We use it mainly for EDR, alert handling, and development. It's a detection and response tool. It is mainly for protecting endpoints and having response capabilities. We use it as the one endpoint solution for all departments and all operating systems.

We get a lot of data from SentinelOne about threats, and obviously that helps protect the organization.

It helps reduce alerts because it can correlate the data. It doesn't just depend on hashes. It can see the behaviors, and that helps a lot to reduce alerts. Compared to our previous tool, it is detecting 20 to 30 percent fewer false alerts.

In addition, because it has real-time detection, it helps decrease our MTTR. Within seconds, we'll get the data. And for mean time to respond, we need to collect the data, and most of it is available. So it takes us five to 10 minutes to respond after detection.

For our organization, security is very important. If a solution is protecting us, it is like saving money. With SentinelOne's features and the fact that it is in the cloud, that makes it cheaper. As an EDR tool—the best one—it helps to reduce risk; in our organization by 30 to 40 percent.

They provide a map, a process tree, and that is pretty good for analysis.

Also, it can be integrated with third-party threat intelligence tools. From that perspective, it's good. And we can ingest SentinelOne data into Splunk and correlate and provide analysis on that.

It gets data from all the endpoints, and we'll have that in a centralized place, and we can track those cases to detect the threats. It helps protect the organization in that way.

And Ranger provides network and asset visibility. We have network-level data visibility, as well as endpoint data and application layer data. It has a good feature to collect all the domains that are initiated. That helps us see if there are any malicious connections on the machines. And it's simple because Ranger requires no new agents, hardware, or network changes.

They could add more visibility on the network side. That is currently done via a plugin.

Also, it would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations.

I have been working with SentinelOne Singularity Complete for about one and a half years.

It is a stable solution and it is growing.

It can be extended in the cloud, so the scalability is a 9 out of ten.

The tech support is really good. We get responses on time, as defined in the SLAs.

The SentinelOne team helps with the implementation, and as it is a cloud SaaS application, we didn't have to do much. They have pretty well-defined documentation, and it is straightforward. And similarly, the maintenance is taken care of by the vendor.

We are seeing ROI because we are securing and protecting the company and, obviously, protecting its money as well. As an EDR, it's doing a good job of protecting the endpoints.

It is comparatively cheap in the market and provides a good price point.

In terms of maturity, SentinelOne is a good tool.

It can be used in any department in an environment with Windows, Linux, and Mac machines.

Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.

The use case varies based on the customers' requirements and specific needs.

The solution's Ranger functionality offers network visibility and a defined set of capabilities, particularly in terms of discovering and understanding network structures.

The fact that Ranger doesn't necessitate new agents, hardware, or network modifications is a crucial aspect for us. It stands out as one of the primary selling points, especially considering the intermittent nature of changes like those affecting CPO.

With the increasing prevalence of remote processes and a shift towards cloud architectures like SASE or SSE, moving towards a single vendor for security purposes could simplify the overall process. It aided in minimizing alerts, primarily due to the behavioral analytics component, which reduces a significant amount of noise.

It contributed to time savings for our team, particularly for the projects and tasks I predominantly handled on my own.

The solution contributed to a decrease in our organization's time to detect incidents and respond to incidents. It aided the organization in cost savings and it contributed to a reduction in our organizational risk.

One of the most valuable features resides on the endpoint, with the rollback functionality standing out as particularly noteworthy. It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness.

The capability to ingest and correlate data across our security solutions stands out as one of the strongest features. It excels in connecting incidents to create a coherent storyline.

Improvement seems necessary, especially with the focus on enhanced support. This is particularly crucial in the analytics domain, where the existing agent falls short in comprehensive performance. Additionally, there's room for enhancement in the mobile element. Although it's in their pipeline, the current state is not optimal, especially when considering the need to install it on people's phones.

I have been using it for a year.

The stability is straightforward and solid. It's notably uncomplicated and easily manageable.

The scalability is excellent, with a high degree of flexibility and ease.

Mostly, we handled the support aspect for our clients. However, among the vendors, it's notable for being quite strong in terms of support. I would rate it eight out of ten.

The initial setup was straightforward.

When it comes to deploying the agent across machines within the environment, it's a relatively straightforward process, akin to pushing it through the system's processor. The implementation strategy is contingent on the specific cluster, taking into account factors like the proof of concept and the desired objectives. In our case, we managed the implementation independently, involving only a few people. The deployment model is highly variable and depends on the customer's preferences. They typically communicate their preferences to us, and we adapt accordingly. Some opt for in-house hosting, while others prefer a cloud-based approach. It doesn't require maintenance.

The pricing is on the higher end, making it less suitable for small or medium-sized businesses and perhaps not the ideal fit for the public sector where budget constraints may be more pronounced. I would recommend it more as an enterprise-level product.

SentinelOne Singularity Complete was selected from a range of different providers, evaluated against other companies, and then analyzed to be the chosen product for our managed service. The capacity for innovation, ease of deployment, and streamlined management set it apart from other solutions. Additionally, its leading capability to correlate incidents into a cohesive storyline is a noteworthy aspect.

As a partner, I find them to be highly effective, especially since they are increasingly focusing on the enterprise market. Overall, I would rate it nine out of ten.

We use the solution for endpoint threat detection.

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI.

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening.

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end.

I have been using the product for a year.

I have not used support yet, which is a good thing.

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation.

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario.

The product has reduced our organizational risk. Any tool designed around security mitigates risk.

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people.

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI.

I rate it an eight out of ten.

I use the solution for EDR. We're in the process of deploying so log collection will be a use case later on.

We are certain it will improve our organization later on because today our cloud has limited AD and zero EDR. SentinelOne is replacing our current legacy and we're also getting the EDR functionality.

The tool's most valuable feature is EDR.

I have been using the product for two months.

I rate Singularity Cloud Workload Security's stability a four out of ten.

I rate the solution's scalability a four out of five.

We chose Singularity Cloud Workload Security because our team wanted a cloud-native solution instead of a legacy.

The tool's deployment is not complex. Our team got complex information, which made it complex.

SentinelOne's team helped us with the deployment. We had an awesome experience working with them. There were some miscommunications also.

The product is reasonably priced.

I rate Singularity Cloud Workload Security an eight out of ten.

We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.

I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.

I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.

Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.

Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.

SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.

I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.

The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.

Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.

I have been using this solution for between two and three years.

Its stability is excellent.

Its scalability is excellent.

I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others.

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start.

There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.

We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.

Overall, I would rate Singularity Complete a nine out of ten.

SentinelOne Singularity Complete has improved our security stack. You don't have to worry about monitoring 24/7.

The tool's most valuable feature is Vigilance Respond Pro monitoring. You don't have to have a dedicated SOC and worry about staffing.

I don't like switching the way you switch from legacy to XDR.

I have been using SentinelOne Singularity Complete since March 2023.

SentinelOne Singularity Complete is stable.

The product is scalable.

A reseller consultant helped us with the tool's implementation. Our experience was good.

SentinelOne Singularity Complete has freed up my staff's time and helped them focus on other tasks.

The product's interoperability with other SentinelOne solutions and third-party tools is good.

The solution has reduced our organizational risk. We have faster responses to incidents.

SentinelOne Singularity Complete is a mature and solid product. I like the standard EDR capabilities.

I rate it a nine out of ten.

It is our primary software platform for endpoint detection and response and vulnerabilities.

Our overall fleet posture and our security have increased a lot. It is much easier to get the agents out onto machines no matter what their operating system is, and it gives equitable reports back no matter what our platform is.

So far, it is one of the most interoperable applications and platforms that I have seen. There is the ease of bringing things in with the marketplace and the willingness of the company itself to work with you to help you address anything that they do not currently have.

Singularity Complete has helped free up our staff for other projects and tasks. Being new in the department for a year and a half, I am not the one to say how much time it has saved, but it has made my life easier by several hours a week. It gives me a straight line and a story for what I am looking for, so I can quickly identify whether something is to be expected and just a false positive or if it is actually a problem. Usually, when it is a problem, SentinelOne would have already mitigated it.

Singularity Complete has absolutely helped reduce alerts. It has drastically reduced alerts across the board. There is a 40% to 60% reduction. This reduction is because it is tunable. It is very tunable, and you can tweak it to meet your needs where you are not just stuck with what a manufacturer or a software developer said in terms of the alerting that you are going to get.

Singularity Complete has definitely helped reduce our organizational risk. Our risk score has gone down by 15% to 20%. We have better coverage and better insight into what is being covered.

Singularity Complete has probably saved us costs. I do not have enough insight into those budget numbers, but they keep adding things to it, so my guess is that it has saved us costs.

SentinelOne is one of our most important partners. The help that we get from their engineers, success team, and support really and truly has been unparalleled.

I am going to be a little biased because I am a Mac guy. I have been a Mac guy for twenty years, and the feature parity and the capabilities of a Macintosh agent are unparalleled in the industry. It is the first anti-malware and antivirus that does not make you feel that you bought the wrong processor. It is really good and lightweight.

It seems like they are doing a lot with their automatic updates. They can maybe slow down the actual release cycle to make it easier to deploy the most recent and then do it using the live update. They can continue to work on that because trying to get agent changes through change management platforms and get approvals and testing can be quite difficult.

I have been using Singularity Complete for three years.

I am blown away by their support. Every time I reach out to my customer service manager, they are returning questions after hours. You do not see that from a lot of companies. I would rate their support a 10 out of 10.

We were not officially using a similar solution. We had other products that we were using, but we did not have a full solution like SentinelOne. We were using multiple things. One of them was McAfee. We switched because they got bought by Trellix, and nobody knew what was going to happen with them. That was our most recent one and what I am most experienced with.

I was involved in its initial deployment. I packaged the Jamf mobile device management installation package for our Macs. As far as security products go, it was the easiest one. The instructions were great. They were aligned with the vendor, which is something not common. Usually, it is like, "Here is what you have to do with your vendor." SentinelOne took that extra step, and it deployed right out of the box.

We have on-premises, public cloud, and private cloud deployment. Our cloud provider is primarily AWS, but we also have a little bit with Google and Mandiant, so we have a hybrid cloud. We are in the middle of a migration. The cloud is fairly new for us, and securing it has been a priority.

We have our deployment segregated on endpoint types, but our entire organization has it.

We did it directly on our own. We rolled it out very quickly. We had been dealing with McAfee before it, so this was like a breath of fresh air.

We had two or three people working on it, so it went out very smoothly.

I believe we have seen an ROI. If nothing else, the investment that they are making, as analysts, engineers, and architects, we feel that we can get more done in SentinelOne and have a better stance overall for our organization.

They evaluated a lot, but that was before I was in the department, so I do not know exactly which ones they did.

I would advise listening to your sales engineers and letting them give you ideas because SentinelOne can do things that you have no idea about.

For next-generation platforms, it is at the top of what is a small stack right now, and that puts them ahead of a lot of other people.

I would rate it a 10 out of 10. It has been fantastic for us.

We are an MSSP.

First of all, it helps us with a better response to the end users. Customers are depending on us to make sure we are making the right call, and then we are leaning on SentinelOne to make sure they are giving us the right call by giving us the right tools.

Singularity Complete has absolutely helped free up our staff for other projects and tasks. The amount of time that we are spending doing work that does not keep us on target is just a waste of time. The more it reduces that noise, the better it is for us and our customers. We have been using it long enough, so it is hard to tell how much time it has saved, but we feel that we have a better solution than most of the competitors that we are dealing with.

Singularity Complete has helped reduce alerts over time. We do not have a lot of the frustrations that some of our competitors do, which is our advantage. We have been using it for so long, so we do not have much to compare it to in terms of alert reduction. We are also partners with a competitor. We had to do that for a contract, and we get a lot of false positive noise coming out of that one.

Singularity Complete has helped reduce our organizational risk, but because we have been with it for so long, it is hard to compare it to others.

Singularity Complete helps us save on costs. We continue to get more volume, reduce our costs, and reduce our waste of time, but it is hard to compare the cost savings because we have been using it for so long. We have smooth operations, and we are just keeping it going. We are enjoying all the added features.

SentinelOne is our main strategic partner when it comes to the protection of our customer's data. We have not had a bad incident, and with the reputation that SentinelOne has in the vertical we deal with, it is the gold standard. We start with that, and then we are viewed as more of a serious partner than some of the lesser products that are out there.

In terms of Singularity Complete’s interoperability with other SentinelOne solutions and other third-party tools, we are an MSSP, so we have to deal with a lot of other tools. The integrations are huge for us. It sounds nice to say this is the only solution and you have to use x tools, but it does not work in the real world, so you have to have those integrations.

The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise. There is just so much noise. It brings us the information we need to look at quickly.

The improvement could be in terms of reducing more noise and continuing to cut that down. AI seems to be the big thing with Purple. We are excited to get our hands on that.

I have been using Singularity Complete since its inception. It was probably 2016.

Its stability is fantastic. We have no problems.

We have not hit the top end. We are probably running 10,000 agents and have not seen any degradation in the portal.

Their support is very good. We have not had anything come up against that, and our staff has learned to depend on SentinelOne, which, as management, is a little uneasy because we are operating without a net besides SentinelOne in some cases. What we are paying for it is worth it. There is this peace of mind. I would rate their support a ten out of ten.

Years ago, we were probably running four to five solutions, but then we kept comparing it with them. We were like, "This is the noise we are getting from X. Let us load SentinelOne." The noise reduced with SentinelOne. That proof of concept worked for us.

We currently have an agreement with a competitor where we have to pick up the remaining part of their contract. That is not a place where we are going to increase our expenditure, but we are waiting for that contract to come to an end. The customer knows SentinelOne, but they are tied into another solution till the end or mid of 2024. We are just waiting for that. What makes SentinelOne Singularity Complete different from others for us is the peace of mind. We know we are covered, and we feel that we are covered. Anytime we have had an incident or event, they have always been there for us. They have responded quickly, and we have not had any flashbacks or second attempts at it. Usually, we could stop it the first time, and that has worked for us in all the years we have been with SentinelOne.

It is easier now than it was back then. We deploy it every month on somebody new. We have enjoyed that.

Just yesterday, we had a customer convert from a separate partner to us, and that migration from company to company within SentinelOne was flawless. It was just us doing the migration. We have been there for so long, so we just bring it straight across. The process is very straightforward and easy. This partner of SentinelOne was going to uninstall the agents, and I paused them and asked them to just transfer. They had never gone through that before. We took that over and moved all the agents over without any loss of coverage to the actual customer.

For deployments, we have a staff of 40, but onboarding is a no-brainer.

We have seen an ROI. It is a very profitable investment for us. SentinelOne is very valuable, and with our price being lower than the expectations gives us a great margin.

We have not been beaten in the market by pricing, so we have been feeling good about that. The discussions we have had over the years keep us at a very low price per unit. It can always get better, but we also know there is a cost to the backend.

To someone who is researching Singularity Complete, I would say that you can read all the information, but the proof is in the actual work and the history that it has so far. We have got no complaints about the quality and maturity of this solution.

Make sure you are comparing it to whatever you have because that gives you comparative data. If you walk in, sometimes, you do not know you are getting the best of breed right there.

It is a ten out of ten for me, and it gives me peace of mind.