I am an MSP and provide service on behalf of SentinelOne.

I manage the incident logs from SentinelOne for our clients.

We integrated the SysLog server with SentinelOne without any issues.

SentinelOne Singularity Complete saves clients time by offering a comprehensive security solution that combines automatic detection, machine learning, behavior monitoring, and zero-day attack protection, all in one place, compared to traditional on-premise solutions.

SentinelOne Singularity Complete significantly reduced the number of alerts.

SentinelOne Singularity Complete freed up three of our people to focus on other tasks.

The most valuable features of SentinelOne Singularity Complete are machine learning because it saves us time, device control for data privacy, and the token.

SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM.

I have been using SentinelOne Singularity Complete for eight months.

SentinelOne Singularity Complete is extremely stable.

SentinelOne Singularity Complete is scalable.

Cloud deployment for this project was a simple process. With two people involved, it only took one hour to activate the tenant and configure everything.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete stands out as a mature security solution. Its robust threat detection, data loss prevention, and machine learning capabilities all point to its effectiveness.

Our organization is leveraging SentinelOne Singularity Complete to achieve a comprehensive endpoint security solution. This involves utilizing SentinelOne's EDR functionality across all our endpoints, including IT, OT, and legacy systems. By integrating additional log sources, we're expanding to XDR which will further enhance threat detection, investigation, and response capabilities. This enriched data will also enable the creation of custom workflows to streamline security operations and improve the overall effectiveness of SentinelOne alongside existing security solutions like Office 365, proxy servers, and firewalls, allowing for better correlation and incident response.

Our previous antivirus solution wasn't strong enough to keep up with the growing number and complexity of cyberattacks. Traditional antivirus struggles to monitor all endpoint processes and activities. SentinelOne Singularity Complete addresses this issue with its Endpoint Detection and Response capabilities. EDR collects comprehensive endpoint data and stores it centrally, allowing us to monitor all running processes, identify evolving threats and their techniques, and take appropriate action. Additionally, SentinelOne's built-in AI and ML can detect suspicious behavior that traditional antivirus solutions might miss, providing advanced protection against modern cyberattacks.

Our organization utilizes a two-pronged approach to cybersecurity with SentinelOne. On-premises, SentinelOne Singularity Complete safeguards our sensitive big data that never leaves our network. Additionally, we leverage the cloud-based SentinelOne SaaS solution for further protection.

SentinelOne offers a marketplace that expands its XDR capabilities. This marketplace allows for seamless integration with various security solutions, including Azure AD, email gateways, threat intelligence platforms, firewalls, and proxies. By integrating these tools, we can create automated response playbooks within the XDR platform, streamlining our security posture.

SentinelOne Singularity Complete excels at gathering and analyzing data from various security solutions. Its built-in marketplace offers over 120 connectors that automatically ingest logs, enabling correlation and better incident response through custom workflows. This integration streamlines security operations by minimizing manual effort and allowing security personnel to focus on faster remediation.

We leverage Ranger to secure our raw networks and functionalities that SentinelOne has limited coverage for. Additionally, we actively search for vulnerabilities in our systems.

Ranger is a valuable tool for improving network and asset visibility. It helps us identify gaps in our coverage by highlighting raw networks and unmonitored endpoints. These blind spots represent areas where we lack agent deployment, and Ranger essentially acts as a roadmap for prioritizing where to install them for a full view of our environment.

Ranger has a seamless integration process. From the console, we enable Ranger, triggering the installation of a lightweight agent on our endpoints. This agent then monitors traffic to identify coverage gaps and potential vulnerabilities within our system.

Integrating all log sources and creating a custom workflow will streamline analyst workloads. This will automate most of the basic tasks currently handled manually, freeing up the team for other projects. The analysts performing investigations and remediation will see a significant reduction in time spent on repetitive tasks.

Since implementing SentinelOne Singularity Complete, our mean time to detection has been drastically reduced, going from two full days down to just ten minutes each month.

SentinelOne Singularity Complete has reduced our mean time to remediation.

SentinelOne Singularity Complete has been a valuable asset in reducing our organization's security risks. Its features, including device control and firewall management, provide us with the tools we need to effectively manage and secure our endpoints.

SentinelOne offers several valuable features for threat detection and response. Correlation, static analysis, and other detection engines work together to identify and address security issues. Additionally, the STAR Rules feature allows us to create custom alerts based on specific attacker behaviors or indicators of compromise. This empowers us to not only respond to built-in threats but also proactively detect and prevent emerging ones by defining custom actions for abnormal activity. In short, SentinelOne goes beyond native threat detection, offering customization to tackle even the newest threats.

SentinelOne Singularity Complete needs more connectors for integration with more solutions.

It seems there are currently two separate installers for the same device, one in MSI format likely for Windows and another in a potentially custom EXP format. Ideally, these could be combined into a single installer. If that's not feasible, the EXP format could be used as a self-extracting archive that automatically installs the software using the MSI installer. This would eliminate the need for two separate agents and provide a more streamlined installation experience.

SentinelOne endpoint protection enters a reduced functionality mode during certain resource-intensive events. This mode temporarily limits some features and may require a machine restart. In some cases, the agent might even get disabled. To restore full functionality, we need to re-enable the agent and reboot the machine, which can be inconvenient. Ideally, SentinelOne should improve its handling of resource usage to avoid these disruptions.

The technical support response time has room for improvement.

I have been using SentinelOne Singularity Complete for three months.

The current version of SentinelOne Singularity Complete is stable.

SentinelOne Singularity Complete is highly scalable.

The technical support response time is slow.

Our previous antivirus solution, Symantec Endpoint Security, struggled to keep up with evolving cyber threats. Additionally, integrating it with other security tools proved to be a slow and cumbersome process. Since switching to SentinelOne, we now benefit from seamless integration with various log sources and other security solutions, enabling a more holistic and responsive security posture.

The initial deployment was straightforward and took four months to complete in our large environment but it was not complex to onboard the machines based on our policies.

Four people were required for the deployment.

While the cost of SentinelOne Singularity Complete might seem high at first glance, it's important to consider the value it offers. This helps to average out the cost.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete offers a comprehensive security solution for cloud workloads and endpoints. While it excels at covering all these areas, it could benefit from more granular control and further enhancements. The ability to extend its protection to cloud security or cloud servers, similar to CSPM tools, would be valuable for taking action within cloud or microservice environments.

Maintenance is required for updates.

SentinelOne is a good strategic security partner.

Before implementing SentinelOne Singularity Complete, it's crucial to understand how it will integrate with your existing systems. This ensures compatibility and avoids any unintended consequences. Make sure to create exclusions for any applications that might conflict with SentinelOne to prevent disruptions.

I use it for our XDR solution, managing various endpoints including Windows and Deepak. There are around twenty-five hundred endpoints where SentinelOne EDR or the Synchrony Solution is installed, helping me manage all my files. It is a next-generation antivirus solution with zero-day protection using AI or ML-based logic running in the backend to protect endpoints. Currently, there is no integration. It's an independent solution supporting my endpoint protection.

The XDR is a valuable feature. The AI-based engine protects against various behaviors and takes action on files being accessed. In terms of protection, I have an advanced app providing visibility of all my endpoints, which was not the case before. My time to respond to incidents has reduced, making it much more complete. I have the ability to isolate endpoints if identified as having malicious files or serious activity.

I think they should consider enhancing complete visibility. I haven't explored the network-related aspects, but if lacking, it is an area for improvement. Providing a single pane of visibility for the end user would be beneficial. This means not just seeing endpoints, but also the network and other connected devices through the Singularity portal. This would enhance decision-making and improve security posture.

I have used the solution for three years.

It's a stable solution. My endpoints use minimal resources, and I have encountered no problems with installation, making it a stable product.

From the console or admin perspective, as it is a SaaS product, scalability and management pose no problems. It's all auto-scale and auto-categorized, configuring automatically.

I think they were responsive, but there was a delay in reaching out to my team on one incident report. This happened only once, which is why I am rating them eight out of ten.

I had a normal antivirus solution before upgrading to the next-gen XDR solution, which is SentinelOne.

The setup is very straightforward. It took one month. Connecting to users was a manual process, but all network-connected devices were integrated without any challenges.

There was a three-member team from the vendor side assisting with configuration and communication with my internal team. One of my team members coordinated with the end customers, who are the employees of my organization.

There isn't significant cost saving as such, but it has protected me from numerous virus or malware infections. This demonstrates an ROI.

It's a fixed price per endpoint arrangement.

I have not used alternative solutions for the XDR solution. We were using an alternative antivirus solution before, but finalized on SentinelOne after considering other options.

I rate the solution nine out of ten. It prevented potential losses, though not directly affecting ROI. To make it work effectively, ensure proper configuration and understanding of your network landscape. Initially set it to detect mode, then to protect mode, and later to auto-protect and quarantine mode. Allow one to three months to understand the network and work with a knowledgeable partner.

We use the solution for endpoint protection. Our clients are fintech companies, banks, and other organizations. The tool helps to pick up malicious files in the endpoint and protects the endpoint.

The Ranger feature is valuable. It helps us manage variable assets in our environment. The endpoints and nodes have SentinelOne engines on them.

The product must provide the ability to update applications from the SentinelOne Management Console. Using SentinelOne Management Console to patch applications will be quite useful.

I have been using the solution for 3 years.

I rate the solution's stability 7 out of 10. I've only had issues with the agents once. I reported it through the management console.

We use the solution in endpoints in different departments across the organization. The tool does not require maintenance. We can auto-update it from SentinelOne Management Console. We can push the auto-update agent from the console. I rate the solution's scalability 9 out of 10.

The support personnel always want to share links instead of joining sessions. Getting them on sessions that would probably help resolve the situation is quite hard. They don't always want to do it. That's the only issue I have with them. When we raise a support case, they get back to us and point us to a link to a community guide or solution. They don't respond quickly if the problem requires us to join a virtual session.

The initial setup is not complex. The deployment takes about 30 minutes. It is quite fast.

Our customers have seen an ROI on the product. It takes them 4 months to see ROI.

The tool's price is reasonable.

We are partners and resellers. Singularity Complete’s interoperability with other SentinelOne solutions is fine. I've been able to push logs into our SIEM solution. We used our API. It was quite easy to do. The API token expires, so we have to regenerate and integrate it.

The solution’s ability to ingest and correlate across security solutions is quite fast. I don't have any issues with it. The Ranger functionality provides network and asset visibility. It's quite important. We can identify when endpoints that are not permitted or allowed on the network are active. It helps us isolate or deploy an agent on the endpoints. It's quite useful.

Ranger requires no new agents, hardware, or network changes. It is used for existing agents or endpoints. We can also identify neighboring endpoints that do not have agents. It's easy because we do not have to do any additional configurations. It leverages the current agents that we have deployed across endpoints. It's a good feature. We need not deploy another agent to work for Ranger.

A computer that doesn't have an agent is vulnerable to exploits. When Ranger helps to find the computer and network, it helps to prevent vulnerable devices from becoming compromised. We can identify and isolate the computer and deploy the agent on it. Singularity Complete does not reduce alerts.

The solution saves deployment time. We can push agents from the management console to the endpoint. It will save us time from physically going to the endpoint and installing the agent ourselves. The product reduces MTTD by 20%. The product reduces MTTR by 20%.

If an endpoint gets compromised, we will have to spend money. The tool generally helps us stay safe and protects computers. Thus, the solution reduces costs in the long run. Unprotected endpoints are risky endpoints. Singularity Complete has helped reduce our organizational risk.

Singularity Complete is quite a good tool. I'm quite confident in its ability to detect threats. It is good to have SentinelOne as a strategic security partner. People planning to use the tool must go for it. It's a good solution. It does what it claims.

Overall, I rate the product 8 out of 10.

We use Singularity to secure our workstations and servers.

Singularity has added some features to our security setup. It adds layers of protection to our security servers and workstations. One advantage of Singularity over other traditional antivirus products I use is that it doesn't use as many resources as other products.

If you resolve them permanently, the solution can reduce the number of alerts. Some applications keep triggering alerts, and you need to remove them, or they will continue to do so. We need physical signatures to prevent them from alerting again in the future. We can reduce the alerts by about 80 to 90 percent annually. Our old antivirus wouldn't flag some applications as malicious, but SentinelOne detected them, so we removed those applications, and it reduced our alerts.

Singularity has reduced our organizational risk by about 80 to 90 percent. We were able to address those alerts and remove a lot of malicious files that our previous solution didn't recognize. We saw a significant advantage in the first year. We've experienced a massive improvement in our mean time to detect. We have a large user base, but Singularity Complete performs better than our previous solution.

Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory. We can consolidate our security solutions into one centralized platform, and monitor all our workstations and servers from one place.

SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan.

I have used Singularity for 4 or 5 years.

I rate Singularity Complete 9 out of 10 for stability.

I rate Singularity Complete 9 out of 10 for scalability.

I rate SentinelOne support 9 out of 10 because they're very responsive.

I previously worked with Sophos and ESET. The primary reason we prefer SentinelOne is that it doesn't consume a lot of resources.

Deploying Singularity is straightforward, and it doesn't require you to restart the servers in the latest version.

Singularity isn't cheap, but it's worth what we pay for it.

I rate SentinelOne Singularity Complete 9 out of 10 overall. Singularity performs as well as expected, and it's less resource-intensive than other products.

We provide SOC services for mostly UK clients and use SentinelOne to monitor our clients' endpoints and remedy threats. Some threats are remedied automatically, but others require investigation. We analyze the file and log any new vulnerabilities in our threat intel account.

Singularity Complete is a one-stop solution that encompasses all the endpoint protection solutions from SentinelOne. We've eliminated about 99 percent of our other solutions by switching to Singularity. It's easy to integrate SentinelOne logs, and we don't need any other tools for threat hunting or SIEM. Everything is on one platform. You can fully realize Singularity's benefits after about 3 months of deployment and training.

The solution is supported by Vigilance, SentinelOne's MDR service. They monitor 24/7 since we have other things to do. We have an SLA that threats will be mitigated within 45 minutes to an hour after detection. Singularity has virtually eliminated our organizational risk from threats.

Singularity's threat-hunting platform is user-friendly, and I like the built-in remote access feature. External parties can log in securely via the S1 agent. It's easy to integrate S1 logs with our SIS. That's one good thing. We don't need to use any other tools, like a SIEM.

I would like SentinelOne to add a threat-hunting report and more UEBA features. They could add more SIEM functionality. It would be nice to have the ability to easily drag all the logs from the agents, so there's no need for multiple agents installed on the endpoint.

I have used Singularity Complete for a year and a half.

We haven't seen any downtime outside of normal maintenance windows every few months.

Singularity's scalability is good.

I used CrowdStrike before, but SentinelOne is easier because I can do more stuff on that. For example, let's say I want to fetch some files from an end user's machine or install something, but I do not manage the machine as a security person. If we need to do something inside, I can do a full scan and use remote access to see everything.

The SentinelOne suite is appropriate for our use case. If the scope and tasks were different, another EDR might be better. CrowdStrike has built-in UEBA, but it's not as user-friendly as SentinelOne.

I'm not involved with purchasing decisions, but I believe Singularity must be cost-effective because the management selected it.

I rate SentinelOne Singularity Complete 9 out of 10. It's an excellent solution for monitoring and managing endpoints. I recommend doing SentinelOne's training to familiarize yourself with how to leverage the entire product.

We initially implemented SentinelOne Singularity Complete to streamline application installation and patching across our extensive network of over a thousand systems. Managing individual systems has become increasingly challenging. While the platform provided initial visibility during the first attack, its usefulness in further investigation proved limited.

SentinelOne Singularity Complete boasts good interoperability.

It has helped consolidate some of our security solutions.

While the number of security alerts we receive has been successfully reduced, it has occasionally missed some threats. To address this, we have implemented Microsoft Defender alongside SentinelOne for additional protection. This layered approach has identified several malware incidents that SentinelOne, due to its limitations at the kernel level, did not detect.

SentinelOne Singularity Complete has to an extent helped free up our staff time to focus on other tasks. In conjunction with Defender and Automox 60 to 70% of time has been saved.

Our mean time to detect has been successfully reduced by 70%.

SentinelOne Singularity Complete has reduced our mean time to respond to threats it detects by providing informative feedback from malware reviews.

Our costs have been reduced because we use it daily.

SentinelOne Singularity Complete has reduced our organization's risk by 80%.

The most valuable features are asset tracking, patching, endpoint tagging, and policy updates.

While SentinelOne Singularity Complete effectively visualizes security data across our solutions, requiring extensive manual effort for analysis limits its effectiveness. I would therefore rate it a seven out of ten.

The pricing has room for improvement.

I have been using SentinelOne Singularity Complete for two years.

I would rate the stability of Singularity Complete eight out of ten.

I would rate the scalability of Singularity Complete a seven out of ten because of the integrations they have with third-party groups.

The technical support is quick to respond.

We previously used Automox only for device management, not as a complete EDR.

SentinelOne Singularity Complete's price point is excessive compared to the functionality it provides.

SentinelOne Singularity Complete's longevity in the market may have created an inflated perception of its capabilities. While it was once considered a leading tool, comparisons with newer solutions like Automox, Cynet, and Fortinet reveal a lack of active use cases and functionalities offered by these competitors.

I would rate SentinelOne Singularity Complete eight out of ten.

I haven't observed significant innovation from SentinelOne Singularity Complete lately. Other than obtaining the database, I haven't noticed any new features or third-party integrations being introduced. This leads me to believe that there may not be a high level of ongoing innovation at the moment.

SentinelOne Singularity Complete is deployed across thousands of instances and endpoints in different countries across multiple offices in Europe.

The only maintenance required is for updates to the endpoints.

While SentinelOne offers valuable security protection, it may not be sufficient as a standalone solution. Relying solely on Singularity Complete for a week-long absence might leave our system vulnerable to threats that other Endpoint Detection and Response solutions could identify.

We use SentinelOne Singularity Complete as our EDR to monitor our network. We incorporated SentinelOne Singularity Complete into our SIEM to mitigate threats.

We implemented it because we needed more insight into the interactions that occurred on our endpoints.

SentinelOne Singularity Complete's interoperability with third-party tools enables seamless data exchange and effortless information extraction or export between them.

Its ability to ingest and correlate data across our security solutions simplifies the process considerably. It's akin to pulling data into a SIEM and correlating timestamps, IP addresses, MAC addresses, and any other metric that would link the two machines.

It helps reduce alerts which is one of the things that attracted us to the solution. It has reduced the alerts by around 75 alerts per week.

Singularity Complete frees up our staff for other projects and tasks, thanks to its out-of-the-box setup and automated operation. I only need to intervene when a real threat emerges.

It helps reduce our mean time to detect and our mean time to respond.

Singularity Complete helps our organization save on costs by preventing malware from entering our machines which would result in downtime and machine repairs.

It helped reduce our organizational risk by 20 percent.

The most valuable features are threat hunting, the ability to disconnect or disable a machine's network connection in real time, and the ability to restore the connection once the issue is resolved quickly.

Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run.

I have been using SentinelOne Singularity Complete for four years.

I would rate the stability of SentinelOne Singularity Complete a nine out of ten.

I would rate the scalability of SentinelOne Singularity Complete an eight out of ten.

The technical support is difficult to contact.

In my previous company, I used VMware Carbon Black. When I changed jobs, my new company was already using SentinelOne Singularity Complete.

We've seen a positive return on investment with SentinelOne Singularity Complete. The key benefit for me was the ability to proactively prevent suspicious activity on our endpoints. As a practitioner rather than a manager, I dealt with an incident on an endpoint and was impressed by the solution's capabilities. Singularity Complete automatically contained the threat, allowing me ample time to clean the infected machine. Most importantly, it prevented the need to rebuild any other machines, even the affected ones in most cases. I often resolved issues on endpoints within an hour or two, minimizing downtime and ensuring user productivity.

The pricing for SentinelOne Singularity Complete is competitive. SentinelOne has a better price out of the box compared to Carbon Black and CrowdStrike.

Carbon Black lacked the same level of back-end support as CrowdStrike Falcon Complete.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is an innovative solution that is ahead of Carbon Black and on par with CrowdStrike.

It is a high-quality mature solution that will help improve any security stack.

We are deploying it across eight locations, encompassing all departments and protecting our 500 employee endpoints.

I am an IT security analyst and I update the sensors myself.