SentinelOne Singularity Endpoint is used for endpoint security to detect, prevent, and respond to cyber threats in real time. Using AI-based behavior analysis, it helps the SOC team to investigate incidents, automate responses and actions, and protect systems from malware and ransomware. SentinelOne Singularity Endpoint includes EDR, XDR, and NGAV.
Automated threat response has reduced alerts and protected endpoints with rapid rollback recovery
Pros and Cons
- "Everything is perfect with SentinelOne Singularity Endpoint; there are no stability problems, and the system is very reliable and hands-on."
- "Dislikes include high false-positive alerts and resource consumption issues with CPU and disk usage."
What is our primary use case?
What is most valuable?
A favorite feature of mine about SentinelOne Singularity Endpoint is the VSS rollback feature, which is most valuable. If a laptop is infected with any malware, there is an option to rollback files and recover them from before the attack happened.
Using SentinelOne Singularity Endpoint has helped me reduce alerts because it is integrated with FortiSIEM, one of the leading SIEM tools, and with SOAR technology. Whenever alerts come on SentinelOne Singularity Endpoint, they are directly raised to SOAR technology automatically. This is an automatic tool, so manual interaction is not required. All work is done by SentinelOne Singularity Endpoint, and I only have to take action on the analyst's verdict to determine if it is a true positive or false positive and investigate accordingly.
What needs improvement?
Dislikes include high false-positive alerts and resource consumption issues with CPU and disk usage.
Ranger functionality is for network discovery and control features. Its primary role is to identify and manage unmanaged devices on the network by detecting rogue devices in detections. It ingests logs from network sources and captures threat metrics, including IOCs. However, I cannot confirm if SentinelOne Singularity Endpoint releases the alert through Ranger, as I have not worked heavily on this feature because the Ranger functionality license is not available. SentinelOne Singularity Endpoint captures different telemetry from network devices.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for 2.3 years in my career.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
What do I think about the stability of the solution?
Everything is perfect with SentinelOne Singularity Endpoint. There are no stability problems, and the system is very reliable and hands-on.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is very good in scalability. Scalability is extremely easy to achieve as new endpoints and new detection points come on board. The system can scale any number of times, and only the license for each endpoint is needed.
How are customer service and support?
Whenever I get stuck on any alert with SentinelOne Singularity Endpoint and do not understand it, or when I face any admin task challenges, I manually open a ticket with the customer team. Every time they help regarding the case. Each day, if I get stuck anywhere in SentinelOne Singularity Endpoint, whether with any admin task or threat hunting, the tech team or support team will surely help.
For the support team of SentinelOne Singularity Endpoint, I would rate them nine out of ten because there is a human voice there, so they are listening and responsive.
Which solution did I use previously and why did I switch?
For the first two years in my organization, I used Symantec AV. After that, I changed my domain to SentinelOne Singularity Endpoint.
How was the initial setup?
The initial deployment of SentinelOne Singularity Endpoint is easy and very straightforward. All that is needed is to set up a tenant and create a package file. Once installed, it automatically connects to the management console, and the entire system can be set up in one or two hours.
What about the implementation team?
For one customer of SentinelOne Singularity Endpoint, one to two people are enough for deployment. Because we are a partner with SentinelOne and have many customers, one to two members are sufficient for each customer deployment.
What's my experience with pricing, setup cost, and licensing?
I do not have knowledge about the pricing of SentinelOne Singularity Endpoint, as the sales team handles that. However, based on my knowledge, SentinelOne Singularity Endpoint is very flexible in its pricing range at approximately $9 to $10 per endpoint. We have 5,000+ endpoints because we are an MSSP provider, making it cost-effective.
Which other solutions did I evaluate?
I would choose SentinelOne Singularity Endpoint. In Symantec AV, there is only signature-based and behavior-based threat detection, whereas SentinelOne Singularity Endpoint has advanced behavior AI and pre-static AI. In Symantec AV, alerts must be manually raised and actions taken on the endpoint, but SentinelOne Singularity Endpoint has fully automated AI. The use cases are moderate in Symantec AV, but SentinelOne Singularity Endpoint is very easy with a modern UI. I prefer SentinelOne Singularity Endpoint because I have worked with both.
What other advice do I have?
The mean time to detect with SentinelOne Singularity Endpoint is very low. The mean time to respond for SentinelOne Singularity Endpoint is approximately two to three minutes since it is integrated with SOAR, and alerts are raised within that timeframe. From endpoint to console, alerts are received in real time with no lagging. SentinelOne Singularity Endpoint requires no maintenance. Since we have a partnership with the SentinelOne Singularity Endpoint team and are an MSSP provider, no maintenance is required. My overall rating for this review is eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. MSSP
Last updated: Apr 19, 2026
Flag as inappropriateCyber Security Trainee at DataSpace Academy
Log analysis has become faster and more accurate, enabling precise threat detection
Pros and Cons
- "I have tried some paid tools, but I have found that Singularity Platform is far better than others, and as a log analyst and SOC analyst, I find it better than others."
- "Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced."
What is our primary use case?
My use case for the solution is scientific research involving legacy software on older OS versions for complex overflows.
What is most valuable?
The best features of Singularity Platform are AI-powered autonomous threat detection and extended detection and response, along with cloud workload protection.
Regarding the real-time personalization features, I find that it helps me in detection. It assists me to find detections and furthermore evaluate the detections. It helps me a lot because it is completely beneficial, showing fewer alerts than competitors. In other competitors, alerts are excessive, but here the alerts are fewer rather than too many. It is much more useful for me compared to other products.
The real-time monitoring capabilities are much faster. I would say that it is significantly faster in decision making. In my previous experience with other log analysis tools, whether paid or free, the processing time was excessive, but here the processing time is very minimal and I get what I need very quickly.
What needs improvement?
Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced. If the control were more robust, then it would be better. For instance, when I analyze a log using Singularity Platform, the logs I see are clear, but if they were more descriptive, it would be much better. For example, when I find a log suspicious, if it automatically points out that a particular point in the log at a specific timing or frame is looking malicious, it would be easier for me. I would not have to go through many logs to find this information.
For how long have I used the solution?
I have been using Singularity Platform, which refers to SentinelOne, for a few months, approximately five to six months.
What do I think about the stability of the solution?
Regarding stability, I have not encountered any downtime. Depending on my system where I use it, I have seen that even with less RAM, it does not lag. In other SIEM tools, they give lags and glitches, but I have not found any bugs. It is working well.
For stability, I would rate it a nine out of ten.
What do I think about the scalability of the solution?
Singularity Platform is scalable. On scalability, I would rate it between eight and 8.5.
How are customer service and support?
For technical support, I have not needed any technical support until now, so I cannot answer clearly. However, I hope it will be nice because if the application is working so well, why would I need technical support? I think if I need technical support, it will be good.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I have tested Splunk Enterprise edition and the paid editions, and I have also tested Wazuh. I have tried some paid tools, but I have found that Singularity Platform is far better than others. As a log analyst and SOC analyst, I find it better than others.
How was the initial setup?
The deployment is easier. When I compare it with other SIEM tools, it is much easier. There are not too many settings I have to adjust. For example, with Splunk, it takes too many settings to set up on AWS, but here it does not require too many settings and it does its work well.
What about the implementation team?
Initially, we used two people, and then we expanded to three people using it.
What was our ROI?
If I estimate how much time it has saved me, I would say it has saved almost 30 to 40 percent of time compared to other tools.
What's my experience with pricing, setup cost, and licensing?
In terms of pricing, I will say that it is worth it for me. Living in India, it is natural for us to prefer things a little cheaper, but whatever the price is, it is worth it. However, as a SIEM tool, if it were priced less, many more people could explore it.
What other advice do I have?
Regarding the fraud detection feature, I did not use it until now, but I have explored the features of fraud detection.
In fraud detection, the logs which are generated and captured are much clearer, meaning clarity is very good in respect to other platforms. I found that the clarity is very good. It also minimizes false positives, which is critical in some situations. Furthermore, the method is top-performing with a wide range of data sets and evaluation matrices.
Maintenance is necessary with Singularity Platform, as artificial intelligence is implemented, so it is 100 percent needed. It depends on the user and the application totally, but the maintenance is needed.
My feedback is that I will surely recommend it. I have already recommended it to many of my colleagues and I will continue to do so in the future. If it is giving us benefits, then why would I not recommend it? I would give a rating of 10 out of 10 for recommendation.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Mar 2, 2026
Flag as inappropriateBuyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
Security Engineer at Softcell Technologies
Autonomous threat detection has reduced alert fatigue and improves endpoint protection
Pros and Cons
- "SentinelOne Singularity Endpoint offers the best features in the market at an affordable rate, providing a secure solution."
- "I feel that the custom dashboard feature is absent in SentinelOne Singularity Endpoint, as I can only use a default dashboard."
What is our primary use case?
I deploy SentinelOne Singularity Endpoint agents on my client's servers and other endpoints to secure those systems.
What is most valuable?
SentinelOne Singularity Endpoint offers the best features in the market at an affordable rate, providing a secure solution. The easy-to-understand user interface and Purple AI are standout features.
Correlation is important, and I have correlated SentinelOne Singularity Endpoint with other types of devices and created several correlation use cases, making it feasible to create multiple correlating use cases.
It helps secure my infrastructure because it has a very fast response. The moment it detects a vulnerability or any threat malware on any file, it creates an alert and quarantines that file automatically, proving very reliable and saving significant time.
It does help reduce alerts. Although it generates many false positive alerts initially, when managed properly by deploying custom use cases, it detects only the required alerts, saving considerable time by marking only true positive alerts.
SentinelOne Singularity Endpoint is a fully AI-based model, negating manual tasks and allowing me to save considerable time to manage other priorities.
It saves a lot of time by detecting alerts in real-time and automatically quarantining malicious files.
It does help reduce my organization's mean time to detect.
I have used the Purple AI feature that SentinelOne Singularity Endpoint provides quite extensively.
I have used Purple AI for identifying IOCs on my client infrastructure. Regarding data privacy, I do not rely on external LLMs like ChatGPT or Claude due to potential misuse of my valuable data. Purple AI, being SentinelOne Singularity Endpoint's in-house automated intelligence, is much more reliable from a data privacy perspective.
Purple AI has been very effective for my team, providing various features including the Copilot feature, which allows me to identify many non-present IOCs quickly and retrieve information in a very fast manner, saving considerable time.
It provides IOCs, which are a form of threat intelligence. By utilizing Purple AI, I am effectively preventing my clients from various forms of threats.
For Security Operations, it saves considerable time by performing quarantine automatically whenever a threat is detected.
The biggest benefit SentinelOne Singularity Endpoint brings to my particular customer is its fully autonomous capabilities, automating threat detection and auto-remediation rules, making it efficient.
What needs improvement?
I feel that the custom dashboard feature is absent in SentinelOne Singularity Endpoint, as I can only use a default dashboard. Additionally, for clients with large infrastructures of over a thousand endpoints, resource consumption can become high, which could be improved.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for more than a year.
What do I think about the stability of the solution?
There have not been any issues regarding stability. It is fully scalable, allowing me to scale up or down as needed.
What do I think about the scalability of the solution?
Regarding performance, I have faced some resource consumption issues for one particular client with a huge infrastructure. However, customer support resolves issues within the day, so I do not worry much about finding solutions.
How are customer service and support?
The customer support team is very good at responding to queries on the same day. I would rate them ten out of ten in customer support.
How was the initial setup?
I feel it is very easy to install SentinelOne Singularity Endpoint on any endpoint, as it just takes a few seconds to deploy and install the agent.
What's my experience with pricing, setup cost, and licensing?
I am aware of the pricing module for SentinelOne Singularity Endpoint, although I am not the person handling it directly.
The cost for SentinelOne Singularity Endpoint depends on a per-device basis, charging around eight to ten dollars per month per device, which can be multiplied by the number of devices I want to deploy.
It is very cost-effective compared to other solutions, as SentinelOne Singularity Complete is not that expensive and has an aggressive price point.
What other advice do I have?
I feel that in a week, for a particular client, five to seven alerts are generated. Out of those, if I estimate seven alerts, three would be suspicious, two false positives, and the remaining two or three would be true positives. I feel that twenty to twenty-five percent of alerts are false positives.
I would recommend that organizations choose SentinelOne Singularity Endpoint due to its impactfulness and low price, as I believe no other product offers what it does. My overall review rating for SentinelOne Singularity Endpoint is eight out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
Last updated: Jun 16, 2026
Flag as inappropriatePresales Lead & Delivery Lead at a construction company with 1-10 employees
Security has improved as I manage applications, automate investigations, and gain deeper visibility
Pros and Cons
- "Because I have done many deployments for SentinelOne, starting from 500 to 3,000 and 4,000 user customers, I can say that from the deployment perspective, SentinelOne Singularity Endpoint deployment is far more easy and very smooth."
- "When I write that I need a query for AnyDesk blocking, they say again that this is not part of their job."
What is our primary use case?
I am using only the XDR part of SentinelOne Singularity Endpoint. There are multiple use cases for SentinelOne Singularity Endpoint. From a deep visibility perspective, I need the XDR license. Whether I want to create a STAR custom rule or check multiple processes and multiple source process storylines, I need that XDR. I am looking for hop-to-hop malware detection, which requires XDR. If I am looking for any destination IP address and what is running in my organization for any ports that are open, perhaps the particular event type, there are multiple URL actions and categories to consider.
What is most valuable?
There are two or three things I would like to highlight about SentinelOne Singularity Endpoint. The first is the application inventory part. Many endpoint solutions do not provide inventory and the risk of the application, such as the severity in the endpoint machine. For that, we need to enable the policy, which is a different part. The application management is valuable because there are multiple applications running on endpoints. Without SentinelOne, I would need to purchase a new OEM or a new security tool to know the inventory of the machine. In SentinelOne Singularity Endpoint, apart from endpoint security from malware and other threats, we have the application management.
The second thing I appreciate the most is Purple AI. As a security analyst, there are many things I would rely on, perhaps on SentinelOne pre-sales or a security technical person to know after initial deployment. With Purple AI, I can search for what I need. If I want to create any block policy, create any specific allow rule, or do the whitelisting part, I can do it from there. Purple AI is overall the best thing I can highlight.
However, there are many things Purple AI cannot do. I do not know what relevance Purple AI is using in the backend. There is one module in SentinelOne called STAR custom rule. If I want to block AnyDesk or any other application on my endpoint, I need to run an SQL query for that. To run that query, I need to create it. If I am relying totally on Purple AI, I am not able to get the correct query to run. If I want to block any application, I may be relying on another head security analyst or I can do it on my own. I may need to create multiple queries. I do not think the STAR rule query in Purple AI is that efficient and not running as expected.
What needs improvement?
For maintenance of SentinelOne Singularity Endpoint, there are two things. If I need to create any maintenance or upgrade policy, that is a different matter. The customer is looking for the maintenance window and wants the upgrade part mainly on Sunday or Saturday, the weekend part. They do not want the auto-upgrade whenever SentinelOne pushes from the backend.
If I am looking at the impact of Purple AI on amplifying team knowledge, there are multiple things. If I am looking at how many endpoints are in my organization, how many endpoints have this application, and how many endpoints have multiple threats and alerts, I want to know how to reduce them. If I am asking particularly how to reduce the threat count, I do not think Purple AI can give this answer because AI is not particularly for this enterprise account. Purple AI is something I can rely on for multiple things, such as if I need to know how to create tags, policies, blocklists, exclusions, network control, device control, how to enable the firewall, and how to create a block policy with the hash. There are many things. If I need to install any agent on a particular Windows machine, whether it is 64 or 32-bit, or a Mac machine, or a Linux machine, or any other machine, how I need to add the token, and how I need to download the package are all considerations. Additionally, how to ensure that the agent is connected with my management plane is important.
For how long have I used the solution?
I have been using this product in my career for more than two years.
What do I think about the stability of the solution?
As a user interface, I am more comfortable with SentinelOne Singularity Endpoint. When talking about overall security, as far as I am concerned, there is no threat leaked, as I have seen in SentinelOne as well as in CrowdStrike. As a user interface and as a security analyst, I am much more comfortable with SentinelOne Singularity Endpoint.
What do I think about the scalability of the solution?
I have not experienced that much difficulty because I think two years back, there was no reduction I could see. However, nowadays, I think there is minimal reduction in changes. This is because two years back, the customer size was very different. Now SentinelOne is globally present, and in India, there are many customers using this. There are many data centers, which is why I think the reduction is possible.
Because I have done many deployments for SentinelOne, starting from 500 to 3,000 and 4,000 user customers, I can say that for the deployment perspective, SentinelOne Singularity Endpoint deployment is far more easy and very smooth. I have given the prerequisite document that is publicly available to the customer with all the things I already told them, such as what needs to be bypassed from the firewall. After that, for a 500-user deployment, I accomplished it in one day with the policy making.
How are customer service and support?
I have contacted the technical support and customer support of SentinelOne Singularity Endpoint.
I can tell you the complete story of my last case regarding the quality and speed of the support. I was taking up a query for the STAR custom rule. If I want to block AnyDesk for one of the customers, and the customer requirement is to block AnyDesk, there are multiple queries I can get from SentinelOne SEs, but the query is not working in my environment. My team raised a support ticket with SentinelOne, and the first thing they asked for is the logs. If I need only the query and do not have any problem with my endpoint, then there is no point to add a log. Without logs, communication is not possible. I need to collect logs from my machine, which is totally wasteful. I need to upload them, and then they will revert from SentinelOne support.
When I write that I need a query for AnyDesk blocking, they say again that this is not part of their job. It is part of SentinelOne SE or a product deployment team. I have two or three queries, and when I send them, there is no good response from their side. There may be a very long delay from getting answers.
Which solution did I use previously and why did I switch?
Apart from SentinelOne Singularity Endpoint, I am working on the EDR of CrowdStrike. The endpoint security is the same, but their approach and persona is very different to cater to customers. SentinelOne customers are totally different.
How was the initial setup?
In the initial deployment, the customer is facing many threats in the incident windows. From my experience, I can say that this is largely because in the backend, SentinelOne AI confidence level and the analyst's verdict are undefined. This is because it depends on whether the customer is taking the MDR or not. If the customer is relying on their threat analysis or on my analysis, there are many applications which are allowed in the organization, but by default, SentinelOne is blocking them because they are executable files. For decreasing the threats, I need to allow the hash value or I can directly go to the threats and allow it because there is a production thing which is needed in the enterprise. Initially, the flow is from 500 to 1,000 alerts in a day. Day by day, I think the analyst's verdict is what I need to refine. There are many false positives and true positives, and suspicious items. As an analyst, I may not be capable of knowing whether something is a real threat or not. I need to check the hash value for that on public security websites. If anything is publicly available, the hash is publicly available. I can directly rely on other public websites. If I enter the hash value, I can know whether it is part of something that another organization has faced. I can also take the verdict that it is a suspicious and true positive. I can mark it as the true positive.
What other advice do I have?
For the overall SentinelOne Singularity Endpoint, I would give a score of eight for the whole product. Regarding the price point of SentinelOne Singularity Endpoint, I do not know the exact number, but I have come from the community and attended many events. As far as the cost is concerned, before the CrowdStrike blue screen attack, CrowdStrike pricing was far more increased rather than SentinelOne. After the CrowdStrike shares decreased due to the blue screen attack, they are very competitive with SentinelOne nowadays.
The impact of Purple AI on investigations ultimately depends on what incident I got. I do not think the analyst should rely completely on Purple AI because there are many hashes or threats that are not publicly available. If things are not publicly available or not learned by the AI, I do not think I should rely completely on Purple AI. If I have any sort of data and see any pattern from my analyst's perspective, I can completely tell Purple AI that I think it can demonstrate the storyline that I am right. Based on that, I can take a decision, but I should not rely on the decision solely on Purple AI. My overall rating for this product is eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Last updated: May 22, 2026
Flag as inappropriateData Center Engineer at Impact Infotech Pvt. Ltd.
Automated endpoint protection has improved real-time threat detection and simplified compliance
Pros and Cons
- "Comparing SentinelOne Singularty Endpoint with other XDR solutions, the first thing is that it is easier to understand with a user-friendly interface."
- "As a user, I personally feel that in SentinelOne Singularity Endpoint, the customized dashboard could be improved. We were not able to create a customized dashboard in it."
What is our primary use case?
In my previous office, we used SentinelOne Singularity Endpoint for endpoint detection and response purposes. We deployed the SentinelOne Singularity Endpoint agent on our clients, client servers, desktops, laptops, and all other endpoints. We deployed those for monitoring and compliance purposes to secure those endpoints for security purposes.
What is most valuable?
In SentinelOne Singularity Endpoint, the fast response and detection it offers are what I appreciate the most. The biggest benefit I feel as a customer is that it is fully automated with threat detection capabilities. We just have to deploy the agents and we are good to go. There are already default use cases included with the product, so we do not have to customize the use cases every time in SentinelOne Singularity Endpoint. We just deploy the agent and as it is fully automated, we are good to go for threat detection.
Although it is a disadvantage, the false positive alerts generated by SentinelOne Singularity Endpoint is substantial, but if it is handled properly and the use cases are properly mapped with MITRE techniques and tactics, then I feel that the false positive alerts can be reduced to more true positive alerts.
SentinelOne Singularity Endpoint detects alerts in real-time. It has both static and dynamic types of detection. We do not have to wait for detection. It is much more secure because it is detecting alerts in real-time scenarios and does not take any extra time so that the SLA of our client can remain valid. Because it detects in real-time, it is much more secure.
What needs improvement?
As a user, I personally feel that in SentinelOne Singularity Endpoint, the customized dashboard could be improved. We were not able to create a customized dashboard in it. The default dashboards were only present and we were not able to customize anything. I think that could be improved. The resource consumption, such as high CPU and disk usage, can also be a downward factor.
Ranger functionality was present for SentinelOne Singularity Endpoint, but in our organization, that Ranger functionality was disabled.
What do I think about the stability of the solution?
I have never seen any downtime in SentinelOne Singularity Endpoint.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is scalable. We can scale up and scale down the number of endpoints we need depending upon the requirement. It is very scalable-friendly.
How are customer service and support?
For SentinelOne Singularity Endpoint, we get in touch with technical support because there have been multiple scenarios when we have to stay connected when we have no clue what we need to do. As the client has multiple requests, there are times when we just raise the query to customer support and they respond to us very quickly. There have been no issues, I feel. We have always been in touch with customer support and they reply to us on the same day. I have noticed this multiple times. Whenever we feel we do not know what to do, what to respond to the client, or how to do a particular thing, then customer support does help us multiple times.
The support of SentinelOne Singularity Endpoint deserves a rating of ten out of ten.
Which solution did I use previously and why did I switch?
We have used multiple alternatives. We have used CrowdStrike as well for XDR. Let me talk about other environments. We have used the same platforms and other platforms such as Splunk as well. For XDR, I have used CrowdStrike and SentinelOne Singularity Endpoint.
How was the initial setup?
I have not worked on integration, but I do know that the initial setup of SentinelOne Singularity Endpoint is very straightforward and very easy to do. All we need to do is set up the tenant, create the page file, and once we install it, it automatically connects within an hour. We just have to deploy the agent on whatever the server, desktop, laptop, or whatever the endpoint is.
What about the implementation team?
We worked as an MSSP, so we worked as a service provider. We provide services to multiple clients. Clients come and they go. The integration part happens, then we have to decommission it. There are several factors related to whether SentinelOne Singularity Endpoint was already deployed or when it was deployed.
What was our ROI?
For maintenance in SentinelOne Singularity Endpoint, we have to stay connected with the OEM in perspective of the version upgrade to stay up to date. The only thing is version updates. If there is any new update, then we have to stay updated.
What's my experience with pricing, setup cost, and licensing?
I cannot say exactly, but I can guess the pricing model for SentinelOne Singularity Endpoint. We have heard about the pricing model. While we were working on a client, our manager sent a proposed email to the client at that time. We saw how they were costing. They were costing on a per-device basis. Based on how many endpoints the client needs, they were charging per endpoint.
What other advice do I have?
Comparing SentinelOne Singularty Endpoint with other XDR solutions, the first thing is that it is easier to understand with a user-friendly interface. When we log in as a user, it is very user-friendly with sections for Threat, Incident, and Admin. The UI is very user-friendly. SentinelOne Singularity Endpoint is reliable and can be relied upon for security purposes to secure our systems. That would be a major factor comparing it with other products.
I have used the Purple AI feature in SentinelOne Singularity Endpoint for quite some time.
I feel data security is a very big factor when we talk about reliability and trust issues in terms of Purple AI. Nowadays, there are different LLMs such as Claude and ChatGPT, but reliability is the most competing factor. The Purple AI feature in SentinelOne Singularity Endpoint makes it reliable because we do not have to search for IOCs outside our environment by going to other large language models. Through Purple AI only, we can get recent IOCs and vulnerabilities circulating around. Purple AI does help us for reliability and integrity of our data.
I would rate this product nine out of ten overall.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 8, 2026
Flag as inappropriateSoc Analyst Trainee at Softcell Technologies Limited
Deep visibility and AI-driven rules have strengthened endpoint threat detection and response
Pros and Cons
- "I would recommend SentinelOne Singularity Endpoint to other users because its threat detection and alerting are very quick."
- "One area that has room for improvement in SentinelOne Singularity Endpoint is the inability to create a custom dashboard."
What is our primary use case?
My use case is for EDR purposes.
What is most valuable?
According to me, the best feature of SentinelOne Singularity Endpoint is the Deep Visibility. I think it is easy to check what a user is doing and what command is run. You can track this with the help of Deep Visibility.
SentinelOne Singularity Endpoint's ability to ingest and correlate across my security solutions is interesting. First is the Deep Visibility. The second one is a real-time threat you can detect in SentinelOne Singularity Endpoint. Then you can raise the alert to the client within a short period. Another one is Purple AI, which is the best, according to me.
Purple AI helps with my data privacy and security by providing a feature called Star Custom Rules. You can create a Star Custom Rule, and Purple AI is similar to ChatGPT, but it only gives answers specific to SentinelOne Singularity Endpoint. For example, you can create any rule and ask Purple AI, 'Please give me this type of alert query.' Then Purple AI will create a query according to your needs. There are many types of use cases already stored in Purple AI that you can use for your monitoring, and it is better for both your client's environment and our environment as well.
Purple AI plays a crucial role in my team's knowledge by allowing us to create rules that are not created in SentinelOne Singularity Endpoint by default, and it helps to create many types of alerts. For example, you can block any RDP tool such as Anydesk, and you can create such types of rules with the help of Purple AI.
Regarding how much SentinelOne Singularity Endpoint has reduced my alerts, we can say that on a daily basis, we have 8,000 to 9,000 endpoints from multiple clients, and we have triggered 10 to 15 alerts. When you start a full disk scan, the Sentinel scan runs on your machine, and during that time, alerts that are usually not triggered in SentinelOne Singularity Endpoint can be triggered.
The time to detect in SentinelOne Singularity Endpoint is around 15 to 20 minutes, which is when we raise an alert to the client and get confirmation. These alerts involve various EXE types, and we inform the client about these alerts triggered in their machines, allowing them to confirm if it is genuine or not.
What needs improvement?
One area that has room for improvement in SentinelOne Singularity Endpoint is the inability to create a custom dashboard. You cannot create any dashboard according to your needs, which limits alert triggers across different countries. If they improve this feature to allow for custom dashboards, it would greatly benefit our customers.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for the last two years and one month.
What do I think about the stability of the solution?
I rate the stability of SentinelOne Singularity Endpoint as 10 out of 10.
What do I think about the scalability of the solution?
I rate the scalability of SentinelOne Singularity Endpoint as 10 out of 10.
How are customer service and support?
I give SentinelOne technical support a 10 out of 10 because it is the best EDR tool.
Which solution did I use previously and why did I switch?
I have not used any other EDR, but according to me, SentinelOne Singularity Endpoint is the best. We have used CrowdStrike, but only for one and a half months. While CrowdStrike has more functions, it cannot provide visibility the way SentinelOne Singularity Endpoint does. SentinelOne Singularity Endpoint offers many options in a compact format, and its use is better than other EDR tools.
What other advice do I have?
I would recommend SentinelOne Singularity Endpoint to other users because its threat detection and alerting are very quick. We have used CrowdStrike for one and a half months, but SentinelOne Singularity Endpoint triggers alerts much faster. Its compact features allow us to check seven to eight features effectively, and its pricing is lower than other EDR products.
SentinelOne Singularity Endpoint has better pricing compared to other endpoints. CrowdStrike has a high value, but SentinelOne Singularity Endpoint's pricing is easier for any organization to handle.
Regarding maintenance, there is no need for maintenance according to me.
I give this product an overall rating of 10 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
Last updated: Apr 27, 2026
Flag as inappropriateAssociate Vice President at Novac Technology Solutions
Unified AI-driven protection has reduced alerts and accelerated cloud and endpoint security response
Pros and Cons
- "SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent."
- "I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete."
What is our primary use case?
My use cases include protecting my cloud security and endpoint security workloads with SentinelOne Singularity Complete.
What is most valuable?
The biggest benefit I get from SentinelOne Singularity Complete is that it protects my cloud security workloads and my on-premises server workloads against ransomware attacks and zero-day attacks.
SentinelOne Singularity Complete has a legacy API integration to connect my existing log management tool and my endpoint protection tool to interconnect my SOAR and SIEM platforms. This ability to ingest and correlate across my security solutions has been valuable.
SentinelOne Singularity Complete helps with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
SentinelOne Singularity Complete definitely helps reduce alerts in my case because it has AI functionality that investigates and detects threats. This detect and investigate capability from AI has helped us reduce alerts by almost twenty-five to thirty percent.
SentinelOne Singularity Complete helps reduce mean time to detection as it has an important feature called auto-remediation, which is a one-click rollback that allows us to restore identified files. This feature also helps on the false positive front.
SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent.
SentinelOne Singularity Complete helps free up my staff for other projects and tasks because it is easily scalable and managed with a single platform, allowing us to concentrate more on DevSecOps and providing visibility across endpoint, cloud workload protection, and my server environment in one platform.
Purple AI in SentinelOne Singularity Complete is important for data privacy and security as it provides granular level information on where I need to go and fix issues, which helps accelerate my operations for better performance.
The contextual intelligence feature of Purple AI in SentinelOne Singularity Complete helps me get the threat intelligence platform across my environment and allows me to share the advisories with my other platforms as well.
Purple AI amplifies team knowledge as I can use it in the manner of a managed detection and response service, allowing me to create a use case with my existing security analyst in response to alerts or triggering information. This provides me complete visibility across my security landscape.
Purple AI impacts SecOps workflows by providing complete end-to-end visibility across my channels and reducing manpower. The agentic workflows created by AI allow my analysts to have an easier job.
What needs improvement?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need to depend on one more module to get alert visibility. The alerting mechanism shows alerts on a single page, but I have to navigate to another page to get detailed visibility, which could be improved in the user interface.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for two years.
What do I think about the stability of the solution?
I have never seen any issues such as glitches, downtime, or latency with SentinelOne Singularity Complete.
What do I think about the scalability of the solution?
I do not face any scalability issues with SentinelOne Singularity Complete since it is a SaaS platform.
How are customer service and support?
The technical support for SentinelOne is good. I would give them eight points for support on a scale from zero to ten. To reach ten points, they could improve on threat intelligence and provide faster responses.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
SentinelOne Singularity Complete has helped with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
How was the initial setup?
I find the installation and deployment of SentinelOne Singularity Complete very easy.
What about the implementation team?
The deployment of SentinelOne Singularity Complete was done with a partner.
What was our ROI?
In terms of return on investment for SentinelOne Singularity Complete, I find it better since I am using the AI platform to reduce manpower costs, which helps with the return on investment.
Which other solutions did I evaluate?
SentinelOne Singularity Complete is less costly compared to CrowdStrike. From a technical side, I do not see much difference between SentinelOne Singularity Complete and other vendors.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Feb 16, 2026
Flag as inappropriateSecurity Administrator at Softcell Technologies Limited
Autonomous endpoint protection has strengthened investigations and reduced response times
Pros and Cons
- "The main benefits of using SentinelOne Singularity Endpoint are its capability to secure our clients' infrastructure effectively, providing better reliability compared to other tools like CrowdStrike, with a focus mainly on security."
- "SentinelOne Singularity Endpoint generates a high number of false positive alerts, which is a downside, along with high resource consumption leading to poor network connectivity."
What is our primary use case?
I am currently working with SentinelOne Singularity Endpoint for endpoint detection. As an MSSP, we provide services to our clients by deploying use cases to identify threats on their endpoints and servers.
For our clients, SentinelOne Singularity Endpoint is mainly used for investigation, incidents, and taking action to protect systems from malware and ransomware. We utilize AI-based behavioral analysis in real time to prevent cyber threats and different types of attacks.
SentinelOne Singularity Endpoint has helped us consolidate security solutions because we rely on it for security purposes, especially for ransomware, with incidents occurring almost every week among our clients. We have deployed SentinelOne Singularity Endpoint on our client servers and laptops using an on-premises deployment model.
What is most valuable?
The biggest benefit for my customer is that SentinelOne Singularity Endpoint is autonomous, where mostly everything is automated, including threat detection, auto-remediation rules, and setup, with the user interface being the best aspect.
SentinelOne Singularity Endpoint has been great for integrating and correlating with other products because it is very easy to set up and very reliable for correlation with any other use cases and products.
The main benefits of using SentinelOne Singularity Endpoint are its capability to secure our clients' infrastructure effectively, providing better reliability compared to other tools like CrowdStrike, with a focused mainly on security.
SentinelOne Singularity Endpoint has reduced the mean time to detect for us because it detects threats and malware in real time, triggering alerts as soon as any red alarm is detected by its AI-based behavioral engine. This allows us to take action and report true and false positives based on our own analysis.
SentinelOne Singularity Endpoint has helped reduce our organization's mean time to respond because the dynamic threat engine often detects true positive alerts, which decreases our clients' overall SLA.
What needs improvement?
SentinelOne Singularity Endpoint generates a high number of false positive alerts, but by optimizing it frequently based on our client's requirements and fine-tuning the rules we have created, we manage the false positives and detect true positives reliably for our clients.
SentinelOne Singularity Endpoint generates a high number of false positive alerts, which is a downside, along with high resource consumption leading to poor network connectivity. Additionally, the inability to create customized dashboards is something that could be improved.
I have not identified any missing features in SentinelOne Singularity Endpoint as it meets our current requirements, though I believe there could be improvements in network security.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for more than a year.
What do I think about the stability of the solution?
We have experienced performance issues and downtimes, but the customer support from SentinelOne is excellent, allowing us to resolve issues quickly whenever we get stuck.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is very much scalable since it charges per endpoint, allowing us to scale up or down as needed.
How are customer service and support?
I would rate the tech support a ten out of ten.
How was the initial setup?
Although I am not part of the integration process, I know that the initial setup of SentinelOne Singularity Endpoint is very easy, requiring just the installation of the agent on the endpoints.
What was our ROI?
There is a good return on investment with SentinelOne Singularity Endpoint, as we charge our clients significantly more than our deployment costs, leading to substantial revenue, especially with clients deploying thousands of endpoints.
The key differences with SentinelOne Singularity Endpoint compared to competitors lie in the excellent return on investment and security for our clients' infrastructure, which is superior to what other solutions offer.
What's my experience with pricing, setup cost, and licensing?
The pricing aspect of SentinelOne Singularity Endpoint is reasonable because the value provided is excellent, charging on a per-device basis; thus, more endpoints lead to higher costs.
What other advice do I have?
The Ranger functionality is blocked in our environment, so we are not using it. It is meant for agents on networks where the servers do not have the endpoints installed.
We have used the Purple AI feature in SentinelOne Singularity Endpoint.
Data privacy is very important, and while using other large language models like ChatGPT, there is uncertainty about data security. However, Purple AI, being an in-house feature of SentinelOne Singularity Endpoint, provides reliability because we know our data is being handled securely. We use it for identifying IOCs, which helps manage recent vulnerabilities in the outside world, along with fine-tuning rules.
The retrieval time in Purple AI is very fast, allowing me to ask co-pilot questions and see the telemetry matches in the system immediately, making it very useful for confirming any queries before deploying.
Purple AI is very useful for detecting IOCs, serving as a source of threat intelligence from which we can manage our detection rule engine much better.
Purple AI helps streamline our SecOps workflows by managing and assessing workflows with proper detection, especially in scenarios where we are uncertain about the actions to take.
Other organizations should definitely consider SentinelOne Singularity Endpoint because of its reliability, which is crucial in the security domain where data is everything. I rate this review a ten out of ten overall.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: May 31, 2026
Flag as inappropriateSoc L1 Engineer at Softcell Technologies Limited
Real-time threat hunting has improved investigations and protects endpoints with rapid rollback
Pros and Cons
- "Deep visibility, full disk scan, and rollback features are impressive, especially in cases of ransomware attacks."
- "In terms of improvement areas for SentinelOne Singularity Endpoint, I think there are a couple of features that are improving, particularly the dashboard such as creating a multi-function dashboard."
What is our primary use case?
I use SentinelOne Singularity Endpoint like an endpoint EDR solution.
What is most valuable?
The best features of SentinelOne Singularity Endpoint include real-time alerts regarding threats and multiple alerts being triggered in the real-time console. These features are most important, and SentinelOne stands out as better than other EDR tools.
I can check the real-time logs of user activities and track what we are monitoring on the EDR. These are the best features in SentinelOne.
The unified platform experience helps me streamline security operations for real-time threat hunting because multiple alerts are triggered on the client side, allowing me to handle malware and other types of viruses effectively. Additionally, I can perform actions such as quarantine, making the customer experience secure.
I have used Purple AI with SentinelOne Singularity Endpoint, which provides deep visibility. This is one of the best features, enabling me to track multiple user logs and determine whether sites are malicious. The decoder option allows me to paste the code to check specific user activities. Purple AI helps greatly in tracking any users.
Purple AI assists with threat investigations by providing step-by-step answers regarding generated alerts and the actions to take, including whether something is affected or not. This feature allows me to understand what needs to be done, such as quarantine or kill processes, making it ideal for our investigation needs.
What needs improvement?
In terms of improvement areas for SentinelOne Singularity Endpoint, I think there are a couple of features that are improving, particularly the dashboard such as creating a multi-function dashboard. There is one loophole that needs addressing, but it is still better overall.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for five to six months.
What do I think about the stability of the solution?
For the stability of SentinelOne Singularity Endpoint, I would give it a 10 out of 10.
What do I think about the scalability of the solution?
Regarding scalability, it also receives a high score from me.
How are customer service and support?
I would rate the technical support for SentinelOne Singularity Endpoint a perfect 10 out of 10 because, in my opinion, it is the best among various EDRs that we have checked.
Which solution did I use previously and why did I switch?
Comparing SentinelOne Singularity Endpoint with other solutions, we have used CrowdStrike for a few months. According to me, SentinelOne is the best because it triggers alerts in real-time, which is faster than both EDR tools in action. Moreover, SentinelOne features are more compact, making it easier to understand, even for newcomers.
How was the initial setup?
SentinelOne Singularity Endpoint was purchased through an MSP portal, which allows us to provide customer licenses for the agents.
What about the implementation team?
In our organization, roughly 10,000 to 12,000 customers utilize SentinelOne Singularity Endpoint, with 10,000 to 12,000 agents installed on client-side endpoints. We also have about 30 to 40 people working with SentinelOne Singularity Endpoint.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing for SentinelOne Singularity Endpoint, it is not the cheapest or most cost-efficient option; it is a medium price. Anyone can purchase it easily because it suits various organizations.
Which other solutions did I evaluate?
We also use the Offensive Security Engine feature, which helps us check what types of users are installing SentinelOne Singularity Endpoint agents on various endpoints such as phones, laptops, and servers while also maintaining an asset inventory.
What other advice do I have?
With SentinelOne Singularity Endpoint, we have detected incidents that triggered alerts, and we can raise them within a maximum time of 10 to 15 minutes later. I recommend blocking the connection and taking other necessary actions.
The importance of the Secret Scanning feature in SentinelOne Singularity Endpoint is significant because it scans newly engaged endpoints for malicious activities. It detects harmful EXE files or suspicious abnormal behaviors, ensuring the health of our endpoints is maintained.
I recommend implementing SentinelOne Singularity Endpoint because the integration part is very simple and suited for small organizations. It is reasonably priced, and the installation of the endpoint on the client side takes only two to three minutes. I can also explain how it compares with other endpoints and the types of alerts generated, making it suitable for potential clients.
Deep visibility, full disk scan, and rollback features are impressive, especially in cases of ransomware attacks. The rollback feature helps easily revert to a safe state prior to attacks, while the full disk scan ensures that all machines are scanned for threats, thus maintaining endpoint health.
Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
Last updated: May 21, 2026
Flag as inappropriateVice President Cyber Security Practice Head at orbit techsol w pvt.ltd
Automated endpoint defense has reduced ransomware impact but support and SIEM integration need improvement
Pros and Cons
- "SentinelOne Singularity Complete has helped customers consolidate their security stack by offering superb threat hunting, excellent incident response, and compliance monitoring in the EDR, with ransomware protection being exceptionally well supported by the Rollback feature."
- "When discussing communication with technical support, the pre-sales and sales teams are excellent, but the technical teams are not meeting the required standard, as issues often get stuck and problems are not resolved."
What is our primary use case?
I usually work with both the EDR and XDR use cases for SentinelOne Singularity Endpoint. I typically use it for working end-to-end on endpoint security.
What is most valuable?
The feature of SentinelOne Singularity Endpoint that I have found most valuable is the Rollback capability, which is exceptional. I find the Rollback valuable because if a machine gets affected by ransomware, you can perform a one-click Rollback on all machines to the previous state. This is important to me for data security.
SentinelOne Singularity Complete has helped customers consolidate their security stack by offering superb threat hunting, excellent incident response, and compliance monitoring in the EDR, with ransomware protection being exceptionally well supported by the Rollback feature. The behavior analytics in the tools are outstanding, providing granular reports and identifying abnormal users and activities while detecting previously undetected threats. This functionality is excellent in both the EDR and XDR of Singularity throughout the year.
What needs improvement?
My assessment of SentinelOne Singularity Endpoint's ability to ingest and correlate across security solutions is that the integration with the SIEM needs to be increasingly more robust. In terms of visibility, the endpoint and extended detection and response tools are excellent because of the EDR use cases covering malware infection, hash values, and the many zero-day attacks I can observe.
The Ranger functionality of SentinelOne Singularity Endpoint is valuable for understanding your environment, but I would want something integrated comparable to Mythos with all the features associated with Mythos. I would appreciate improvements to the technical support. I would prefer to see faster response times and quicker resolution from the technical support team of SentinelOne Singularity Endpoint.
For how long have I used the solution?
I have been working with SentinelOne Singularity Endpoint for the last seven years.
How are customer service and support?
When discussing communication with technical support, the pre-sales and sales teams are excellent, but the technical teams are not meeting the required standard, as issues often get stuck and problems are not resolved. I would rate the technical support a six out of ten.
How was the initial setup?
The initial setup of SentinelOne Singularity Endpoint is very easy and not complex.
What was our ROI?
I have noticed time savings from Singularity Complete due to automation and end-to-end operation management, and the ROI is visible from the customer side. The ROI I have experienced is mainly related to vulnerability and attacks from hackers that lead to data breaches.
Which other solutions did I evaluate?
I have worked with Splunk, but it is not comparable to Elastic.
What other advice do I have?
My core product is currently Elastic Security. SentinelOne Singularity Endpoint integrates with third-party tools very easily. Singularity Complete has been effective in reducing alerts. The reduction occurs because the number of true alerts is higher than false alerts, which provides greater visibility to customers and the environment, allowing for preventive and detective actions based on policies, procedures, and guidelines, with threat hunting focused on identifying threats and managing incidents through DFIR, breach management, and compromise assessment.
Regarding overall security, it is about managing the attack surface, securing data, brand, and organizations, as everything relates to compliance in data security. Overall security with tools including SASE, SOAR, SIEM, threat intelligence, and integrations with EDR and XDR is excellent. SentinelOne Singularity Endpoint has helped my customers reduce their organization's mean time to detect, as detection is a matter of seconds—improving from 40 seconds to 30 seconds in case of any attacks and altering mean time to respond depending on incident types such as P1, P2, P3, and P4.
Challenges can arise depending on the customer base, as the technical team must respond very quickly, especially since the post-sales team needs to have better quality than others to win the market. I participate in the initial setup of SentinelOne Singularity Endpoint as part of my regular tasks. I would rate this review a seven out of ten overall.
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Last updated: May 28, 2026
Flag as inappropriateBuyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR) AI-Powered Cybersecurity Platforms AI ObservabilityPopular Comparisons
CrowdStrike Falcon
Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint
IBM Security QRadar
Elastic Security
Huntress Managed EDR
HP Wolf Security
Trellix Endpoint Security Platform
WatchGuard Firebox
TrendAI Vision One
TrendAI Vision One – Cloud Security
Microsoft Defender XDR
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?





















