We use SentinelOne daily for endpoint protection and restriction on using USB devices.
Sr Network Security Engineer at a tech services company with 501-1,000 employees
Good protection and management provided by this product
Pros and Cons
- "The protection and management provided by SentinelOne is good."
- "I would like to see the reports from SentinelOne more customizable, as there are very few options."
What is our primary use case?
What is most valuable?
The protection and management provided by SentinelOne is good.
What needs improvement?
I would like to see the reports from SentinelOne more customizable, as there are very few options.
For how long have I used the solution?
I have been using SentinelOne for four months. I work as a senior network security engineer.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
What do I think about the stability of the solution?
The management of SentinelOne is easy, it does not put too much burden on the machine. We will be upgrading to Windows 11 in the upcoming months, we will be able to better comment on stability after that.
What do I think about the scalability of the solution?
Our organization has close to 3,000 machines with approximately 2,000 users. It is easy to scale.
Which solution did I use previously and why did I switch?
We were using McAfee prior to SentinelOne. McAfee has a wide range of reports and is more customizable than SentinelOne. We switched from McAfee because we were no longer satisfied with the support they provided. They were no longer providing prompt responses, tickets were taking too long to get resolved.
The other reason we switched was that McAfee was a traditional antivirus working on a definition basis. They have not moved on to the next generation of antivirus. McAfee needs to focus on the behavior of the program and machine files. If you want this, you need to choose a different McAfee product. They were not putting everything in one place, but rather offering a buffet of offerings, driving the cost up.
How was the initial setup?
The initial setup of this solution was simple. We did the setup ourselves, but did require a little help from the vendor.
I would give SentinelOne a four out of five for ease of setup.
What about the implementation team?
The deployment of SentinelOne is easy. If you calculate the installation of the product and make all the packages ready, it takes about a week. Implementation was another month to go through and replace the older systems and install the new ones.
What's my experience with pricing, setup cost, and licensing?
The pricing of SentinelOne is less than McAfee.
What other advice do I have?
I would advise anyone looking to implement SentinelOne to look before you set up. Know how many machines are working in your network and which type of communication they are doing, whether it is internal or on the internet. No matter what solution you pick if it is SentinelOne, Carbon Black, McAfee, or Symantec check the usage of your machines.
I would rate SentinelOne a nine out of ten overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IT Support Director at Biotrial S.A.S.
User-friendly, easy to implement, and offers great visibility
Pros and Cons
- "It gives you good visibility of any threats or vulnerabilities that you might have on your network."
- "SentinelOne offers one of the best software quotes and has excellent reviews and everything."
- "Some reports could be better."
What is our primary use case?
We primarily use the solution for security.
Cyber threats are growing. I have some other colleagues from other companies that have had some attacks. For us, SentinelOne or EDR solution was something appropriate.
What is most valuable?
It's pretty easy to implement.
It gives you good visibility of any threats or vulnerabilities that you might have on your network.
It's very simple to use, and user-friendly as well.
What needs improvement?
I don't know how complicated it would be, however, a patch solution should be included inside of this. If we find a vulnerability, we should also be capable of patching the PC right away.
Some reports could be better. Sometimes you need to search inside of SentinelOne to get some information. Only then could one be done.
A daily report would be helpful.
For how long have I used the solution?
I've been using the solution for six months.
What do I think about the stability of the solution?
The software looks to be okay right now. It is very stable. I have no complaints regarding that.
What do I think about the scalability of the solution?
It is very scalable. Most of the software that is on-demand is scalable.
We have about 350 licenses for the solution right now. If the company grows, we will increase usage.
How are customer service and support?
We use the SUP team that is provided by the provider of SentinelOne. However, I've never directly dealt with them.
Which solution did I use previously and why did I switch?
Previously we had an antivirus. That was Kaspersky. However, we didn't have an EDR solution. It can't be really compared.
Of course, with Kaspersky, now, with what's happening in Ukraine, there has been a break in trust.
How was the initial setup?
The implementation process is quite straightforward. It's not complex at all.
The deployment process took a maximum of a month. That said, we were doing very slowly since there were some computers that we knew would not have any attacks on it. However, there were others that were using acquisition data. We needed to install it and maybe wait a week to ensure everything conformed, and after that, we patched the rest.
Maybe five or six people are maintaining. However, no one really has to worry about it full-time. Really, only one to two people would be required.
What about the implementation team?
We did a third-party integration. Another company is hosting SentinelOne.
What's my experience with pricing, setup cost, and licensing?
Since we are a French company in France, we partnered with a company called Arrange which is our vendor. We did some quotes and found they have a reasonable price for this kind of technology. SentinelOne offers one of the best software quotes and has excellent reviews and everything.
The licensing is done per device.
I'm not directly involved in the licensing process and can't speak to the exact costs.
What other advice do I have?
This is an on-demand product. We are always on the latest version.
I'd rate the solution eight out of ten. It's a good product. We like working with it.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
Operations Manager at Proton Dealership IT
Excellent detection rate / allowed our team to focus on proactive management
Pros and Cons
- "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
- "My advice would be to implement SentinelOne immediately; it is one of the top things that we've implemented and it has saved us countless hours."
- "One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them."
What is our primary use case?
Everyone who is a client of ours gets SentinelOne by default. It provides ransomware protection, malware protection, and increased security. Those are our top-three selling points for SentinelOne when we talk to clients.
How has it helped my organization?
Prior to deploying Sentinel One, we had a team of staff members dedicated to ransomware prevention and malware alerts. Since deploying Sentinel One, we have been able to allow that team to focus on other proactive security measures for our clients.
The dashboard alerting is great and it has helped us out a ton.
SentinelOne has also greatly reduced incident response time, based on the toolsets and the ability to deploy it to new companies through a script. That has been very helpful. It has decreased the amount of time spent on incident response by 40 to 60 hours a month.
And when it comes to mean time to repair, while we haven't had a situation where we've had to reload an operating system or repair to that extent, we've used the 1-Click Rollback feature which saves several hours over a reload of a PC.
What is most valuable?
The detection and response feature is really good for us.
Also, there is a feature called Applications, and it shows all the critical applications that are on devices that may need to be reviewed.
The solution’s Static AI and Behavioral AI technologies are great when it comes to protecting against file-based, fileless, and Zero-day attacks. I would rate that aspect at eight out of 10. They have been great at detection.
The solution’s 1-Click Rollback for reversing unauthorized changes is also huge for us. That is one of the top reasons we have SentinelOne in place. For example, we had a site that had downloaded malware on a share for their sales office. It was trying to move laterally throughout the network but SentinelOne detected it. We then used the 1-Click option to remove it from the 10 or so PCs it had infected. Then we blocked it based on the information SentinelOne provided to us. That way if it happened again, it would already be blocked and wouldn't be allowed to launch.
What needs improvement?
One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them.
Also, integration is almost non-existent. We would really like to see integration with ConnectWise. Within ConnectWise Automate, you're only allowed to deploy at the top-level group. Our company is dealership-focused, but if we have a parent dealership that has 10 sub-dealerships with SentinelOne, we have to treat them as one large group instead of one parent and 10 sub-groups. That's been a pain point for us. We've done some workarounds, but since there is no integration, it's tough.
For how long have I used the solution?
I have been using SentinelOne for about two years.
What do I think about the stability of the solution?
We haven't had any issues, outages, or upgrades. I would rate the stability at 10 out of 10.
What do I think about the scalability of the solution?
One of the features that we love about SentinelOne is that we don't have to buy licenses ahead of time. It just scales up as we grow. We're bringing on a client now that has 500 endpoints and I don't have to worry about contacting sales at SentinelOne and getting a PO for 500 licenses. It just scales up and we're charged based on what we use, which is awesome.
The solution is on 100 percent of our clients that we manage, and that's going to be the goal moving forward. Our sales team does not put in a contract without SentinelOne.
How are customer service and support?
SentinelOne technical support has always been very quick and responsive. We haven't used them a lot. We're a technology company as well and we're able to fix the minor stuff ourselves or by looking at a knowledge base.
One of our concerns or complaints at the beginning was the lack of training, which they fixed. They allowed us to schedule our staff to do the eight hours of free training, which was great. That would have been my only complaint, but that was resolved a few months ago.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We didn't have any EDR solution in place like SentinelOne. We had Bitdefender for antivirus, but that has been removed. Our existing antivirus was failing in several ways. It wasn't detecting everything that was coming through. That was the big catalyst for the switch.
Originally, we had SentinelOne through SolarWinds, which was our previous RMM tool. And when we migrated to ConnectWise, we moved our existing licenses over.
How was the initial setup?
The initial setup was straightforward. It was through our RMM. We bought licenses and we had a one-click deployment to deploy that software. And when we migrated, the gentleman who helped us was awesome. We migrated 9,000 endpoints from that RMM directly into SentinelOne, and he did a lot of the heavy lifting. We just had to check and confirm things were getting moved over.
The migration of the 9,000 agents took 10 to 14 days.
Our implementation strategy included a deployment where we would do a test phase. We picked certain endpoints at different clients and we would deploy and set it in a "listen-only" mode and see what it caught. If everything was good, we would then turn it on to regular mode. That process helped a lot in the implementation.
We have about 75 people in our company using SentinelOne. The main roles among them are about 60 percent help desk, which is view-only; 20 percent client-side, which is reporting and view-only; and the rest are our engineering level where they have the ability to do rollbacks and fix certain issues that are coming in. There is very little maintenance involved with the solution, maybe a handful of hours a month. We have it set up to auto-update. Prior to that, we had to set up our script to download the most recent version, but that's all been replaced now with automation. Maintenance on the actual system is very minimal.
What's my experience with pricing, setup cost, and licensing?
In the past, we had to purchase licenses in advance, so if we hit our license limit, we could not expand until we got a signed agreement in place with the sales rep after the back-and-forth. That meant if a client had ransomware and they had 200 agents, we couldn't deploy right away if we were up against our limit. So we always had that balancing act of figuring out if we were close to our limit and whether we needed to buy more licenses? We ended up paying for licenses we didn't need because we had to buy them in packages of 100.
We now pay based on usage. They do an audit once a quarter and calculate any overages. We pay a set amount quarterly, based on our licenses in use, and then they true-up the figure. Right now we have 12,800 agents with SentinelOne on them. We charge our clients monthly, so it would be really difficult for us to write a check to SentinelOne, in advance, for a full year's worth, at that level. It's been great for us to have the quarterly payments.
Which other solutions did I evaluate?
We looked at CylancePROTECT in addition to SentinelOne. We liked the pricing better and the contract options better with SentinelOne. The deployment also seemed to be easier. In addition, SentinelOne detected things that others missed. We did a few quick trials of other solutions, but SentinelOne seemed to be the best in terms of detection. For example, we did a test with Mimikatz and SentinelOne detected it immediately, whereas some of the others bypassed or didn't see it at all.
And when we talked to the ConnectWise sales rep—because ConnectWise was integrated with Cylance at that point, and SentinelOne was not—the rep told us that they were actually dropping Cylance and moving to SentinelOne over the next year for integration, which was a big factor for us.
What other advice do I have?
My advice would be to implement SentinelOne immediately. It is one of the top things that we've implemented and it has saved us countless hours. It's really hard to quantify the savings, but if a client were to get ransomware, it could involve weeks of several team members working around the clock to get them back up and running. Since we've implemented this, we haven't had to do that in an environment where we had experienced having to do so previously.
The biggest thing I've learned from using SentinelOne is that there are a lot more attacks out there than a typical antivirus will display. Regular antivirus, rather than an EDR-type platform, gives people a false sense of security because there are a lot of processes running in the background that the typical antivirus solution is not equipped to catch. It was eye-opening when we started deploying this at clients, locations where we felt we had very good peace of mind in terms of what was happening. SentinelOne started detecting things left and right that were completely unable to be seen prior.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
Information Security Principal at a venture capital & private equity firm with 1,001-5,000 employees
SentinelOne Singularity is an AI-driven EDR/XDR platform that detects and responds to threats in real time.
Pros and Cons
- "SentinelOne is the next-generation EDR solution."
- "Overall, the time saved, lower incident impact, and improved security confidence clearly justified the investment."
- "The solution does not have an application security and control module."
- "However, for complex cases—especially agent-related problems—we sometimes need remote assistance, and that level of support is not included in the basic subscription."
What is our primary use case?
Our main use cases are endpoint protection, EDR, and automated threat response for users and servers. We also use it for ransomware protection, threat hunting, and incident investigations. One thing that helped us a lot is the single-agent approach, because we don’t need multiple tools or agents installed on every machine.
It reduces complexity and makes deployment and updates much easier across different entities. The automated isolation of compromised endpoints has also saved a lot of manual effort. Overall, we use it to improve detection, response, and visibility on all endpoints with minimum overhead.
How has it helped my organization?
SentinelOne has had a very positive impact on our security posture. We see threats being stopped in real time without waiting for manual action. This has reduced the stress on our team and lowered the number of incidents we need to handle directly.
The automatic isolation and remediation really helped us shorten response time. The ransomware rollback feature also gives peace of mind, especially in critical environments.
We now have much better visibility into what actually happened during an attack, which helps with investigations and closing gaps. Overall, it has saved us time and improved our confidence against modern threats.
What is most valuable?
The best feature for us is the autonomous response. We don’t have to wait for a security analyst—SentinelOne isolates the device, kills the malicious process, and stops lateral movement automatically. The ransomware rollback capability is also something we really value because it gives confidence that even if something slips through, we can undo the damage.
The visibility and forensic details are excellent; it actually tells a story of what happened instead of just showing alerts. This helps our investigations and audits a lot.
Performance-wise, the agent is lightweight, and deployment was very smooth across different entities. Overall, the combination of prevention + response + forensics in one platform has been the biggest advantage for us.
What needs improvement?
SentinelOne works very well overall, but there are a few areas that could improve. The reporting and dashboards could be more customizable, especially for audit and compliance needs. Sometimes the UI feels a bit complex when you’re trying to drill down quickly.
More built-in analytics and ready-made reports would help a lot. Also, alert tuning could be simpler, because in some cases we still get false positives that require manual review.
It would also be great to see more visibility into identity-related attacks in future releases. Overall, nothing critical, but these improvements would make the platform even stronger.
For how long have I used the solution?
We have been using SentinelOne Singularity Complete for roughly four years in our production environment.
What do I think about the stability of the solution?
It is a very stable solution.
What do I think about the scalability of the solution?
It is a scalable solution. Everyone is using this solution in our organization, with almost 2000 users. It's mandatory for us to install this EDR solution on all the inputs.
How are customer service and support?
Customer support has been generally good for us, and most questions are handled properly. The platform is stable, so we don’t need support very often. For normal issues, the response time is fine.
However, for complex cases—especially agent-related problems—we sometimes need remote assistance, and that level of support is not included in the basic subscription. In those situations, the resolution can take longer. Overall, support is helpful but could improve in advanced troubleshooting.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Yes, we previously used Trend Micro. We switched to SentinelOne because we wanted stronger detection capabilities, faster automated response, and better visibility into advanced threats. SentinelOne’s AI-based approach and single-agent design were important factors for us, along with the ability to automatically isolate and remediate incidents without relying completely on manual action.
How was the initial setup?
The initial setup was straightforward. We use the SaaS model, cloud-based solution, and console on cloud, so it's very straightforward. I rate the setup a 4.8 out of five, and I would give it a five if they added application control.
What was our ROI?
Yes, we have seen clear ROI after moving to SentinelOne. The biggest saving has been the reduction in manual investigation and remediation time. Since most incidents are handled automatically, our team spends less time reacting and more time on proactive work.
We also avoided several potential ransomware impacts, which in itself protects us from large financial and operational losses. The single agent and tool consolidation also reduced the need for multiple products and maintenance efforts.
Overall, the time saved, lower incident impact, and improved security confidence clearly justified the investment.
What's my experience with pricing, setup cost, and licensing?
Pricing is okay and costs almost the same as Trend Micro. We have a partnership with SentinelOne, and it costs about $30 to $35 per user per year.
Which other solutions did I evaluate?
We also evaluated Malwarebytes and CrowdStrike before choosing SentinelOne. Malwarebytes was simple to use but it didn’t provide the same level of autonomous response or forensic depth that we needed. CrowdStrike was strong in detection, but overall SentinelOne offered better rollback, a single-agent approach, and more automation.
In the end, SentinelOne gave us a more complete platform for prevention, response, and investigation rather than just detection. The balance of features, automation, and usability was the main reason we selected it.
What other advice do I have?
I rate this solution a ten out of ten. SentinelOne is the next-generation EDR solution. Once it is installed, no action is required from the end user. It's machine learning and AI integrated, and 95% of threats are blocked. It's a great product.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Dec 14, 2025
Flag as inappropriateExecutive Director of Information Security and Compliance at a pharma/biotech company with 51-200 employees
Multi-feature, easier to use, flexible, and provides excellent technical support
Pros and Cons
- "SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment."
- "In terms of areas for improvement in SentinelOne Singularity Complete, it needs to give more straightforward directions or communication about detection or what has been detected."
What is our primary use case?
My company leverages SentinelOne Vigilance and SentinelOne Singularity Complete for managed SOC.
What is most valuable?
SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool, with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment.
SentinelOne Vigilance is one of the feature sets of SentinelOne Singularity Complete as a whole, and my company found SentinelOne Singularity Complete a little bit easier to use and flexible; plus, it had several feature sets.
What needs improvement?
I've not been using SentinelOne Singularity Complete for a long time to have a lot of feedback on its areas for improvement, as my team is still learning the tool, but what comes to mind is the need for it to give more straightforward directions or communication about detection or what has been detected.
For how long have I used the solution?
We officially deployed SentinelOne Singularity Complete, including its feature set SentinelOne Vigilance, about three months ago.
What do I think about the stability of the solution?
SentinelOne Singularity Complete has been very stable, so it's an eight out of ten for me, stability-wise.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete is a scalable solution, which is one of the reasons why my company uses it.
How are customer service and support?
I found the technical support for SentinelOne Singularity Complete excellent, especially in terms of communication. Support is nine out of ten for me.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used Atos as our SIEM tool and wanted to replace it with a newer technology, so we're now using SentinelOne Singularity Complete.
How was the initial setup?
I'm involved in deploying SentinelOne Singularity Complete, and I found the process straightforward. My company is still going through with the deployment because of the ninety-day deployment model.
What about the implementation team?
I have people in my team assisting with SentinelOne Singularity Complete implementation.
What was our ROI?
I've seen ROI from SentinelOne Singularity Complete within a month after deploying the solution, mainly after my company started getting different alerts, which I was happy about.
What's my experience with pricing, setup cost, and licensing?
I found the pricing for SentinelOne Singularity Complete reasonable, which is one of the reasons my company went with it.
What other advice do I have?
SentinelOne Singularity Complete requires just a little bit of maintenance, as my team has to update agents and do some finetuning, but not too much.
My rating for SentinelOne Singularity Complete as a solution is eight out of ten.
My advice to people looking into using SentinelOne Singularity Complete is to ask for sample reports and processes to understand how SentinelOne would let you do it.
The company I work with is a SentinelOne customer.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Security Engineer at a financial services firm with 51-200 employees
Provides deep visibility and has competitive pricing, but should support Terraform and dynamic tagging
Pros and Cons
- "The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
- "There should be Terraform support for console administration. Dynamic tagging would be also useful."
What is our primary use case?
We use it as an Enterprise EDR solution for threat detection, anti-malware, and security investigations.
How has it helped my organization?
SentinelOne Singularity Complete has greatly enhanced our security posture. We feel that our endpoints are more secure. We are in the know of what is happening within our company from a security perspective. We are confident in the ability to detect untrue positives. It has also helped us in achieving industry certifications such as SOC 2.
SentinelOne Singularity Complete has absolutely helped reduce our organization's mean time to detect. There has also been an impact on our mean time to respond. With the integrations that we have set up with Splunk and other products, we are able to respond to incidents as soon as they alert us.
We have a couple of integrations with it. They are alright. I am not blown away by its integration capability.
SentinelOne Singularity Complete has not helped reduce alerts. If anything, we create more alerts with it. We are able to fine-tune the product to reduce noise and alerts, but without it, we would not have any alerts. It is the piece of software that provides that alerting capability for us.
SentinelOne Singularity Complete has not helped free up staff. In a way, it creates work for us, but that is the purpose of the product.
What is most valuable?
The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features.
What needs improvement?
There should be Terraform support for console administration. Dynamic tagging would be also useful.
The auto-upgrade capability should be improved.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for two years at this company. My company has been using it longer than that.
What do I think about the stability of the solution?
Its stability is pretty good. I like the stability of their agent.
What do I think about the scalability of the solution?
It is extremely scalable.
How are customer service and support?
Their technical support is pretty good. I would rate them an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I was not here when they bought this solution, but I know why we bought the tool. We replaced another EDR solution, and then we used it as our enterprise EDR solution for ransomware prevention, threat hunting, and security investigations. We were using CrowdStrike previously. SentinelOne Singularity Complete also saved us money. It is very competitive compared to CrowdStrike.
I have used a couple of EDR solutions. SentinelOne Singularity Complete is less mature than CrowdStrike, but it is definitely one of the top players in the industry.
SentinelOne Singularity Complete has not helped reduce our organizational risk. It is about the same as CrowdStrike in this aspect.
How was the initial setup?
We have it on our laptops and the cloud, so our setup is hybrid. I am in charge of deployment, and it is as simple or complex as any other solution.
It requires maintenance on our end.
What about the implementation team?
We have a team, but I do most of the work. I am in charge of it.
What was our ROI?
It is hard to define the ROI. It does not save us money, but it prevents security breaches. In the grand scheme of things, it is definitely worth investing in.
What's my experience with pricing, setup cost, and licensing?
Its pricing is competitive.
What other advice do I have?
It has competitive pricing and great support. It is a complete solution.
As a strategic security partner, they collaborate with us quite a bit on our overall posture. They constantly have webinars and education sessions for us to deepen our security knowledge and how to use their product. They have assisted us on various PoCs for different offerings that they have and different services they offer. They help us to understand how each of those components integrates into our overall security posture. We did a PoC of the Ranger functionality.
I would rate SentinelOne Singularity Complete a seven out of ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Co-Founder at First Defense WLL
Very unique integrations that share data with security vendors via the API
Pros and Cons
- "The solution offers excellent detection and integration capabilities."
- "DLP support would be a good addition."
What is our primary use case?
Our company is a platinum partner and uses the solution to provide endpoint protection for customers.
A few new customers require the on-premises solution but others use the cloud technology.
What is most valuable?
The solution offers excellent detection and integration capabilities.
Integrations talk to other security vendors and share data with the help of the API. No other product offers this functionality.
What needs improvement?
The solution is a bit costly for some customers.
DLP support would be a good addition. Currently, there are multiple vendors and agents on endpoints. The solution looks at data from a specific documentation view so it would be beneficial to use that same documentation to look at DLP.
For how long have I used the solution?
I have been using the solution for six years.
What do I think about the stability of the solution?
The solution is stable so I rate it a nine out of ten.
What do I think about the scalability of the solution?
The solution is very easy to scale. Scalability is the best and the GUI itself is very fast with no issues. A customer with 10,000 clients still gets fast responses.
How are customer service and support?
Technical support is very good and helpful in getting results.
The turnaround time for solving bugs or finding workarounds for customers is quick.
How was the initial setup?
The setup is simple and the solution can be deployed using any tool. Vendors can also remotely deploy the solution.
If the solution is set up properly with the right policies and processes in place, then it won't require too many maintenance resources. Customers can also utilize the solution's NDR service instead of staffing that position. One technician can easily handle ongoing maintenance.
What about the implementation team?
We implement the solution for customers.
What's my experience with pricing, setup cost, and licensing?
The pricing is comparable with other vendors but some customers find it a bit costly. There is a bit of pricing flexibility with the solution, but initial quotes can surprise customers.
I rate pricing a six out of ten.
Which other solutions did I evaluate?
The solution stands out because has excellent detection and integration capabilities. In my opinion, the solution is better than Microsoft, CrowdStrike, and Palo Alto.
What other advice do I have?
Customers are very happy with deployments and stick with the solution year after year.
I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Offers advantages like real-time detection
Pros and Cons
- "The XDR capability is quite good."
- "The solution should include USB blocking for specific machines."
What is our primary use case?
Our company serves as resellers and solution engineers for our enterprise customers. We deploy and support the solution in customer environments.
What is most valuable?
The XDR capability is quite good and offers advantages such as its real-time detection that is superior to CrowdStrike. I hear that face detection capabilities have also been added.
What needs improvement?
The dashboard should include troubleshooting because it can have problems.
Sometimes, the XDR does not configure its policies for data security on time.
The XDR should include ECI compliance, multiple data securities, and the load balancer for network firewalls under one umbrella. It would be beneficial to buy a salient solution that does everything.
The cloud side could be improved to include security, advanced integrations with other products, storage accounts, monitoring, and support.
The solution should include USB blocking for specific machines.
For how long have I used the solution?
I have been using the solution for one year.
What do I think about the stability of the solution?
The solution is stable with no issues.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The technical support is half and half. They offer good support but response time is slow. Sometimes, you have to contact multiple engineers to get good information and that is a challenge.
How would you rate customer service and support?
Neutral
What about the implementation team?
We deploy the solution for customers.
Which other solutions did I evaluate?
The solution's XDR is superior to CrowdStrike.
What other advice do I have?
I am satisfied with the solution and rate it an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Deputy General Manager at SLT Visioncom Pvt Ltd
Good scanning and protection but needs to have a faster setup process
Pros and Cons
- "The solution is easy to set up."
- "However, this solution is very good at detecting abnormal behavior, they act very fast and quarantine machines well, and we find that having an endpoint protection solution allows us to adapt and react faster."
- "The solution can use up a lot of resources when scanning. It would be ideal if it was lighter."
What is our primary use case?
We outsourced the operation to a partner, a supplier, and they have managed those services. If the product does identify some abnormal behavior, our supplier is informed, and our main IT division or group IT division is informed. They correct the machine, and they do whatever they need to do.
What is most valuable?
Nowadays, there is a lot of malware and various other malicious threats. Our system is an internal system. There might be a firewall there, however, malware can still get through an email. However, this solution is very good at detecting abnormal behavior. They act very fast and quarantine machines well.
We find that having an endpoint protection solution allows us to adapt and react faster.
I can put something on my pen drive and get the solution to scan it and see if there are any issues. They can identify and block without affecting any core sections.
The solution is easy to set up.
It's stable.
What needs improvement?
The solution works quite well and I don't have many notes for improvement.
The solution can use up a lot of resources when scanning. It would be ideal if it was lighter.
We find the initial setup does take some time, as you have to do a lot of whitelisting. We'd like the process to be faster.
For how long have I used the solution?
I've used the solution for a while. It's been more than two years.
What do I think about the stability of the solution?
The solution is pretty stable. I'd rate it seven out of ten. It's pretty reliable.
What do I think about the scalability of the solution?
You can scale the solution. However, you do have to pay more to expand as you need to purchase more licenses. At this point, we get additional blocks of licenses when we need them. We do not upgrade one license at a time.
We have about 5,000 clients on the solution currently.
How are customer service and support?
I do not have much experience with technical support.
Which solution did I use previously and why did I switch?
We also have Microsoft Defender. They are two different products. We use Defender on our machines and workstations, however, not for endpoint security reasons.
How was the initial setup?
IT installed the solution on my machine.
That said, my understanding is the initial setup is not overly complex. At first, however, we had to do some whitelisting. You need to perform a few operations, and we had to reinstall the OS, install a backup, and handle whitelisting. While it takes time, it's not hard.
What's my experience with pricing, setup cost, and licensing?
I'm not sure of the exact pricing of the solution. That's handled by a different team.
Which other solutions did I evaluate?
We have an IT department that may look at other options, depending on the use case. They've looked at, for example, Sophos, however, they found SentinelOne to be more suitable for us.
What other advice do I have?
I'm an end-user and not very technical.
While the solution is cloud-based, there's an on-prem server, and that is for the administration of our nodes. Mainly, the subscription is controlled by the cloud.
I'd rate the solution seven out of ten. Depending on the use case and if it makes sense for the company, I'd recommend the product.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Technical Team Lead at Alepo
User-friendly with reasonable pricing and good support services
Pros and Cons
- "We find the solution to be scalable."
- "Protection from cyber attacks is the feature we find the most valuable."
- "They need to improve how we install the software."
What is our primary use case?
The primary use case is as an endpoint detection and response software. Basically, it is an enhanced antivirus, anti-malware, and anti-ransomware solution. It protects from ransomware attacks and other types of cyber attacks. It protects the endpoint from malicious actions.
What is most valuable?
Protection from cyber attacks is the feature we find the most valuable.
It's a stable product.
We find the solution to be scalable.
Technical support is good.
The pricing is not too high.
It has a pretty simple user interface and is user-friendly.
What needs improvement?
They need to improve how we install the software. For the agent of SentinelOne in the endpoint, it's not an automated process. We have to download it and then upload it on the endpoint. That is something that can be made simple. The uploading of the software in the endpoint, if that can be done publicly, would be great. The setup should be available publicly. The agent installation should all be done in the cloud.
For how long have I used the solution?
I've been using the solution for more than a year.
What do I think about the stability of the solution?
The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
The solution scales well. You can expand it as needed.
We are a small organization and have around 200 to 250 people on the solution.
How are customer service and support?
The management is outsourced, and I find they are doing a very good job. We are satisfied with how we are able to get help if we need it.
Which solution did I use previously and why did I switch?
This is the first EDR solution we used. We did not have another solution in place beforehand. We only used basic antivirus software previously.
How was the initial setup?
The initial setup is annoying since you have to download the agent and then upload it to the endpoint.
For maintenance, basically, I'm the admin for SentinelOne. Also, there is a different organization altogether to whom we have outsourced the management of SentinelOne. They have their own employees. Their particular team would be working for our organization. They are an SoC organization, and they work 24/7 for various clients. We are one of their clients.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable.
I'm not sure of the exact costs, as those are managed by a different team.
What other advice do I have?
I'm a client and end-user.
The solution is pretty easy to implement and administrate. We have not tried to integrate it with other solutions. While the pricing is reasonable, it's a bit more than typical antivirus software. That said, it has advanced functionalities that make the price worthwhile. Therefore, I would rate it nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR) AI-Powered Cybersecurity Platforms AI ObservabilityPopular Comparisons
CrowdStrike Falcon
Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint
IBM Security QRadar
Elastic Security
Huntress Managed EDR
HP Wolf Security
Trellix Endpoint Security Platform
WatchGuard Firebox
TrendAI Vision One
TrendAI Vision One – Cloud Security
Microsoft Defender XDR
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?


















