IT Central Station is now PeerSpot: Here's why

SentinelOne Reviews

Jeff Doggendorf - PeerSpot reviewer
Operations Manager at Proton Dealership IT
Real User
Top 10
Excellent detection rate / allowed our team to focus on proactive management
Pros and Cons
  • "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
  • "One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them."

What is our primary use case?

Everyone who is a client of ours gets SentinelOne by default. It provides ransomware protection, malware protection, and increased security. Those are our top-three selling points for SentinelOne when we talk to clients.

How has it helped my organization?

Prior to deploying Sentinel One, we had a team of staff members dedicated to ransomware prevention and malware alerts. Since deploying Sentinel One, we have been able to allow that team to focus on other proactive security measures for our clients.

The dashboard alerting is great and it has helped us out a ton.

SentinelOne has also greatly reduced incident response time, based on the toolsets and the ability to deploy it to new companies through a script. That has been very helpful. It has decreased the amount of time spent on incident response by 40 to 60 hours a month.

And when it comes to mean time to repair, while we haven't had a situation where we've had to reload an operating system or repair to that extent, we've used the 1-Click Rollback feature which saves several hours over a reload of a PC. 

What is most valuable?

The detection and response feature is really good for us. 

Also, there is a feature called Applications, and it shows all the critical applications that are on devices that may need to be reviewed.

The solution’s Static AI and Behavioral AI technologies are great when it comes to protecting against file-based, fileless, and Zero-day attacks. I would rate that aspect at eight out of 10. They have been great at detection.

The solution’s 1-Click Rollback for reversing unauthorized changes is also huge for us. That is one of the top reasons we have SentinelOne in place. For example, we had a site that had downloaded malware on a share for their sales office. It was trying to move laterally throughout the network but SentinelOne detected it. We then used the 1-Click option to remove it from the 10 or so PCs it had infected. Then we blocked it based on the information SentinelOne provided to us. That way if it happened again, it would already be blocked and wouldn't be allowed to launch.

What needs improvement?

One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them.

Also, integration is almost non-existent. We would really like to see integration with ConnectWise. Within ConnectWise Automate, you're only allowed to deploy at the top-level group. Our company is dealership-focused, but if we have a parent dealership that has 10 sub-dealerships with SentinelOne, we have to treat them as one large group instead of one parent and 10 sub-groups. That's been a pain point for us. We've done some workarounds, but since there is no integration, it's tough.

For how long have I used the solution?

I have been using SentinelOne for about two years.

What do I think about the stability of the solution?

We haven't had any issues, outages, or upgrades. I would rate the stability at 10 out of 10.

What do I think about the scalability of the solution?

One of the features that we love about SentinelOne is that we don't have to buy licenses ahead of time. It just scales up as we grow. We're bringing on a client now that has 500 endpoints and I don't have to worry about contacting sales at SentinelOne and getting a PO for 500 licenses. It just scales up and we're charged based on what we use, which is awesome.

The solution is on 100 percent of our clients that we manage, and that's going to be the goal moving forward. Our sales team does not put in a contract without SentinelOne.

How are customer service and support?

SentinelOne technical support has always been very quick and responsive. We haven't used them a lot. We're a technology company as well and we're able to fix the minor stuff ourselves or by looking at a knowledge base.

One of our concerns or complaints at the beginning was the lack of training, which they fixed. They allowed us to schedule our staff to do the eight hours of free training, which was great. That would have been my only complaint, but that was resolved a few months ago.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We didn't have any EDR solution in place like SentinelOne. We had Bitdefender for antivirus, but that has been removed. Our existing antivirus was failing in several ways. It wasn't detecting everything that was coming through. That was the big catalyst for the switch.

Originally, we had SentinelOne through SolarWinds, which was our previous RMM tool. And when we migrated to ConnectWise, we moved our existing licenses over.

How was the initial setup?

The initial setup was straightforward. It was through our RMM. We bought licenses and we had a one-click deployment to deploy that software. And when we migrated, the gentleman who helped us was awesome. We migrated 9,000 endpoints from that RMM directly into SentinelOne, and he did a lot of the heavy lifting. We just had to check and confirm things were getting moved over.

The migration of the 9,000 agents took 10 to 14 days.

Our implementation strategy included a deployment where we would do a test phase. We picked certain endpoints at different clients and we would deploy and set it in a "listen-only" mode and see what it caught. If everything was good, we would then turn it on to regular mode. That process helped a lot in the implementation.

We have about 75 people in our company using SentinelOne. The main roles among them are about 60 percent help desk, which is view-only; 20 percent client-side, which is reporting and view-only; and the rest are our engineering level where they have the ability to do rollbacks and fix certain issues that are coming in. There is very little maintenance involved with the solution, maybe a handful of hours a month. We have it set up to auto-update. Prior to that, we had to set up our script to download the most recent version, but that's all been replaced now with automation. Maintenance on the actual system is very minimal.

What's my experience with pricing, setup cost, and licensing?

In the past, we had to purchase licenses in advance, so if we hit our license limit, we could not expand until we got a signed agreement in place with the sales rep after the back-and-forth. That meant if a client had ransomware and they had 200 agents, we couldn't deploy right away if we were up against our limit. So we always had that balancing act of figuring out if we were close to our limit and whether we needed to buy more licenses? We ended up paying for licenses we didn't need because we had to buy them in packages of 100.

We now pay based on usage. They do an audit once a quarter and calculate any overages. We pay a set amount quarterly, based on our licenses in use, and then they true-up the figure. Right now we have 12,800 agents with SentinelOne on them. We charge our clients monthly, so it would be really difficult for us to write a check to SentinelOne, in advance, for a full year's worth, at that level. It's been great for us to have the quarterly payments.

Which other solutions did I evaluate?

We looked at CylancePROTECT in addition to SentinelOne. We liked the pricing better and the contract options better with SentinelOne. The deployment also seemed to be easier. In addition, SentinelOne detected things that others missed. We did a few quick trials of other solutions, but SentinelOne seemed to be the best in terms of detection. For example, we did a test with Mimikatz and SentinelOne detected it immediately, whereas some of the others bypassed or didn't see it at all.

And when we talked to the ConnectWise sales rep—because ConnectWise was integrated with Cylance at that point, and SentinelOne was not—the rep told us that they were actually dropping Cylance and moving to SentinelOne over the next year for integration, which was a big factor for us.

What other advice do I have?

My advice would be to implement SentinelOne immediately. It is one of the top things that we've implemented and it has saved us countless hours. It's really hard to quantify the savings, but if a client were to get ransomware, it could involve weeks of several team members working around the clock to get them back up and running. Since we've implemented this, we haven't had to do that in an environment where we had experienced having to do so previously.

The biggest thing I've learned from using SentinelOne is that there are a lot more attacks out there than a typical antivirus will display. Regular antivirus, rather than an EDR-type platform, gives people a false sense of security because there are a lot of processes running in the background that the typical antivirus solution is not equipped to catch. It was eye-opening when we started deploying this at clients, locations where we felt we had very good peace of mind in terms of what was happening. SentinelOne started detecting things left and right that were completely unable to be seen prior.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
Flag as inappropriate

SentinelOne Questions

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Jul 14 2022

If you were talking to someone whose organization is considering SentinelOne, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Jul 14 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

reviewer1261773 - PeerSpot reviewer
reviewer1261773We use SentinelOne to secure our entire environment, including all user… more »
39 Answers
Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Jul 14 2022

Please share with the community what you think needs improvement with SentinelOne.

What are its weaknesses? What would you like to see changed in a future version?

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Jul 14 2022

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Jul 14 2022

Hi Everyone,

What do you like most about SentinelOne?

Thanks for sharing your thoughts with the community!

Steve Pender - PeerSpot reviewer
Steve PenderSimple - It's never been breached!
RS Mukherjee - PeerSpot reviewer
RS MukherjeeThe ability to: 1. Tune to the agents to prevent application performance… more »
43 Answers
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Mar 23 2022

Why?

William Munroe - PeerSpot reviewer
William MunroeYou should not compare SentinelOne to Darktrace - they solve completely… more »
ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdAn easy answer for me - pretty much exactly what @Janet Staver described.  DT… more »
7 Answers
Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Feb 23 2022

If you were talking to someone whose organization is considering SentinelOne Vigilance, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)
Feb 23 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Feb 23 2022

Please share with the community what you think needs improvement with SentinelOne Vigilance.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Feb 23 2022

Hi Everyone,

What do you like most about SentinelOne Vigilance?

Thanks for sharing your thoughts with the community!

Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)

Which is the better solution?

reviewer1650858 - PeerSpot reviewer
reviewer1650858Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed… more »
ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdDepends on the size, scope and needs of your environment.  XDR is an ok… more »
Eric Rise - PeerSpot reviewer
Eric RiseI haven't used Cortex. My worry with it and every other solution is how well… more »
3 Answers
Ron Dutta - PeerSpot reviewer
Ron Dutta
Director Information Technology at McCullough Robeertson Lawyers
Hi community members,  I work as the Director of Information Technology at a legal firm and I'm looking at replacing our Symantec EDR with either SentinelOne or CrowdStrike but can't seem to get any balanced views other than those from each vendor.   Currently, I'm doing a POC on both and am in...
Read More »
ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdWe RFI/POC'd them all.  Sentinel One came out on top for every aspect of the… more »
6 Answers
Alfonso Minaya - PeerSpot reviewer
Alfonso Minaya
Product Director at a tech services company with 501-1,000 employees

I am a product director at a tech services company with 501-1,000 employees. 

I am currently researching Carbon Black CB Defense, CrowdStrike, and SentinelOne. What are the biggest differences between the three? Which would you recommend?

Thanks! I appreciate the help. 

reviewer1275819 - PeerSpot reviewer
reviewer1275819A short answer: Perhaps the biggest IMO is SentinelOne is the only one of these… more »
ShreekumarNair - PeerSpot reviewer
ShreekumarNairDo evaluate www.cynet.com and you will find that Cynet is way ahead in the way… more »
ABHILASH TH - PeerSpot reviewer
ABHILASH THCrowdstrike USPs compared to CB and SentinelOne: 1. Very powerful Machine… more »
8 Answers
Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)

If you were talking to someone whose organization is considering SentinelOne Vigilance, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)

Please share with the community what you think needs improvement with SentinelOne Vigilance.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)

Hi Everyone,

What do you like most about SentinelOne Vigilance?

Thanks for sharing your thoughts with the community!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Frohwein - PeerSpot reviewer
Julia Frohwein
Content and Social Media Manager
PeerSpot (formerly IT Central Station)

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.