for endpoint protection, including features like EDR, antivirus, and advanced threat prevention.
How has it helped my organization?
Singularity Complete has significantly reduced response time for our clients. With its multifunctional capabilities, it streamlines processes, allowing quicker and more efficient responses to various issues.
What is most valuable?
The most valuable feature of Singularity Complete is the Ranger function.
What needs improvement?
Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions.
For how long have I used the solution?
I have been working with SentinelOne Singularity Complete for a year.
What do I think about the stability of the solution?
I would rate the stability of the solution as a nine out of ten.
How are customer service and support?
I would rate the technical support of SentinelOne as an eight out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial deployment of the solution was straightforward. SentinelOne is typically used across multiple locations and departments for our clients. Fortunately, it demands very little continuous maintenance.
What's my experience with pricing, setup cost, and licensing?
The solution is reasonably priced.
Which other solutions did I evaluate?
Before choosing SentinelOne, we evaluated other solutions, including SmartOps. SentinelOne stood out with its advanced AI engine, especially evident in recent micro-attack evaluations.
What other advice do I have?
Singularity Complete offers strong integration capabilities with over 100 APIs and excellent integration with other SentinelOne solutions.
Asset visibility with Singularity Complete is crucial for my clients as it enables a clear understanding of their network and assets. It is important because without knowing what is in their environment, it is challenging to secure it effectively.
It is crucial for me that Ranger requires no new hardware or network changes. This is very important as it simplifies deployments and enhances scalability for us.
Ranger assists in preventing vulnerable devices from being compromised. It can isolate devices on the network in response to a threat, automatically detecting and responding to issues such as a virus, ensuring swift action and containment.
Singularity has successfully reduced alerts by 80%, significantly improving the efficiency of the alert management process.
Singularity has freed up people's time, reducing their workload by approximately 45%, and enabling them to focus on other projects and tasks more efficiently.
Singularity has proven to be cost-effective for our clients, with an estimated cost reduction of around 30%.
SentinelOne Singularity Complete is high quality and built for enterprise-level security.
I'm very pleased with SentinelOne as a strategic security partner. Overall, I would rate SentinelOne Singularity Complete as a nine out of ten.
My advice to new users is to adopt SentinelOne's Singularity Complete platform, and if feasible, opt for the visual response option for enhanced security measures.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer.
Security Analyst at R V college of Engineering
Helps reduce alerts because it can correlate the data
Pros and Cons
- "They provide a map, a process tree, and that is pretty good for analysis."
- "It would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations."
What is our primary use case?
We use it mainly for EDR, alert handling, and development. It's a detection and response tool. It is mainly for protecting endpoints and having response capabilities. We use it as the one endpoint solution for all departments and all operating systems.
How has it helped my organization?
We get a lot of data from SentinelOne about threats, and obviously that helps protect the organization.
It helps reduce alerts because it can correlate the data. It doesn't just depend on hashes. It can see the behaviors, and that helps a lot to reduce alerts. Compared to our previous tool, it is detecting 20 to 30 percent fewer false alerts.
In addition, because it has real-time detection, it helps decrease our MTTR. Within seconds, we'll get the data. And for mean time to respond, we need to collect the data, and most of it is available. So it takes us five to 10 minutes to respond after detection.
For our organization, security is very important. If a solution is protecting us, it is like saving money. With SentinelOne's features and the fact that it is in the cloud, that makes it cheaper. As an EDR tool—the best one—it helps to reduce risk; in our organization by 30 to 40 percent.
What is most valuable?
They provide a map, a process tree, and that is pretty good for analysis.
Also, it can be integrated with third-party threat intelligence tools. From that perspective, it's good. And we can ingest SentinelOne data into Splunk and correlate and provide analysis on that.
It gets data from all the endpoints, and we'll have that in a centralized place, and we can track those cases to detect the threats. It helps protect the organization in that way.
And Ranger provides network and asset visibility. We have network-level data visibility, as well as endpoint data and application layer data. It has a good feature to collect all the domains that are initiated. That helps us see if there are any malicious connections on the machines. And it's simple because Ranger requires no new agents, hardware, or network changes.
What needs improvement?
They could add more visibility on the network side. That is currently done via a plugin.
Also, it would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations.
For how long have I used the solution?
I have been working with SentinelOne Singularity Complete for about one and a half years.
What do I think about the stability of the solution?
It is a stable solution and it is growing.
What do I think about the scalability of the solution?
It can be extended in the cloud, so the scalability is a 9 out of ten.
How are customer service and support?
The tech support is really good. We get responses on time, as defined in the SLAs.
How would you rate customer service and support?
Positive
How was the initial setup?
The SentinelOne team helps with the implementation, and as it is a cloud SaaS application, we didn't have to do much. They have pretty well-defined documentation, and it is straightforward. And similarly, the maintenance is taken care of by the vendor.
What was our ROI?
We are seeing ROI because we are securing and protecting the company and, obviously, protecting its money as well. As an EDR, it's doing a good job of protecting the endpoints.
What's my experience with pricing, setup cost, and licensing?
It is comparatively cheap in the market and provides a good price point.
What other advice do I have?
In terms of maturity, SentinelOne is a good tool.
It can be used in any department in an environment with Windows, Linux, and Mac machines.
Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Cyber Intelligence Analyst at a financial services firm with 1,001-5,000 employees
Provides a lot of visibility, and enhances our defense and the ability to respond to emerging threats
Pros and Cons
- "I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time."
- "Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend."
What is our primary use case?
We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.
How has it helped my organization?
I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.
I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.
Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.
Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.
SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.
What is most valuable?
I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.
The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.
What needs improvement?
Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.
For how long have I used the solution?
I have been using this solution for between two and three years.
What do I think about the stability of the solution?
Its stability is excellent.
What do I think about the scalability of the solution?
Its scalability is excellent.
How are customer service and support?
I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others.
The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start.
What's my experience with pricing, setup cost, and licensing?
There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.
Which other solutions did I evaluate?
We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.
What other advice do I have?
Overall, I would rate Singularity Complete a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
CTO at CyberTek MSSP
Helps to concentrate on what is needed and provide a better response to our customers
Pros and Cons
- "The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise."
- "The improvement could be in terms of reducing more noise and continuing to cut that down. AI seems to be the big thing with Purple. We are excited to get our hands on that."
What is our primary use case?
We are an MSSP.
How has it helped my organization?
First of all, it helps us with a better response to the end users. Customers are depending on us to make sure we are making the right call, and then we are leaning on SentinelOne to make sure they are giving us the right call by giving us the right tools.
Singularity Complete has absolutely helped free up our staff for other projects and tasks. The amount of time that we are spending doing work that does not keep us on target is just a waste of time. The more it reduces that noise, the better it is for us and our customers. We have been using it long enough, so it is hard to tell how much time it has saved, but we feel that we have a better solution than most of the competitors that we are dealing with.
Singularity Complete has helped reduce alerts over time. We do not have a lot of the frustrations that some of our competitors do, which is our advantage. We have been using it for so long, so we do not have much to compare it to in terms of alert reduction. We are also partners with a competitor. We had to do that for a contract, and we get a lot of false positive noise coming out of that one.
Singularity Complete has helped reduce our organizational risk, but because we have been with it for so long, it is hard to compare it to others.
Singularity Complete helps us save on costs. We continue to get more volume, reduce our costs, and reduce our waste of time, but it is hard to compare the cost savings because we have been using it for so long. We have smooth operations, and we are just keeping it going. We are enjoying all the added features.
SentinelOne is our main strategic partner when it comes to the protection of our customer's data. We have not had a bad incident, and with the reputation that SentinelOne has in the vertical we deal with, it is the gold standard. We start with that, and then we are viewed as more of a serious partner than some of the lesser products that are out there.
In terms of Singularity Complete’s interoperability with other SentinelOne solutions and other third-party tools, we are an MSSP, so we have to deal with a lot of other tools. The integrations are huge for us. It sounds nice to say this is the only solution and you have to use x tools, but it does not work in the real world, so you have to have those integrations.
What is most valuable?
The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise. There is just so much noise. It brings us the information we need to look at quickly.
What needs improvement?
The improvement could be in terms of reducing more noise and continuing to cut that down. AI seems to be the big thing with Purple. We are excited to get our hands on that.
For how long have I used the solution?
I have been using Singularity Complete since its inception. It was probably 2016.
What do I think about the stability of the solution?
Its stability is fantastic. We have no problems.
What do I think about the scalability of the solution?
We have not hit the top end. We are probably running 10,000 agents and have not seen any degradation in the portal.
How are customer service and support?
Their support is very good. We have not had anything come up against that, and our staff has learned to depend on SentinelOne, which, as management, is a little uneasy because we are operating without a net besides SentinelOne in some cases. What we are paying for it is worth it. There is this peace of mind. I would rate their support a ten out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Years ago, we were probably running four to five solutions, but then we kept comparing it with them. We were like, "This is the noise we are getting from X. Let us load SentinelOne." The noise reduced with SentinelOne. That proof of concept worked for us.
We currently have an agreement with a competitor where we have to pick up the remaining part of their contract. That is not a place where we are going to increase our expenditure, but we are waiting for that contract to come to an end. The customer knows SentinelOne, but they are tied into another solution till the end or mid of 2024. We are just waiting for that. What makes SentinelOne Singularity Complete different from others for us is the peace of mind. We know we are covered, and we feel that we are covered. Anytime we have had an incident or event, they have always been there for us. They have responded quickly, and we have not had any flashbacks or second attempts at it. Usually, we could stop it the first time, and that has worked for us in all the years we have been with SentinelOne.
How was the initial setup?
It is easier now than it was back then. We deploy it every month on somebody new. We have enjoyed that.
Just yesterday, we had a customer convert from a separate partner to us, and that migration from company to company within SentinelOne was flawless. It was just us doing the migration. We have been there for so long, so we just bring it straight across. The process is very straightforward and easy. This partner of SentinelOne was going to uninstall the agents, and I paused them and asked them to just transfer. They had never gone through that before. We took that over and moved all the agents over without any loss of coverage to the actual customer.
What about the implementation team?
For deployments, we have a staff of 40, but onboarding is a no-brainer.
What was our ROI?
We have seen an ROI. It is a very profitable investment for us. SentinelOne is very valuable, and with our price being lower than the expectations gives us a great margin.
What's my experience with pricing, setup cost, and licensing?
We have not been beaten in the market by pricing, so we have been feeling good about that. The discussions we have had over the years keep us at a very low price per unit. It can always get better, but we also know there is a cost to the backend.
What other advice do I have?
To someone who is researching Singularity Complete, I would say that you can read all the information, but the proof is in the actual work and the history that it has so far. We have got no complaints about the quality and maturity of this solution.
Make sure you are comparing it to whatever you have because that gives you comparative data. If you walk in, sometimes, you do not know you are getting the best of breed right there.
It is a ten out of ten for me, and it gives me peace of mind.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Incident Response Specialist at Klick Health
Provides good protection and helps with network and device control
Pros and Cons
- "Device control and network control are valuable."
- "The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab."
What is our primary use case?
We use it for endpoint protection. It is our antivirus and EDR solution.
We are also using it for device control, such as blocking USBs, and we also use it for network control. We are blocking port access on machines.
How has it helped my organization?
Singularity Complete has saved us time. I recently did the agent upgrade. I used their upgrade policy and just specified the maintenance window and things like that. The first two times I updated the agents, I used to sit there and highlight the endpoints and run agent updates, but this time, I used auto-upgrade. With auto-upgrade, it ran between 6 PM to 8 AM, and then it ran all day on the weekend, and it was up in there. In one day, it updated 1,000 endpoints. That was pretty cool. I did not have to sit there and do the manual work. I just watched the system to make sure that the endpoints got updated. That was pretty cool. It is nice to know that I do not have to sit there, and I can just create a policy and let it go. It definitely saves time.
Singularity Complete has reduced our mean time to detect (MTTD). I get an email pretty much right off the bat. When an alert pops up, I get an email from my ticketing system, so it is pretty quick. If I am on my desk. I take care of it pretty quickly. Currently, I am the main person running this, and other people back me up when I am not around. I am hoping I can get somebody else trained on this.
Singularity Complete has helped reduce our organizational risk. It is somewhere in the middle when it comes to contributing to our security posture.
SentinelOne has been a good partner. We mostly use Mac and Windows systems, and we were able to do device control and network control out of SentinelOne rather than through MDM. We are doing it all through SentinelOne. We did not have any conflict in the apps.
In terms of interoperability, we have plugged it into our Alert Logic MDR. It flags to our MDR. For example, if a threat cannot be mitigated or it is hard to mitigate a threat, then the MDR will notify us. Some of the things related to applications could use some work, but they are in the process of fixing this. We will then be able to update and disable applications through SentinelOne.
What is most valuable?
Device control and network control are valuable.
They updated the console, and on the incidents page, we can break down the incidents and see all attack attempts. It is pretty cool and in-depth.
What needs improvement?
The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab.
Singularity Complete has not helped reduce alerts. In fact, it produces a lot of false positives. It does its job, but I have spent the last week fine-tuning the system and trying to suppress false positives. I am getting a hang of it.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for about a year and a half.
What do I think about the stability of the solution?
Its stability is very good. Recently, one person had an issue, and I had to reinstall the agent. They had lost their Internet connectivity. We put in some strategy work, and we had to go in there and figure out which ports are open, but other than that, it has been very good.
What do I think about the scalability of the solution?
Its scalability is pretty good.
How are customer service and support?
I have interacted with their support. They are always pretty easy to get a hold of. I never have to wait. They are helpful. They have resolved any issue that I have ever brought up with them in a timely manner. I would rate them a 10 out of 10.
How would you rate customer service and support?
Positive
How was the initial setup?
It is a cloud solution. I inherited it, so I was not there when they implemented it. It was implemented about six months before I got hired. It was probably deployed in late 2021, and I started in February 2022.
It requires a little bit of maintenance in terms of fine-tuning the false positives and things like that. For example, because people use Logitech devices, I had to suppress the alerts because they kept popping up because the hash was always different. I have noticed that when a new agent comes, it can be a little aggressive in the beginning. I have to fine-tune the alerts a little bit, but that is a part of the process. I update the agents twice a year. I will try to do it more because now I know how the upgrade policy works. The only thing I am not yet good at is reviewing the Mac logs. Windows logs are easy because of the years of Windows experience and the use of Windows Event Viewer. I just got to be better with the Mac logs.
What was our ROI?
In terms of cost savings, I am starting to get into the budget, but we have not got any malware or serious incidents. There are money savings when you do not have serious incidents.
We have not had any downtime. We have not had anybody's machines compromised. It has been protecting the endpoints pretty well. It has been pretty quiet. We have not had anything that we would consider a major incident, so it is doing pretty well.
What's my experience with pricing, setup cost, and licensing?
I do not know much about it. From what I understand, it is pricey, but it works. It is a very good product.
What other advice do I have?
I also used SentinelOne five years ago at another company, and I find it to be way better now. It is a much more refined product. It does not actively scan the system the way it used to. It has come a long way in terms of performance on the machines. It does not hinder the performance of developers' machines. I hear no complaints about SentinelOne blocking or grinding machines to a halt with scans when developers are doing builds and things like that. It has improved greatly. Five years ago, I used to hear complaints about SentinelOne slowing down the systems, but I have not heard that once here.
We tested the Ranger functionality a bit. We were demoing it. Ranger was pretty cool for the visibility of devices, but we did not find a use for it.
Overall, I would rate SentinelOne Singularity Complete a 9 out of 10.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR) AI-Powered Cybersecurity Platforms AI ObservabilityPopular Comparisons
CrowdStrike Falcon
Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint
IBM Security QRadar
Elastic Security
Huntress Managed EDR
HP Wolf Security
Trellix Endpoint Security Platform
WatchGuard Firebox
TrendAI Vision One
TrendAI Vision One – Cloud Security
Microsoft Defender XDR
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?




















