No more typing reviews! Try our Samantha, our new voice AI agent.
Asim Naeem - PeerSpot reviewer
Principal IT Security & Compliance at IBEX Holdings Ltd
Real User
Top 5Leaderboard
Aug 15, 2024
It integrates well with other platforms, is user-friendly, and is stable
Pros and Cons
  • "Unlike other endpoint solutions like Kaspersky or Trend Micro, SentinelOne's agents are exceptionally lightweight, updating seamlessly without consuming significant network or system resources."
  • "When SentinelOne Singularity Complete is used as the central hub for viewing alerts from all integrated security solutions, it is challenging to identify the specific solution that triggered each alert."

What is our primary use case?

As a company with 30,000 employees and 26,000 endpoints worldwide, we have diverse operational needs that SentinelOne Singularity Complete effectively addresses.

SentinelOne Singularity Complete effectively addresses numerous challenges. As a cloud-based SaaS solution, it seamlessly protects office and remote workers, safeguarding laptops and other devices. Its comprehensive coverage extends to cloud infrastructure across multiple operating systems like iOS, Linux, and Windows, including Kubernetes environments. This versatility, coupled with its ability to fulfill various use cases, has made SentinelOne Singularity Complete our trusted security solution for the past four years.

How has it helped my organization?

SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point.

SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack.

We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action.

SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging.

Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure.

SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level.

Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent.

Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete.

SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response.

SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.

What is most valuable?

Unlike other endpoint solutions like Kaspersky or Trend Micro, SentinelOne's agents are exceptionally lightweight, updating seamlessly without consuming significant network or system resources. This ensures smooth operation and user-friendly control. Moreover, SentinelOne's support team is highly competent, providing timely assistance and going the extra mile to resolve any issues.

What needs improvement?

When SentinelOne Singularity Complete is used as the central hub for viewing alerts from all integrated security solutions, it is challenging to identify the specific solution that triggered each alert.

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for almost four years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable.

How are customer service and support?

The technical support team is quick to respond to and resolve our issues.

Which solution did I use previously and why did I switch?

Our hybrid environment has raised security concerns for management, leading them to seek an all-in-one solution. After conducting multiple proof-of-concept tests for endpoint security, they determined that Kaspersky was insufficient for their needs due to inadequate functionality and management complexity. As a result, they transitioned to SentinelOne Singularity Complete.

SentinelOne is actively developing new innovations and introducing additional integration platforms.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete offers comprehensive endpoint security by automatically updating without impacting bandwidth. Unlike traditional signature-based solutions, it employs a behavior-based approach to detect and immediately address malicious or suspicious files and processes.

We are 100 percent confident with SentinelOne as a strategic security partner.

Maintenance has been seamless, and while SentinelOne does notify us in advance of any required downtime, I haven't experienced any interruptions in the past year and a half.

With 30,000 employees and 26,000 endpoints worldwide, our organization has implemented SentinelOne Singularity Complete across all endpoints.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Dinesh Yadav - PeerSpot reviewer
Sales Director at CLOUD MIND
Reseller
Top 20
Jun 26, 2026
Security monitoring has improved and current endpoint deployments run smoothly for customers
Pros and Cons
  • "My experience working with SentinelOne Singularity Endpoint has been fantastic."
  • "The drawbacks I have identified with SentinelOne Singularity Endpoint are that they should work on being more responsive than CrowdStrike."

What is our primary use case?

I use SentinelOne Singularity Endpoint for my customers.

I help our customers implement SentinelOne Singularity Endpoint because its initial setup is straightforward and not complicated. However, there are cases where they are not integrated with Active Directory, so I assist them by sending the link or email to the end user so they can download the agent, and the rest can be done through the console.

My customers purchase SentinelOne Singularity Endpoint from us. I place the order with SentinelOne distributors because local support is more important for customers, and they want to be locally supported by resellers or vendors. If you buy from AWS, then there will not be any support.

What is most valuable?

My experience working with SentinelOne Singularity Endpoint has been fantastic.

The most valuable features I have found in SentinelOne Singularity Endpoint are MITRE ATT&CK, continuous monitoring, and threat vectors.

What needs improvement?

The drawbacks I have identified with SentinelOne Singularity Endpoint are that they should work on being more responsive than CrowdStrike. CrowdStrike has a very strong team here in the Middle East and they are very frequently available to discuss any kind of issues or challenges. In comparison to these, they are a bit slow.

I think in the next release of SentinelOne Singularity Endpoint, they should be working on a SIEM solution so that customers can have data logs for 30 days or 90 days.

SentinelOne Singularity Endpoint's R&D team should learn from CrowdStrike's approach, looking at the technologies that protect endpoints, customer protection, and providing extra features that customers can utilize and be loyal to them. For example, CrowdStrike gives seven days data retrieval for end users in the SIEM without any charges. If SentinelOne does something similar, they might gain more loyalty and more customers.

For how long have I used the solution?

I have been dealing with SentinelOne Singularity Endpoint for more than five to six years.

What do I think about the stability of the solution?

When it comes to functionalities and performance, SentinelOne Singularity Endpoint is fine, and there are not many issues with SentinelOne Singularity Endpoint products once deployed.

How are customer service and support?

I would rate their technical support around a nine out of ten. Every solution has some kind of drawback, but it is a pretty good score.

How was the initial setup?

Its initial setup is straightforward and not complicated. However, there are cases where they are not integrated with Active Directory, so I have to assist them by sending the link or email to the end user so they can download the agent, and the rest can be done through the console.

What's my experience with pricing, setup cost, and licensing?

I find SentinelOne Singularity Endpoint's pricing to be competitive because if I look at the pricing of CrowdStrike, they are competitive to CrowdStrike.

Which other solutions did I evaluate?

I cannot say SentinelOne Singularity Endpoint is the best option on the market at the moment, but I can say it is the second best. If I look at CrowdStrike, they have many other features and come with various other solutions including identity protection, SIEM, data protection, and firewall management. In terms of technology, SentinelOne is doing good and very competitive in the market, but CrowdStrike is still ahead of them.

What other advice do I have?

I have not gone through SentinelOne Singularity Endpoint's Purple AI that much. I believe it is an AI feature. It is similar to all other AIs where you can ask questions about technical issues or challenges through the portal and it can access security, indicating if any configuration is missing or if there are any attacks or vectors, or if some users are inactive for longer periods. This can help them keep track of users in case some are offline for longer days or if their agent has not been updated. I would rate this review an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Last updated: Jun 26, 2026
Flag as inappropriate
PeerSpot user
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,871 professionals have used our research since 2012.
Ankit Gupta. - PeerSpot reviewer
Senior Solution Architect Data Center & Cloud at a tech services company with 11-50 employees
Real User
Top 5Leaderboard
Feb 26, 2026
AI-driven protection has reduced detection time and now provides complete endpoint coverage
Pros and Cons
  • "SentinelOne Singularity Complete, from the end user perspective, provides the complete security protection, which is the first thing we are looking for."

    What is our primary use case?

    This is an Umbrella platform that provides endpoint security as well as cloud security and provides ingestion like identity and network protection. These are the use cases we work with our clients as per managed security services. It provides great endpoint and cloud security services.

    How has it helped my organization?

    With the AI-based capabilities and the high detection rate, the mean time to detect and mean time to resolve the complete dwell time is less on that particular point. This really directly helps in that area.

    What is most valuable?

    The feedback is very good. Detection time and mean time detection, all the security metrics like mean time to detect and dwell times, make SentinelOne Singularity Complete great from the Sentinel point of view. It also provides the MITRE ATT&CK metrics on the dashboard, which helps us to understand tactics and techniques.

    There are multiple features such as network controls and device control. We can manage the device as well as detect any unprotected or rogue identity and rogue endpoints across the enterprise. All of these are great features from SentinelOne Singularity Complete.

    It reduces the manual intervention time. It reduces the alert noise and now has the AI capabilities to drill down that particular event or incident.

    What needs improvement?

    In terms of enhancement, SentinelOne Singularity Complete may increase to include some agent for email protection.

    For how long have I used the solution?

    I have demo experience, not production work on the AI Purple where we can take the data from multiple vendors or from Sentinel, and it will provide the enhanced observability and visibility. I have a couple of demo level experiences because that product we are not using right now.

    What do I think about the scalability of the solution?

    Scalability is also a nine.

    How are customer service and support?

    Technical support is also good. I would rate it around nine. When we have any escalation or something, it is very helpful in that area.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    It is a simple process.

    What about the implementation team?

    We are the managed service provider, so we help our clients. Sometimes it requires some advanced level of configuration or implementation.

    Which other solutions did I evaluate?

    CrowdStrike is the main competitor, along with Palo Alto Cortex and Microsoft Sentinel. These are the three main competitors for the product range from SentinelOne.

    It is very hard to compare on this point until we have any kind of detailed one-to-one comparison. It actually depends on the use case on how we are implementing and which services we are opting. SentinelOne provides MDR and EDR detection, so it is a very great portfolio when compared. However, every peer competitor is also evolving day by day, so it is very hard to tell on that point.

    What other advice do I have?

    It is helpful because it provides the data ingestion from other vendors also. SentinelOne Singularity Complete, from the end user perspective, provides the complete security protection, which is the first thing we are looking for. It has very few false positives. With device control, we can manage the device inventory as well as compliance as per the standard working. These are the features which SentinelOne Singularity Complete provides.

    SentinelOne Singularity Complete is a very great product. Network discovery and device control and these features are very helpful for administrators and cybersecurity analysts to help the cybersecurity portfolio correctly.

    I would rate this review a nine overall.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    Last updated: Feb 26, 2026
    Flag as inappropriate
    PeerSpot user
    Computer Technician at VILLE DE POINTE-CLAIRE
    Real User
    Top 20
    Feb 20, 2025
    Has efficient licensing, minimal overhead, and fast client communication with the web console
    Pros and Cons
    • "We moved from ESET, and we find that the licensing scheme, particularly how the licenses are attributed to clients, is pretty nice compared to what ESET offers."
    • "Overall, I would rate it a nine out of ten."
    • "One area for improvement is automated deployment. I use it through a group policy. I put in the PC name, and when the user logs in, if the PC is in that group, it attempts an MSI install through Active Directory via GPO. That seems to play a little havoc and can conflict with manual installs, causing issues where it wants to delete and reinstall the client."

    What is our primary use case?

    We have it for all of our client machines and servers. It is the antivirus solution for all clients and servers. We are also looking into going further with their log analysis portion. We are working with them in terms of pricing.

    How has it helped my organization?

    The overhead on the CPU is minimalistic, not taking up too many system resources.

    Making exceptions and exclusions through the console interface is smooth, providing a very good experience. The clients communicate with the web console in less than a minute, which is much faster than other solutions such as Malwarebytes.

    SentinelOne has helped us with consolidation. We have Malwarebytes installed along with SentinelOne, and we are moving just to SentinelOne. SentinelOne has the most widespread and up-to-date coverage because of the fact that we can deploy it fairly quickly. Its rogue detection feature helps catch systems missed during initial deployment. We are the most up-to-date now. 

    It saves time for the staff once it is up and running. Once the system has gotten used to everything, it just works. There is a six to eight-month learning curve for the system to get used to your servers and software.

    In the beginning, we had a fair number of false positives coming across, but once the system got set up, it has been pretty much running on its own. If we are running a lot of internal IT scripts for applications that are triggering the antivirus, it might detect that as suspicious. We have to configure it to exclude things. Overall, it is pretty smart. Its automation is working fairly well for us that way. 

    As a strategic partner, they have been very vocal with us. They have been communicative and supportive. The product itself is robust. We have not had any situation where it failed and broke the computer. There is no CrowdStrike-type scenario going on.

    Based on the updates they have done, they are focused on advancing the product. There is a constant evolution going on. The system is getting more robust. We are advancing and not digressing anywhere in terms of technology.

    What is most valuable?

    We moved from ESET, and we find that the licensing scheme, particularly how the licenses are attributed to clients, is pretty nice compared to what ESET offers. We work in a highly virtualized environment. We have roughly 150 to 160 virtualized clients that are refreshed daily. Every night, the systems refresh. With the old antivirus solution, the licensing would count into the thousands, necessitating manual deletion. Luckily, SentinelOne has a feature to decommission automatically, which has been fantastic. 

    What needs improvement?

    One area for improvement is automated deployment. I use it through a group policy. I put in the PC name, and when the user logs in, if the PC is in that group, it attempts an MSI install through Active Directory via GPO. That seems to play a little havoc and can conflict with manual installs, causing issues where it wants to delete and reinstall the client. To resolve this, I remove the computer from the security group, and it then stops complaining. The automated installation could improve in this regard.

    For how long have I used the solution?

    We have been using SentinelOne for one year.

    How are customer service and support?

    I would rate their support an eight out of ten. The rating would be better if they picked up the phone and had someone talk immediately. We are using the automated email process for support, and they respond within an hour or two hours sometimes.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We had moved from ESET.

    What was our ROI?

    We have not been hit since using it. I have experienced a ransomware attack only once, a few years ago, with minimal damage. Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.

    It has not helped us save costs. We are increasing costs because we are going more toward the avenue of protecting as a city. We have been watching other cities around us get hit, so there is more focused attention on protection at this level. We are moving to the complete license solution and looking at expanding that into Vigilance.

    What other advice do I have?

    When it comes to interoperability, we are going to look at some integration with our FortiGate system for the firewall to help analyze the logs that come through there. We are slowly moving from stopping the intrusion to more like a preemptive, preventative focus.

    To those considering using this solution, I would advise digging into the console and taking the time to learn. Some people complain and find it confusing, but understanding the system's ins and outs is crucial. The console is well laid out, so it is worth taking the time to learn it.

    The quantity of detection is quite a lot in the first few months. The product has a learning curve, so you have to guide it in the beginning so it gets used to the scripts and applications that are running in your system. We have created quite a list of exclusions, and I always take the time to look at each one. Since September 2024, false positives have been reduced to one every two weeks.

    Overall, I would rate it a nine out of ten.

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    reviewer2646066 - PeerSpot reviewer
    Information Security Officer at a tech vendor with 51-200 employees
    Real User
    Top 5
    Nov 17, 2025
    Automated workflows and real-time monitoring have improved operational control and customized data insights
    Pros and Cons
    • "Singularity Platform's real-time personalization feature has helped our customer experience strategies by allowing us to have different workspaces where we have custom views, and depending on the use case because we have many products that use Singularity Platform, they interact with the UI in different ways, producing different elements and giving us tailored views for different products."
    • "Sometimes, these customized solutions our developers develop also get flagged in real time, and the processes get stopped and are blocked, and we have to whitelist the processes."

    What is our primary use case?

    As a company, we are using Singularity Platform to manage the data on the platform.

    We use Singularity Platform as a unified view where we can see all the data from our applications in one place. It manages everything into one place and we have automations, so we can perform certain actions and we have rules in there where if we want to perform these actions, they can happen automatically via the Playbook functionality.

    The impact of Singularity Platform on our supply chain processes streamlines it quite well. It helps in the processes. It is basically integrated into our pipeline and it helps us to push product more quickly and more securely.

    Singularity Platform's real-time personalization feature has helped our customer experience strategies by allowing us to have different workspaces where we have custom views, and depending on the use case because we have many products that use Singularity Platform, they interact with the UI in different ways, producing different elements and giving us tailored views for different products.

    Customizable dashboards have helped optimize operational efficiency for us because we have different products and different UIs for different products, allowing us to focus on the things that matter for different occasions. Since we are working with multiple data sources and multiple products, we needed customized solutions to really pay attention to the things that matter. These customized dashboards make it faster to work with certain products. It is easier to identify what is wrong with the product or where we need more resources.

    Since starting to work with Singularity Platform, I have seen really good integration and control from the platform itself. You can perform many actions remotely through the agent, which helps with the administrative work of checking the versions of the software on the computer and what software and services are running. This really helps us collect this information on an organization-wide level.

    What is most valuable?

    I think the ability to automate actions and workflows is the best solution out of Singularity Platform. Other solutions are quite static in this case. You cannot really set up steps and gather information, certain pieces of information, filter them out, and based on that data, perform actions. However, Singularity Platform makes it very simple.

    Singularity Platform's real-time monitoring capability has indeed helped me in decision making, as it is one of the best features of the platform. It is working really well, and while the software could seem a little bit invasive because it is working on a kernel level, it really detects a lot of things, perhaps too many things. Sometimes, these customized solutions our developers develop also get flagged in real time, and the processes get stopped and are blocked, and we have to whitelist the processes. However, for enhanced security, we definitely want this.

    What needs improvement?

    I think some parts of Singularity Platform could be improved or enhanced, as you most likely need to know the platform quite well to write queries and search for information. There are a few too many similar fields, such as the storyline ID and the storyline, which sometimes gets confusing. Perhaps the distinguishing could be better, but correlation in general is done very well with the storyline because it is the platform's own field for correlating data.

    For how long have I used the solution?

    We have been using the solution for two and a half years.

    What do I think about the stability of the solution?

    I have noticed only a few occasions where the features, particularly the search feature, are not working with Singularity Platform. The automations, however, are working. I did not notice that they announced maintenance in advance, so it was more that I was not prepared and did not read about planned maintenance. Other than that, everything else is good and stable, apart from short windows of four to eight hours of maintenance they do every month.

    If I have to rate the stability level of Singularity Platform from one to ten, I would say it would be a strong nine.

    What do I think about the scalability of the solution?

    I have not run into any issues regarding how scalable Singularity Platform is, so I do not see any limitations for scalability. It is probably doing very well in that regard.

    It is important to have the scalability that we have with Singularity Platform because we are always expanding and onboarding new computers. Definitely, new employees come in, and it takes a small amount of time, probably twenty minutes to set up new workers.

    How are customer service and support?

    My experience with the technical support of Singularity Platform is that they write us back semi-quickly. If I were to rate it out of ten, I would say they are quite helpful, perhaps an eight.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Before using Singularity Platform, I was not aware of any different solution for the same use cases. When I came to the company, we moved relatively recently to Singularity Platform. We were basically fully migrated from SentinelOne.

    How was the initial setup?

    The process of onboarding new data points to Singularity Platform is quite easy to ingest. It is really simple to add new computers to the network; you just have one command to install the agent on the computer, and it automatically appears on the platform with data coming in. It is quite easy in terms of integration and expanding the existing network. Setting up the automation rules is not so easy initially, but once you know how to set up one rule, it becomes much easier to set up more advanced actions and automatic removals of certain software or scanning.

    Which other solutions did I evaluate?

    Before choosing Singularity Platform, we were evaluating other options, and we were using Microsoft side by side. Microsoft Sentinel was quite all right, but SentinelOne had more searching capabilities and threat hunting and more automation built in.

    What other advice do I have?

    Regarding Singularity Platform, I would go for the platform. I am most familiar with that one.

    I do not currently know what version of Singularity Platform I am using. I will have to check. Probably I am using the latest version because we have automatic updates.

    We are not using the fraud detection feature in financial services, as we are not doing any financial services.

    Regarding Singularity Platform's real-time personalization feature, we are using it.

    Overall, if I had to rate Singularity Platform from one to ten, I think an eight would be appropriate. It is quite up to our standards. I would rate this review an eight overall.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    Last updated: Nov 17, 2025
    Flag as inappropriate
    PeerSpot user
    Director, Information Technology at a tech services company with 11-50 employees
    Real User
    Top 10
    Oct 30, 2024
    Top-notch support, well-designed console, and is less expensive than others
    Pros and Cons
    • "The console is light years better than the CrowdStrike console, which had just a bunch of different screens cobbled together. It is much more unified and much easier to work with. It is very nicely designed."
    • "The false alerts can be annoying, especially during administrative tasks."

    What is our primary use case?

    We use SentinelOne Singularity Complete for all of our endpoints, including virtual machines, physical servers, and laptops.

    How has it helped my organization?

    The solution gives us a good sense that the systems are secured against malware, drive-by fileless attacks, and advanced behavioral attacks. This is our primary reason for having the product, and it does a good job in that regard.

    It does not require a lot of management. It is hard to quantify the time savings but it does not require a lot of our time. If I spend an hour a week on it, that is a lot.

    It is hard to quantify the reduction in the mean time to detect unless you are a pretty big organization and you are tracking that. However, it has been able to detect things and alert about them pretty much instantly in the console. We also get emails right after that. In terms of the Vigilance MDR service, one Saturday morning, I tripped an alert for something I was doing. I thought of waiting and seeing how long it would take on a Saturday morning at 10 AM for them to jump in and figure it out. They took about 20 minutes.

    Any good endpoint security product should reduce your organizational risks, and SentinelOne Singularity Complete has done that. It is almost impossible to quantify the reduction.

    We were able to easily realize its benefits within 30 days.

    What is most valuable?

    The console is light years better than the CrowdStrike console, which had just a bunch of different screens cobbled together. It is much more unified and much easier to work with. It is very nicely designed. It is one of the better user interfaces I have ever seen for web application management. 

    The product is pretty easy to manage and pretty easy to deploy. It also has a pretty low resource footprint.

    What needs improvement?

    The false alerts can be annoying, especially during administrative tasks. We have had a number of occasions where the software impacted a third-party application, so the application would either not run or exhibit other technical issues. We were also not getting any alerts in the console to indicate that SentinelOne was having a negative interaction with the product. Finally, after hours of troubleshooting, we turned off the endpoint security for the product, and the application just started working fine. We have probably had a good half dozen of those. It is quite annoying.

    For how long have I used the solution?

    I have had experience with SentinelOne Singularity Complete for two years.

    How are customer service and support?

    Their support is top-notch. I have been in the business for thirty years, and I have dealt with just about every support company out there. I am used to mediocre enterprise support, but SentinelOne's support is very good, deserving a ten out of ten.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We were running CrowdStrike prior to SentinelOne. We were using CrowdStrike Complete, but it was simply way too expensive to sustain for our budget. We were looking for something that was equally capable and did not have a huge price tag with it, so we ended up going with SentinelOne and their Vigilance MDR service.

    SentinelOne Singularity Complete has not helped us consolidate other solutions. It was a one-for-one replacement for CrowdStrike. It has not helped us to get rid of anything at this point.

    I have used Bitdefender in the past. We had their GravityZone Ultra, which had XDR Complete, but there were so many alerts. We would literally spend hours. We would pick a day a week or a day every couple of weeks and try to trace down alerts and clear out the console. From that perspective, SentinelOne does give off fewer false positives. However, when we are dealing with administrator or network administrator or developer tools, for obvious reasons, they tend to trip the alerts on the product. For normal end-user work, there are seldom any false positives or alerts that are not valid. It is almost never. I am the IT director, and it is always tripping on things I am doing. When I install some encryption software or disk wipe software, I get many alerts in SentinelOne, but for the actual end-users, typically, we do not get any false positives.

    How was the initial setup?

    We use their public cloud. We deploy the agents ourselves. We do the updates through their public cloud, but we do the initial deployment ourselves.

    The initial setup was pretty straightforward. There are some nuances to the product, naturally. It is an enterprise-class endpoint security product, so there are things that you need to learn and understand about how it works. The same is true of CrowdStrike, Palo Alto Cortex, or any other product in the same category.

    We have multiple locations with about 35 remote users.

    What about the implementation team?

    We used their onboarding service, which was very helpful because we would have meetings every week or two with the actual SentinelOne employee engineer to talk about our deployment and ask questions about particular features and best practices. It was worth the extra expense.

    I had one other network administrator working on it with me, and I just assigned him the task of deploying software and working with me on some of the policy configurations.

    I do most of the maintenance on it. The maintenance typically requires adding an exclusion here or there, troubleshooting an issue, or uploading logs for support to look at an issue or a question that we have. I do not spend 50 hours a year on it.

    What's my experience with pricing, setup cost, and licensing?

    SentinelOne is significantly less expensive than CrowdStrike. I recently did a price comparison between CrowdStrike and SentinelOne to determine where we are going for the next three years. CrowdStrike is 200% to 300% the cost.

    For their complete service, we were paying CrowdStrike 45K for 85 endpoints for a year. We have stepped down, and we are doing MDR and not having SentinelOne manage our policies and things. We have 200 endpoints, and our yearly cost is 17K, so we have gone from 45K to 17K. From a detection standpoint, depending upon which MITRE framework tests you look at, both vendors jockey up and down in the top ten. They are pretty comparable from a performance and efficacy standpoint, so there is not a 200% to 300% gap there.

    Which other solutions did I evaluate?

    I always do a round-robin. My final three ended up being Palo Alto Network's Cortex product and CrowdStrike's Falcon product, the lesser version of their MDR Overwatch product.

    The thing that I did not like about Overwatch was that they would tell you that something was going on and here is what you should do, but they would not help you with it. SentinelOne was a little bit more helpful in terms of hopping in. Ultimately, Palo Alto is not support-friendly. I use Palo Alto Firewalls, and their support is not that great. It has not been for a while, so I hesitate to go into their endpoint security as well. It is also expensive. It requires a lot more infrastructure and cost to deploy. It is probably more akin to CrowdStrike from a cost perspective.

    I briefly considered Bitdefender's MDR solution using GravityZone where they did the MDR piece of it. It was probably half or a third of what we would have spent for SentinelOne, but I did not have the sense that it was quite the next-gen product that I was looking for, even though it scored pretty well.

    All these are very similar because they base their activity on what a piece of software is trying to do on the system. It is a real-time behavioral analysis. They do not use predefined signatures from the last 25 years. They are trying to do things in real time. In terms of how long it takes to have visibility into what an application is doing and how quickly they can lock it down once they have the visibility, each vendor scores differently, but each of these three would generally be considered in anybody's top five.

    SentinelOne is fairly innovative. I like what they are doing with the integration of their Purple AI for being able to do real-language queries of their telemetry data. You do not need to know all the correct syntax, which helps us non-SecOps folks who have to dabble in it periodically. We can do real-world queries. I have not asked for pricing on that. It is probably more than I want to pay for it, given that we do not get too much use out of this kind of feature, but they are continuing to innovate in that regard. From that perspective, it is a good product.

    What other advice do I have?

    SentinelOne Singularity Complete is very mature at this point.

    We have not yet had an occasion to integrate it, although, in a couple of weeks, we are going to be integrating their Cloud Funnel service with another MDR provider, Red Canary. We have not done that yet, and we have not made use of their other interoperability pieces.

    They have two Ranger products. One is the Ranger Identity Protection product, which is kind of an add-on product, and the other one is more of a rogue detection product. We did subscribe to the Ranger Identity Protection product, but it was so difficult to work with that we finally stopped using it. It was a subscription.

    Our correlation is whatever is going on in the endpoints. We are not pulling in Palo Alto firewall telemetry, or Okta or O365 data at this point, but we are moving in that direction. We are simply using it for endpoint security and for their Vigilance MDR service.

    SentinelOne is good as a strategic partner. We are in the third year of our three-year contract and plan to continue with them. We are not going to go directly to them. We are going to go through one of their partners, Red Canary, but we will be using the SentinelOne Complete product and then using Red Canary to do the MDR along with active remediation and SIEM ingestion of our Okta data, our Palo Alto firewall data, and our O365 data. They can then begin to cross-correlate events and attacks across different attack surfaces of ours.

    I would rate SentinelOne Singularity Complete a nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    Prince Joseph - PeerSpot reviewer
    Group Chief Information Officer at NeST Information Technologies Pvt Ltd
    Real User
    Top 5
    Jul 9, 2024
    Reduces organizational risk, low on machine load, and helps prevent ransomware
    Pros and Cons
    • "It's effectively helped to reduce organizational risk."
    • "They are still largely an EDR product."

    What is our primary use case?

    We primarily use the solution for EDR, which it does in a brilliant way. We are also using it for log management. We can use it for investigations, reporting, and security incident management.

    What is most valuable?

    The most important aspect of the solution is that the load on the machine is not very high. It doesn't take up battery resources.

    The solution prevents ransomware and other threats.

    So far, it is working brilliantly. The dashboards and UI are user friendly, as is the ability to configure as needed.

    It seems to have a lot more capabilities. The XDR capabilities, in particular, look very strong. We're currently looking into that.

    If we want to do integrations with third parties, we don't have very many challenges around that.

    The ability to ingest and correlate across our security solutions is very useful. It's impressive. The AI engine it has is excellent.

    It helps us consolidate our security solutions.

    While it does not allow us to reduce alerts per se, it does a good job of correlating. The way it's integrated into the SIM, it's working to the expectations we have.

    The solution helps free up people so that they can work on other tasks. We don't have to grow our team too much now. My security team is actually quite small - about five people. We all get more time to handle other tasks.

    We've noted that it does help reduce mean time to respond. We can identify events easier and those that are most critical are brought to the forefront. Previously, we were in the dark. Now we have so much more visibility. It's been a huge improvement. 

    It's effectively helped to reduce organizational risk. 

    What needs improvement?

    They are still largely an EDR product. The MDR side needs to be demonstrated. They need to make zero trust more robust. 

    For how long have I used the solution?

    I've used the solution for around two years now.

    What do I think about the scalability of the solution?

    I'd rate the solution's ability to scale eight to nine out of ten. 

    How are customer service and support?

    The SLA is good and the support team is quite impressive. They are very quick. I never need to escalate.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We were using Sophos and Symantec previously. We switched as SentinelOne took up fewer resources and could support a Linux environment. 

    How was the initial setup?

    The initial setup is fairly straightforward. 

    What was our ROI?

    It's giving me confidence that my network is protected. The ROI is not so much cost savings as security on offer. We can safely sustain our business and secure our data assets. However, the time and cost savings we've seen are quite good. 

    What's my experience with pricing, setup cost, and licensing?

    The solution is moderately priced. It's a valuable solution to have, however. 

    Which other solutions did I evaluate?

    We are evaluating Crowd Strike at the moment. 

    What other advice do I have?

    We are a SentinelOne customer. 

    The quality and maturity of the product are good. It's one of the market leaders. It's delivered on what it's supposed to do. 

    I'd rate the solution nine out of ten.

    They are a good strategic security partner. They have the right credentials. They're offering a relevant service and it helps me communicate to my customers. I rate them very highly.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    reviewer2799597 - PeerSpot reviewer
    Soc Analyst at a tech consulting company with 11-50 employees
    Real User
    Top 5Leaderboard
    Mar 30, 2026
    Unified security platform has enabled real-time threat detection and streamlined investigations
    Pros and Cons
    • "The best feature of Singularity Platform is that everything is unified in one platform, which would be a main unique selling point for them."
    • "For improvement, I would say the infrastructure is very slow; the application I use is sluggish, potentially due to workload or problems on my company's side."

    What is our primary use case?

    I use Singularity Platform as a SIEM across many infrastructures, including cloud and on-premises environments, to detect attacks on endpoints, cloud workloads, identities such as Active Directory, and network signals.

    Singularity Platform is used to detect, investigate, and respond to threats all in one platform, which is why it is called Singularity Platform, because it has EDR, XDR, and cloud security all unified in one system.

    I use fraud detection while working with financial companies and many fintech companies. Although SentinelOne is not known for fraud detection, it does detect stolen credentials, accounts that have been misused, or privilege abuse. I use it to a certain extent, but I cannot provide a deep-dive analysis on it today as I am fatigued from working through the night.

    In my organization, I have around ten clients, of which six use SentinelOne as a SIEM, mainly financial companies, with one being a shopping-based company. I cannot provide all client details, but that is the general overview.

    What is most valuable?

    The best feature of Singularity Platform is that everything is unified in one platform, which would be a main unique selling point for them. The unique feature is Next-Gen AV plus EDR, which detects and blocks threats in real-time.

    There is a rollback feature that rolls back to the previous state if anything goes wrong after a new feature is installed or a ransomware attack occurs. Singularity XDR extends visibility beyond the endpoints and correlates how the endpoint, cloud, identity, and network help me to see a full attack chain.

    The real-time personalization feature allows for customizing the detection rules and adapting security decisions based on who is doing what and where. It tracks users with behavior-based personalization, detecting abnormalities such as a non-admin gaining admin access. It also detects credential theft by correlating identity plus endpoint data for better context.

    For policy personalization in my SOC, I group devices based on alert names, agent versions, or OS types, which helps significantly. I can personalize based on alert severity and true positives or false positives, leading to automated responses. A unique feature in Singularity Platform is StoryLine technology, which connects incidents into a full storyline attack.

    It explains the attack pattern in a way that follows commands executed after an incident, and I can write workflows using AI, working even offline, mainly with agent-based decisions without constant cloud dependency.

    I have customized dashboards for my companies, including an overview dashboard showing alerts from endpoints. I created a unified dashboard with a network and an endpoint dashboard, consolidating SOC-related unassigned alerts and daily solved alerts. I customized that dashboard myself, and it is very easy to do, being a UI-based feature.

    Real-time monitoring is very helpful, helping me stay one step ahead in cybersecurity. It allows me to see exactly what is happening at this moment, and knowing about an attack immediately is better than knowing an hour or two later. The sooner I know, the better it is for me. Real-time monitoring helps me significantly as a SOC analyst, making it one of the best features. After an alert, analyzing what happens next is just two to three clicks away, needing only to input the timeline, the query, and the affected user or endpoint.

    What needs improvement?

    For improvement, I would say the infrastructure is very slow; the application I use is sluggish, potentially due to workload or problems on my company's side.

    Although they have fantastic features, if it is not working properly, it hinders performance. Recently, during maintenance, it was still operational but sluggish, with features not working as efficiently.

    Grouping alerts previously worked fine but now requires multiple clicks to achieve the same result, which is problematic. They could improve the UI and focus more on creating new rules from their MDR team.

    Although they are working on automation, they could advance automatic remediation capabilities further than they are currently.

    For how long have I used the solution?

    I have been using Singularity Platform for the last six months.

    What do I think about the stability of the solution?

    I would give stability a seven, as it usually crashes, requiring me to log in repeatedly.

    What do I think about the scalability of the solution?

    Singularity Platform is very scalable but requires planning; it is not as easy as Orca Security or agentless platforms because it has agents. I would still give scalability a seven.

    How are customer service and support?

    I would rate technical support as an eight.

    Which other solutions did I evaluate?

    Comparing Singularity Platform with other vendors, I find others also have fantastic features, but SentinelOne has unique offerings like the StoryLine feature, Purple AI, and a unified platform where endpoints, cloud security, and assets come together. This gives them a great advantage. Although there are better security tools in the market, considering the money I spend, SentinelOne is much more cost-efficient than other products. For example, Microsoft Sentinel is much too costly for my company, and although CrowdStrike provides top-notch service, SentinelOne is still doing well to keep up with market needs, though there is room for improvement.

    What other advice do I have?

    Singularity Platform requires maintenance, which is typically done on weekends. Although there was a maintenance window recently, it is almost acceptable, but technical issues can cause lag or latency, which is common in upgrades. They can improve by utilizing a backup or other measures.

    I recommend Singularity Platform because of features such as the StoryLine model, Purple AI, and automating workflows with hyper-automation capabilities. I would hesitate to recommend it solely due to reliability issues.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company has a business relationship with this vendor other than being a customer. partner
    Last updated: Mar 30, 2026
    Flag as inappropriate
    PeerSpot user
    reviewer2218470 - PeerSpot reviewer
    Co-Founder & VP Sales and Marketing at a tech services company with 11-50 employees
    Reseller
    Top 5
    Sep 30, 2025
    Significantly reduces risks and streamlines our monitoring
    Pros and Cons
    • "Singularity Platform allows us to have one single view of potential threats and the health of our environment, helping us optimize operational efficiency."
    • "The dashboards can be improved, and their dashboarding functionality needs to be better. The way the dashboards look is not really impactful or meaningful."

    What is our primary use case?

    We protect our endpoints and servers, workstations, and we use Singularity Platform to ingest third-party data for alerts or detections. 

    We work in the cybersecurity industry, so we use Singularity Platform and implement it for our customers.

    How has it helped my organization?

    Singularity Platform basically keeps us protected. We utilize it across various sectors, including financial services, insurance, retail, and manufacturing. It has significantly reduced some of the risks associated with the current threats we face, both at the endpoint level and in terms of identity protection.

    Singularity Platform allows us to have one single view of potential threats and the health of our environment, helping us optimize operational efficiency. 

    Singularity Platform is allowing us to detect threats early on and make sure that they don't proliferate in our environment if there are any.

    What is most valuable?

    The best features of this product include its ability to detect malicious software and malware, and the functionality itself is exceptional. The console is easy to navigate. 

    What needs improvement?

    The dashboards can be improved, and their dashboarding functionality needs to be better. The way the dashboards look is not really impactful or meaningful.

    For how long have I used the solution?

    I have three years of experience with SentinelOne.

    What do I think about the stability of the solution?

    Singularity Platform is stable; so far, so good.

    What do I think about the scalability of the solution?

    It works. It's not designed for scalability, it's designed to protect the enterprise.

    How are customer service and support?

    I would evaluate their customer service and technical support as very good, five stars.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Before, we were using Kaspersky, but then the Russians came in, and we had to stop using it. It's a Russian product, and with everything happening with that, we stopped using it.

    How was the initial setup?

    The initial setup of Singularity Platform was straightforward. We have a team member here who handles it.

    What about the implementation team?

    One person, a really good techie, handled the deployment.

    What was our ROI?

    I don't really see a return on investment; it's a necessary requirement today to protect the enterprise.

    What's my experience with pricing, setup cost, and licensing?

    The pricing for Singularity Platform is good, and the setup cost is very minimal.

    Which other solutions did I evaluate?

    We evaluated CrowdStrike, Microsoft Defender, and Trend Micro before choosing Singularity Platform. The main differences between Singularity Platform and some of these others include threat detection ability, lower cost, and that was the key factor in our decision-making.

    What other advice do I have?

    I would rate Singularity Platform a nine out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
    PeerSpot user
    Zack Moody - PeerSpot reviewer
    Domestic Security Alliance Council (DSAC) at KYOCERA AVX Components s.r.o.
    Video Review
    Real User
    Top 5
    Oct 30, 2024
    Consolidation of eight different antiviruses into one platform saved us costs, time, and human resources
    Pros and Cons
    • "When we first looked at SentinelOne, we had a very distributed legacy antivirus environment. Through SentinelOne's platform, we were able to consolidate about eight different antiviruses globally, thus saving money and time."
    • "There are things that they can do to improve the console or improve the product, and they are making strides in it."

    What is our primary use case?

    We use SentinelOne's EDR platform. We use Ranger for network discovery. It helps to find out any endpoints that do not have an agent or rogue devices that may come up on the network that are not protected. It allows us to isolate them until we have the proper protections in place.

    We are starting to delve into Identity.

    How has it helped my organization?

    The EDR platform has helped us achieve our business goals by providing the best security against ransomware, which is the number one threat to our business.

    We have seen a lot of benefits since we deployed SentinelOne many years ago. We were able to consolidate around eight different antiviruses globally. It saved us licensing costs, human capital, and the amount of time it takes to keep up with some of the legacy technologies.

    Other than that, the product gives us so much visibility to things. We did not have that visibility before. It also gave us access to every endpoint globally from a single platform. My engineers and my SOC operators are able to touch every endpoint globally in a matter of seconds. We are able to consolidate all the data that we are getting from the platform. We then build rule sets and protections and automate playbooks to be able to help save time so that we can focus on some of the bigger threats that we have.

    SentinelOne has had a huge impact on our risk management posture. In my viewpoint, any threats, especially with ransomware being the biggest threat to our business, can lead to downtime for operations. If manufacturers are not making the product, we are not making money.

    SentinelOne has helped us improve our analyst efficiency because of the simple fact that it is a single singular platform where they have access to every endpoint data that is out there in the world in our scope of devices. It gives them the ability at their fingertips to dive deep into the telemetry data that they need to make a justification or make a decision about a threat.

    SentinelOne helps us reduce noise. We also leverage SentinelOne Vigilance as a managed service provider, which takes away the load from my analysts. It enables us to develop playbooks to cut down the noise and helps us to prioritize what matters the most, which makes us way more efficient. It makes us speedier when it comes to the time to react to a threat.

    SentinelOne, especially the Vigilance team, helps us to reduce false positives. It is not only because the technology itself is so good at what it does; it is also because of the information that we get related to a threat or an alert. The information is enough for us to have some sort of disposition on what that is. We can then write a rule or mute that through a click of a button so that it is not constantly coming to the surface.

    SentinelOne helps us with our incident response process tenfold. We have so many options, from automation to using Purple AI, to give my analysts more confidence in their abilities. It is an amplifier. It is not a replacement. It is a way for them to build their confidence and skill set, but it also increases our efficiency and our time to respond to threats. The storylines with SentinelOne were probably one of the first things that caught my attention back when EDR was new to the market. They help the analyst develop a storyline or improve the storyline that they have already developed.

    SentinelOne helps us with our mean time to detect by the fact that we have every endpoint consolidated into one platform. We have the prioritization based on the rule sets, the type of devices, the classification of the data it holds, or the classification of the department or the sensitivity of a manufacturing process in that environment. These methods help to cut the detection time for my analysts.

    The platform provides multiple ways to communicate. With the addition of Vigilance and their main services, there is a very drastic reduction in the mean time to respond based on the information they give us. The information that we receive from those methods helps us to make a lot quicker decisions with the threats.

    From an organizational perspective, SentinelOne helps me and empowers my team to be able to communicate to the business about some of the adversarial threats that we have in our environment. A lot of times when an endpoint or a production or line unit is impacted, the teams come to us with reports of a false positive, but in fact, it is not. SentinelOne helps us to educate, inform, and reinforce to the organization why we are here. We are here to help. We are here to help the business grow.

    What is most valuable?

    When we first looked at SentinelOne, we had a very distributed legacy antivirus environment. Through SentinelOne's platform, we were able to consolidate about eight different antiviruses globally, thus saving money and time. There were savings in terms of human capital or the amount of time it takes to keep up with some of those legacy technologies.

    What needs improvement?

    Like any vendor, SentinelOne had its challenges, but throughout our history as a partner and as a customer, they followed through with every commitment they made. That is huge. I do not look for a vendor, I look for a partner—a long-term partner. CISOs need partners to be successful. We have to lean on each other. There are things that they can do to improve the console or improve the product, and they are making strides in it. One value that I can bring to them is the fact that I am on the advisory board. As a customer, we bring problems or challenges or even opportunities to them that they take back to their product teams and marketing teams to come up with a solution. Being able to ride side by side with some of the developments they are making now, in the near future, or in the far future is pivotal to the success of a security organization.

    For how long have I used the solution?

    We have been using SentinelOne's EDR platform since 2018.

    How are customer service and support?

    The support teams speak various languages worldwide, which is beneficial for a multinational corporation like ours. We have teams across the world, and having support in native languages saves us time and increases efficiency.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We had a very distributed legacy antivirus environment before and selected SentinelOne for its consolidated platform.

    We are also using a different SIEM solution currently but are considering migrating to full XDR in the future. We rely very heavily on managed services and Vigilance. We have a small security team, but over time, we will be able to build some hybrid models or hybrid approaches and start to go towards XDR.

    When we looked at the EDR, having a single agent was a big deal. We have come a long way since then, but one of the primary reasons why we chose SentinelOne was their ability to package everything from a single agent.

    What was our ROI?

    The ROI is significant with SentinelOne, as it saves us money, time, and human resources by consolidating eight different antiviruses into one unified platform globally.

    What's my experience with pricing, setup cost, and licensing?

    SentinelOne makes licensing easy by reducing the number of modules or packages that they have to offer. A lot of other vendors make licensing very complicated with separate modules or separate costs. By bundling necessary features, SentinelOne ensures that security leaders are not left confused by options. This bundling of necessities has served our needs well.

    As they bring on more technologies and more offerings, they are either bundled with the premium packages or other packages they have or they are bundled separately as another SKU.

    Which other solutions did I evaluate?

    We compared SentinelOne against its competitors while evaluating EDR solutions. SentinelOne stands out to me from the competition because they stand by every commitment they make. They are extremely transparent and extremely collaborative with the customer base. They take back everything that the customers bring to the table and make the product better. It is a two-way street. We also have to give. We are giving that money for a product, so we are investing in them. At the same time, we want to have a voice. They allow us to have a voice. The fact that they are a true partner sets them apart from the competition.

    Their transparency, their willingness to work with customers and receive feedback, and the humility to admit their faults but figure out a way forward with their trusted partners or customers set them apart from the competition. They have done a good job of getting the endpoints correct. They have done a good job at saturating the market with such a good endpoint product. The endpoint data is the most critical telemetry data that we have. If you think about network and email, those are all delivery methods, but a crime is only committed at the target location, which is the endpoint. With that being the most valuable information we have, they have done such a good job with that. They are already there at the endpoint. There are a lot of other things they can do to improve the data that they have with things like identity and network discovery. There are opportunities where you take Purple AI out and put it on top and extend the width or breadth of your security team. You can extend the breadth of reach across multiple facets or multiple layers of defense from one single platform.

    What other advice do I have?

    AI is huge. It is a topic that comes with a lot of different variables. Some are good, and some are not so good. AI as a whole is not something to fear. It is no different than what mobile computing or cloud computing was. We have to embrace it. Embracing it empowers security organizations, security leaders, and security teams. It empowers them to make more and better decisions, and it also saves some time because a lot of the things that they are doing can be automated through the use of AI. It empowers the defenders, and by empowering them, it saves them time and allows them to focus on more important projects, more important topics, or more important threats. AI can help us cut down our mean time to detect and mean time to respond.

    I have had several colleagues looking at SentinelOne and comparing them against some of the competitors, which is what you are supposed to do. To those who are considering purchasing SentinelOne, I would advise moving beyond the product. Do not just consider the product when evaluating SentinelOne. Focus on the leadership, product development teams, and their commitment to working closely with customers for long-term success.

    SentinelOne is a true partner. We have had our issues. We have had our incidents. There were some times when I was desperate and needed help. They have been there. They are not there at the meat of it. They have traveled that road all the way to the end with me. That speaks volumes. To colleagues and people who are not yet using SentinelOne, I would recommend taking a look. Go beyond the curtain, the actual product, and the marketing. Look into the teams. Look into the leadership. Look into the success of other customers out there like myself. Call them. Talk to them. Challenge the product and challenge the teams, but do not let the first responses ever be the answer you go with. Continue to develop that relationship. That is what you should look for as a partner.

    On a scale of one to ten, SentinelOne is definitely a ten. That is not just product-specific, customer support-specific, or road map-specific. A lot of different areas combined give it that score. Having a true partnership means that you are bringing everything to the table. You are helping each other grow.

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    Buyer's Guide
    Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2026
    Buyer's Guide
    Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.