SentinelOne Wayfinder Managed Detection & Response Reviews

We rely on SentinelOne to provide protection to our workers, and it is our primary means of protection besides testing. We have been using SentinelOne for some time and decided to use it exclusively with the SOC account advice. We believe SentinelOne is a comprehensive solution for protecting SOAP-based web services and AWS-based cloud infrastructure.

We use it in conjunction with other products to protect other assets, such as the cloud and network.

We had some difficulty integrating it initially, but we found the ability to receive messages and make quick decisions based on the information to be the most useful feature.

The update process has room for improvement because customers may be temporarily without protection during a software update, resulting in issues with stable performance.

I have been using this solution for six years.

Occasionally during an update, customers may temporarily be without protection until the upgrade is complete. We are actively working with another team to resolve this issue. I have a lot of customers. It's not a wonderful situation, but it can happen and customers are without protection for a while.

I would rate the scalability a ten out of ten.

We have deployed SentinelOne on-premises to secure our network, while for about 45% of our requirements, we rely on the cloud.

The license model is good. It costs a little bit more than other antiviruses. But we send the software for review. So the pricing of the products may be less, but it doesn't make sense to start with a solution without trying it.

Overall, I would rate SentinelOne Vigilance a ten out of ten.

We use the solution in our lab to find out how to deploy it on the full scale later on.

The endpoint security software is great. The XDR has been useful. 

It was easy to set up. 

The performance is good. 

The scalability is excellent. 

It's too early to say what needs improvement. It has been six months and I have two guys working on it at the moment. They need additional time to give me that kind of feedback.

I've been using the solution for about six months. 

The stability is great. It performs well. There are no bugs or glitches, and it doesn't crash or freeze. It is reliable. 

We like how it can scale. That's one of the reasons why we have decided to use the solution from the beginning.

Since we're using it in a lab, in the beginning, we will only have a small number of people using it - maybe around 20. The full scale will be much, much bigger, depending on how we decide to use it in the future.

Since we are going to resell it later, we plan to have it as part of our offering to our end customers. In total, we will have somewhere around 20 people on it. We will have five or more senior technical guys and then 15 people working with the support service desks.

While my team has worked with technical support, I haven't dealt with them directly. I haven't heard of any negative comments. 

We did not previously use a different solution. 

The solution is very easy to set up. It's not complex at all. 

It's a POC. The route for deployment is very easy. 

They were quite slow with the deployment as they would like to learn more about the product when they're doing it. My people spent a few days with it just to make sure that they do everything step by step. Typically, it is a short time needed for the deployment. At the same time, they wanted to do it slowly, just to make sure that they do everything correctly the first time out.

We handled the solution's setup in-house. We were using the setup as a training exercise. 

We have seen that the solution will provide a good ROI. That's not in question. 

The value for money is high. I'd give it three out of four stars. 

We are evaluating it against several different vendors on the market. This, as an endpoint security software, it's excellent.

We are aiming to become a partner and reseller of SentinelOne. 

I have no clue which version we are currently working with. My technical person keeps track of that for me. It should, however, be the latest version. 

We are still working on it, and you can't find a silver bullet solution, however, building your total security with SentinelOne included in your portfolio is a great thing. It covers a lot of what you would like to cover. It's a really good solution.

I'd rate the solution nine out of ten. 

I am not the primary engineer for the tool. I use the solution in my company since we cannot just rely on Microsoft Defender, and as we need to have another layer of protection, we use the tool as our next-generation antivirus solution.

The most valuable feature of the solution is the Storyline technology. The feature that I like the most about the product is that the solution reports to you about the entry point of the virus or ransomware, the impact of the attacks, what is done, and which are the affected systems. The rollback feature offered by the product is good.

SentinelOne Vigilance's integration capabilities with other products can be considered as an area with certain shortcomings where improvements are required.

The product's integration capabilities with SaaS platforms need to improve because most of the applications right now are being hosted on the cloud.

I have been using SentinelOne Vigilance for three to four years.

Stability-wise, I rate the solution a ten out of ten.

It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten.

As the product is used globally, I can say that my company has around 2,000 employees who use the tool.

The product is used regularly in my company, especially since it is installed on hundreds of laptops and workstations.

The product's support is great. If my company faces a zero-day attack, the engineering team will engage to extend the support services offered to us to deal with unknown malware or ransomware. The support team offers quick responses, which is one of the major reasons the product is highly recommendable. I rate the technical support a ten out of ten.

Positive

The product's initial setup phase is very straightforward. The product recently added a feature that allows you to uninstall an existing endpoint protection solution from your environment.

One can deploy it manually or with the help of Active Directory.

No third-party help was required to install the product.

For the product's price, I feel that the user interface is friendly.

I think the tool can be integrated with ServiceNow so its actions can be automated.

The solution integrates with the existing security infrastructure like Palo Alto Cortex XSOAR.

You should be careful of what you add to your files since the product has the capability to scan files extensively.

The machine learning part of the product is very good.

The value derived from the use of the product stems from the fact that it is a very lightweight solution.The product does not consume too much memory or compute nodes from my workstation.

I rate the solution a nine out of ten.

SentinelOne has a rollback feature that has helped them gain popularity in the market. No other competitors of the solution including Cisco, Fortinet, or Cortex XDR have this feature.

SentinelOne is a kernel-independent solution. We don’t need to check the kernel dependency on the Linux platform. They also commit to a 100 percent recovery from ransomware attacks. The solution has rollback features for ransomware on Windows.

I have found issues with the solution’s stability and implementation. The solution has performance issues. I would like the solution to launch the rollback plan for ransomware on Linux and Mac. It should be something similar to the support that Windows gets.

I have been using the solution for four to five months.

I would rate the solution’s stability around six to seven out of ten.

I would rate the solution’s scalability a nine out of ten.

The solution helps companies prevent critical attacks from ransomware.

I would rate the solution an eight out of ten. One person is sufficient for the solution’s maintenance.

SentinelOne Vigilance is being used mostly for endpoint protection, endpoint deployment, and some endpoint management.

Most of our customers are moving away from traditional signature-based antivirus because it's not enough. They're moving to solutions, e.g. SentinelOne Vigilance, that have machine learning included, so that machine learning function adds a tremendous amount of value to our customers, simply because it adds that extra layer of security by providing machine learning and behavior analytics.

Most of the next-generation anti-virus products, including SentinelOne Vigilance, have behavior analytics included, and this is the feature I find most valuable in the solution. Behavior analytics is the direction most of the NGAVs are heading, e.g. if they don't have it, that's where they're going: UBA (user behavior analytics) and UEBA (user and entity behavior analytics).

I also find the machine learning function of this solution valuable, as it provides an extra layer of security for our customers.

Every product has room for improvement. I can't single out anything within SentinelOne Vigilance that would need to be updated or improved, only because I haven't used it in a while.

For the most part, there's no problem with how SentinelOne Vigilance works, but the toughest challenge that customers find is with the deployment and tuning of the product. Getting it tuned properly takes some time, so that's a challenge. You can deploy the product with just about anything, but deployment is always a challenge.

An additional feature I'd like to see across the board, in the next release of SentinelOne Vigilance, is more integration with artificial intelligence. I'd like to see more integration with SIEM and/or SOAR solutions. I'd also like to see better event formatting, so if they can format their events using CEF (common event formatting), that would be fantastic. These are the top three or four additional features I'd like to see.

I'd also like to see predictive analytics. The market isn't there yet, with the exception of Carbon Black, but predictive analytics would be phenomenal. We'll get there in the next five to 10 years, e.g. that market is going to explode here in the next few years.

As we build more artificial intelligence into all these products, including endpoint protection, we're going to be able to predict the type of attack. It's not just malware. It's this type of attack, and they're going to know what it is, but that'll come in time.

I've worked with SentinelOne Vigilance for five years now.

SentinelOne Vigilance and some of the top tier NGAVs are really stable. Now they've all reached the point where most of the customers that we work with trust and like them, and they work out of the box. SentinelOne Vigilance is a stable solution.

We work with everything from the small mom-and-pop stores, all the way up to the enterprise. I don't work with enough of the enterprise customers to understand what they have deployed on the endpoint, e.g. it may be SentinelOne Vigilance, or it may be something else, but scalability feels high if you had to deploy it.

Most of the people have moved away from Kaspersky just because of who they are, and potentially Symantec after the Broadcom acquisition. These people may have moved to SentinelOne Vigilance, or to other AVs. We do see a lot of movement in the endpoint AV customer side, simply because there's a lot to choose from in the market, e.g. this product or other similar products.

Another reason for people switching is that newer technologies are coming out in endpoint protection solutions, e.g. machine learning, artificial intelligence, UEBA, etc. Some customers, especially the smaller shops that are nimble and can move quickly, they might look at a new, sensational technology on endpoint security, and move away from whatever it is they currently have. The larger enterprises are a lot slower to move, so they usually take a lot longer to decide which direction to go, and when they do, they usually sign a three-year contract or more, and they'll stick with it.

The initial setup for SentinelOne Vigilance was straightforward. They made it easy on the front end.

Most of the next-generation antivirus (NGAV) solutions, I have a lot of experience with.

We're using an older version of SentinelOne Vigilance, e.g. we're not using it internally, so we don't have the latest version, but some of our customers who I work with are using it. I'm not sure what version they're using, but it's been a while so they could be using old versions of it.

We're using Microsoft Azure as the cloud provider for this solution.

The deployment of SentinelOne Vigilance was challenging. How long the deployment would take depends on the environment. A small SMB on-premises environment doesn't take long to deploy: You can wrap it up in a GPO package and deploy it. The process is usually straightforward and simple, and it doesn't take long, but when you get into the larger enterprise and you have a hybrid solution and multiple locations, that's when it can become a little sticky.

SentinelOne Vigilance is deployed on the endpoint, so everybody in the organization, no matter which role, is using it. The product is also deployed on IT worker endpoints.

Deployment and maintenance of this solution depends on the size of the organization. There are the smaller SMB customers that we have, e.g. if they're not doing it themselves, they've got a MSP that's deploying it directly, and I'm not sure about the work effort there, but you wrap it up in a package, send it out through a GPO, then it's easy to deploy. You can also use a third-party, e.g. ManageEngine and Quest make great products, so you can deploy SentinelOne Vigilance in any way, but it's going to depend on the size of the organization.

I don't know where this product sits in the market. I know it's in the top 10. I haven't looked recently, but I say this because we have so many vendors. We have 1,600 vendors that we work with here, but I know SentinelOne Vigilance is a top tier AV (antivirus). So as far as our usage goes, when our customers come to us, they're usually looking for something specific with regards to any endpoint security or endpoint protection. If they're not, I don't know how often this product gets recommended because I'm not on the pre-sales or front-end side of that. I'm on the engineering side, so I don't know which products they recommend. I don't know if SentinelOne Vigilance is one of the products where they'll go "Hey, try this one. It's great."

I have no idea about the technical support for this product, as I haven't tried contacting them.

I don't have information about the licensing cost or pricing for this solution, because I'm not on the sales side. I see a lot of people now moving toward Microsoft Defender because they've really done a great job in just the past couple of years, and that's rolled into their E3, E4, or E5 licensing. Sometimes there's cost savings when you bundle Microsoft Defender with other Microsoft products. As for standalone AV on the endpoint, I don't know where SentinelOne Vigilance fits price-wise. People are migrating away from Symantec, SAP, Kaspersky, and some other legacy AVs and moving towards newer AVs, but I don't know if that's because of the costs or not.

The advice I would give to others looking into potentially implementing this product is to always bring it in-house and do a pilot. That's the biggest advice I can give, e.g. you need to test drive a car before you buy it.

I haven't done anything on the ROI side, and that's hard to nail down, but there might be some market data out there on ROI. People don't usually make a change unless they believe there's going to be some improvement.

I don't know where SentinelOne Vigilance is on the market, but I know it's top 10 or top tier, so I'm giving this solution a seven out of ten.

The use case of SentinelOne Vigilance for my company stems from providing it to our customers.

With SentinelOne Vigilance, my company's customers can easily and quickly deal with incidents and threats.

The most valuable feature of the solution is its performance, which is very important for us in our company.

My customers who use the tool mostly want a summary of the monitoring activities of the product in a report form, which can be useful. A report from SentinelOne Vigilance can help my company's customers identify what happened in their IT environment, and it can be useful for our customers to identify the threats and incidents encountered by the product.

The tool's stability can be improved.

I have been using SentinelOne Vigilance for a year.

My company hasn't received any response in terms of the stability offered by the solution.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a ten out of ten.

My company deals with two customers who use the product.

The product's initial setup phase was very easy because the vendor took care of the process.

The back-end support team of SentinelOne takes care of the product's deployment phase. On the front-end side, customers of the tool don't do anything.

The solution is deployed on the cloud.

The solution can be deployed and maintained by eight engineers.

SentinelOne Vigilance is priced in a normal range.

I recommend SentinelOne Vigilance to those customers who would like to conduct an analysis of a particular layer of their environment.

I rate the overall tool a ten out of ten.

We use SentinelOne Vigilance as MDR (Managed detection and response).

SentinelOne Vigilance is a very stable solution.

SentinelOne Vigilance is an MDR meant to manage cybersecurity, but it doesn't do a good job.

SentinelOne Vigilance doesn't have a direct connection with MSPs. They go only through a big reseller or RMM vendor instead of directly going to the MSP. You always feel that you are behind, and you have to call someone to call someone to get to them.

People pay $ 5,000 to $ 6,000 monthly for the solution, and they don't have a QBR for their customers to review the security and recommendations.

I rate SentinelOne Vigilance ten out of ten for stability.

You can scale as much as you want with SentinelOne Vigilance.

We implemented SentinelOne Vigilance through an in-house team. Two network engineers were involved in the solution's deployment.

On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten.

Overall, I rate SentinelOne Vigilance a five out of ten.

We use the solution for the managed SOC team that we leverage.

SentinelOne Vigilance is an endpoint security tool with quarantining, dashboards showing us information, and many capabilities like manual and automatic quarantine of environmental issues.

The tool needs improvement in clear communication and detection.

We deployed SentinelOne Vigilance three months ago.

The product is stable.

I rate the solution’s stability an eight out of ten.

The solution is scalable.

The SentinelOne Vigilance has excellent customer service.

Positive

The initial setup is straightforward. There is an agent on our end. A team is monitoring our environment, but for the SentinelOne tool, we have to deploy agents, and their back end is in the cloud.

We had a few team members who have been assisting during deployment.

We achieved ROI because it notified us of threats coming into our environment. After a month, we started getting alerts on different things.

The solution’s pricing is very reasonable.

The solution requires a little maintenance and fine-tuning.

I suggest asking for sample reports and stamp processes to get a good understanding of how they work.

Overall, I rate the solution an eight out of ten.