How has it helped my organization?
Before it was a challenge for us to know who had an existing endpoint issue or who had the most attacks within the corporate network. Since SentinelOne was introduced, it has provided overall endpoint status visibility for us. Giving us the ability to easily pinpoint endpoints which had the most attacks and respond at a faster rate.
What is most valuable?
SentinelOne’s Rollback is its best feature. No solution can ever provide a 100% protection, but their rollback feature closes this gap in endpoint security giving end users a ray of hope in the event of a worst case scenario endpoint breach, especially in ransomware attacks.
What needs improvement?
They need to improve their UI and the way they show that the scanning is running on the endpoint. Sometimes users wanted to see whether their AV is working via visual context.
They could add “right click>scan” where most users were trained to do so in handling flash drives.
Also, add remote code execution via the management console, application control, device control, and all other common features found on the legacy antiviruses. This would help administrators to fully shift from legacy to Next Gen EPP without sacrificing usable features.
What do I think about the stability of the solution?
There have been a few cases where the agent cannot report to the management console, thus this requires a manual restart of the agent via a command prompt.
What do I think about the scalability of the solution?
There are no problems with scalability, I could say that the product is easily scalable, since it is not limited to a physical server.
How are customer service and technical support?
The technical support is quick and very helpful. They often response within the day or by the next business day.
Which solution did I use previously and why did I switch?
As of now, SentinelOne still serves as an augmentation for our existing AV, but some of our devices are now using it as their sole endpoint protection.
How was the initial setup?
The setup is very easy and straightforward. It is just like installing an ordinary program and it automatically reports back to the management console.
What's my experience with pricing, setup cost, and licensing?
The price for it is very competitive compared to other Next Gen EPP. You can really get a great value for it when it is integrated with EDR.
Which other solutions did I evaluate?
No, since we already had experience with other products. As of today, we have tested one of its competitor using AI, but their overall protection still cannot be compared to how SentinelOne protects your endpoint.
What other advice do I have?
They have an impressive product.
Understand how endpoint protection technologies work, since they do not rely on signature databases anymore. Also, follow deployment guidelines, such as initially deploying it in their production environment using a monitor only policy and giving the agents maturity of at least one to two weeks to allow the management console to build a solid behavior base for their environment.