We need to provide a form of antivirus for our cybersecurity insurance. The new term now is EDR or endpoint detection response. I tested out several vendors including CrowdStrike, SentinelOne, and Cisco. SentinelOne definitely stood out. My use case is pretty for much protecting all of my end-user devices and all of my servers on-premise and in our virtual environment.

We were trying to solve for visibility and license management. We used to use other products, and licensing became an issue. We would have issues where clients would not really be connected all the time. They would just randomly lose connection. And that was with McAfee.

ESET was another one that we used in the past, and we just kept running the issues with the physical server. So having a cloud-managed EDR solution, the agent-based, cloud-managed solution, has worked very well for a few years now at multiple companies. It's the first thing I bought when I came to my new company.

I really like Ranger. I like the deep dive of Ranger in an incident section. Diving into each incident and being able to see complete visibility of when the action was taken against something that it deemed a threat is valuable. Using those incidents in Ranger is definitely up there on my list of favorite features. I have multiple locations all across the globe. Being able to separate my devices, per location, is super helpful.

It's good at ingesting data and correlating. It has zero issues with ingesting data with the agents installed. I've had no issues with that. Being able to go through and create exclusions for specific types of data, like SQL has been really tough in our environment. Being able to just go through and customize those exclusions and working with the support team is great. We also have Vigilance, which is another SOC that they offer. That's a fantastic service.

Everywhere I have an agent, it sees everything, and it does so when I deep dive into a threat or a proposed threat. It does pick out host names, and IP addresses, and it just gives you a really clear picture where you can read it.

I like that Ranger requires no new agents or hardware. Anytime you can keep it lightweight enough. If you add a function and you only pay for your yearly fee for an extra function without making changes in your environment, that's huge.

I love the reporting. The reporting definitely helps me see the entire network and find what open ports are out there. I can work with my network team to get those things closed, which is fantastic. I like the ease of looking at the graphs and the reports.

The solution has helped reduce our alerts. Instead of waiting on a monthly basis and then executing a plan, I'm able to keep up with it all throughout and day to day. That granular control has left me very impressed.

It gives me peace of mind. My staff isn't really using it. I know I have 24/7 eyes on it.

It has helped me reduce my mean time to detect. I would be lost without the tool. It definitely helps me figure things out really quickly. I can figure out the whole story very quickly.

It helps with my mean time to respond. It definitely helps with that. I get an alert in my email immediately, which lets me just know that something happened to my environment. That's something that I previously did not have in my old tool set.

I do want to see Vigilance reach out with that Identity. I don't have Identity, however, it's a very good tool. There is another tool that I use called Purple Knight that does very similar things. I'd like to see adding Vigilance to the visibility of Identity.

One thing I don't like is the exportable report. They're not as useful as I'd hoped they would be. I always feel like I have to finagle them a little bit before I can present them to the executive board. The reporting needs to be beefed up a bit more. Everything feels a little lacking. They're trying to keep it simple, yet it is a little oversimplified.

I really wish it could be an app on my phone. If I could open up an app on my phone and get all the alerts or look at my environment and see the health real quick, that would be ideal. It doesn't have to be a full feature.

I'd like the ability to have text alerts, for example, if something gets quarantined.

The website, if you are trying to figure out what all the products are, it's kind of busy. I don't know what all the products are. The marketing is a little tough to follow.

I've been using the solution for three years.

I haven't experienced any stability issues.

The solution is extremely scalable. It's super easy to push out to thousands of clients if you really need to. I haven't had any issues. It scales very well.

Usually, technical support is very good. They are very knowledgeable. It's usually 24 hours for a response. I've had a couple of phone conversations with them. Right now, we're going basically through email. They give me a ton of information. They're open to working with my third-party MSP. Right now, the MSP brought up a concern about a very specific function that needs a little bit more tending to in the exclusion arena.

We had Defender at this company before.

I was involved in the initial setup.

The deployment is very straightforward. It's super easy to just download your agent, and you get your site token, you install, and you push it out. We use the PDQ at my last company. Here, we use SCCM. We push it out with the MSI, with the site token pre-installed. I see it on my dashboard. It's easy.

My last deployment was handled by myself.

The solution does not require any maintenance anymore. It used to be kind of a headache to go through and have to update the agent. And just to remember to do it. Now I get the email. It tells me there's a new agent out there. I go read up on what the changes are, which is great. Then I go in there and set up the auto-install on the agents, and it just hits them on the schedule. You only have to really pay attention to it once in a blue moon when a new agent is installed or there's a general release.

I installed the solution myself.

I can pay, for my environment, between $30,000 and $40,000 a year, and that's a pretty good deal.

I'm a customer and end-user.

I haven't really done any third-party tools. I've looked into their Identity tool which is one of the newer offerings that they have. It's a very nice offering. It is rather expensive. That said, it is very nice to be able to see Active Directory all in one pane of glass. Honestly, the hardest thing about my job as a security professional is having all these different tools so the more I can see everything in one area, the better it is.

The quality and maturity are important. The company is relatively new in the space, however, they are pretty mature in the market and pretty well-respected.

SentinelOne is a great strategic partner. I can't see myself doing security without them at this point. They are one of the backbones of my security platform. They were the first pieces even before I bought Cisco Duo or Meraki.

I'm excited to see where this will be in the next ten years. I can just see this platform just going crazy. I would love to see maybe a little bit more focus. We have to deal with a lot of sensitive equipment that run specific jobs and I love how SentinelOne, and specifically Ranger, is very passive in its ability. It complements our OT. I would love to see some way of getting away from the super expensive platforms of Tenable and bringing in some of these functions that Tenable offers from a scanning platform fully into SentinelOne in the future.

I'd rate the solution nine out of ten.

This is a best-in-breed solution. If you're looking at anything in comparison, do your due diligence, do proof of concept between whatever companies you're looking into. However, SentinelOne is the best-in-breed.

We utilize SentinelOne Singularity for endpoint malware protection and to gain visibility into threats across the network.

SentinelOne Singularity has the potential to ingest and correlate data across our security solutions.

Ranger provides network and asset visibility.

Ranger saves us time by not having to make changes to our hardware and systems.

Ranger helps prevent vulnerable devices from being compromised.

SentinelOne Singularity assisted our organization by saving deployment time and decreasing the volume of support calls.

Singularity helps reduce the number of alerts.

Singularity has helped our staff free up around 15 minutes of their time to focus on other projects.

It has reduced our MTTD.

It has helped our organization save costs through time savings.

The most valuable features include the agent installation and update processes.

The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs.

I have been using SentinelOne Singularity Complete for seven months.

SentinelOne Singularity is stable. We have not experienced any crashes or downtime.

SentinelOne Singularity scaled easily in terms of deployment. We haven't experienced any performance issues, whether it's installed on a higher-end machine or a low-end machine. SentinelOne Singularity has been excellent.

We faced issues with our previous endpoint solution, Panda Adaptive Defense 360. SentinelOne Singularity seemed to be a more reliable and easier-to-manage alternative. Panda Adaptive Defense 360 caused significant downtime during deployments and updates.

The initial setup was straightforward. The deployment required three people.

The implementation was completed in-house.

We assessed McAfee, Trend Micro, and BlackBerry. We opted for SentinelOne Singularity due to its smaller footprint and more efficient software that uses fewer resources.

I rate SentinelOne Singularity a nine out of ten.

SentinelOne Singularity is a mature product.

Maintenance is necessary only when we are periodically carrying out updates.

Having a vendor like SentinelOne is crucial for a solid security strategy, as we aim for a product that seamlessly caters to both the IT department and end users. We intend to avoid exacerbating issues more than resolving them. Therefore, I believe SentinelOne is a suitable solution for us – easy to deploy and maintain on a daily basis.

I suggest trying out SentinelOne Singularity and comparing it to more traditional security vendors. SentinelOne Singularity offers a slightly distinct approach, but it's an effective method.

We have deployed SentinelOne Singularity on each end-user machine, as well as on the majority of our servers, utilizing it as an antivirus solution. Additionally, we employ SentinelOne Vigilance for our Security Operations Center. Moreover, we extensively utilize this solution across all our machines for tasks such as inventory control, asset tracking, and software monitoring. Furthermore, we have incorporated Ranger AD to enhance security within our active directory setup.

We use Ranger and Ranger AD. We incorporate the data from our SentinelOne Singularity into our SIEM. Moreover, in terms of Ranger, they are both accessible through the same console. When I click, the information is readily available. It's quite straightforward. Furthermore, concerning the transmission of logs to our SIEM, I don't believe we've ever encountered any problems with the initial setup or ongoing functionality.

Ranger offers visibility into our network and assets, which is quite significant. While other tools are available, having this functionality integrated is advantageous since we have it incorporated into a couple of our tools. This covers everything from our switches onward; although there are different options available, Ranger stands out because we are already using Singularity for other purposes. Hence, having it included is beneficial. While it may not be a decisive feature, it's something we always keep enabled.

It is important that Ranger does not necessitate new agents, hardware, or network changes. The fact that it's present, and functions seamlessly, alleviates any need for concern on my part. Furthermore, it effectively identifies new elements.

SentinelOne Singularity Complete has helped improve our response time. In areas where we don't have twenty-four-seven support, VigilanceOne will take over. We use VigilanceOne through SentinelOne, and it ensures constant monitoring. This makes me feel more at ease, knowing that there's continuous surveillance. With the addition of Ranger, Ranger AD, and VigilanceOne, I believe we have gained better insight into our entire network. This combination offers us an added layer of comfort.

It has helped reduce our MTTD and MTTR.

It has helped reduce our risk overall.

SentinelOne Singularity Complete is exceptionally proficient at alerting and identifying any anomalies or unusual behaviors on the machines. While we do encounter false positives, it has successfully detected several instances of malicious activities on the machines. Having the capability to gain insights across our network, observe all our machines, and have a centralized view of what's protected and where things are is incredibly advantageous.

The process of uninstalling and reinstalling older agent updates needs improvement. I am aware that the newer versions of SentinelOne that they have been working on are more effective. One of our major frustrations arises when we attempt to remove SentinelOne Singularity Complete from a machine and it only partially uninstalls.

The initial tier of support, when we call or engage with them in conversation, assigns a representative to assist us. However, we have occasionally encountered difficulties with the initial person, either due to their lack of knowledge or failure to follow through. In such cases, we have had to seek assistance from others or navigate through basic support on our own. Despite this, it appears that everything is progressing in the right direction. This is why we chose to renew our contract with them and even expand our range of products with their company.

I have been using SentinelOne Singularity Complete for three years.

I would rate the stability a nine out of ten.

I would rate the scalability a ten out of ten.

My feelings are moderate towards the technical support.

We had Sophos Intercept X Advanced Cloud Security initially. We had acquired all these tools through a different program. Despite having these tools, a virus managed to get through and bypass all our defenses. This is why we opted for SentinelOne Singularity Complete – we wanted to test the effectiveness of the AI-based approach compared to the traditional signature-based method.

The initial setup was quite straightforward. During the initial phases of deployment, we had a couple of helpful individuals assisting us with the solution deployment, which resulted in a relatively smooth process.

The deployment was carried out by two administrators collaborating with one or two individuals from SentinelOne. Subsequently, we needed to initiate the installation and verify the installs. Consequently, I assembled a team of technicians for this task as well. To be specific, there were around two administrators and possibly four to six technicians dedicated to checking and ensuring the proper functionality of the setup. This was necessary due to the replacement of the old solution across twelve hundred machines within a limited timeframe.

The implementation was completed in-house.

I believe that the current pricing and licensing structure is fair. While it may not be a budget-friendly solution, I think it's reasonable considering what we are receiving.

We evaluated other solutions through online research, but we were recommended SentinelOne Singularity Complete by a company with which we were collaborating. Since the solution performed effectively during our cleanup process, we decided to continue using it.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete has matured over the last two years and is a more complete product.

Moderate maintenance is required to keep up with the end users.

I do consider SentinelOne a partner. I do believe that their program is developing, but I wouldn't use them for all purposes everywhere. This is due to my mindset. Nonetheless, I do perceive that SentinelOne is increasingly becoming more of a partner.

Initially, we had only detection and response on each endpoint where we installed the agent. Now, we are expanding from detection and response to action. For example, if it finds something on the endpoint, it will not only detect and report it, but it will also respond and block it or isolate the endpoint.

It's all about protecting our endpoints and devices, including servers, Windows and Mac machines, whether laptops or desktops.

As a security guy, I don't need to have a VMware or Windows expert help me deploy this environment because it's purely cloud-based.

We had Trend Micro with an on-prem server from which we were pushing updates on a daily basis. We have connectivity between our head office and regional offices, but if that connection was overutilized, those updates would not be pushed in a timely manner. Now we don't have that issue. A laptop, for example, just pulls the updates automatically, and they don't need to come through a congested connection.

Overall, it has reduced our risk by 50 to 60 percent.

It is purely cloud-based, meaning you don't need to have something installed, such as a server on-prem. You have cloud management and can access it from anywhere, with integration with SSO, with one click. It's also very lightweight. It provides granular control as it is cloud-based, and there is no on-prem hardware or software to manage.

It protects against malware, suspicious activities, and suspicious people on the endpoint itself. The endpoint can be a user machine, a server, or an IoT device.

Another feature I like is that when there are indicators of compromise, such as hash files, IP addresses, or domain names, you can add them straight away with one click, and, boom, everyone will have them blocked right away.

The detection is very good and very fast. Once we install it, files or malicious software that are installed on the system are quarantined or deleted right away. The response is also fast.

We have many old machines with outdated software that have been compromised, with malicious software installed on them. It detects all these issues, including that the software is not updated and that they have all these malicious files. It helps us identify those endpoints. All those machines are sent to be upgraded and to have things removed or installed—whatever actions are needed. And for servers that are running software for the business and that can't be upgraded on-the-fly, isolated, or shut down right away, we create an isolated network for them and give access only to the particular users who need them.

Since SentinelOne Hologram was an Attivo Networks product acquired by Microsoft, I have to install a different agent on endpoints for that product. It would be better if the same SentinelOne agent could be used for both the EDR and deception technology. I don't want to have to install an additional agent on all 5,000 of our endpoints. If the SentinelOne EDR agent could be used for both Hologram and SentinelOne, that would be ideal.

It's been a year since we started using this product. We recently extended it to XDR for instant response. We have expanded with SentinelOne EDR.

It is very stable. So far, we haven't faced an issue.

The scalability is a nine out of 10.

The support is excellent.

As a strategic security partner they are a nine out of 10.

We tried CrowdStrike. The issue with it was that it was not compatible with older iOS and Windows OSes. We have some old servers in our data center that are now undergoing a migration process. On top of that, we have some Windows machines that are running on Windows 8, and it did not support them. We had to switch to SentinelOne since it supports those clients. CrowdStrike is also a very expensive solution.

Trend Micro is not smart; sometimes it's unable to detect malicious files.

SentinelOne is faster. It scans and detects issues and vulnerabilities on endpoints in real time. That's the main thing you look for when it comes to EDR.

The initial deployment was straightforward and simple for us. We just needed to install the agent on the end-user machines, open communication to their cloud URLs through our firewalls, and do some initial configuration on the console with help from their team.

We have a hybrid structure, not only on-prem. We have services running in the cloud as well as on-prem. We have multiple locations across regions and in different countries.

It's not difficult to maintain since it's purely on the cloud. If there are updates, they notify us. That is the maintenance activity. They update our services. Once all the environments move to the cloud, we won't need to worry about maintenance anymore. It depends on the vendor; there's nothing much to do on our end. They push any end-user updates, or they make them available to us and we push them out from the console.

It was not done in-house. We worked directly with SentinelOne support. They provided trial versions for two to three months and assigned SentinelOne engineers to help deploy it on some machines as a PoC. There were three or four people involved in total, including their engineers. After that PoC we bought the product.

We have a SOC solution as well, and we are trying to integrate playbooks. With the SIEM solution, we are able to run multiple playbooks without issues. Using our proxy gateway and detection technology, we have pretty good options to create playbooks without any hard configuration.

The quality and maturity of the solution are excellent. I would recommend SentinelOne.

The solution provides endpoint protection for all our desktops, laptops, and servers. We also use it for some of the firewalls on the endpoints. We are also doing asset discovery for devices.

Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product. So, we can push SentinelOne onto those devices.

Recently, the vendor took away my ability to create a ticket, mostly because we're in an MSSP environment. It has created a lot of extra hoops to jump through. I recently had a single sign-on issue on the console. I had to go through my MSSP. It took a month and a half to two months to get any resolution on it because my MSSP can't test our single sign-on. They don't have an account in that system. It has been very detrimental to effectively solving issues. I understand that the vendor does not want the clients of the clients submitting tickets. However, when I'm the one who's doing the majority of the work inside of SentinelOne, removing that from my ability has been very inconvenient.

The filtering features of the application management console could be improved. If I search for applications that shouldn't be installed on our endpoints, filtering is not the most straightforward process. Running through the search process takes a lot of time and effort. It would be hugely beneficial if the tool blacklists the applications that are not allowed to be installed. It would help with the management of unapproved applications or malicious applications that might be installed.

The automated agent upgrade system could use a little bit more fine-tuning. The maintenance windows must be a little bit more robust. I have to manually set what agent we're pushing each time we want to change instead of asking the tool to do N-1 for agent upgrades. It's automatic, but it's not quite automatic.

I have been using the solution for two years.

We've had fewer issues with stability recently, mostly because they made some changes to the actual agents. Shadow copies were filling up the drives and causing some crashes. However, the more recent agents have been much more stable, which has been wonderful.

The tool is very scalable. If we use all of our agents, it's very easy to ask the vendor to add more agents to our license. They get that taken care of, which is really nice. It's been very easy to change and modify groups as we need to.

Exclusions have been very straightforward. I would love to see the exclusions to look at the machines in a group and inform us when we have exclusions that are not found in the directories on the machines. It will help with the removal of redundant or unused exclusions. It will remove some of that risk.

I don't have access to create tickets. The vendor removed the ability. I need to talk with our MSSP for support. They sometimes send us support articles that we already have access to. It takes an extra three to four days to get things resolved. In the most recent case, it was a month and a half.

We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.

The initial deployment was pretty straightforward from my perspective. We were able to take the package and deploy it, which made it really easy to get it on all of our endpoints. About ten people were involved in the deployment.

Our MSSP helped us do the deployment. We used the asset management tool Ivanti to push out the agents.

The pricing is packaged in with our MSSP. The cost of endpoint protection is fairly reasonable. Some of the other systems are a little expensive, but there's still value behind them. It's pretty close to what I would expect.

We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.

The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.

We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.

The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.

It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.

We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.

The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.

The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.

The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.

The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.

It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.

It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.

Overall, I rate the solution an eight out of ten.

We use Singularity to protect our staff computers, the hospital network, and virtual machine servers. Singularity helps us ensure our environment is fully protected in light of the increasing cyberattacks hospitals face.

Singularity's Ranger feature provides deep visibility. We implemented some rules, and Ranger scans the system based on the criteria we set. Ranger's ability to scan without agents or network changes is crucial because we want to minimize the number of changes needed on end-user machines. It's an excellent tool for minimizing risk and detecting threats before they disrupt our network.

The solution has decreased the number of alerts we see. We get notifications and email alerts that some user machines are compromised. Singularity does a good job with bad files and data, allowing us to tackle those threats before they become bigger problems.

Singularity has helped free up staff time. For example, it automatically updates virus definitions so we don't need to do that work manually. Singularity pulls the latest virus definitions on its own. It actively monitors our machines without us having to do anything.

It has reduced our mean time to detect by about 70 percent. Singularity has reduced the mean time to respond by roughly 90 percent because we can choose to respond to a threat by rolling back, deleting, or quarantining it. It greatly reduces our overall risk by about 30 percent.

Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked.

The interoperability is solid. We've integrated Google Authenticator with SentinelOne for multifactor authentication, so it works well. We also use Citrix multifactor authentication. It works well with our other systems.

The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load.

I have used Singularity for about a year.

I rate SentinelOne Singularity seven out of 10 for stability. The stability and performance could be better.

Singularity is highly scalable. We can easily cover all our machines with it.

I rate SentinelOne's support seven out of 10. SentinelOne's customer service isn't that great. There's only so much they can do before they just tell you to look at the documentation.

The deployment was straightforward. We worked with a trainer and implementation specialist over at Sentinel. Four people from our team and one from the vendor were involved. After installation, the primary maintenance is ensuring the agents are deployed to the end-user machines.

Singularity is fairly priced.

I rate SentinelOne Singularity Complete eight out of 10. It's a high-quality product compared to what else is on the market. When implementing Singularity, it helps to organize your machines into groups like laptops, servers, and desktops and then push the agent to those groups separately.

We got rid of our previous vendor, and we went with SentinelOne. We basically use it as our AV platform. In other words, it is supposed to be a solution that is next-gen and can detect ransomware and give us the opportunity to roll back if we are attacked.

The organization wanted to take advantage of their rollback feature so that, if we ever did suffer ransomware, that would help us with triage or remedying the issues.

The rollback feature is the most valuable aspect of the solution.

In terms of its ability to ingest and correlate across our security solutions, we're still early on. The implementation team has helped us turn on the XDR feature, however, we haven't utilized it as much as we should. We're still testing the capabilities.

We did a pilot with the Ranger functionality. The organization opted not to purchase it just yet. Long-term, next fiscal year, we may adopt it. It does come at an extra cost. It may be added during the next renewal.

The previous vendor had a lot more features and capabilities under the license. For example, I lost DLP as Sentinel One does not have DLP. By choosing this solution, I created a security gap.

It has not helped us reduce our alerts. In my last solution, I did not get alert fatigue. We are fresh into the implementation and are getting a lot of false positives.

We just went live this past year. I would say we have been using the solution for maybe six to eight months.

The product has been up more than it's been down. We typically do get alerts if there is a maintenance window. That's appreciated. There have been times when we have had issues accessing the console. that tends to get resolved quickly. That said, no one vendor can boast resiliency.

We only have one module or solution from them. We haven't tacked on multiples from a scalability side. However, from a licensing side, it's easy to add extra agents, it's easy.

I've contacted technical support multiple times. The level of satisfaction is 50/50. It depends on who picks up the ticket on their end. If it's a level one help desk versus an engineer will dictate how easily we get an answer or not. If someone is not well-versed on the backend, we'll need to escalate and that takes time.

We previously used Trend Micro. It was cheaper and had more features under license. However, management was looking for cyber security insurance and methodology. Therefore, management decided to go through Sentinel One.

Getting the solution spun up and put into the environment, and getting it set up to where it's working smoothly, was okay in terms of a process. They are like any other vendor trying to give you a white-glove service.

I was involved in the initial setup.

Once we understood the methodology, it was pretty straightforward.

I chose to rely on people who knew how the product worked. I relied on their input and insights. We did procure professional services to really get into training and understanding the solution.

The learning curve continues to be the false positives. I've had to create a new exclusion list from scratch. I'm still going through the process.

New users need to have a work-in period. There will be a period to get all of the little anomalies tweaked out.

There were three of us implementing the solution.

There's no real maintenance to worry about. That's why we purchased the SaaS solution. We do need to update the agent.

I implemented the solution with the assistance of professional services.

Purely from a budget perspective, Sentinel One was more expensive than my previous vendor, plus I lost a lot of features. I can't say that I see cost savings yet while using the solution.

We also piloted CrowdStrike.

I haven't used the solution in conjunction with any other third-party solutions and can't speak to its integration capabilities. We will do that, we just haven't yet.

The solution hasn't freed up any time. It's the same as our old solution.

So far, it has not changed our mean time to detect. However, I have not seen a true positive yet. I would need to see a real threat come into my environment yet. This is true with the mean time to respond. The process is exactly the same. I have it configured so that if anything is critical, I get real-time alerts.

I'd advise new users to hone in on the subject matter experts and grill them during the POC. We were so accustomed to doing workflows a certain way, it was almost like how we had to learn how to walk again when we switched solutions.

I haven't seen Sentinel One's innovation just yet. We have asked for adjustments or features. We're going through a feature request platform and I have yet to see them implement a feature we requested. My previous vendor, Trend Micro, was very willing to implement changes.

You can't just take it back if you don't like it. It's here to stay. There's no going back to the previous vendor. We need to make it work. We want to stay with them at least a good while.

I'd rate the solution eight out of ten.

I would advise new users to understand what workflows they are accustomed to and how their current setup works so that they can ask a lot of questions during the POC. It's important to fully understand Sentinel One's logic to be successful.

We utilize SentinelOne Singularity Complete as an EDR and MDR solution for both our clients and internal operations.

We wanted to offer our clients a next-generation, AI-based antivirus solution for their endpoints, which is why we opted for SentinelOne Singularity Complete.

We incorporate SentinelOne Singularity Complete as a component of our multifaceted cybersecurity approach. Therefore, its capability for integration, as well as its capacity for data ingestion into NXDR, holds great significance for us.

SentinelOne Singularity Complete functions effectively in ingesting and correlating data across all our security solutions. While we employ an additional SOAR for more extensive correlation, SentinelOne Singularity Complete performs exceptionally well at the endpoint.

SentinelOne Singularity Complete is utilized as a component of our Managed Detection and Response service, resulting in a reduction in the number of alerts forwarded to us.

It helps free up our staff to focus on other projects.

SentinelOne has helped reduce our MTTD. It has also helped reduce our MTTR.

SentinelOne Singularity Complete helps our organization save money through pass-through cost savings.

It helps reduce the risk for our organization.

The most valuable feature is the machine learning capability, as opposed to the traditional rule-based antivirus. This is essential for effectively stopping malware attacks.

We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs. There is potential for improvement in the cost aspect.

The area in which I would recommend SentinelOne to continue progressing is focused on enhancing its product. This involves not only internal development but also strategic partnerships similar to the Wiz integration which brings a lot of value.

I have been using SentinelOne Singularity Complete for three years.

It is stable. The downtime has been minimal.

The solution has met all of our scaling requirements.

I previously used ESET and McAfee. We sometimes still use Microsoft Defender for some use cases and we have some clients that still prefer to use CrowdStrike.

The implementation is carried out in collaboration with our partner, ConnectWise. While we handle the agent deployment, they manage all the configurations.

If we weren't using any protective measures, and we were consistently experiencing security breaches, this would result in an exponential level of risk when compared to an alternative solution. Expressing this concept can be quite challenging. How would we even identify if a breach has occurred? Typically, we'd notice something like data encryption taking place.

So, I believe implementing robust cybersecurity measures is an essential aspect of operating in any technology-dependent field today. It's essentially become a fundamental requirement. That's how we perceive its significance in the present day. Therefore, we communicate this necessity to all our clients and that is where the return on investment can be perceived by using SentinelOne Singularity Complete.

The cost of utilizing all the features of SentinelOne Singularity Complete is high.

I rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete EDR and MDR endpoint agent is a fantastic product. We layer that with other solutions as opposed to only using SentinelOne Singularity Complete.

SentinelOne is undoubtedly a market leader, and I believe it offers a comprehensive and excellent solution. It is on par with other next-generation or AI-based antivirus solutions available in the marketplace.

Depending on the organization's current solution, if they are transitioning from a product like ESET, then the approach to antivirus will be completely different. If they are transitioning from CrowdStrike, I believe the change will be less significant. Testing needs to be conducted, but I anticipate that they can observe immediate value from SentinelOne Singularity Complete. Furthermore, I am confident that they can deploy it without significant concerns about increased risk. Personally, I have never been worried about introducing additional risk by using SentinelOne Singularity Complete.