We use SentinelOne Singularity Complete as an endpoint protection solution. It is our primary endpoint protection solution for our workstations and servers for protection from any kind of threats that may appear on those systems.

We have some localized virtual machines that it is running on. We do not have any cloud workloads.

SentinelOne Singularity Complete is pretty good in terms of being able to fine-tune the alerting that you get. It is better than other solutions that are super noisy to the point that it is difficult to drill down. If you get an alert of something that is actionable, it is better than getting one alert and then getting five others right behind it. This solution is pretty good at not being noisy.

Luckily, I do not spend a ton of time with SentinelOne Singularity Complete unless there is an alert or a potential breach, but that just does not happen very often. Email security is the front door of protection, and that takes the brunt of any kind of security concerns. Luckily, most things are not hitting our network right now.

SentinelOne Singularity Complete is pretty good at picking up things that are not necessarily malicious and alerting me that somebody or something is using something that needs attention. That happens instantaneously. It is pretty quick.

SentinelOne Singularity Complete is as fast as we can ask. I can see the alert and get on it. It does not take very long, so I am not sure how we can improve more when it comes to our time to respond. We are a small enterprise. It does not take us too long to respond to things.

Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even when we are not talking from a security standpoint.

The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network.

We have had it for a couple of years now.

I have not had any issues related to downtime, uptime, or responsiveness of their infrastructure. I have not seen any reports where something was not working the way it was supposed to.

They would far outpace the scale of what we would be looking at.

I contacted their technical support at the very beginning when I was rolling things out, but it was not a major issue. It was just about me getting up to speed with how they do things. I do not have a negative impression of how that interaction went.

SentinelOne is a good partner. I had a few other technical support questions, and they answered them pretty quickly. They were pretty minor things, and they were always pretty quick to respond.

We were using another solution previously. It was long ago. We were using Berkeley, which was bought by Alert Logic. The Berkeley product was pretty good, but when they were bought by Alert Logic, I did not like the way they did things. It was complicated. It was not intuitive. Their sales program was a little shady. We got locked into a contract that was not intentional. It was not a great experience. They have a product that is not a direct competitor to SentinelOne. We tried it, and it was super noisy for alerts. If I tried to clear all the alerts in the system, I would not have time for anything else. We were not necessarily looking for it, but because of the platform that we were on, we tried the other offerings that were included in the platform, and it just was not a good fit.

SentinelOne is a much more robust platform than Berkeley or Alert Logic in terms of endpoint protection. In terms of the ability to be innovative, SentinelOne provides tools. If we had stronger security requirements, they have other tools that we could utilize, such as Ranger.

The portal is cloud-based, but the agents are on-prem.

I was involved in its deployment. I am a one-man IT shop. It was pretty straightforward. You get the agent that you want to install, and there is a code that you put in that locks it to your portal. It installs pretty easily.

It requires very little maintenance. Occasionally, I check to make sure that the agent version is pushed out because that is not automatic. I get to choose when the agent gets pushed out. If there is an update, I update them when I want to.

We did not need any help at all. It was just me.

We do not put a price on security, but we have to choose between different products that are on the market. We are constantly evaluating other products every year. Endpoint protection is not something with which there is a huge opportunity cost by moving from one vendor to the next. Our security stack is not so integrated with SentinelOne. If, for some reason, they were not the best option, we could move to another option fairly easily. The fact that we are sticking with SentinelOne is a testament that it is not broken. It is still working for us. It gives us good peace of mind about the product line, where it is going, and the protection that it provides.

It is very competitive with other solutions that are on the market. At least the last time we renewed, it was very competitive.

I try to stay abreast of different platforms. I reached out to SentinelOne, and they put me in touch with a reseller, so I went out and found it.

The biggest thing was how well SentinelOne ranked versus the other platforms. There was also a cost-benefit of a solution like SentinelOne. We thought it would be effective for endpoint protection.

It certainly was a cost-effective solution as compared to some of the other endpoint protection solutions that were available at the time. I would not have gone with SentinelOne if it was not a good value.

It is a very robust platform. It is a great candidate to serve small business environments. They do not target small businesses. They do not market it to small business environments with 50 users or less, but being a little more technically-minded, I wanted something that was enterprise-ready. Even though our environment is small, it was a good fit for us.

It did not require a lot of in-place support from the integrator or the reseller, but they did provide a large amount of presale decision-making help in terms of what I was getting into and what they could provide. That was very helpful. Talking to an integrator or a reseller so that you can put a person to the discussion is helpful.

In terms of integrations, we have looked into some of the integrations, such as with Mimecast. We have had some interest in that, but we have not utilized any of those third-party integrations. We also looked at the possibility of using some things with log management and being able to have a single source of how protected we are across the enterprise, but we have not yet pulled the trigger on anything like that.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten.

We use it for endpoint protection. It is our antivirus and EDR solution.

We are also using it for device control, such as blocking USBs, and we also use it for network control. We are blocking port access on machines.

Singularity Complete has saved us time. I recently did the agent upgrade. I used their upgrade policy and just specified the maintenance window and things like that. The first two times I updated the agents, I used to sit there and highlight the endpoints and run agent updates, but this time, I used auto-upgrade. With auto-upgrade, it ran between 6 PM to 8 AM, and then it ran all day on the weekend, and it was up in there. In one day, it updated 1,000 endpoints. That was pretty cool. I did not have to sit there and do the manual work. I just watched the system to make sure that the endpoints got updated. That was pretty cool. It is nice to know that I do not have to sit there, and I can just create a policy and let it go. It definitely saves time.

Singularity Complete has reduced our mean time to detect (MTTD). I get an email pretty much right off the bat. When an alert pops up, I get an email from my ticketing system, so it is pretty quick. If I am on my desk. I take care of it pretty quickly. Currently, I am the main person running this, and other people back me up when I am not around. I am hoping I can get somebody else trained on this.

Singularity Complete has helped reduce our organizational risk. It is somewhere in the middle when it comes to contributing to our security posture.

SentinelOne has been a good partner. We mostly use Mac and Windows systems, and we were able to do device control and network control out of SentinelOne rather than through MDM. We are doing it all through SentinelOne. We did not have any conflict in the apps.

In terms of interoperability, we have plugged it into our Alert Logic MDR. It flags to our MDR. For example, if a threat cannot be mitigated or it is hard to mitigate a threat, then the MDR will notify us. Some of the things related to applications could use some work, but they are in the process of fixing this. We will then be able to update and disable applications through SentinelOne.

Device control and network control are valuable.

They updated the console, and on the incidents page, we can break down the incidents and see all attack attempts. It is pretty cool and in-depth.

The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab.

Singularity Complete has not helped reduce alerts. In fact, it produces a lot of false positives. It does its job, but I have spent the last week fine-tuning the system and trying to suppress false positives. I am getting a hang of it.

I have been using SentinelOne Singularity Complete for about a year and a half.

Its stability is very good. Recently, one person had an issue, and I had to reinstall the agent. They had lost their Internet connectivity. We put in some strategy work, and we had to go in there and figure out which ports are open, but other than that, it has been very good.

Its scalability is pretty good.

I have interacted with their support. They are always pretty easy to get a hold of. I never have to wait. They are helpful. They have resolved any issue that I have ever brought up with them in a timely manner. I would rate them a 10 out of 10.

It is a cloud solution. I inherited it, so I was not there when they implemented it. It was implemented about six months before I got hired. It was probably deployed in late 2021, and I started in February 2022.

It requires a little bit of maintenance in terms of fine-tuning the false positives and things like that. For example, because people use Logitech devices, I had to suppress the alerts because they kept popping up because the hash was always different. I have noticed that when a new agent comes, it can be a little aggressive in the beginning. I have to fine-tune the alerts a little bit, but that is a part of the process. I update the agents twice a year. I will try to do it more because now I know how the upgrade policy works. The only thing I am not yet good at is reviewing the Mac logs. Windows logs are easy because of the years of Windows experience and the use of Windows Event Viewer. I just got to be better with the Mac logs.

In terms of cost savings, I am starting to get into the budget, but we have not got any malware or serious incidents. There are money savings when you do not have serious incidents.

We have not had any downtime. We have not had anybody's machines compromised. It has been protecting the endpoints pretty well. It has been pretty quiet. We have not had anything that we would consider a major incident, so it is doing pretty well.

I do not know much about it. From what I understand, it is pricey, but it works. It is a very good product.

I also used SentinelOne five years ago at another company, and I find it to be way better now. It is a much more refined product. It does not actively scan the system the way it used to. It has come a long way in terms of performance on the machines. It does not hinder the performance of developers' machines. I hear no complaints about SentinelOne blocking or grinding machines to a halt with scans when developers are doing builds and things like that. It has improved greatly. Five years ago, I used to hear complaints about SentinelOne slowing down the systems, but I have not heard that once here.

We tested the Ranger functionality a bit. We were demoing it. Ranger was pretty cool for the visibility of devices, but we did not find a use for it.

Overall, I would rate SentinelOne Singularity Complete a 9 out of 10.

I use SentinelOne Singularity Complete as our next-generation antivirus on our endpoint. I review detected malware and verify whether it is legitimate or a false positive. Additionally, we can control endpoints, such as correlating them or blocking specific activities on any endpoint. We also have visibility into what is happening, including what is installed, being installed, or uninstalled on endpoints.

SentinelOne Singularity Complete can help reduce alerts, but we must first add exclusions based on our existing features to keep the false positive rate low.

SentinelOne has helped our staff save time investigating and handling incidents.

It has helped reduce our MTTD and our MTTR.

The hunting feature is most valuable for detecting malicious or suspicious activity.

The way Singularity Complete handles blocking external mass storage is annoying because it is so difficult to unblock single endpoints. We can only add a general rule to block everything, and we cannot add any exceptions. Additionally, Singularity Complete uses different names for endpoints other than the actual actions that will happen or be taken, such as quarantining a device. This is also confusing, as the wording used by Singularity Complete is slightly different from other endpoint security solutions and can be difficult at the start.

I have been using SentinelOne Singularity Complete for almost three months.

Singularity Complete is stable.

Singularity Complete is extremely scalable.

Technical support is super helpful.

The price of Singularity Complete compared to some of its competitors is competitive.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete has room to grow, but it is overall very good. It is a mature software product with an awesome UI. There are many options and actions available.

No maintenance is required from our end.

SentinelOne Singularity Complete is a straightforward, stable solution that is easy to learn.

We use SentinelOne Singularity Complete for antivirus and EDR capabilities on both our hosted and internal platforms.

We implemented SentinelOne Singularity Complete to harden the security of our environment.

Initially, we focused on our client-facing platform. We definitely wanted to ensure adequate antivirus and malware protection, and I believe we have achieved that with SentinelOne Singularity Complete. Our environment is fairly large so it took us a few months to realize the benefits.

SentinelOne Singularity Complete helped save our staff time to focus on other projects. Our security operations team has a little bit more bandwidth now.

SentinelOne has helped us reduce our MTTD. The Storyline feature has definitely cut down on research time when investigating incidents, making the process much faster. What used to take several hours to review logs can now be completed in ten minutes.

It has helped us reduce our MTTR.

Our organization had a costly incident before we implemented SentinelOne Singularity Complete. Since the implementation, we have not had any incidents, which correlate to cost savings.

Singularity Complete has helped reduce our organizational risk.

I really like the storyline feature. It makes it easier to tie together the processes and how they are related when investigating potential incidents. I also like the dashboard and the customization options.

The only integration that we are having a challenge with is our Rapid7 SIM solution. We have created exclusions for it, but sometimes there are still some false positives that the team works through.

The false positive rate has room for improvement.

We can build exclusions in a few ways, but one challenge is that many third-party applications spawn files with random names. This can make it difficult to write rules to account for these files. If there are better ways to deal with this, it would help to reduce conflicts between our Rapid7 solution and some of our other solutions that generate PowerShell scripts.

When agent updates require a reboot, this can be challenging for our large customer environments.

I have been using SentinelOne Singularity Complete for four years.

SentinelOne Singularity Complete is stable. We have not had many stability issues.

We have a large environment and find SentinelOne Singularity Complete to be scalable to meet our requirements.

The technical support ticket for the issue we had with getting the agent installed in our PBS image took almost a year to resolve, and we ended up finding the solution on our own. We had several tickets open, but unfortunately, they didn't lead anywhere.

We previously used Cylance, which our hosting provider provided along with Endpoint Detection and Response. However, we experienced several challenges with Cylance, so we purchased SentinelOne Singularity Complete for our corporate network. SentinelOne functions and deploys significantly better than Cylance, so we asked our hosting provider to switch us to SentinelOne instead.

The initial deployment was straightforward for SentinelOne Singularity Complete. We had a bigger challenge installing Cylance.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete has a lot more functionality right out of the gate.

I recommend considering SentinelOne Singularity Complete for anyone researching security solutions.

SentinelOne Singularity Complete is deployed on our corporate and hosted endpoints. We have between 5,000 and 9,000 endpoints.

We have six people that monitor SentinelOne Singularity Complete.

Our agent updates require maintenance and close monitoring. We sometimes have to manually enable policies that are disabled due to the disruption caused by unexpected reboots. We must carefully plan these updates.

SentinelOne Singularity Complete is a good strategic security partner.

I would definitely recommend doing a POC to see if SentinelOne Singularity Complete is a good fit for the environment.

We use SentinelOne Singularity Complete as an endpoint detection and response solution to detect advanced threats in memory and protect our environment from ransomware attacks.

We are ingesting data from Singularity Complete into our team. The integration between Singularity Complete and Splunk works well, pushing all alerts from Singularity Complete to our soft tool. We have also looked at other SentinelOne products, but we only use a few of them.

We use Ranger to detect rogue sensors by scanning networks for endpoints that do not have SentinelOne installed. We do not use Ranger Pro.

Ranger is used to identify endpoints that do not have SentinelOne installed, ensuring 100 percent coverage. However, we also use a network access control tool to verify that endpoints have the necessary security telemetry and toolsets installed. The NAC tool can either orchestrate the installation of missing components, quarantine endpoints or simply notify us that components are missing.

The biggest benefit for us, other than mitigating the risks, is that Singularity Complete has raised the bar for red teaming, compared to the previous tool we were using. Some of the agent coverage in the previous toolset was becoming a limitation, but Singularity Complete gives us better coverage and visibility, both for red teaming and in general.

Over time, Singularity Complete has helped to reduce alerts. At the beginning of the implementation, we had to spend some time training the system, accepting events, and so on. However, over time, the number of alerts has been reduced.

Singularity Complete has helped our MTTD by providing broader visibility into our environment.

We collect a lot of telemetry from Singularity Complete. We then use this telemetry to search for malicious processes, which we would not have been able to see before. In other words, in addition to the standard setup that we expect, we are extracting additional telemetry from Singularity Complet to identify malicious processes and other types of threats running on endpoints.

Singularity Complete can be improved by allowing for better nesting of policies. Currently, when we create a policy and want to apply two different policies to an endpoint, we cannot do so. Instead, we must create two separate policies and place the endpoint in each policy, even if the only difference between the policies is slight. This makes the policy nesting process cumbersome and inefficient. Therefore, allowing for nested policies would be a valuable improvement to Singularity Complete.

The Endpoint Health telemetry could be improved. This is likely true of all tools, but I think it would be particularly useful for us to be able to see the sensor when it is running on an endpoint and starts to consume more memory, or if there is a memory leak. This would allow us to collect better telemetry on this topic.

I have been using SentinelOne Singularity Complete for one and a half years.

Singularity Complete is stable, but there are occasional instances where the sensor monitors a specific process that starts to malfunction, which is naturally possible. In these cases, we need to investigate and add an exception to prevent the sensor from monitoring the process so heavily, if it is a valid process so that it can return to normal operation. Therefore, there is a significant amount of tuning required. If the tuning is correct, Singularity Complete operates quite well and is certainly stable.

Singularity Complete is scalable. We have 2,500 endpoints. I know other organizations that have over 70,000 endpoints.

We have technical support that we can access, but I think it could be stronger. Currently, we deal with some local support, but their knowledge is limited. I would like to establish a closer relationship with SentinelOne International support, especially for the upgrade we are planning next year. I was in Tel Aviv in June and July and visited the SentinelOne offices to speak to them about this.

Our previous solution, Cybereason was not very good at detecting things happening in memory, so we were looking to replace it with SentinelOne, CrowdStrike, or Cortex XDR by Palo Alto Networks. The replacement had to be able to see things happening in memory and deal with ransomware attacks. SentinelOne Singularity Complete was able to meet our requirements.

The initial deployment was slightly more complex than our previous tool because we needed to understand and implement the exceptions. These exceptions included both standard exceptions and our own custom exceptions related to how applications behave. However, the complexity is justified by the better coverage and protection that the new tool provides.

Three people from our company were involved in the deployment, which took about six months. This included removing the previous solution and replacing it with Singularity Complete.

The cost of Singularity Complete is similar to our previous solution but it comes with additional options such as Kubernetes integration. We make sure to benchmark the prices against other EDR solutions before renewal to ensure we are not overpaying.

I would rate SentinelOne Singularity Complete eight out of ten.

We started looking at the reception technology, but it was too much for us and required too many permissions. As a result, we did not proceed with it.

Ranger provides network and asset visibility, but we use other telemetry to build a data lake, which we then use to give us more holistic visibility.

Singularity Complete is definitely innovative. It offers better coverage of endpoints and sensors than our previous solution, as well as better coverage from red teams and other threats. It also provides us with much better telemetry from endpoints than our previous solution. This includes features that our previous EDR tool promised but did not deliver.

SentinelOne is a fairly mature product. I think we first looked at it about six or seven years ago when it first came out. It has definitely matured a lot since then. When we first saw SentinelOne, it had a lot of problems with automatically killing things without alerting us. However, we have definitely seen improvements in the solution from a product perspective. Additionally, there are now more modules and integrations available. We have looked at the reception part of it, as well as quite a few other pieces, including Rogue Sensor Pro. We have looked at a lot of little bits, so it has quite broad coverage in terms of what it actually will cover.

We have deployed Singularity Complete across the company and all lines of business, including our branches in South Africa and other parts of Africa. This includes approximately two and a half thousand endpoints.

Four people are managing Singularity Complete. Every six months we have to update the sensors.

We have definitely told others about and shown them Singularity Complete, and we have told them that we are happy with it. When implementing Singularity Complete, we need to know what our expectations are and, obviously, test the solution thoroughly to prevent any negative outcomes.

We are a partner of SentinelOne and we provide demo proofs of concept to customers. Most of our customers use traditional antivirus software, which does not have the capability to perform zero-day analysis, block ransomware, or block zero-day attacks. SentinelOne, on the other hand, is an endpoint detection and response and endpoint protection platform solution, which means that it has the capability to block zero-day attacks, ransomware, and machine learning-based threats. SentinelOne Singularity Complete does not have antivirus technology, but rather it is an anti-malware solution.

Our customers switched to Singularity Complete primarily for security and ease of use. It is easy to install, troubleshoot, and upgrade. Singularity Complete is purely cloud-based for our customers.

Singularity Completes' interoperability is straightforward. They have easy API integrations with all major integration platforms, so it's simple. There are no complications.

SentinelOne can ingest and correlate data well. It has its own EDR and XDR technologies, so it provides threat defense, detection, and monitoring. The models work like a SIEM for endpoints, so customers can correlate logs, identify patterns, and visualize everything. It is very visible.

I deployed Ranger for one of our customers with a large infrastructure. Ranger provides clear network and asset visibility.

Singularity Complete was very helpful to our customers during the COVID-19 pandemic because many of their employees were working from home. When employees work from home, they often need to open ports from outside to active networks, which can make those networks more vulnerable to ransomware attacks. One of my customers had a traditional antivirus running, but it was unable to detect the ransomware. I deployed Singularity Complete to understand the attack pattern and block it. The customer was so happy with SentinelOne Singularity Complete that they renewed their subscription for four years in a row.

Singularity Complete increases the number of true positive alerts by detecting attacks that antivirus software misses.

Singularity Complete helps save time.

Singularity Complete has reduced the MTTD by ten percent.

Singularity Complete has reduced the MTTR. Where a traditional antivirus may take ten minutes, Singularity Complete takes two to three minutes.

Singularity Complete helps reduce organizational risk.

The anti-ransomware capability to analyze the threats and user-friendliness are the most valuable features.

When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools. It offers a variety of Falcon tools, including deep inspection, while Singularity Complete does not have all of these features. It still sticks to EDR or EDP. Therefore, I need improvements to match the features that CrowdStrike offers, such as a higher level of vulnerability assessment and a better understanding of the IOCs in our system so that we can apply fixes.

SentinelOne Singularity Complete needs improvement on Linux machines. We identified a few issues with most of our Linux customers' machines. Specifically, the application is not working properly after installation.

A major area of Singularity Complete that needs improvement is the restart option. We do not need a restart after installing a CrowdStrike agent. So for organizations that are running 24/7 and can't restart their machines, we do not recommend SentinelOne Singularity Complete.

I have been working with SentinelOne Singularity Complete for five years.

I would rate the stability of Singularity Complete nine out of ten.

Singularity Complete can scale easily.

Overall the technical support is good but we sometimes have difficulty getting a hold of them.

We previously used CrowdStrike Falcon, but SentinelOne Singularity Complete is easier to deploy. CrowdStrike Falcon has many features and policies that need to be configured, while Singularity Complete is straightforward. It has a single policy and is very easy to deploy compared to CrowdStrike Falcon. However, CrowdStrike Falcon offers more features.

The initial deployment is straightforward. We receive a URL extension from the company and we set the policies and install the agent.

I deploy the solution for POCs using 20 machines. We demonstrate the deployment methods, and the customer completes the rest of the process. We typically complete this task in two days. For larger organizations that have a lot of departments and branches, the deployment can take up to 15 days.

SentinelOne Singularity Complete is cheaper than CrowdStrike but more expensive than any traditional anti-virus solution.

I would rate SentinelOne Singularity Complete eight out of ten.

The Ranger functionality is not that important because it is optional, and most customers already have a solution for understanding their environment.

I would say that 90 percent of SentinelOne Singularity Complete is a quality product with only ten percent with room for improvement.

SentinelOne will not sell to organizations with fewer than 100 endpoints. Most of our clients are mid- to enterprise-level.

Maintenance is required, but the SentinelOne team maintains the cloud deployments, so we don't need to worry about it. The endpoint agents must be upgraded whenever an upgrade is available or when we have to fine-tune policies for customers to reduce false positives. One IT support person can handle any maintenance for the endpoints.

I suggest always doing a POC. If the customer is currently using traditional antivirus technology, they may not understand EDD, EPP, or EDR technology. Therefore, I always recommend a POC to help the customer understand these technologies. Customers should never implement an endpoint solution without a POC, because we don't know what endpoints are running on their system or how compatible the new solution will be with other endpoints. For example, if we are implementing a DLP solution, we should ask for a POC with all available agents, or we can deploy a test machine to understand the solution before implementing it in production.

We replaced McAfee's endpoint security with SentinelOne. The vendors we deal with recommended this product, and we had some issues with McAfee, so we decided to switch. It is used for detection, however, detection is very rare.

The solution is easy to configure. How it detects threats is modern.

It's been pretty good. I have no complaints. It's been working very well.

I like the way that this product works. It doesn't rely on the data file. It checks the behavior of the process to prevent virus or phishing attempts from there.

I like the way it detects threats. It's based on the heavy behavior, not just based on the signatures, and it downloads from a central repository.

I really like how you manage the endpoints. Their web portal is really nice. I can do everything through the web portal. I can see all the endpoints. I can upgrade them from there. And gives me a nice list of what software is installed on the endpoint as well. The solution will give me recommendations if there are any security vulnerabilities, for example, if the software is missing a patch or something like that. The deep visibility feature is great. If there's an incident, I can deep dive into the incident to see where it's coming from and how it affects the endpoints.

The interoperability with other SentinelOne solutions or third-party applications and tools has been pretty good. We haven't had major issues.

While I'm not sure if the solution helps us with consolidation, their product does improve our overall security posture. We basically just use it as endpoint security. We're not using other products from them altogether. However, this is doing a great job of protecting us.

It has helped to reduce any of our alerts. Ever since we had this product implemented we've had fewer alerts. We had less user involvement as well. Where McAfee used to interfere with the user's daily productivity, SentinelOne does not. That's another thing I'm pretty happy about.

With this product, we can free up our staff for other projects, assignments, and tasks. It's reduced disruption for our users. Therefore, our help desk doesn't have to do as many tickets as when we were with McAfee.

Our mean time to respond to threats is definitely better. If there's anything happening, we get alerts right away via email. McAfee was not instant. We know about threats sooner and we have more time to respond to them.

Singularity helped our organization to save on costs. There's less maintenance compared to McAfee. The price is similar; there's not a big difference. However, we do save time and that translates to money.

Our organizational risk has been reduced. It's a much better product compared with what we had. If there are any security vulnerabilities, if there's any patch needed, or if there's any known security threat that I should be aware of, I get notified fast.

The quality and maturity of the product are very good. Customers seem happy with them. I'm also happy with the product and its capabilities.

In the beginning, we had some issues with their product on some of the Windows 32-bit operating systems. However, that was only on a special group of computers as we have our own special software. Other than that, for other computers and servers, we had no issue at all.

The web portal needs improvement. Sometimes when I go on their web portal and put in the username and password, and then all of a sudden, it says that the web interface has been refreshed. You have to put in the username and password again. It's very minor. Other than that, there isn't anything else I can see.

I've used the solution for proabably over a year.

Stability-wise, it's very good. I've had no issues at all and I never get complaints from users.

Scaling should be pretty easy. You just push out the agent. That's it. There's a group policy on the web portal and there's not much to manage.

When I ran into the Windows 32-bit issues, I contacted support. I've also contacted them here or there for a few issues. They are responsive and knowledgeable. I have no complaints.

We used McAfee and found how it looked at threats was old school. We wanted to explore new solutions and technologies. A vendor recommended this solution and when we looked at it we found all users are pretty happy with them.

The deployment was good. We have agents installed on all endpoints. The management portal has a nice interface. We can do everything we need to do from there, which is nice.

I was involved in the deployment. It was pretty straightforward. You just install the agents and make sure the policy is correct based on the servers or the usage of the endpoint. We only ran into an issue around a 32-bit Windows software system, however, it wasn't anything major. I mostly handled the implementation myself.

There isn't much maintenance needed. You just need to do version updates.

I worked with the company that got us the license. We worked together to get the implementation done.

The price is pretty good. It is reasonable. It's one of the reasons we went with them. Palo Alto, in comparison, was pretty expensive. The price of Cylance was reasonable and somewhere in the middle, however, SentinelOne feature-wise gave us everything we needed for a good price.

We did look at other options. We looked at CrowdStrike, for example. We also looked at Palo Alto. They had something similar in terms of endpoint security, In the end, we chose SentinelOne.

I'm a customer and end-user.

We do not use the Ranger functionality. I know it is available, however, it is an extra cost.

In terms of the solution's ability to be innovative, I've only used McAfee and SentinelOne. I can't really say how it compares with Cloudstrike or Proofpoint. That said, compared to McAfee, it can detect threats based on user behavior and not just definitions. It helps monitor software for potential security issues. It's really nice and works very well.

I would recommend the solution to others.

They make a good strategic partner in terms of security. Their product is the last line of defense for security breaches, and having a good, reliable product on all endpoints is very important to our organization.

I'd rate the solution nine out of ten overall. The ability to detect threats and the deep visibility on the endpoints is great. I like that it alerts you to patching requirements. It's great that, if a threat appears, we can drill down and see exactly what's going on.

We utilize SentinelOne Singularity Complete as our EDR. The solution has replaced our previous solutions, Trend Micro and Symantec antivirus.

The Symantec agent we had before would require almost a reboot every time you would make a change, an agent update, or even sometimes in definitions. None of them were as comprehensive as SentinelOne Singularity Complete regarding threat detection and response. I don't believe any of them had any of the rollback features that are available through SentinelOne.

Overall, having more coverage and confidence in our antivirus is part of our decision to choose SentinelOne Singularity Complete. The other consideration was cost. We were going to upgrade to a more comprehensive threat protection solution either way. We were also looking at CrowdStrike then, and SentinelOne beat it by pricing while offering the protection we were looking for.

The solution's in-place upgrades have been very helpful. Another valuable feature is the ability to set policy exclusions on different scope levels, such as at the site or across all sites. Having the API access and documentation for the API is very valuable. If we needed a feature that didn't already exist in the SentinelOne console, we could cook it up ourselves and have it run whenever we wanted.

I feel like SentinelOne is very locked away from being able to be sold to smaller businesses to self-manage. We did have to jump through a lot of hoops to purchase SentinelOne and have control over it because, most of the time, you're forced to go through a reseller. In our experience, the reseller also wanted to manage it for us.

Unless it's a managed detection and response, that's not adding as much value as adding access outside of our organization that we may not necessarily want. The ability to have more direct purchasing for smaller groups and smaller businesses would be great. However, I understand if that's not part of what SentinelOne wants and is not lucrative for their bottom line.

I have been using SentinelOne Singularity Complete since June 2021.

My only issue with the solution's technical support so far is that we can only communicate via email tickets, not phone calls. However, we've still been able to resolve the majority of issues. Their response time is pretty fair. I wish there were more abilities to conduct a remote session because there are a lot of situations where I will have to get walked through some instructions.

Then I have to give feedback saying that an instruction is unavailable, or I can't do this because this device is in this situation or this mode. There may have to be three or four back-and-forth messages before we can proceed to the next step because it isn't an interactive remote session. It is just email communications with a delay every time, which adds to some frustration.

Suppose there's something that's concerning to us that we really wanted to make sure wasn't a false negative as a threat. While we were worried about it, we would just have to wait for responses and be unable to communicate with anybody.

SentinelOne Singularity Complete's initial setup is straightforward.

We did not use an integrator, reseller, or consultant for the solution's deployment. I have had some experience with SentinelOne in the past. We just read through some of the documentation and asked a couple of questions. There was also some information on what other administrators have done to implement the solution.

That has worked well, and things have been pretty smooth sailing since the implementation. I've been pretty happy in that regard, and it wasn't a big pain to replace our existing antivirus solution. Two other guys were involved in the solution's deployment, but I was heading up the task.

We have not seen a return on investment with SentinelOne Singularity Complete because we have not used it. It has just added costs for us that we're not taking advantage of.

SentinelOne Singularity Complete's pricing is not terrible. It's not enough to make us want to move away from using SentinelOne. The solution's pricing is not too bad for what it's offering, like the documentation that comes with it. I feel like it should be an optional add-on for people who may not be using things to integrate or may not want to integrate things.

We have used very little of SentinelOne Singularity Complete's interoperability with other solutions. It has looked like it has been nice because we have been scoping out the use of a managed detection and response and have SentinelOne Singularity Complete plugin with other solutions for log output. There hasn't really been anything we wanted to use that SentinelOne was incompatible with.

I believe SentinelOne Singularity Complete is very capable of ingesting and correlating across our security solutions. I don't think I've seen any solutions that would necessarily outperform it. It's done everything that we've needed it to. Again, we have not used it extensively.

SentinelOne Singularity Complete has not helped us consolidate our security solutions, but that's our choice. We like going into the console and seeing everything within there and the dashboards we already have access to.

I can't say that I think SentinelOne Singularity Complete has helped reduce alerts. We would like to use SentinelOne to correlate our alerts so we're getting alerts from multiple different areas to see what matches up there. Currently, we still have an ad hoc solution where we're looking at different sources for that information because we don't have it all trusting each other yet.

Overall, for supply chain attacks, we're hesitant to give access to other products to our SentinelOne. We just don't want to put all our eggs in one basket, but that's more of a mindset problem than a functionality problem.

SentinelOne Singularity Complete has helped free up our staff for other projects. The solution's automation functionality, notifications, alerts, additions with its API, and custom tools to do what we want have helped me not to have to go in and manually check for things. For example, SentinelOne says they do not need to do static file scans other than when you first install the agent.

Our compliance requires that we still have static agent scans on a regular basis, preferably daily. You can launch those from within the console, but it's not viable for me to log in to the console daily and initiate that. Since there's no ability to schedule that in the future, that was best done with the API script that runs automatically and can give us feedback on how it went.

I believe SentinelOne Singularity Complete has helped reduce our organization's mean time to detect. We get some good context within there of what the threat was. Most of the time, it has pretty good notes regarding what it got flagged for if it's behavior-based, but some static file threats don't show the indicators.

We do not know what to do with some threats or understand what it is. We've been told we would need to get the SentinelOne vigilance or managed detection and response to fill that gap. We have been looking at managed detection and response but haven't put it in place yet.

SentinelOne Singularity Complete has helped reduce our organization's mean time to respond from our previous antivirus solutions. The solution gave us some more context than we had and also the ability to isolate each endpoint. If an endpoint looks scary and we don't know what it's doing exactly, we can cut off all of its internet access except SentinelOne until we feel it's a clean endpoint. SentinelOne Singularity Complete has helped reduce our mean time to respond by 20 minutes.

Singularity Complete has helped reduce our organizational risk. There have been multiple things that could have potentially been an incident, and they were stopped in their tracks by the solution. For that, we've been able to demonstrate the solution's value to our leadership in terms of keeping it.

SentinelOne Singularity Complete has not helped our organization save on its costs. SentinelOne Singularity Complete isn't optional and was forced onto us from the licensing. We didn't really get a choice on whether we wanted those extra features, but we had to pay for the SentinelOne Singularity Complete add-on, which is just a blanket cost.

If it was up to us, we might not have chosen it, but it was not. We don't use many of the features, and many of the things we like are within the basic SentinelOne license.

We earlier used SentinelOne Complete, and then we used SentinelOne Complete with Singularity. There hasn't been a great improvement since we've done that. We haven't used many of its features or had any guidance on recommendations that would be helpful to put into place without having to buy anything else.

Most of the time, if we wanted to use anything in the marketplace, we would have to start paying for something we don't already have or integrate with something we aren't using.

I would say SentinelOne Singularity Complete is pretty mature, and there's a good amount of documentation of details. I would say it's much more mature right now than a year and a half ago when it was introduced. I looked into it then and said there's nothing that looks useful to us here.

Now, there are actually many more applications and things to integrate with it that we didn't have access to before. We're still not using a lot of it. As far as recommending it to somebody else or another company, I am confident that it will plug into all the major utilities and tools you may want.

SentinelOne Singularity Complete requires maintenance, but it's not bad. We need to go into the console and initiate updates for select devices when there are updates available. We need to ensure that we stay within supported and not end-of-life releases of SentinelOne. After those select devices have been tested out and we know there are not many issues with them, I will go ahead and release those to all the other devices we manage in the rolling phases.

That's not too much work. I would not classify it as maintenance, but when detection comes up while using the platform, that works well when we need to check that out. We haven't necessarily caught something that needed to be caught.

I am impressed with what they're doing both for detections for our endpoints and also for the security world at large. A while back, they headed up some of the investigations and publications about the supply chain attack for 3CX software, which was something that we had used and were impacted by. However, thanks to SentinelOne, we did not have any fallout from that attack.

Overall, I rate SentinelOne Singularity Complete an eight out of ten.

My company leverages SentinelOne Vigilance and SentinelOne Singularity Complete for managed SOC.

SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool, with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment.

SentinelOne Vigilance is one of the feature sets of SentinelOne Singularity Complete as a whole, and my company found SentinelOne Singularity Complete a little bit easier to use and flexible; plus, it had several feature sets.

I've not been using SentinelOne Singularity Complete for a long time to have a lot of feedback on its areas for improvement, as my team is still learning the tool, but what comes to mind is the need for it to give more straightforward directions or communication about detection or what has been detected.

We officially deployed SentinelOne Singularity Complete, including its feature set SentinelOne Vigilance, about three months ago.

SentinelOne Singularity Complete has been very stable, so it's an eight out of ten for me, stability-wise.

SentinelOne Singularity Complete is a scalable solution, which is one of the reasons why my company uses it.

I found the technical support for SentinelOne Singularity Complete excellent, especially in terms of communication. Support is nine out of ten for me.

We previously used Atos as our SIEM tool and wanted to replace it with a newer technology, so we're now using SentinelOne Singularity Complete.

I'm involved in deploying SentinelOne Singularity Complete, and I found the process straightforward. My company is still going through with the deployment because of the ninety-day deployment model.

I have people in my team assisting with SentinelOne Singularity Complete implementation.

I've seen ROI from SentinelOne Singularity Complete within a month after deploying the solution, mainly after my company started getting different alerts, which I was happy about.

I found the pricing for SentinelOne Singularity Complete reasonable, which is one of the reasons my company went with it.

SentinelOne Singularity Complete requires just a little bit of maintenance, as my team has to update agents and do some finetuning, but not too much.

My rating for SentinelOne Singularity Complete as a solution is eight out of ten.

My advice to people looking into using SentinelOne Singularity Complete is to ask for sample reports and processes to understand how SentinelOne would let you do it.

The company I work with is a SentinelOne customer.