No more typing reviews! Try our Samantha, our new voice AI agent.
Deputy Chief Information Officer at a computer retailer with 201-500 employees
Real User
Nov 29, 2021
Provides deep visibility, helpful and intuitive interface, effectively prevents ransomware attacks
Pros and Cons
  • "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring."
  • "Of all the products on the market today, I can say that they are the ones that I trust the absolute most to protect my clients."
  • "As a cloud-based product, there is a minimum number of licenses that need to be purchased, which is unfortunate."

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients.

Sentinel One is being deployed as a replacement for any antivirus solution. In our case, we use it to primarily prevent ransomware and other malware from entering networks or computers, as they're deployed across the entire world now, in this new post-COVID environment.

We no longer have the luxury of the corporate firewall protecting everyone equally. This means that having SentinelOne on each box is providing a solution where we stop the badness before it can spread.

This is a cloud-based platform that we use in every capacity you can imagine. We use it on cloud components in both Azure and Amazon.

How has it helped my organization?

We have tested SentinelOne's static AI and behavioral AI technologies and it performs well. We actually put a laboratory together and we tested SentinelOne against CrowdStrike, Cylance, and Carbon Black side by side. We found that the only product that stopped every instance of ransomware we placed into the computers in the test lab, was SentinelOne. As part of the testing, we used a variety of actual ransomware applications that were occurring, live on people's systems at the time.

My analysts use SentinelOne's storyline feature, which observes all OS processes. They're able to utilize the storyline to determine exactly how the badness got into the network and touched the computer in the first place. That allows us to suggest improvements in network security for our clients as we protect them.

The storyline feature offers an incredible improvement in terms of response time. The deep visibility that is given to us through the storyline is incredibly helpful to get to the root cause of an infection and to create immediate countermeasures, in an IT solution manner, for the client. Instead of just telling them a security problem, we are able to use that data, analyze it, and give an IT solution to the problem.

SentinelOne has improved everybody's productivity because the design of the screens is such that it takes an analyst immediately to what they need next, to make the proper decision on the next steps needed for the client.

What is most valuable?

The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring. The fact that it stops everything and lets you analyze it with great detail, including how it occurred, to improve your overall security infrastructure to prevent such an attack from occurring in the future, is really important to clients because it's almost like a security advisor or a security operation center in the tool itself.

When an event occurs, it gets stopped, and then they have a way to look into that data to find ways to improve the security of their network or what risk factors they need to tend to within the company through education or other means. For example, they may be constantly clicking on the wrong links or the wrong attachments in phishing emails.

Our people constantly use the Ranger functionality. The first thing we do is look for unprotected endpoints in the environment. This is critical because SentinelOne should be placed on everything in the environment for maximum protection. The second way we use it is if a printer or a camera or a thermostat is being used as a relay for an attack, through a weakness in that product, we are able to let them know exactly what product it is. The other advantage of Ranger is that it lets us put a block into the firewall of SentinelOne that's on every Windows computer, and we can stop the communications from the offending internet of things product to every system on the network with just a few clicks.

It's incredibly important to us that Ranger requires no new agents, hardware, or network changes. If you think about it, we're in the middle of an incident response every day. We have between 60 and 80 incident responses ongoing at any time, and having the ability to deploy just one agent to do everything we need to advise clients on how to improve their security and prevent a second attack, is incredibly important. It was a game-changer when Ranger came to fruition.

Various clients, depending on their business practices, are heavily in the IoT. Some are actually the creators of IoT and as they put new products on the air for testing, we're able to help protect them from external attacks.

What needs improvement?

As a cloud-based product, there is a minimum number of licenses that need to be purchased, which is unfortunate.

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne personally, on and off, for approximately three years.

What do I think about the stability of the solution?

SentinelOne is very stable and the agent rarely fails. The only time I've seen an agent fail is normally on a compromised system. The fact that it even works to protect a compromised system in the first place is amazing, but that's the only time that we actually see the failure of an agent. Specifically, it can happen when there's a compromise to the box prior to loading SentinelOne.

On a pristine new load of a workstation or server where it has no compromises and no malfeasance exists, the SentinelOne agent is incredibly stable and we rarely have any issues with the agent stopping in function. I will add that in this respect, the fact that the agent cannot be uninstalled without a specific code gives us higher stability than others because even a threat actor can't remove or disable the agent in order to conduct an attack against the network. It's a unique feature.

What do I think about the scalability of the solution?

Right now, we have 54 analysts managing approximately 300,000 endpoints at any one time, globally. We operate 24/7 using SentinelOne.

How are customer service and support?

The technical support team is probably the fastest in the industry at responding, and they do care when we have to call them or send them an email due to a new issue that we've discovered. Most of the time, the problem is the operating system that we're dealing with is not regular, but they're still very helpful to us when it comes to protecting that endpoint.

I would rate their customer server a nine out of ten. I could not give anybody a ten. They are a continuous process improvement company and I'm sure that they are constantly trying to improve every aspect of customer service. That is the attitude that I perceive from that company.

Which solution did I use previously and why did I switch?

Primarily in the last year, the number one solution clients had, in cases where we replaced it, was probably Sophos. Next, it was CrowdStrike, and then Malwarebytes. The primary reason that these solutions are being replaced is ransomware protection.

Almost every client that I get involved with has been involved in a ransomware case. They've all been successfully hacked and we can place it onto their boxes, clean them up, along with all of the other malware that everyone else missed, no matter who it was. SentinelOne cleans up those systems, brings them to a healthy state, and protects them while we are helping them get over their ransomware event. This gives them the peace of mind that another ransomware event will not occur.

Personally, of the EDR tools, I have worked with Cylance, Carbon Black, and CrowdStrike. I've also worked with legacy antivirus solutions, such as McAfee and Symantec. However, this tool outshines all of them. It has ease of use, provides valuable information, and protects against attack. The autonomous nature of SentinelOne combined with artificial intelligence gives us the protection we cannot experience with any other EDR tool today.

How was the initial setup?

The initial setup is very straightforward. SentinelOne has incredibly helpful information on their help pages. They are probably the fastest company that I know of in the entire EDR space for responding to a client's email or phone call when you need to do something new or complex.

We have covered everything from Citrix networks to more complicated systems that work by utilizing the Amazon and Azure cloud to spin up additional resources and spin down resources. We were able to protect every one of those assets with it. The agent is easy to load and configure and the library allows us to quickly pivot on a new client and get their exclusions in fast enough to not impede business as we're protecting them.

What was our ROI?

When we were at a point of 50 clients, which is an average of 10,000 endpoints, we needed four analysts using Cylance. When we switched to SentinelOne for that same protection, the 50 clients could be covered by two analysts. We dropped our need for analysts in half.

The average cost of a security incident involving ransomware is a minimum of $50,000 USD, and this is something that SentinelOne can prevent.

The product has a rollback feature, where you can take a machine that's been attacked and partially damaged, and you can roll it back to a previously healthy state. That saves endless hours of system administrators' time rebuilding systems. That alone can reduce the cost of an incident from $50,000 down to $20,000. There is a cost because you still have to determine exposure and other factors with an incident response to determine if the threat actor has taken any data, things like that, but on the damage to the equipment, with the rollback feature and the restoration features built in the SentinelOne, and the fact that it stops everything but the most sinister lateral movements today, just means that an incident never has to occur.

This means that there is a great return on investment for a lot of companies. Another important thing to mention is that they don't lose people. Approximately 60% of businesses that are hit with a ransom attack go out of business within six months. If SentinelOne is preventing those incidents from occurring, that return on investment is worth almost the value of the entire company in some cases.

It is difficult to put an exact number on something like that, but the lack of pain and suffering of the employees of the company, because they didn't have to go through an incident response, and the lack of expense for the company to hire lawyers and professional companies to come in and help them during an incident, as well as their increased insurance costs of having an incident is also another factor.

Overall, it's difficult to judge but it's a true factor in the return on investment of owning SentinelOne and utilizing it to protect your environment.

What's my experience with pricing, setup cost, and licensing?

The pricing is very reasonable. Unfortunately, because it's a cloud-based product, it has a minimum count for licensing, but other than that, I've found their pricing to be incredibly reasonable and competitive with tools that are very similar.

Considering the invaluable nature of SentinelOne's autonomous behavior, I don't believe anyone else can measure up to that. That makes it an incredible bargain when compared to the cost of an incident for any company.

Which other solutions did I evaluate?

There are organizations such as MITRE and ESET Labs that have been doing testing that is similar to what we did three years ago. We just look at those results for the same truth that we discovered in the beginning, and the product continues to improve its performance.

What other advice do I have?

I have been a proponent of SentinelOne for many years. When I learn about somebody who has been hacked and wants to have protection against problems such as ransomware occurring, this is the one solution that I recommend.

The SentinelOne team is open to suggestions. They listen to the analysts and managers that are using their product and they innovate constantly. The improvements to the SentinelOne agent have enhanced its ability to catch everything and anything that comes in, including the detection of lateral movement attacks, which are the worst-case scenario.

When an unprotected agent penetrates the firewall and attacks a network, that unprotected asset has no protection on it so that the hacker can do whatever they want from that box with no impedance. But, the detection of it attacking from a lateral basis has been improved immensely over the last three years.

The improvement in the exclusions library has been phenomenal to help us get the new systems on the air with the new software. It allows the end-user to almost seamlessly get SentinelOne loaded and operational without impacting their business, which is incredibly helpful.

SentinelOne is working on something right now in the Ranger space that is going to allow us to remotely load endpoints that need the SentinelOne protection through the Ranger portion of the application. This is going to significantly improve the security of all of our clients, whether they be in long-term care or short-term incident response, it will help us protect them better. It's a significant improvement to our ability to protect the client.

Of all the products on the market today, I can say that they are the ones that I trust the absolute most to protect my clients.

I would rate this solution a ten out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Senior Vice President IT at AS IT Consulting Pvt. Ltd.
Reseller
Top 5
Jun 4, 2024
Helps free up time, save costs, and reduce organizational risk
Pros and Cons
  • "The most valuable feature of SentinelOne Singularity Complete is the STAR Rules."
  • "While our current remote access to SentinelOne Singularity Complete is achieved through publishing, having a direct GUI interface would be a significant advantage for our user and administrator team."

What is our primary use case?

We use SentinelOne Singularity Complete for EDR. It is a one-click recovery.

How has it helped my organization?

SentinelOne Singularity Complete stands out for its ability to collect logs from any security tool we have, bringing together all our data onto a single, unified console.

The Ranger functionality helps identify vulnerabilities in our environment.

Singularity Complete is a complete security solution that goes beyond just alerts. It provides a dashboard that displays all configured security alerts, including lateral movement, consumer attacks, and any other relevant events, on a single console for easy monitoring and response.

Singularity Complete helps free up our time and has reduced the mean time to detection.

It also helps reduce the mean time to remediation and helps cut our client's costs by 75 percent.

Singularity Complete helps reduce organizational risk and improve compliance.

What is most valuable?

The most valuable feature of SentinelOne Singularity Complete is the STAR Rules.

What needs improvement?

While our current remote access to SentinelOne Singularity Complete is achieved through publishing, having a direct GUI interface would be a significant advantage for our user and administrator team. This console access would provide a more intuitive and efficient way to manage the platform.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one and a half years.

What do I think about the stability of the solution?

I would rate the stability of SentinelOne Singularity Complete nine out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of SentinelOne Singularity Complete ten out of ten.

How are customer service and support?

The technical support is excellent.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete is reasonably priced.

What other advice do I have?

I would rate SentinelOne Singularity Complete ten out of ten.

SentinelOne Singularity Complete stands out in the EDR market by offering a unique million-dollar guarantee, demonstrating their confidence in the product's ability to effectively protect our systems. This financial backing signifies a strong belief in its performance, something no other EDR vendor currently offers.

SentinelOne Singularity Complete is a zero-maintenance product. It's supported by their management defense research team which is working on the console update as well as the automation of the agent-client updates.

I would recommend SentinelOne Singularity Complete.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
reviewer2310306 - PeerSpot reviewer
Cyber Security Administrator at a manufacturing company with 51-200 employees
Real User
Nov 28, 2023
Mature, good integrations, and super helpful support
Pros and Cons
  • "The Microsoft integrations are most valuable right now."
  • "They can just continue adding more integrations with these big brands and software security products."

What is our primary use case?

We have been growing, but we are still a pretty small team. We have integrated it with our other software, and we are getting logs out of it. We go into threat hunting and do a deep watch. We go in there, see those logs, and make more sense of things. It has been a real help.

In terms of its deployment model, we have private companies. It is mostly on-prem, but each plant is a little bit different. Anything and everything that touches our corporate environment gets it.

How has it helped my organization?

For the most part, it gives us time to react by getting things off the network and getting that account locked down for a minute. We can let a member of our team take a look at it and move on from there instead of letting something fly under the radar and letting the incident take place or continue to happen. We can put the spotlight on the incident, make someone take a look at it, and then we can get going.

The integrations I have been working with work great. They do exactly as advertised, and they have been helping me with my threat hunting and seeing what is out there. There are always things lurking in the weeds that you just do not know about, so being able to have that correlation and more insights is always helpful.

Singularity Complete has helped free up our staff for other projects and tasks. It is a small team. I am more of a one-man SOC. A lot of the incidents either come through me or someone else on the team if I am not there for vigilance, so being able to dive down and get an issue resolved quickly is helpful. I can then go back to another incident. Usually, they come in batches, so being able to go to the next one or go back to working on a major project has helped a great bit.

Singularity Complete has not helped to reduce alerts. To my knowledge, it stayed about the same. We have fewer false positives, but there are some other ones that I would rather look into. They are more on the identity side. Now that we have Singularity Identity, I am intrigued by what we will see there in terms of weird logins and other things. Now that we have the integration set up, I will get some alerts from there to go track down.

Singularity Complete has helped reduce our organizational risk. When you get these new tools, you see everything that is wrong, and then you are like, "Oh, man," but at least we are seeing them and fixing them. In that sense, it has helped to reduce risks. I do not have the metrics, but we have been able to tackle some vulnerabilities and issues that have been big known ones.

Singularity Complete would help our organization save on its costs if we were not trying to expand so much. We are into manufacturing, and we grow a lot by mergers and acquisitions, so anywhere we can get security funding is a great point. It has helped us identify some things that we can do without. We can either reduce or eliminate those other tools and cascade down, so overall, it has reduced costs.

What is most valuable?

The Microsoft integrations are most valuable right now. One that I still have in the testing is putting user accounts into the high risk and letting our policies on that take place, and then have SentinelOne put it into network isolation as well until an incident is resolved.

What needs improvement?

There could be more integrations with more software. We have been looking at Palos and getting those put into the data lake. If there was a native integration for that, that would help a lot. They can just continue adding more integrations with these big brands and software security products. 

For how long have I used the solution?

I have been with the company for two years, and it has been there since the time I have been there, so I can only say two years at most.

What do I think about the stability of the solution?

I would rate it a ten out of ten in terms of stability. It is great in terms of stability and agents working as long as you do your due diligence and you do not leave it there to run just like every other product. If you leave it there with no attendance, it is going to do what it does, but if you are in there, doing your due diligence and making sure things are set, it is great. Auto updates are something I know that was implemented. That has been super helpful, so if you are doing what you need to do, it is a ten out of ten.

What do I think about the scalability of the solution?

I would rate it a ten out of ten in terms of scalability, especially because we have Ranger deployed. If we need to or if we have a merger, we can get them to put SentinelOne on a couple of devices for us and give us creds so that we can deploy to the rest from there in case they cannot get us in the SCCM or whatever else they are using.

How are customer service and support?

Their support is great. Keith Fields and Mitch Milligan are always there. They have been super helpful. I knew Keith before Mitch was even part of our account. I have been working with Keith for a little bit, and he has been super insightful on different things that I did not know the tool could do or quicker ways to do things. Mitch has also been super helpful in getting us set up. 

We just bought Singularity Identity, and Keith, Mitch, and Paul have been there to give us those meetings on what we need. They really understand what our business is, and they look into our console to help us out at times as well. It has been great. I would rate their support a ten out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

It was already in place when I joined the organization. We run Defender as well. It is like a dual-stack. We have E5 for other reasons, and we use it because it is already there, but our team has gone for SentinelOne. We have had other people, especially the research teams, who want to use their own agent, but we are so comfortable with SentinelOne's abilities and what we have set up to keep us secure that we have looked away from those other SIEMs who want their agent. We have looked away from other software in the realm of MDR that may not work with SentinelOne. It is a staple piece for us that would be a hard buy to remove.

What other advice do I have?

It works great. One thing I wish I had done more in college is hands-on with EDR agents. I went to Purdue for the cybersecurity network engineering major. They had classes and labs for forensics, but one thing we did not get too much hands-on was EDR. I believe they lived in the world of Microsoft for their operations there. Since I have been working here, Singularity Complete has been a great product. We are expanding. We have gone into these other modules and platforms, and we have always had a great experience.

It is a mature solution. It has been here longer than ten years. I graduated from college in 2021 and from high school in 2017. It has been around longer than I have known cyber practices. It is a good one. Always do your research and compare, but it is definitely a top one. I believe it is up there on the Gartner's Quadrants as well. It is up there for a reason.

We will use it more as we get more tools and integrate it. Currently, some of the things are still in beta. I am not leveraging it to its full capability because things are either in testing or we are looking at the software that is going to be connected. From what I have seen and based on the demos and how the beta is going, I have to give it a ten out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2310330 - PeerSpot reviewer
Security Analyst at a consumer goods company with 501-1,000 employees
Real User
Nov 22, 2023
Helps to centralize and mitigate organizational risk
Pros and Cons
  • "The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI."
  • "SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end."

What is our primary use case?

We use the solution for endpoint threat detection. 

How has it helped my organization?

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI. 

What is most valuable?

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening. 

What needs improvement?

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end. 

For how long have I used the solution?

I have been using the product for a year. 

How are customer service and support?

I have not used support yet, which is a good thing. 

What other advice do I have?

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation. 

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario. 

The product has reduced our organizational risk. Any tool designed around security mitigates risk. 

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people. 

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI. 

I rate it an eight out of ten. 

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2270853 - PeerSpot reviewer
Network Engineer at a government with 11-50 employees
Real User
Sep 21, 2023
Discovers and deletes problem-causing processes, but the support team lacks knowledge
Pros and Cons
  • "The tool deletes the problem-causing process and prevents issues."
  • "They should train their own people so that they can train us better. The theory is good."

What is our primary use case?

Every five years, we research tools that could replace our old software. We combine our AV and intrusion detection. We were trying to find out if there’s an agent for the whole nine-yard, and we came across SentinelOne.

What is most valuable?

The product has an automated process where we find security issues. It’s a 24/7 behavior analytical tool to execute certain actions. The tool deletes the problem-causing process and prevents issues. It discovers, kills, and protects. The software is good. I don't see much of an issue with it.

What needs improvement?

They should train their own people so that they can train us better. The theory is good. If the product is good, but we cannot rely on it or pass it along to the customer, it's useless. When we purchased the solution, we were told that certain functions could be done. I understand it is part of sales, but I feel like I'm being fooled. We couldn't test it because it was in production. We first had a proof of concept but didn't connect it to our Azure portion.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete since February.

What do I think about the stability of the solution?

The product's stability is okay.

What do I think about the scalability of the solution?

The tool's scalability is average.

How are customer service and support?

The support people of SentinelOne do not know the different products offered by SentinelOne. How can they support their customer if one person knows one thing and the other doesn't? They tell us the issue does not come under them and point us to a different team.

There is a SentinelOne support team and a Singularity support team. SentinelOne's support team is okay. Once, the technical support and help desk director got involved with all our issues. However, the director got involved after we strongly complained about the issues. That's not the way it's supposed to be.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used Arctic Wolf.

How was the initial setup?

The initial deployment was good. The solution is cloud-based.

What about the implementation team?

We took help from SentinelOne to deploy the solution. We paid for it, but it was not worth the money we paid for. Two people from our company are required for the deployment. The solution requires maintenance.

What's my experience with pricing, setup cost, and licensing?

The licensing is okay. I don't see any issues with it.

Which other solutions did I evaluate?

We evaluated other options. We were trying to have one solution for everything. We heard that SentinelOne purchased another company. Other products like Rapid7 provide multiple solutions and products for our needs. We saw that SentinelOne provided us with one product and one support system. However, even while using SentinelOne, I have to contact different teams.

What other advice do I have?

When we purchased the solution, it did not do what we expected. We didn't use all of the features. It has quite a few options. There are a bunch of more add-on modules. Other products from SentinelOne are not good. I am really disappointed with them. The user must understand the solution by just reading the training documents. The team claims it is professional, but it lacks a lot of functions.

The integration is fine, but the feature is not how they market it. It looks good on paper, but it's not what we think it is. It's not a ready product in marketing. I am disappointed with it. The interoperability is still under development. Not many people know or understand it, including people from SentinelOne. When we call and try to figure out what's going on with the solution, not many understand what it is. There is a lack of training on their products and services.

The Ranger functionality is fine. It’s only been six months since we started using it. We're still learning as it goes. I think Ranger is probably better than Singularity. Sometimes, they send false positives. It's not really a big feature for us. It's good. They're trying to prevent any networking attack, but I don't think it’s there yet. They're just trying to discover what is on the network, but we already have other tools for that.

It is important for us that Ranger requires no new agents, hardware, or network changes. Ranger is just trying to discover whatever issues we have. I don't think it can prevent it. I don't think it can block issues or protect our devices.

Overall, I rate the product a seven out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2271060 - PeerSpot reviewer
Cybersecurity Engineer at a energy/utilities company with 1,001-5,000 employees
Real User
Sep 11, 2023
Improves our visibility and response across multiple platforms in our enterprise network
Pros and Cons
  • "The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported."
  • "Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved."

What is our primary use case?

Our primary use case would be for active XDR protection. We wanted an innovative XDR to keep up with the rising dangers of malware, ransomware, et cetera.

How has it helped my organization?

Our visibility and response to a lot of the things that come with an enterprise network have improved. We have users doing multiple things across different platforms. There are applications, servers, endpoints, and certain things that fit in the wild, and it does a really good job protecting all of them.

It has saved time for my team because of what we can do in terms of device control that it provides externally. We have total control.

When it comes to detection, we have email alerts when a threat comes across, so it's pretty quick. And if we have predefined responses to certain threats, then obviously, our response is instantaneous. But in a lot of cases, we like to have our administrators take a look at it and make sure it gets remediated as quickly as possible.

As for security, SentinelOne Singularity puts us in a better place than most solutions. We can look at platform reviews that keep us in the loop regarding what's not considered a good solution.

What is most valuable?

The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported.

It also has a lot of flexibility with its ability to ingest things.

And the AI feature of the solution is prompt in how it learns a certain network and how it responds to certain things. If you do come across false positives, it's relatively easy to get around them.

What needs improvement?

There are some obstacles you have to overcome when it comes to whitelisting and the like, but that's true of every XDR platform.

Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved.

For how long have I used the solution?

We've been using SentinelOne Singularity Complete for about three years.

What do I think about the stability of the solution?

I would give it an A-plus in stability. A lot of times, when you download a new endpoint protection agent or an AV agent, you might run into a lot of compatibility issues or programs kind of freezing up.

What do I think about the scalability of the solution?

I would give it an A-plus for scalability as well.

How are customer service and support?

Our experience with their technical support has been straightforward and good. We got good, timely responses.

As a strategic partner, they're "the new guy on the block." There is some talk of them being bought out. I have heard some rumors like that. But from what I've seen, SentinelOne is just as good as, or better than, any other security partner out there.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use an endpoint protection platform, but I can't comment on which one we used.

How was the initial setup?

I was involved in the whole process of deployment. One thing that wasn't SentinelOne's forte was compatibility with a script for an on-premises software distribution tool. Most of what we did was homegrown to deploy the agents to the machines.

What about the implementation team?

We did it in-house. There were a handful of us involved, probably 10 at least.

What's my experience with pricing, setup cost, and licensing?

I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process.

Which other solutions did I evaluate?

We looked at a couple of other solutions but, again, I can't disclose more about those.

What other advice do I have?

The speed and user friendliness that this platform offers break down some complex aspects of the security industry, and the solution lays them out in a way that a general user can understand.

Definitely compare and contrast Singularity with other solutions. It depends on what fits best for you, what industry you're in, how mobile your network is.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Sasita Lamchaona - PeerSpot reviewer
Product Consultant at M.Tech
Reseller
Jan 19, 2023
The solution is stable, scalable, and easy to deploy
Pros and Cons
  • "The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
  • "I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions."

What is our primary use case?

I mainly focus on endpoint security. Customers often ask me about solutions to detect malware threats, and SentinelOne is one of the options I recommend. The main focus is detecting malware threats on endpoints.

What is most valuable?

The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.

What needs improvement?

I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

Our clients range from small, medium, to large scale and the solution is stable for all of them. I give the stability a ten out of ten.

What do I think about the scalability of the solution?

The solution is highly scalable. I give the scalability a ten out of ten.

How are customer service and support?

The technical support is very good, and quick.

How was the initial setup?

The initial SentinelOne setup is easy to set up in the environment and also easy to download the packet to install. 

What's my experience with pricing, setup cost, and licensing?

We do not encounter a lot of issues with the pricing of SentinelOne. The pricing is reasonable.

The solution offers a standard licensing fee.

What other advice do I have?

I give the solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
AANKITGUPTAA - PeerSpot reviewer
Consultant at Pi DATACENTERS
Real User
Dec 5, 2022
Reliable and straightforward to set up with good documentation
Pros and Cons
  • "The setup is very straightforward."
  • "There should be more integration models with different security operations tools or soft tools."

What is our primary use case?

The solution is agent-based, so it's on service, and it's a cloud solution.

We are using its API capabilities for our server for protecting us from cyber security threats and attacks.

How has it helped my organization?

Earlier, we used some internal protections. However, we moved to HD information for the cyber security portion. It's helped us to mitigate security attacks and provide solid defense.

What is most valuable?

We like the file-less monitoring and filtering are great in the context of security.

The setup is very straightforward. 

It is stable. 

The product can scale if the licensing is correct.

What needs improvement?

SentinelOne has some inputs, some traditional NPRs, or models like IPS and IDS. We can configure individual rules for particular machines. In a sense, control is not from the console.

There should be more integration models with different security operations tools or soft tools. It could provide a single pane for integration with the firewall, or a soft solution should be there.

For how long have I used the solution?

I'd been using the solution for eight months.

What do I think about the stability of the solution?

It's a stable, reliable product. there are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The product can scale. However, it depends on the license. 

We have 500 users on the solution right now.

Right now, we don't have plans to increase usage as we already have some buffer limit there.

How are customer service and support?

While I haven't directly contacted support, I have used their documentation surrounding KPIs and have found them helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Earlier, we were using Symantec and the One Protection Suite.

How was the initial setup?

The solution is easy to set up. It's not an overly complex process. We had no issues at all. 

One system engineer which has some knowledge of network security can handle the implementation.

What about the implementation team?

We handled the deployment in-house. 

What was our ROI?

SentinelOne has a very good XDR product, and it can also integrate with different security components. It's a single pane of glass for cyber security posture management. The ROI is good.

What's my experience with pricing, setup cost, and licensing?

The licensing is handled by another team. I can't speak to the exact cost of the product.

Which other solutions did I evaluate?

We also looked at CrowdStrike before choosing this product.

What other advice do I have?

Someone interested in the product should first do POC, and depending upon their OIS environment, they should consider this first before going for any XD solution.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Assistant Manager at airtel
Real User
Sep 10, 2022
Easy to deploy with good reporting and good rollback features
Pros and Cons
  • "The reporting part is awesome."
  • "Email security should also integrate with it to get more visibility on it."
  • "The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR."

What is our primary use case?

It is used in my customer's companies. It handles incident management, firewall implementation, and device control.

What is most valuable?

The most valuable feature is the rollback. 

Remediation is great. 

The ranger feature for work devices is most useful.

The reporting part is awesome.

It is easy to deploy the product. 

What needs improvement?

It should not limit itself to EDR. I need some other solutions to integrate into it. It should give us more visibility by integrating other solutions with it.

I want some other solutions like email security. Email security should also integrate with it to get more visibility on it.

Agent upgrades might cause some issues. Most of the time, an agent gets removed after it is not communicating with the server. After every three months, it will get automatically removed. That might cause an issue.

The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR.

For how long have I used the solution?

I've used the solution for around six months.

What do I think about the stability of the solution?

The solution is stable. We've found the performance to be good. It's light. There are no bugs or glitches. 

What do I think about the scalability of the solution?

We have 1500 users on the solution right now. It is pretty scalable. 

How are customer service and support?

With technical support, I've got an immediate response, and when I log a ticket, I get good assistance. 

Which solution did I use previously and why did I switch?

I had worked on Palo Alto XDR as well. However, the remediation is not so good. There is no option with the rollback as well. That might cause data loss during a ransomware attack.

I'm also aware of the Trend Micro solution. 

How was the initial setup?

It's easy to set up and has a very lightweight agent. It's very easy to deploy.

The time it takes to deploy all depends upon the number of uses, the number of clients, which machines are there, et cetera. In the Ranger, you have options. If you have advanced features for deployment, Ranger deployment, it is easy.

What's my experience with pricing, setup cost, and licensing?

The solution is a bit pricey and they should look at the costs involved. You have to pay extra for certain features, such as the Ranger feature. Everything should be included in the subscription. 

What other advice do I have?

We are partners. 

It's a good solution as compared to others. In terms of MML features, it is fine.

I'd rate it eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Developer at DSY medical
Real User
Sep 4, 2022
Flexible, secure, and great for writing custom rules
Pros and Cons
  • "We are able to write some custom rules on SentinelOne."
  • "The solution is stable and reliable, catches a lot of malicious and suspicious threats, and there are no bugs or glitches and it doesn't crash or freeze."
  • "Maybe they can develop some firewall aspects for it to better protect us."

What is our primary use case?

We primarily use the solution at our endpoints. We use it for security.

What is most valuable?

It's catching a lot of malicious and suspicious threats. That's good for us. 

We are able to write some custom rules on SentinelOne.

The setup is simple. 

What needs improvement?

Right now, the solution meets our needs. We do not need anything added to it. 

Maybe they can develop some firewall aspects for it to better protect us. If they did that, we can write a lot of rules for the firewall and custom rules.

For how long have I used the solution?

I've been using the solution for about two years. 

What do I think about the stability of the solution?

The solution is stable and reliable. It catches a lot of malicious and suspicious threats. There are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

The solution scales well and can work across platforms. We can use it with MacOS, Linux, and Windows Servers. You can use it with everything.

We have 600 people on the solution right now. It is used throughout the company.

We may increase usage in our company. 

How are customer service and support?

Technical support is great. They are very responsive. For example, today, if I open a ticket, they will likely give me an answer in 24 hours.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used FireEye and Symantec. However, SentinelOne is better than them. It's more flexible and catches more threats. 

How was the initial setup?

We found the initial setup to be very simple. You just click through, and you're up and running. 

I'd rate it five out of five in terms of ease of deployment.

We're deploying it every month. SentinelOne sends updates every month and we action them. 

What's my experience with pricing, setup cost, and licensing?

Licensing is paid on a yearly basis. I can't speak to the exact pricing. 

What other advice do I have?

I'm not sure which version number we are currently on. 

If a company has a lot of people and needs to protect its many endpoints, this is a great option.

I'd rate the solution eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Steve Pender - PeerSpot reviewer
Steve PenderManaging Member at a tech consulting company with 1-10 employees
Top 20Real User

It does what it is meant to do - Protects the end point 100% - Never been breached.  

Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.