Chief ARCHITECT at a manufacturing company with 11-50 employees
Real User
Top 20
2023-11-15T14:12:00Z
Nov 15, 2023
The root cause of automation could be better. If you have a complex ecosystem, you need an automated threat response mechanism. We'd like an automated correlation of threats. The SOC efficiency could be better. It would help improve the MTTR.
Information Security Manager at a financial services firm with 201-500 employees
Real User
Top 20
2023-10-05T15:49:00Z
Oct 5, 2023
A lot of those features came from an acquisition of a different company. Actual SentinelOne employees are making a lot of changes right now to fully integrate those components into one security solution portfolio. The recommendation would be to make deployment just a little bit easier. Of course, they talked about it on the road map, so it will settle out naturally. They're aware of the issue. They want to make it better; it's just not quite there yet.
Sr. Network Admin at Continental Carbon Company, Inc.
Real User
Top 20
2023-09-14T14:52:00Z
Sep 14, 2023
I would like to have the option to deploy or push an update on all my endpoints at the same time. I am not aware of such a feature being there. I have not seen it, but it would be good to be able to deploy or push an update on all my endpoints at the same time. Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one. We probably have to create a policy so that I can push it. That is the only thing that I do not like. I would like to have a button to update all the endpoints with a simple click. I have not yet seen that in this product.
Director of IT & Data Security at a university with 1,001-5,000 employees
Real User
Top 20
2023-09-13T16:39:00Z
Sep 13, 2023
I don't like SentinelOne's reporting tools. Their reports seem fine theoretically, but the issue is the sample size. For example, it will report that there were four incidents, and that equals 25 percent fewer incidents compared to the previous months. It would be a great improvement if I could expand the range to see reports for the last six months, but it's always one month. That would be an easy thing for them to resolve. It's also challenging to know how many licenses we have. That number changes every day. We'll remove a bunch of machines, and they'll automatically give up their license after three months. I can easily report today's number, but I can't report over time. For example, we have 500 licenses, and when I checked one day, I found out we were using 509. I thought that would be a problem. Now, we've dropped down below that, so I think they're giving us a little leeway, which is great. It's kind of a mystery to me how close we are to using 100 percent of our licenses.
IT Manager at a healthcare company with 501-1,000 employees
Real User
Top 5
2023-09-06T18:55:00Z
Sep 6, 2023
The last time I called to receive support, it wasn't as fast as I wanted. The resolution turnaround from SentinelOne Singularity Identity's support should be improved.
Learn what your peers think about SentinelOne Singularity Identity. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
Senior Network Administrator at a logistics company with 51-200 employees
Real User
Top 10
2023-08-17T20:27:00Z
Aug 17, 2023
The UI could stand to be more user-friendly, specifically for users that are not in IT, or for smaller mom and pop sized companies that may not have a dedicated IT department or budget for a fully managed solution.
Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting...
The root cause of automation could be better. If you have a complex ecosystem, you need an automated threat response mechanism. We'd like an automated correlation of threats. The SOC efficiency could be better. It would help improve the MTTR.
A lot of those features came from an acquisition of a different company. Actual SentinelOne employees are making a lot of changes right now to fully integrate those components into one security solution portfolio. The recommendation would be to make deployment just a little bit easier. Of course, they talked about it on the road map, so it will settle out naturally. They're aware of the issue. They want to make it better; it's just not quite there yet.
I would like to have the option to deploy or push an update on all my endpoints at the same time. I am not aware of such a feature being there. I have not seen it, but it would be good to be able to deploy or push an update on all my endpoints at the same time. Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one. We probably have to create a policy so that I can push it. That is the only thing that I do not like. I would like to have a button to update all the endpoints with a simple click. I have not yet seen that in this product.
I don't like SentinelOne's reporting tools. Their reports seem fine theoretically, but the issue is the sample size. For example, it will report that there were four incidents, and that equals 25 percent fewer incidents compared to the previous months. It would be a great improvement if I could expand the range to see reports for the last six months, but it's always one month. That would be an easy thing for them to resolve. It's also challenging to know how many licenses we have. That number changes every day. We'll remove a bunch of machines, and they'll automatically give up their license after three months. I can easily report today's number, but I can't report over time. For example, we have 500 licenses, and when I checked one day, I found out we were using 509. I thought that would be a problem. Now, we've dropped down below that, so I think they're giving us a little leeway, which is great. It's kind of a mystery to me how close we are to using 100 percent of our licenses.
The last time I called to receive support, it wasn't as fast as I wanted. The resolution turnaround from SentinelOne Singularity Identity's support should be improved.
Our engineers are dealing with issues to add exclusions to the antivirus for custom applications.
The UI could stand to be more user-friendly, specifically for users that are not in IT, or for smaller mom and pop sized companies that may not have a dedicated IT department or budget for a fully managed solution.