I'm a customer and end-user.

I haven't really done any third-party tools. I've looked into their Identity tool which is one of the newer offerings that they have. It's a very nice offering. It is rather expensive. That said, it is very nice to be able to see Active Directory all in one pane of glass. Honestly, the hardest thing about my job as a security professional is having all these different tools so the more I can see everything in one area, the better it is.

The quality and maturity are important. The company is relatively new in the space, however, they are pretty mature in the market and pretty well-respected. 

SentinelOne is a great strategic partner. I can't see myself doing security without them at this point. They are one of the backbones of my security platform. They were the first pieces even before I bought Cisco Duo or Meraki. 

I'm excited to see where this will be in the next ten years. I can just see this platform just going crazy. I would love to see maybe a little bit more focus. We have to deal with a lot of sensitive equipment that run specific jobs and I love how SentinelOne, and specifically Ranger, is very passive in its ability. It complements our OT. I would love to see some way of getting away from the super expensive platforms of Tenable and bringing in some of these functions that Tenable offers from a scanning platform fully into SentinelOne in the future.

I'd rate the solution nine out of ten.

This is a best-in-breed solution. If you're looking at anything in comparison, do your due diligence, do proof of concept between whatever companies you're looking into. However, SentinelOne is the best-in-breed.

I rate SentinelOne 10. It's an excellent next-gen AV with none of the signature-update nonsense. It'll kill anything that does something bad, which sometimes is an Adobe product, etc. False positives are expected in that situation, but it's not a problem.

If you're considering SentinelOne, devote time, money, and staff to a thorough proof of concept. If you don't test your use cases, You will regret it. Just assume it's going to be an exit project to do an endpoint security selection. Ignore Gartner's and the press. Don't pay attention to the big analysts. Read the peer reviews and the community feedback. 

Do the heavy lifting with a proof of concept. If you think you're spending too much time on it, you're probably not spending enough. It's so important. Treat picking a product like you would any other big project.

I haven't used the solution in conjunction with any other third-party solutions and can't speak to its integration capabilities. We will do that, we just haven't yet.

The solution hasn't freed up any time. It's the same as our old solution. 

So far, it has not changed our mean time to detect. However, I have not seen a true positive yet. I would need to see a real threat come into my environment yet. This is true with the mean time to respond. The process is exactly the same. I have it configured so that if anything is critical, I get real-time alerts. 

I'd advise new users to hone in on the subject matter experts and grill them during the POC. We were so accustomed to doing workflows a certain way, it was almost like how we had to learn how to walk again when we switched solutions. 

I haven't seen Sentinel One's innovation just yet. We have asked for adjustments or features. We're going through a feature request platform and I have yet to see them implement a feature we requested. My previous vendor, Trend Micro, was very willing to implement changes.

You can't just take it back if you don't like it. It's here to stay. There's no going back to the previous vendor. We need to make it work. We want to stay with them at least a good while.

I'd rate the solution eight out of ten.

I would advise new users to understand what workflows they are accustomed to and how their current setup works so that they can ask a lot of questions during the POC. It's important to fully understand Sentinel One's logic to be successful.

The organization I'm working for doesn't use the Ranger function of SentinelOne Singularity Complete. It uses a homegrown solution for network visibility.

I don't believe SentinelOne Singularity Complete has helped reduce alerts within the company, and it's not because it can't but because the SOAR solution handles the alerts and sends the alerts. Still, there is potential to improve the process.

I've not observed cost reduction or money saved from SentinelOne Singularity Complete just because it's such a small aspect in the grand scheme of things. It's tough to put a number on that.

Many people were involved in deploying SentinelOne Singularity Complete for the organization.

I'm the one maintaining the solution, and for my organization, in terms of scale, one person is sufficient to maintain SentinelOne Singularity Complete.

The solution is deployed on three thousand endpoints worldwide on both MacOS and Windows machines, along with an agent on the servers.

I advise others looking into implementing SentinelOne Singularity Complete to be prepared to work with the SentinelOne support team. Implementation is not hard to do, but the support team is there to help with much of the work and is happy to help. My standard advice is to ensure you're also checking out other providers. Just because the solution works for my organization, it doesn't mean it will work for yours. You have to find a solution that checks all the boxes for your organization.

I would rate SentinelOne Singularity Complete as eight out of ten.

From a quality standpoint, if you are willing to take the time to implement it and implement it well, it is a fantastic product. It is a massive part of our security posture. If you are looking to switch, doing a proof of concept will probably be good enough to make you realize the value it has. Sometimes, in the demos from vendors, you see the kind of things happening that are supposed to happen. It is, of course, going to block them, but during our proof of concept, we threw in different scenarios at it, and it handled every single one pretty flawlessly. That is a big part of why we ended up choosing it.

If you were a company that has legacy devices, it is a no-brainer as far as EDR solutions are concerned. If you are looking forward to an EDR solution in general, and you do not have legacy devices, SentinelOne is incredibly competitive. It has a lot of great features. It is priced very competitively. Their support is great, and the tool works. It does take some fine-tuning, but the tool works very well.

As a strategic security partner, SentinelOne is always trying to get us to work with some of their partners as well. From an integration standpoint, it does give us some options going forward where if, for example, we wanted to use a mobile device solution, they do have some integration with them. If you are a part of their ecosystem and you have a tool that you are interested in, they will let you know whether they have a partner that they work with. They will let you know that they have this tool. It works so far, and if you have a question or something like that, they can get you acquainted, which I appreciate.

Overall, I would rate it a ten out of ten. It is probably my favorite security tool from the ones we have.

My company is mainly a cloud-based company. Very few solutions in the company have been deployed on-premises.

SentinelOne Singularity Complete is managed across different layers and all verticals, such as the web, firewall, etc.

Between two hundred to two thousand five hundred people use SentinelOne Singularity Complete within the company.

My rating for SentinelOne Singularity Complete overall is a nine out of ten. I don't give tens because there's always room for improvement, but the solution is pretty good.

It is a very good tool that is easy to deploy and manage. The administration over it is little to none. However, depending on the environment and whoever is trying to deploy the agents, they should test it with the vendor environment before they go and deploy it to production. The reason why is because SentinelOne has the ability to be tuned for optimization. So, it is better to understand what these optimizations would be before deploying them to production. That way, they will be more effective, and it will be easier to get buy-in from the DevOps team and the infrastructure team managing the servers, thus simplifying the process all around. Making the agents and configurations optimized for specific environments is key.

The Storyline feature has affected our SOC productivity. Though, we have yet to fully use the Storyline feature in a SOC. We are using it on a case-by-case basis. However, as we continue to deploy agents throughout our infrastructure and train our SOC to use the tool more effectively, that is when we will start using the Storyline feature a bit more. Currently, this is on our roadmap.

I am very familiar with the Ranger functionality, but we haven't implemented it yet for our environment. Ranger does not require any new agents nor hardware. That is a good feature and functionality, which is helpful. It can also create live, global asset inventories, which will be helpful for us. Unfortunately, we have not yet had an opportunity to roll that out and capture enough information from our infrastructure to be able to maximize the effectiveness of that functionality. We are still trying to get SentinelOne core services fully deployed in our environment.

Now that we have SentinelOne, we cannot go without it. 

Compared to other solutions in the market, I would rate it as 10 out of 10.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is a mature solution that takes care of most of our use cases for EDR and the Ranger functionality provides visibility into our network. SentinelOne Singularity Complete as a first line of defense gives us peace of mind.

No maintenance is required from our end.

SentinelOne is my go-to as a strategic security partner when it comes to anything EDR-related.

SentinelOne Singularity Complete is a great solution and I recommend it. SentinelOne Singularity Complete can easily be deployed in any environment and is cost-effective.

I'd rate the solution an eight out of ten.

I'd advise new users to do a proof of concept. That way, you get some time with the system before you deploy it into the environment and you can iron out issues. If you have 1,000 endpoints and only 1% of the issues that we ran into, it would still be significant and you'd want to deal with them head-on to make the full deployment easier. 

I rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete EDR and MDR endpoint agent is a fantastic product. We layer that with other solutions as opposed to only using SentinelOne Singularity Complete.

SentinelOne is undoubtedly a market leader, and I believe it offers a comprehensive and excellent solution. It is on par with other next-generation or AI-based antivirus solutions available in the marketplace.

Depending on the organization's current solution, if they are transitioning from a product like ESET, then the approach to antivirus will be completely different. If they are transitioning from CrowdStrike, I believe the change will be less significant. Testing needs to be conducted, but I anticipate that they can observe immediate value from SentinelOne Singularity Complete. Furthermore, I am confident that they can deploy it without significant concerns about increased risk. Personally, I have never been worried about introducing additional risk by using SentinelOne Singularity Complete.

In terms of Ranger, I've used it. I have not used it recently. I'm actually trying to get back into and play with that again.

Sentinel One is good as a strategic security partner. The platform is great and there are a lot of features. Using their managed service really does help. We can partner with them to provide that service to our customers. 

I'd rate the solution ten out of ten. 

I'd advise others considering the solution to get with a good MSP or MSSP. Users should try the complete version and all the features to find out about the entire system. Get the higher feature set and go down from there. I'd also advise at first new users get a good MSP to work through the initial installation process. 

I'm a partner.

To anyone using any of these MDR-type scenarios, one of the things they need to recognize with SentinelOne is that, only looking at SentinelOne telemetry, when it comes to the stock solution that they offer, it's not a true SOC. It is an internal SOC solution. That's why it's an MDR. So they're only looking at what their solution finds. If their solution finds ransomware and stops it, then you're only looking at that telemetry. That's why I offer an outside external stock since the external stock is looking at everything. If you have one device that has something on it or something with nothing on it, it's going to see it all. That's the big difference between an internal SOC as opposed to an external SOC.

I'd rate the solution ten out of ten. 

I would rate SentinelOne Singularity Complete seven out of ten.

I would rate SentinelOne Singularity Complete's ability to be innovative eight out of ten.

SentinelOne Singularity Complete has a mature GUI.

We deployed SentinelOne Singularity Complete in one of our client environments with 13,000 machines and 1,000 servers.

SentinelOne Singularity Complete maintenance consists of daily monitoring for updates and prioritizing policies and requires around five administrators.

SentinelOne is a good strategic partner.

SentinelOne Singularity Complete makes it easy to perform operations and investigations.

I would advise a couple of things. If you are using a reseller to buy this and install it for you, have a good reseller that you can call upon for support and help manage the project. The other thing that I would probably suggest is to negotiate your education up front and not after the fact. It does not come with a lot of training. They even charge for the online university, so you should probably negotiate that as a part of the negotiation process before you sign a deal. Other than that, it is good.

I would rate Singularity Complete a nine out of ten. For my use case, it is definitely a nine.

I rate SentinelOne Singularity a nine out of ten.

SentinelOne Singularity is a mature product.

Maintenance is necessary only when we are periodically carrying out updates.

Having a vendor like SentinelOne is crucial for a solid security strategy, as we aim for a product that seamlessly caters to both the IT department and end users. We intend to avoid exacerbating issues more than resolving them. Therefore, I believe SentinelOne is a suitable solution for us – easy to deploy and maintain on a daily basis.

I suggest trying out SentinelOne Singularity and comparing it to more traditional security vendors. SentinelOne Singularity offers a slightly distinct approach, but it's an effective method.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete has matured over the last two years and is a more complete product.

Moderate maintenance is required to keep up with the end users.

I do consider SentinelOne a partner. I do believe that their program is developing, but I wouldn't use them for all purposes everywhere. This is due to my mindset. Nonetheless, I do perceive that SentinelOne is increasingly becoming more of a partner.

I rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is a mature solution that offers a multitude of features and the potential to enhance security within an organization. This presents significant value for security professionals.

We have deployed SentinelOne Singularity Complete across multiple divisions, various business units, and numerous locations spanning Europe, the US, and Japan. As a global organization, Singularity Complete seamlessly integrates with any internet-enabled entity, providing robust agent support upon connection.

Two individuals are responsible for the maintenance tasks, which include updating agents, upgrading policies, and deploying packages.

Having SentinelOne as a strategic security partner is a positive development.

Before assessing Singularity Complete, we need to dedicate a substantial six-month period to thoroughly engage with the product. This entails working with it on a daily basis, comprehending its intricacies, and obtaining full administrative rights to explore and interact with all its features and functionalities.

I would advise listening to your sales engineers and letting them give you ideas because SentinelOne can do things that you have no idea about.

For next-generation platforms, it is at the top of what is a small stack right now, and that puts them ahead of a lot of other people.

I would rate it a 10 out of 10. It has been fantastic for us.

They also have this feature called Ranger. That one we don't have implemented. That's an extra fee, so we don't have it.

Overall, I'd rate the solution ten out of ten. It's been a pretty solid tool. 

I would probably recommend it over some of the other ones that I've seen only based on the ease of use. It does what it's supposed to do. It's been relatively fast and is also pretty complete from what we've seen. The product is not very difficult to learn.

I would rate SentinelOne Singularity Complete eight out of ten.

We just started using Ranger this week. So far, we've done small test use cases to see what our endpoints can communicate with. Ranger has identified a significant number of machines, including printers, other endpoints, and personal machines, which gives us a better understanding of our network security.

SentinelOne Singularity Complete has come a long way. I believe it used to be called Power Query or even Data Set at one time. We're currently using the Skylight portion of Singularity Complete, which is a newer addition. Compared to where it was, Singularity Complete is now leaps and bounds ahead. It's the product we use when we need a lot of raw data and the ability to customize what we're looking for in our environment. The wealth of information that we get from every endpoint with the Singularity Complete agent installed allows us to create a large number of custom rules and alerts. This saves us a lot of time, especially for our analysts, who no longer have to respond to as many false positive alerts. 

We have a maintenance process in place for our custom rules and alerting. We have a dedicated team of members who are responsible for maintaining these aspects, but overall, we have not encountered any major issues that have impacted our team. A lot of this maintenance does occur outside of office hours.

With SentinelOne Singularity Complete, experiment and use it to its fullest potential, even if a mistake is made. It is a robust platform, so causing any serious damage is unlikely. Some specific features to play around with include custom roles, alerting, fields, power queries, search queries, data retention, and customized displays for the analysts. Tailoring the platform to specific needs will help get the most out of it. Singularity Complete collects a lot of data, so make sure to parse and categorize it in the most efficient way for the organization.

There are some integrations that we could possibly use, but we haven't used any. There is one with KnowBe4 that we are looking to use.

As for maintenance, I don't have to do any in my role, but it does require some, such as upgrading versions.

If you're looking for a solution like SentinelOne, and you're looking to get an eyes-on-glass approach for your endpoint devices and your vulnerability management program, this could be one of your top solutions. Overall, I'm happy with it and my team is very happy with it. Our scans are fully automated and that is never an issue for us. It offers a lot of capabilities, expansion, and growth. If your company is looking to grow, it's definitely all there for you. You get a really good report on your devices and your networks.

As far as consolidation of security solutions goes, I have some suggestions for my leadership. I think we can definitely consolidate. For instance, we have a certain network segmentation where we have multiple security tools, including the SentinelOne agent and other agents on the devices. These devices are lower-end systems that don't have super-high specs like you might have on a power user's PC. In that area, we could eliminate one of the security agents and leave the SentinelOne agent. We would be covered in several different areas, such as FIM. I could create a custom rule to watch a certain configuration file, and if it changed, we would receive an alert. You can definitely use it to consolidate. Although we haven't done that yet, we're going to start because it's possible with the SentinelOne.

I believe we could save money by reducing the number of agents on those endpoints. If you walk that back to the yearly cost when we buy licenses, we should be able to save money on licensing for the other agent that we're using.

SentinelOne is very mature as an EDR platform. I would definitely put it in my top two. Across the breadth of everything I've dealt with using SentinelOne, even support, it's definitely top-two and you should check it out. I don't have a bad thing to say about it.

You definitely have to check out SentinelOne. They are firing on all cylinders for multiple areas that you want to consider when buying a tool like this. They're at 100 percent. When it comes to visibility, they present the information so that it's easy to read and understand. Responding is really easy to do. Support, which is a big factor nowadays, has faltered at some companies over the past four years, but support from SentinelOne has been awesome. Put SentinelOne in your PoCs. If you're looking at a couple of companies, you have to look at SentinelOne.

SentinelOne as a provider is a major player in hardening the protection of our environment.

I rate SentinelOne Singularity Complete a nine out of ten. I recommend it. SentinelOne works as advertised. It's an innovative solution, but it's hard for me to compare it to other products because I don't have much security expertise. It's a mature solution that has no bugs that I've experienced. I have confidence in it.

We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.

The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.

We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.

The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.

It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.

We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.

The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.

The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.

The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.

The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.

It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.

It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.

Overall, I rate the solution an eight out of ten.

I would definitely recommend trying it out. It would be great if someone could walk you through each of the features, what it can do, and how it can help your environment. That would be it. Do not just read about the product. Try it and see what it can do. That was what really won me over. Pamphlets and other similar things are great, but if you are not in the product, it does not help. At least try it for a month. It is great. It is simple. It is easy.

In terms of the quality and maturity of Singularity Complete, previously, there was a lot to be done, but the features that are out today should have been out originally. They are on the right track to make this product more amazing than it already is. From what I have seen in some of the talks at the conference, they are heading in the right direction, and that is what I would tell anyone.

Overall, I would rate Singularity Complete a nine out of ten.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete is a comprehensive, integrated solution for endpoint protection across the enterprise.

Singularity Complete is deployed across our campus with around 200 users.

SentinelOne Singularity Complete is a good solution that meets our enterprise needs.

I recommend organizations first evaluate SentinelOne Singularity Complete to see the kind of visibility it can provide into their endpoints.

SentinelOne Singularity Complete has reduced our operational costs and response time while enhancing our business efficiency.

I would rate SentinelOne Singularity Complete an eight out of ten.

SentinelOne Singularity Complete is a really mature product and seems to be focused on enhancing core capability and not getting distracted by other stuff.

SentinelOne Singularity Complete is deployed across our entire estate. We have around 10,000 endpoints.

It requires maintenance, such as builds, policies, and other related tasks. We have a team of four responsible for maintenance and another three people for day-to-day operations.

They have stepped up as a strategic security partner.

I recommend organizations do a proper proof of concept with the SentinelOne Singularity Complete in their environment using their tools and their people.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten.

Do your homework. I would encourage everybody, if you have the capabilities, to do what I did and test it against everything out there. If you don't have those capabilities and you want to save yourself a lot of time, just go straight to SentinelOne. I cannot imagine any organization regretting that decision. With the news stories you read about, such as hospitals under attack from malware and crypto viruses—with all the bad actors that exist, especially since the pandemic took over—if you want to protect your environment and sleep soundly at night, and if you're in the security industry, I highly encourage you to deploy SentinelOne and just watch what it's capable of.

I don't use the Storyline technology that much simply because I'm really turning this into a more automated process for my organization. An example of where we may use Storyline is when we download an encrypted malicious file. Let's say that email was sent to 500 people. If it gets through our email gateway, which is unlikely, I can not only identify those users quickly, but I can also use the Storyline to determine where it came from, how it got there, and what it was doing along the way. And while it killed it, it will tell me what processes were there. It helps us create and identify things like the hash, which we then summarily blacklist. Overall, Storyline is better for identifying what had happened along the way, but after the fact. For me, the fact that it has actually taken care of it without me having to go hunt it down all the time is the real benefit.

The only thing we don't take advantage of is their management service. We do have a TAM, but we don't have Vigilance.

For top-down administration, there's only about six of us who work with the solution. For country level administration, we have one or two in every country in those 83 countries.

We run a myriad of different front office and back office environments. SentinelOne had to learn different environments in different countries. It had to understand the business processes that are surrounding those. We did a substantial amount of tuning along the way, during the deployment. And then, of course, there are agent updates and there are considerations when you get a new EA version and are creating test groups. But, as an organization, we have reduced our total cost of ownership for our EPP platform, we have improved our visibility a hundred-fold, and we have maintained our data integrity. It really is the one end-all and be-all solution that we needed.

It's a home run. I've been doing this a long time and I've done this in over 48 countries around the world. Given what we do with this product and the visibility it has given us and the protection it has given us, I feel very comfortable with my security right now.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is an innovative solution that is ahead of Carbon Black and on par with CrowdStrike.

It is a high-quality mature solution that will help improve any security stack.

We are deploying it across eight locations, encompassing all departments and protecting our 500 employee endpoints.

I am an IT security analyst and I update the sensors myself.

I would rate SentinelOne Singularity Complete eight out of ten.

We started looking at the reception technology, but it was too much for us and required too many permissions. As a result, we did not proceed with it.

Ranger provides network and asset visibility, but we use other telemetry to build a data lake, which we then use to give us more holistic visibility.

Singularity Complete is definitely innovative. It offers better coverage of endpoints and sensors than our previous solution, as well as better coverage from red teams and other threats. It also provides us with much better telemetry from endpoints than our previous solution. This includes features that our previous EDR tool promised but did not deliver.

SentinelOne is a fairly mature product. I think we first looked at it about six or seven years ago when it first came out. It has definitely matured a lot since then. When we first saw SentinelOne, it had a lot of problems with automatically killing things without alerting us. However, we have definitely seen improvements in the solution from a product perspective. Additionally, there are now more modules and integrations available. We have looked at the reception part of it, as well as quite a few other pieces, including Rogue Sensor Pro. We have looked at a lot of little bits, so it has quite broad coverage in terms of what it actually will cover.

We have deployed Singularity Complete across the company and all lines of business, including our branches in South Africa and other parts of Africa. This includes approximately two and a half thousand endpoints.

Four people are managing Singularity Complete. Every six months we have to update the sensors. 

We have definitely told others about and shown them Singularity Complete, and we have told them that we are happy with it. When implementing Singularity Complete, we need to know what our expectations are and, obviously, test the solution thoroughly to prevent any negative outcomes.

I would rate SentinelOne Singularity Complete ten out of ten.

SentinelOne is ahead of the curve. They are certainly leading the way. When we consider the kinds of integrations being developed and the AI integrated into the platform, it's evident that they are the latest entrants to the market. This current position enables them to be more innovative in their approach.

SentinelOne Singularity Complete is extremely mature at this level.

We have 50 end users based out of multiple locations. A lot of our users work from home. Singularity Complete is deployed on laptops, workstations, and our servers.

The maintenance is minimal and is overseen by one person.

We're very satisfied with SentinelOne as a strategic partner. They've given us what we need, and we see a long-term future relationship with them.

Planning the rollout is crucial because we need to effectively manage the changes with the users. Therefore, meticulous planning of the rollout, organized by department, ensures a seamless transition and allows us to anticipate any potential issues. Adopting a staggered approach, rolling it out per department, is likely the most effective strategy for deploying Singularity Complete.

I would rate SentinelOne Singularity Complete as a ten out of ten. The reason is that I found the visibility I was looking for. It identifies suspicious software immediately; I experienced this firsthand when it detected such software on my device while I was using certain tools. This assures me of the solution's effectiveness. The management dashboard is largely user-friendly and provides all the information I require. It allows me to search deep within the processes of the running instances. Therefore, I consider it a strong offering, especially since many competitors provide similar services. In terms of knowledge, SentinelOne Singularity Complete competes well with these other vendors. I am highly satisfied with my purchase.

SentinelOne Singularity Complete's ability to save us costs is currently unknown. The purchase of SentinelOne Singularity Complete was significantly more expensive than the Norton software we had previously been using on our other devices. However, there is a balance, and I have visibility into this. I have the agent and the support of a much larger organization that is specifically focused on this. Therefore, the increased cost is justified for what we are aiming to achieve. While it might potentially save us a significant amount of money if one of those devices becomes infected with serious malware that leads to ransomware or similar issues, its primary purpose is also to prevent such situations. In conclusion, whether it will ultimately save us costs is a complex question with both positive and negative aspects.

I downloaded the package from the cloud and had to search extensively to find the site token for proceeding with the installation. It would probably be easier if the package were downloaded directly from the cloud. The solution would recognize that it has been downloaded from my account on the cloud and wouldn't require applying that token. I think that might be simpler from an administrator's point of view. I appreciate the ability to create automation for updating the agents. I found that feature very useful, as it eliminates the need to update each device individually to a newer version or to manually check the cloud for a newer version. Once I approve the update, the automation tool handles the update process automatically. I really like that aspect.

Maintenance is straightforward. I accomplish this by creating automation for the agent upgrades whenever new versions are released. Once I receive the email notifying me of a new version, I access the console. In a matter of five minutes, I can generate automation that will proceed to update all the agents within our console automatically. Therefore, performing this task doesn't require much effort from my end.

I value SentinelOne as a strategic security partner. I have experience with other security products within much larger enterprises, some of which are significantly more expensive. Certain products require an entire team to initiate and run, demanding a substantial amount of time and effort to set up the infrastructure, create the necessary site, and proceed with deploying project management, involving multiple meetings. My engagement with SentinelOne was quite streamlined. I had only two meetings with them: one to familiarize myself with the product and a second one to make the purchase and understand the procurement process. Everything was handled by their team from the backend. If I remember correctly, these interactions took place on the same day. I had a meeting around ten o'clock, and by approximately three o'clock, the management console was prepared for my access. This allowed me to start deploying the agent for testing purposes. In my view, SentinelOne exhibits a customer-centric approach. They not only focus on the security aspects of their consumable product but also prioritize their customers. The professionals I collaborated with demonstrated a clear understanding that their clients come first. Overall, I am deeply impressed with SentinelOne. While I have experience with other vendors and larger corporations that hold more industry recognition, my comprehensive impression of SentinelOne over the month and a half of evaluating the product, and the subsequent month of using it, is exceptionally positive. They indeed offer a highly effective product that aids consumers in maintaining the security of their devices.

I recommend that organizations conduct their own thorough research and due diligence. Don't solely rely on marketing speeches. The security field has numerous players, many of whom offer similar services. Personally, I have experience with some of these other solutions that function very similarly to SentinelOne Singularity Complete, including their management platforms and agent-based solutions. What stood out to me was the depth of SentinelOne's research. They delve into the core aspects of security, beyond just product user-friendliness, easy installation, or a visually pleasing dashboard. Their commitment involves meticulous research into prevalent malware and viruses. They ensure that the solutions they provide can rapidly detect zero-day attacks and malware, offering immediate protection to their customers. In my view, SentinelOne stands out because they genuinely prioritize their customers' interests. They demonstrate their commitment through their dedicated research and development, and by offering applications that effectively safeguard customers. 

I give the solution a ten out of ten.

Overall, I would rate Singularity Complete a nine out of ten.

To someone who is researching Singularity Complete, I would say that you can read all the information, but the proof is in the actual work and the history that it has so far. We have got no complaints about the quality and maturity of this solution. 

Make sure you are comparing it to whatever you have because that gives you comparative data. If you walk in, sometimes, you do not know you are getting the best of breed right there.

It is a ten out of ten for me, and it gives me peace of mind.

I would rate SentinelOne Singularity Complete eight out of ten. The room for improvement is to add some additional features, such as Ranger, which they sell separately. I see a lot of value in Ranger, and I wish it was included with the complete purchase.

We do not have any direct plugins for SentinelOne Singularity Complete, such as Ranger. Ranger is an add-on that I believe can be purchased through SentinelOne to expand our visibility. We do not have that, and I wish it was included because there are quite a few nice features that I would hope to see eventually included or trickled down to the complete solution. I feel like those are just a few other cherries on top that would really put this package over the top. One of the struggles I have in a Mac environment is creating a custom application creating the Privacy Preferences Policy Control profile and setting everything correctly so that users do not need to interact with the application when it is pushed to them. SentinelOne has clear documentation and works with a few MDM vendors that have documentation already published. So when we were running a POC for a few of these vendors, it was very easy to get that set up, which is not something I can say for other applications.

SentinelOne Singularity Complete is an intuitive product. I found the getting started guide and active preparation checklist to be very helpful. The checklist is well-documented and comprehensive, and it covers everything from the initial purchase to GoLive. The support team was also able to answer any questions I had about navigating the application. The interface is mature and user-friendly. I have not encountered any major issues so far. Overall, I am very happy with SentinelOne Singularity Complete.

SentinelOne Singularity Complete is definitely valuable as a strategic security partner. SentinelOne Singularity Complete was our top choice, and we are happy with it. I would definitely recommend it to my colleagues if they were looking for a solution for their company.

Maintenance is only required when the vendor releases a new general access version of the installer. I need to download the new version, upload it to our servers, and make sure it deploys successfully to our machines. This is the extent of my maintenance responsibilities. I do not need to directly interact with the application itself.

I would recommend that people evaluating SentinelOne Singularity Complete try it out to see if it is right for their environment. SentinelOne offers a trial that can be set up for their environment. When an organization purchases the product, they will flip a switch and there is no need to set anything else up. This was beneficial for us because we did not have to waste time setting up and deploying the product to a few devices in our environment only to have to do it again after we purchased it. I would also recommend engaging with the resources that SentinelOne provides to get a good understanding of the product. We can tweak the settings and see how it responds to different threats. If organizations have any specific needs, they can talk to an engineer during the trial. This was helpful for us because the engineer was able to make changes to the settings to meet our needs. Overall, I would recommend taking a look at SentinelOne Singularity Complete. I was initially overwhelmed by the different SKU offerings, but I was able to work with sales to find the best package for our needs. The SentinelOne team has been very helpful.

The solution seems to be quite innovative. They are coming out with network products. Every month we have a webinar on new features coming out.

The quality and maturity of the solution are both great. The stuff they give us is really detailed.

There are instances of the solution on the cloud, however, all the endpoints are on-premises. 

I'm pretty satisfied with the product as a security partner. I'm happy with where we are with them. 

This is a great product. If a company is unhappy with its current EDR, SentinelOne is a good choice. They are acquiring a lot of companies and solutions to add to their roster in order to provide a more centralized platform.

I'd rate the solution nine out of ten. It's going to be a good one-stop-shop and I enjoy working with them.

I would rate SentinelOne Singularity Complete nine out of ten.

I would focus more on how the product is delivered and maintained. Maintenance of any type of antivirus product is always an important question when it comes to how to maintain this product and how to use it without dedicating a lot of resources to it. SentinelOne has just introduced an automatic upgrade feature for their client agent that allows us to set a policy to always keep our agents on the general mobility version. This will automatically upgrade our agents for us, saving IT a lot of time. Before, we had to manually upgrade our agents from the cloud, but now this process is fully automated. This is a huge value-added feature, and the agent is not very disruptive.

We have SentinelOne Singularity Complete deployed on our Windows servers across the country. Around 15 people are using the solution.

We must constantly monitor the portal to review items that Singularity Complete has blocked. Occasionally, we must decide whether to allow or deny access. We must definitely stay engaged with the portal, as it is not a fully hands-off solution. This is appropriate, as some interaction is necessary. However, the level of interaction required does not bother me.

If I were to recommend SentinelOne Singularity Complete to anyone else, I would definitely help them understand these types of products. People who are looking at cloud antivirus are usually coming from on-prem antivirus, so they may be shocked by the price. I would help them understand that yes, cloud antivirus products cost more than normal antivirus, but they offer peace of mind. Once they understand this, they can start to appreciate the value of the product.

It is a very robust platform. It is a great candidate to serve small business environments. They do not target small businesses. They do not market it to small business environments with 50 users or less, but being a little more technically-minded, I wanted something that was enterprise-ready. Even though our environment is small, it was a good fit for us.

It did not require a lot of in-place support from the integrator or the reseller, but they did provide a large amount of presale decision-making help in terms of what I was getting into and what they could provide. That was very helpful. Talking to an integrator or a reseller so that you can put a person to the discussion is helpful.

In terms of integrations, we have looked into some of the integrations, such as with Mimecast. We have had some interest in that, but we have not utilized any of those third-party integrations. We also looked at the possibility of using some things with log management and being able to have a single source of how protected we are across the enterprise, but we have not yet pulled the trigger on anything like that.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten.

I've never used the Ranger functionality of SentinelOne Singularity Complete.

In my company, SentinelOne Singularity Complete has a hybrid deployment.

From a maintenance perspective, I have to ensure the solution is working and looks good, but I only have to go in and check occasionally. In SentinelOne Singularity Complete, the upgrade is automated.

My rating for SentinelOne Singularity Complete is nine out of ten.

I'd tell others looking into SentinelOne Singularity Complete that it provides complete protection and has yet to fail my company, so it's a solution that I recommend. I'd tell others to go with SentinelOne Singularity Complete.

My company is a SentinelOne customer.

I would rate SentinelOne Singularity Complete ten out of ten.

We are considering the possibility of using SentinelOne to consolidate some of our security solutions, but have not moved in that direction just yet.

Singularity Complete has not yet saved our staff time because it takes more time to deploy and migrate to the point where we have time savings. I think it will in the next couple of years.

We see a lot of innovation from SentinelOne. They are acquiring many other products that are integrating with the platform we looked to adopt in the next couple of years if it works out well. New features and functionalities are also regularly released. So, in terms of innovation, that's one of the reasons we chose SentinelOne Singularity Complete in the first place.

Singularity Complete is a mature product that can sufficiently protect our assets. I would say that the core features associated with that functionality are in place and work well.

Maintenance is relatively low, but systems need regular updates, and we need to troubleshoot all of them. So, there is some work involved.

SentinelOne is a good strategic security partner. We appreciate the direction of their product roadmap and its current coverage. One area where they could improve is in having their EDR support teams reach out to us. We don't believe we have an EDR or anything similar setup, but it would be helpful if they offered quarterly or semi-annual meetings to check in, see how we're doing, and give us an opportunity to provide feedback.

People researching Singularity Complete should first understand their environment and deployment goals to ensure compatibility between their existing solutions and the new product. They should also evaluate multiple competitors before making a commitment.

You have a choice between an on-premise console and the cloud. My advice would be to use the cloud, but it is a consideration of whether your endpoints can connect to the cloud or not. One of my customers is in the military defense area, and they have no connection to the internet. So, we had to deploy on-prem. What you don't get with the on-prem is all the AI. So, if you're deploying on-prem, you get the core features of SentinelOne, but you don't get all of the bells and whistles that you get from the cloud environment. The same is true for Cisco AMP and other solutions that are deployed on-prem. So, you need to consider how you're going to consume it if you have a disconnected network. If you're in the financial world, a lot of the production networks are not connected to the internet. So, solutions like Microsoft Defender are not an option because they're cloud-based, whereas SentinelOne is an option in those environments.

I would rate it an eight out of ten. It is a very good solution, but you have to compare it to understand it better.

My advice would be to implement SentinelOne immediately. It is one of the top things that we've implemented and it has saved us countless hours. It's really hard to quantify the savings, but if a client were to get ransomware, it could involve weeks of several team members working around the clock to get them back up and running. Since we've implemented this, we haven't had to do that in an environment where we had experienced having to do so previously.

The biggest thing I've learned from using SentinelOne is that there are a lot more attacks out there than a typical antivirus will display. Regular antivirus, rather than an EDR-type platform, gives people a false sense of security because there are a lot of processes running in the background that the typical antivirus solution is not equipped to catch. It was eye-opening when we started deploying this at clients, locations where we felt we had very good peace of mind in terms of what was happening. SentinelOne started detecting things left and right that were completely unable to be seen prior.

Creating separate groups for various types of computers, like Windows servers and clients, enables efficient management and customization of security configurations tailored to specific needs. Overall, I would rate it ten out of ten.

This is an on-demand product. We are always on the latest version. 

I'd rate the solution eight out of ten. It's a good product. We like working with it. 

SentinelOne would be my go-to security provider. I would recommend that others go there first. They will get solicitations from McAfee and such because McAfee knows they're losing that business, but they just can't offer what SentinelOne offers.

Overall, I would give the product a nine out of ten rating. 

Give SentinelOne a chance. Traditionally, a lot of companies look at the big brand vendors and SentinelOne is making quite a good name for itself. I have actually recommended them to several other companies where I have contacts. Several of those have picked up the solution to have a look at it.

You need to know your environment and make sure it is clean and controlled. If it's clean and you have control, then you will have no problems with this product. If your environment isn't hygienic, then you will run into issues. We have had some issues, but that's nothing to do with the product. We have never been really good at securing what is installed on the endpoint, so we get a lot of false positives. Give it a chance, as it's a good platform.

I would give the platform and company, with the support, a strong eight or nine out of 10.

I would rate SentinelOne Singularity Complete eight out of ten.

I haven't observed significant innovation from SentinelOne Singularity Complete lately. Other than obtaining the database, I haven't noticed any new features or third-party integrations being introduced. This leads me to believe that there may not be a high level of ongoing innovation at the moment.

SentinelOne Singularity Complete is deployed across thousands of instances and endpoints in different countries across multiple offices in Europe.

The only maintenance required is for updates to the endpoints.

While SentinelOne offers valuable security protection, it may not be sufficient as a standalone solution. Relying solely on Singularity Complete for a week-long absence might leave our system vulnerable to threats that other Endpoint Detection and Response solutions could identify.

I rate SentinelOne Singularity Complete a nine out of ten. While the product itself is impressive, the price point is on the higher side. The only drawback is the limited support access. If they offered more affordable support options or provided unrestricted access to their knowledge base, I would easily give it a ten. Unfortunately, they haven't implemented this yet, as it would unlock more resources and expertise for users. Ultimately, it is what it is, but hopefully, they'll consider these improvements in the future. 

In my environment, I support a law firm and a music company while pursuing my research. Additionally, I use Intel hardware for testing purposes. My security strategy prioritizes avoiding complete system reimaging whenever possible. While I have encountered compatibility issues with specific SentinelOne versions and certain software, these were primarily during testing when I intentionally introduced malicious files. In general, the software has proven effective in preventing and mitigating threats.

SentinelOne Singularity Complete has been excellent in its ability to be innovative.

While SentinelOne Singularity Complete is well-established software, the developers continuously strive to improve it. After all, no software ever truly reaches complete maturity. To remain effective, we must constantly adapt, improve, and refine ourselves in response to evolving threats and technologies.

I'd love to partner with SentinelOne right now, but as a small business, cost is a major concern. That's why I'm working with a distributor. They purchase larger license blocks, like five thousand or ten thousand, and because I was one of their early customers, they granted me access. While I have a partnership with them, it's not a formal one. To my knowledge, they require organizations to have at least one hundred or two hundred seats to be considered for a true partnership. I'm unsure if a program exists for smaller businesses, but based on what I've seen, access to their knowledge base, support team, etc., seems to be restricted to contracts with a minimum seat capacity of one hundred or two hundred.

You have to do a cost-benefit analysis. Understand the context of your company. It is not the same for a bank or an insurance company compared to a company in the industrial sector that does not manage sensitive data. Understand your particular needs. After a cost analysis, if there is enough budget, choose SentinelOne.

The most important lesson I have learned using SentinelOne is to always listen to what the Vigilance Respond team says.

We are still chasing the benefits of the solution. The model is already deployed, but we are a very large company, and every day we find new devices that do not have SentinelOne. We are still in that phase of continual improvement, of improving the solution and achieving even more benefits. We are getting to the most isolated cases of, for example, servers that have little RAM, and we are debating if we should apply SentinelOne to them because, perhaps, the server will be affected more so. 

We are dealing with these small cases and continuously improving. You don't get all the benefits in two months; it is an ongoing process.

I would recommend SentinelOne, and if, in the end, it is a question of budget, choose it. If I became a CSO tomorrow, that is what I would do.

Foreign Language:(Spanish)

¿Cuál es nuestro caso de uso principal?

Soy parte del equipo de seguridad y nuestra estrategia es implementar este EDR en todos los activos de la empresa, en todos nuestros puntos finales. Queríamos una plataforma potente en términos de detección y respuesta a incidencias.

¿Cómo ha ayudado a mi organización?

Nos da una primera capa de seguridad. Además, hemos contratado al equipo SentinelOne Vigilance Respond, un SOC 24 horas al día, 7 días a la semana que monitorea y mitiga. En caso de que necesitemos escalar una alerta sobre cualquiera de nuestros activos, nos permite realizar un poco de análisis de inteligencia de amenazas y depurar cualquier activo sobre cualquier tema.

Ha ayudado a reducir las alertas gracias al servicio de Vigilance durante los dos últimos años. Esto incluye todo tipo de incidentes, ya sean críticos, de prioridad media o baja. La mayoría de las alertas las gestionan ellos y nosotros no las vemos. Solo vemos aquellos que requieren alguna información que solo nuestra empresa tiene, pero muy pocos llegan a ese nivel ya que Vigilance se encarga directamente de gestionarlos. Si tuviéramos que gestionar las alertas que gestiona Vigilance, entre el 30 y el 50 por ciento de mi jornada laboral se dedicaría a revisar alertas.

En general, ha reducido nuestro tiempo promedio de detección en aproximadamente un 70 por ciento, ya que actúa como una herramienta autónoma. Ademas, nuestro tiempo promedio para responder se ha reducido entre un 80 y un 90 por ciento porque contamos con el equipo DFIR, análisis forense digital y respuesta a incidentes de SentinelOne involucrado.

Al proporcionar esa primera capa de detección y respuesta, SentinelOne nos permite vigilar todos nuestros puntos finales y desde allí, gestionar si un equipo o un servidor se ha visto comprometido. Podemos aislarlo directamente de la red para que el malware o el ransomware no puedan propagarse ampliamente.

Nos ha ayudado a consolidar soluciones de seguridad, aunque si tuvimos algunos problemas. El equipo de DFIR responde rápidamente y el equipo de Vigilance Respond trabaja continuamente con nosotros, gestionando las alertas. Hacemos evaluaciones trimestrales y el equipo de soporte siempre responde bien, además interactuamos con la herramienta nosotros mismos.

El equipo de seguridad ha ganado una presencia y control sobre los equipos de la empresa que antes no teníamos.

Todo dispositivo que no tenga SentinelOne instalado es un riesgo y sin SentinelOne, la diferencia sería significativa. Ha ayudado a reducir nuestro riesgo organizacional en un 70 por ciento.

¿Qué es lo más valioso?

SentinelOne cuenta con tres servicios que están muy bien consolidados:

1. Soporte técnico, a través del cual te ayudan, sugieren nuevas configuraciones y resuelven dudas.

2. El servicio Vigilance Respond, que es un SOC 24 horas al día, 7 días a la semana, que trabaja y gestiona todas las alertas que se generan en SentinelOne en nuestros dispositivos. Es una primera capa de defensa que filtra muchas de las solicitudes. A veces terminamos escalando algo porque hay ocasiones en las que necesitamos entender si la alerta es un falso positivo o no.

3. DFIR, Análisis Forense Digital y Respuesta a Incidentes. Este equipo se encarga de hacer todo el análisis forense de un incidente, y tenemos contratada una determinada cantidad de horas con ellos. El nivel técnico de sus asesores es muy alto y te permite crear un informe forense de alta calidad, en caso de que tengas que escalar o informar a tu personal superior. El equipo de DFIR es excelente.

Otro aspecto que es muy bueno es la incorporación de la solución y la correlación entre las soluciones de seguridad. Optamos por SentinelOne porque te brinda visibilidad y control sobre todos los dispositivos en los que tienes implementado el agente. Esto es muy valioso porque, al final, todos los ataques entran sólo a través de una puerta de enlace, que suele ser la computadora del usuario y si no tienes visibilidad sobre esa computadora o capacidad de administrar, no podrás bloquear, reiniciar o ejecutar un análisis completo para ver si el usuario ha hecho clic en un enlace o si se ha descargado algún tipo de malware. Esta es una capa de visibilidad y gestión básica que cualquier empresa necesita.

Además, cuenta con una gran inteligencia de amenazas y correlación de actividades. No sólo detecta y responde a incidentes sino que también los previene.

¿Qué necesita mejorar?

Empezamos a utilizar SentinelOne Ranger, pero encontramos dos problemas. Quizás sean particularidades, pero conviene abordarlas ya que pueden hacer cambiar de opinión a otras empresas que estén considerando esta característica.

El primer problema es que, tal vez escanea todos los activos que hay en la red, pero la hora de discernir si un activo es un servidor o un portátil, tiende a fallar. No tiene un nivel de precisión muy alto. Hemos experimentado problemas al informar este tipo de activos a los responsables de instalar el agente y luego nos dicen: "Oye, esto no es un servidor, esto es un fax" o "esto es una impresora". Cuando suceden cosas así, perdemos credibilidad.

El otro problema que vimos con la funcionalidad de Ranger es que si, por cualquier motivo, tiene un producto con SentinelOne instalado pero está en la red de un cliente, el agente SentinelOne comienza a escanear los puertos y la red y va a un honeypot. Como resultado, el cliente puede pensar que está siendo atacado porque alguien ha llegado a su honeypot, cuando en realidad somos nosotros en la red del cliente. Cuando no sabes que esto está pasando, puede generar conflicto y tensión con los clientes. Una vez que conozcas el problema, puedes desactivar ese proceso, pero a veces puede tener un impacto negativo.

Ranger me proporciona visibilidad de la red, pero no completamente porque los activos que escanea a menudo se identifican erróneamente con respecto al tipo de dispositivo que son. Un agente SentinelOne vale mucho dinero y no tiene sentido ponerlo en una impresora, por ejemplo. Debería tener la capacidad de ir un poco más allá y ser más preciso.

Otra área de mejora muy clara, una que no entiendo por qué no la han implementado todavía, es que el agente de SentinelOne sea autoactualizable. El agente tiene una versión, y lo que SentinelOne proponía hasta hace un año es que había que ser proactivo al consultar el panel para ver si su agente había llegado al final de su vida útil y luego actualizarlo. Ahora, han lanzado una nueva función en la que creo que se pueden programar actualizaciones, por lo que tiene mucho sentido que el agente se actualice sin ninguna acción de nuestra parte y nunca se quede sin versión. Simplemente conectándose a la red debería poder descargarse y actualizarse.

Esta idea no es crítica porque SentinelOne actualiza muchas versiones del agente y cuando una queda obsoleta, no significa que ya no funcione. Pero esto es algo que SentinelOne debería saber cómo ejecutar. Una solución podría ser que, si no tiene la capacidad de actualizar automáticamente el agente, SentinelOne te indique directamente qué agentes no están actualizados. De esa forma, no tendríamos que ir a la documentación, mirar el panel y filtrar los agentes por versión. Sería fantástico si pudieras saber que sistemas operativos no son compatibles para que no tuviéramos que buscar en la documentación oficial si Windows Server está desactualizado o no.

Si los agentes se autoactualizaran, el mantenimiento debido al proceso de actualización sería mínimo.

¿Durante cuánto tiempo he usado la solución?

He estado usando SentinelOne Singularity Complete durante dos años aproximadamente.

¿Qué pienso sobre la estabilidad de la solución?

SentinelOne es muy estable. Nunca se ha caído ni ha dado ningún problema.

¿Qué pienso sobre la escalabilidad de la solución?

No lo tenemos en ninguna nube. El agente está ubicado en los dispositivos; Gestionamos casi 10.000 ordenadores. Nuestra empresa tiene presencia en nueve países europeos y SentinelOne se utiliza en todos ellos. Nuestro departamento es el grupo que supervisa todas las regiones, incluidas España, Francia, los países nórdicos, Polonia, Rumanía, República Checa, Austria y Suiza.

Continuamente implementamos nuevos agentes porque detectamos cada vez más dispositivos. SentinelOne permanecerá en nuestra empresa hasta que muera, por así decirlo. Con lo que nos ha costado llegar hasta aquí no vamos a cambiarlo ahora.

¿Cómo es el servicio y soporte al cliente?

El soporte responde en menos de un día.

SentinelOne es un socio líder en la industria.

¿Cómo calificaría el servicio y soporte al cliente?

Positivo

¿Cuál fue nuestro Retorno de Inversión?

Defender for Endpoint es más caro que SentinelOne. Otras soluciones son más caras y otras más baratas, pero en términos de relación coste-beneficio, siempre nos quedaremos con SentinelOne.

La detección y visibilidad de todos los activos, ya sea por parte del agente o del Ranger y la capacidad que tiene de tomar medidas valen la pena. Es todo muy intuitivo y para mí, estos elementos son nuestro retorno de la inversión.

¿Qué otras soluciones evalué?

Todos los portales, al fin y al cabo, son "primos hermanos", como CrowdStrike y Palo Alto, aunque no sean exactamente EDR. Asistimos a un congreso global de ciberseguridad en Londres y todas las soluciones estaban allí: SentinelOne y su competencia. A nivel de portal, usuario y otros niveles son prácticamente iguales. Cada uno tendrá algo mejor y algo peor, pero son bastante similares.

¿Qué otro consejo tengo?

Tienen que hacer un análisis coste-beneficio. Comprende el contexto de tu empresa. No es lo mismo un banco o una compañía de seguros que una empresa del sector industrial que no gestiona datos sensibles. Comprende tus necesidades particulares. Después de un análisis de costos, si hay suficiente presupuesto, elije SentinelOne.

La lección más importante que he aprendido al utilizar SentinelOne es escuchar siempre lo que dice el equipo de Vigilance Respond.

Todavía estamos descubriendo más beneficios en la solución. El modelo ya está implementado, pero somos una empresa muy grande y cada día encontramos nuevos dispositivos que no tienen SentinelOne. Todavía estamos en esa fase de mejora continua, de mejorar la solución y lograr aún más beneficios. Estamos llegando a los casos más aislados de, por ejemplo, servidores que tienen poca RAM y estamos debatiendo si debemos aplicarles SentinelOne porque, quizás, el servidor se verá más afectado.

No obtienes todos los beneficios en dos meses; es un proceso continuo.

Yo recomiendo a SentinelOne. Si al final es una cuestión de presupuesto, elígelo. Si mañana me convirtiera en un OSC, eso es lo que haría.

I also used SentinelOne five years ago at another company, and I find it to be way better now. It is a much more refined product. It does not actively scan the system the way it used to. It has come a long way in terms of performance on the machines. It does not hinder the performance of developers' machines. I hear no complaints about SentinelOne blocking or grinding machines to a halt with scans when developers are doing builds and things like that. It has improved greatly. Five years ago, I used to hear complaints about SentinelOne slowing down the systems, but I have not heard that once here.

We tested the Ranger functionality a bit. We were demoing it. Ranger was pretty cool for the visibility of devices, but we did not find a use for it.

Overall, I would rate SentinelOne Singularity Complete a 9 out of 10.

I would rate SentinelOne Singularity Complete nine out of ten. SentinelOne is one of the best security solutions I have worked with. I would rank it in the top three best platforms for security.

SentinelOne Singularity Complete is an aggressive and accurate security solution.

No maintenance is required except for updates that we push out to all end users.

For organizations that want an aggressive security partner, I recommend SentinelOne Singularity Complete.

Although SentinelOne Singularity Complete is expensive, I have no qualms about investing more money in the security of my department and data. I would definitely recommend SentinelOne Singularity Complete. It gives me peace of mind knowing that my data is safe.

I would rate SentinelOne Singularity Complete a six out of ten.

Currently, I have not yet completed the integration with third-party tools. However, I am utilizing the Sentinel logs as inputs for my Security Operations Center services, and I am gaining comprehensive visibility from this approach.

I would rate SentinelOne Singularity Complete eight out of ten.

Although we can use a multifaceted approach with different products, this has both advantages and disadvantages. For example, if one product fails, the entire system does not. However, it would be an advantage if SentinelOne offered other tools, such as VPN and encryption. SentinelOne Singularity Complete is a cutting-edge, modern solution that offers a multifaceted approach to XDR. It is not outdated like many other programs. As long as SentinelOne continues to innovate and evolve in the cybersecurity landscape, it will remain a leading solution.

One of the things that really impressed me about SentinelOne Singularity Complete compared to other solutions was their commitment to taking cybersecurity practitioners seriously. This is anecdotal, as I met some of the most technical professionals working at their booth at Black Hat, while many other booths were staffed by sales representatives. As a practitioner, the fact that I can't ask many sales representatives very technical questions is not a good reflection on the company. SentinelOne was different. I was able to have very technical discussions with their staff, which shows that they take their approach very seriously.

SentinelOne Singularity Complete is at the forefront of cybersecurity protection. I consider it a great solution option, and I strongly recommend comparing it to other offerings. I believe it will stand up well against the competition.

We are a Fortune 500 company, and SentinelOne Singularity Complete is deployed on tens of thousands of endpoints.

SentinelOne Singularity Complete is a set-and-forget solution when it comes to maintenance.

I have good impressions of SentinelOne as a strategic security partner.

Organizations should research any solution before implementing it. The price of one product may make sense for some organizations but not others. Apply the same due diligence to any solution that will affect the organization's overall security posture.

SentinelOne's ability to be innovative is good. They've done a good job. Over the last two years, the product has continued to improve, change, and add valuable features. 

The quality of the product is good. It feels mature and is well-developed. I don't have any concerns with its technology. 

They are a good strategic security partner. They are a growing company and one of the leading EDR tools in the space. 

I'd rate the solution nine out of ten. I would recommend it to others. 

I rate this solution a ten out of ten. I have around 10 to 15 years of experience in security and have used products like Sophos, Micro and CrowdStrike. CrowdStrike and SentinelOne are the best, but SentinelOne is preferred because of its great features and nominal cost.

It is a good product, and it is something that has future-proofed me in my program for the organization.

I am pretty sure I made a super smart decision when I chose to buy it. The roadmap is sound. Based on the keynotes at SentinelOne OneCon23, there is a lot going on. They are dedicated to improving the product. There are a couple of things, such as SentinelOne Mobile, that cannot be forgotten. That is integral for us or our organization, but, overall, I feel pretty good about the strategic roadmap or journey that we will be on.

From a pragmatic level, it is very mature. There was a bit of a false start with the SentinelOne Mobile, which is important for us, but overall, the product is very mature and adaptable by a variety of talents and skill sets that you find in your SOCs or security operation centers.

I would rate it a nine out of ten because of the Mobile issue. This is something big, and I am a little worried that I did not see it in the keynotes SentinelOne OneCon23.

I rate SentinelOne Singularity Complete eight out of 10 overall. It needs some improvement in some areas, such as backup functionality and performance, but it's a good solution. 

We have SentinelOne deployed through Intune, but we use the cloud login to work on any alerts or events that pop up. When new SentinelOne updates are available, we log into the cloud portal, make a new batch, and just send out the update automatically to all 400 clients that we have. If any events or errors show up, we go through the normal process. We let the vigilance team look at them, remove the computer from the network if need be, isolate it, and do our normal due diligence on what the error or the event is telling us.

We're very happy with the SentinelOne platform, so we haven't looked at anything else recently.

To someone who is researching Singularity Complete, I would say that it is excellent in terms of quality and maturity.

I would advise performing an extensive proof of concept. If you have the ability to use a security tool validation platform to test out multiple platforms before choosing one, that would be a good idea. You should also understand various modules that are add-ons to the platform. It is extremely important.

I have used the Ranger functionality, and I am very familiar with it. It provides network and asset visibility. You can configure the agent to scan the subnet that it sits on and look for other assets that are missing the SentinelOne agent. You can create a policy saying that if a device sits on a specific subnet and has, for example, more than five systems, try to interrogate those systems to see if they are the systems that may be eligible for the SentinelOne agent but are missing one. We did not renew the license for that specific functionality of SentinelOne about a year ago. We decided to go with another vendor to give us that type of visibility.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten.

We are partners and resellers. Singularity Complete’s interoperability with other SentinelOne solutions is fine. I've been able to push logs into our SIEM solution. We used our API. It was quite easy to do. The API token expires, so we have to regenerate and integrate it.

The solution’s ability to ingest and correlate across security solutions is quite fast. I don't have any issues with it. The Ranger functionality provides network and asset visibility. It's quite important. We can identify when endpoints that are not permitted or allowed on the network are active. It helps us isolate or deploy an agent on the endpoints. It's quite useful.

Ranger requires no new agents, hardware, or network changes. It is used for existing agents or endpoints. We can also identify neighboring endpoints that do not have agents. It's easy because we do not have to do any additional configurations. It leverages the current agents that we have deployed across endpoints. It's a good feature. We need not deploy another agent to work for Ranger.

A computer that doesn't have an agent is vulnerable to exploits. When Ranger helps to find the computer and network, it helps to prevent vulnerable devices from becoming compromised. We can identify and isolate the computer and deploy the agent on it. Singularity Complete does not reduce alerts.

The solution saves deployment time. We can push agents from the management console to the endpoint. It will save us time from physically going to the endpoint and installing the agent ourselves. The product reduces MTTD by 20%. The product reduces MTTR by 20%.

If an endpoint gets compromised, we will have to spend money. The tool generally helps us stay safe and protects computers. Thus, the solution reduces costs in the long run. Unprotected endpoints are risky endpoints. Singularity Complete has helped reduce our organizational risk.

Singularity Complete is quite a good tool. I'm quite confident in its ability to detect threats. It is good to have SentinelOne as a strategic security partner. People planning to use the tool must go for it. It's a good solution. It does what it claims.

Overall, I rate the product 8 out of 10.

We didn't have any major issues related to the integration. However, we had some issues related to the implementation on the server site. It was solved by upgrading the agents. Initially, we had a couple of issues related to integration, but after that, it was solved.

The solution gives us more visibility into alerts but doesn't reduce them. It might help after we conduct the patching and vulnerability management, but we haven't tested it yet.

Singularity Complete has helped free up our staff for other projects and tasks. We have a full-fledged SOC team that uses SIEM tools. We use it to complement our SOC and our XDR and MDR solutions. We have Singularity Complete as a technology for further investigation and threat hunting.

When we get an alert from the SOC team, we use the tool to do the analysis and threat hunting in 30 minutes per incident. It is a considerable saving in the team's time because we have limited engineers and security analysts. The tool saves 50% of the staff's time.

The product has helped us save on operation and acquisition costs by 70%. We have replaced two solutions from other vendors with Singularity Complete. Singularity Complete has surely helped reduce our organizational risk. We had a lot of alerts from the previous vendors. Now, we see fewer alerts.

Compared to its competitors, Singularity Complete is very mature. It exceeds in some areas, especially in threat hunting. I have seen other solutions. They have very strong capabilities in detection but not in threat hunting. Singularity Complete makes a difference with our analysts when they perform threat hunting and threat analysis.

I like the product's vision very much. Everything has to be on a single agent, and the integration is very much worked on. It has a very good integration roadmap. It has a very complete and strategic vision. It doesn't sell only endpoint products. I like the completeness of its vision.

People who want to buy the tool must test all the features to see how they will get value from the product because it's very complex and feature-rich.

Overall, I rate the solution a seven out of ten.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete has room to grow, but it is overall very good. It is a mature software product with an awesome UI. There are many options and actions available. 

No maintenance is required from our end.

SentinelOne Singularity Complete is a straightforward, stable solution that is easy to learn.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne is very mature. It's a lightweight application that does not waste a lot of resources, and the quality is definitely good.

Singularity Complete is a self-sustained standalone application that updates to the cloud. Every computer checks in and updates as needed.

I manage our future application deployments and ensure that Singularity Complete is automatically pushed out and kept up to date.

SentinelOne is a good overall security partner.

It's always worth testing out different solutions and finding the one that works for each organization. But as far as SentinelOne Singularity Complete goes, it's been an easy process for our organization and I recommend it to others.

I rate SentinelOne Singularity Complete seven out of 10. It's a comprehensive, innovative solution that covers many of the network features and core antivirus functionality. It's a solid solution from a coverage perspective. The only thing that needs improvement is the false positive rate. If SentinelOne can address that, it would be excellent. My advice to new users is to have a team of people trained to use and manage the solution. 

We are partners. 

It's a good solution as compared to others. In terms of MML features, it is fine.

I'd rate it eight out of ten. 

I could not recommend SentinelOne highly enough. The one thing about this product is something I very seldom say when it comes to almost anything in life, sadly, is that I trust it. I trust this program to be well taken care of on the backend. I trust this program to do its job on the frontend. I trust the endpoint and network security of our university to this product. I have no doubt that we're in good hands. It has proven itself with ransomware, proven itself with Qbot infections, proven itself with a multitude of end-users. 

We had a pen tester on campus that was actively trying to hack things, doing penetration testing, and SentinelOne stops him every time. Every time he got to the machine with SentinelOne on, it stopped him dead in his tracks. The pen tester said, "Your endpoint solution here is fantastic". This is a trained white-hat hacker trying to break through and he couldn't do it. We gave him a foothold, an account, and all kinds of stuff. We opened the door for him to see how far he could get. He was able to get in on machines that did not have this level of protection. He was able to get to devices, create administrative users, elevate privileges. You name it, he can do it. Once he got to a machine with SentinelOne on it, it stopped him.

They didn't tell me we were pen-testing. Suddenly I was seeing lateral movement and all kinds of things on the network and I ran this guy down just to find out we hired him to go do this. I thought we had a hacker on-premises.

I would recommend that anybody who uses this product also interacts with other people who have it. Another university was the first university that had it near us and then we got it. They were a big help to us, as far as answering questions about the deployment. They told us about a couple of little headaches to watch out for. It had nothing to do with SentinelOne, but how Microsoft servers operate. So we were able to save ourselves a lot of time by interfacing with the network of users of this particular program.

What I've learned with a product of this caliber is how efficient one person can be. I don't think you're going to find many places where you have primarily one person safeguarding the endpoint solution of an entire university. The good news is that because everything is the way it's set up, the way it's configured, and the machine intelligence that I've added over the last three years, if I'm not here and someone else steps in front of it, it can run itself in many ways. I've learned that if you find the right product, you can become incredibly efficient.

I'd give SentinelOne a ten out of ten. I'd give it higher than that if I could. I've actually done calls where they've called me and had me speak to the salesman, we had a really good working relationship. He had me call and speak to people who he's actually trying to sell the product to. I think I've sold half a dozen of these things for him, but I can't recommend it enough. I believe in SentinelOne wholeheartedly.

My advice is start working with it. You're going to love it.

The biggest lesson I've learned from using SentinelOne is that security tools can be different. SentinelOne has taught me that you can do security in different ways. If it sounds expensive, I would not always say that it is expensive.

We are a very small business. We don't have somebody who specializes in security. Our IT is just three people who do everything. That makes it difficult to say we are going to focus on SentinelOne and try to use it completely. We put it into use for malware security and that's it. We only have a WatchGuard firewall on the front-end and that's it in terms of security on SentinelOne.

They are improving the management tools. They are getting better. The portal is functioning with more logic. Those are good improvements. It's user-friendly enough. People with low IT knowledge can work with it.

It's a very good program. It does what it says it does, and I'm very glad that I have it.

Go for it. It's an absolutely brilliant product. But understand what it is before starting to deploy. Unless you understand the product, you will not know how to use it to the best of its best capabilities.

The solution's Behavioral AI works with and without a network connection, providing the internal protection. But having that network connection is important because it will then be able to report it to the central dashboard. While it will do what it has to do locally, it's helpful when the agent reports back to the central dashboard so that the IT Admin can take action. It is important that the systems remain connected to the internet.

But overall, the Behavioral AI is amazing. It's something very new in the market. The way SentinelOne works and the way it is set up, I haven't been more impressed by any other product. It is a step forward in security.

We have 400 to 500 endpoints using SentinelOne at the moment, and all those customers are happy. We are happy that they're using it, because it helps us secure their network better than what they had before. We have it on laptops which have been given to home users, on computers in offices, on servers in computer rooms. They all have SentinelOne and we are happy with the level of protection that it offers.

Moving forward, with every customer whose antivirus is coming up for renewal in our portfolio, we are recommending getting rid of Symantec and other products and taking on SentinelOne.

It's very effective and it's improving by the day. In the last two-and-a half years I have seen that the way it detects and the way it mitigates threats are constantly improving. It's a very effective solution.

We've been using the tool mostly with third-party applications through Singularity Marketplace. Integrating it with our Microsoft environment has been helpful and convenient. The product is robust in ingesting and correlating across our security solutions. It is doing its job without us having to check it.

Previously, we had a few different endpoint solutions on a single asset. The product helped us rip and replace multiple solutions with one. We did a POC on Ranger but didn't go with it. The solution hasn't reduced any alerts, but it has at least given us more actionable data. We need to do tuning because we're so early in the adoption.

The tool has certainly saved the staff's time. It's able to correlate data a lot better and bring it all onto a single pane of glass, which helps save time. It's hard to quantify right now because we're so early in the adoption. We're definitely able to see more bandwidth for other projects. SentinelOne has helped reduce our mean time to detect.

We have seen the most improvements in our organization’s mean time to respond. We would have had to balance between different solutions or portals to correlate data. Now, the tool is just bringing everything into one place. Taking action within the solution has helped us respond and resolve. Our mean time to respond has been reduced by more than half.

We were using multiple products. We replaced them with SentinelOne. Getting a better solution for the same price was a no-brainer for us. Singularity Complete has helped reduce our organizational risk. The solution's quality is top-tier. The maturity was as good as our current solutions. It was easy to make the choice to move over.

SentinelOne is closely aligned with what the actual responders need to do. It seems like the vendor is building tools and solutions for people in the thick of it, which is a big reason why we went with their product. They are making tools for those who need to use them.

If someone were to evaluate or do a proof of concept, the bigger their initial POC, the better. We found some oddities after expanding the initial POC, which would have been nice to work through before the deployment. The vendors set up a capture-the-flag type of event that really helped us learn the environment, where to go for what, and how to use the tools. I highly recommend having everybody go through the capture-the-flag trial they set up.

Overall, I rate the tool a ten out of ten.

It is definitely worth considering. It is definitely up there with the best of them now. A few years ago, it probably was not. It was in the early stages, but now, it gives us everything that we need today. They invest heavily in the platform. That is important as well. If you buy it today, in a year or two, you will get a lot more features for your money.

It is quite mature now. Over the two and a half years that I have been using it, there have been numerous feature enhancements. As a basic endpoint detection response, it is very mature, and it now has other features, such as the Ranger functionality and automation, on top of it. It is a very mature offering now.

When it comes to integrations, I do not know about any tools that I have used with Singularity Complete. We just bought Wiz.io for our company, and I understand that SentinelOne links to Wiz.io. I have not personally used it, but I will be using it soon. From what I understand, it is going to be quite useful because if we detect an incident or an alert on a cloud system that Wiz.io manages and has visibility of, we can then get more information about that cloud system. For example, it could say, "We detected that this vulnerability attempt has been made, or one of the exploit attempts has been made on your system." We then get all of this information from Wiz.io which says, "Actually, the system is not vulnerable to that vulnerability." At that point, we would think that we do not need to worry as much, but we are going to see the investigations. 

In terms of its ability to ingest and correlate across our security solution, we do not necessarily ingest into Singularity Complete, but we ingest Singularity Complete into our central SIEM. It is very difficult to ingest data into that SIEM.

Overall, I would rate SentinelOne Singularity Complete an eight out of ten.

We're a customer and end-user.

They do an excellent job at remaining innovative - including with their detection engines and everything involved in their product. They are doing an excellent job compared to everyone else.

SentinelOne has not been around for many years - yet the product is ahead of its time.

With any solution, I'd advise doing a proof of concept first. After that, I would not shy away from fully deploying this solution.

I'd rate the solution eight out of ten. The only thing that would improve the product is reducing the online console updates. 

We have a SOC solution as well, and we are trying to integrate playbooks. With the SIEM solution, we are able to run multiple playbooks without issues. Using our proxy gateway and detection technology, we have pretty good options to create playbooks without any hard configuration.

The quality and maturity of the solution are excellent. I would recommend SentinelOne.

I rate SentinelOne Singularity Complete eight out of 10. It's a high-quality product compared to what else is on the market. When implementing Singularity, it helps to organize your machines into groups like laptops, servers, and desktops and then push the agent to those groups separately.

I would rate SentinelOne Singularity Complete an eight out of ten. They are a market leader and have been established for a significant period. Additionally, their MITRE ATT&CK reports are quite helpful.

SentinelOne Singularity Complete agent is light and easy to deploy.

SentinelOne Singularity Complete is a mature product that has been in the market since 2011, and the company is well aware of what to do and what not to do.

SentinelOne, as a strategic security partner, is satisfactory.

I recommend SentinelOne Singularity Complete for enterprise organizations with a sufficient budget to invest in their security.

Someone interested in the product should first do POC, and depending upon their OIS environment, they should consider this first before going for any XD solution.

I'd rate the solution eight out of ten.

I rate SentinelOne Singularity Complete 9 out of 10. It's an excellent solution for monitoring and managing endpoints. I recommend doing SentinelOne's training to familiarize yourself with how to leverage the entire product. 

In terms of maturity, SentinelOne is a good tool.

It can be used in any department in an environment with Windows, Linux, and Mac machines.

Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.

I'm a customer and end-user.

We do not use the Ranger functionality. I know it is available, however, it is an extra cost.

In terms of the solution's ability to be innovative, I've only used McAfee and SentinelOne. I can't really say how it compares with Cloudstrike or Proofpoint. That said, compared to McAfee, it can detect threats based on user behavior and not just definitions. It helps monitor software for potential security issues. It's really nice and works very well.

I would recommend the solution to others. 

They make a good strategic partner in terms of security. Their product is the last line of defense for security breaches, and having a good, reliable product on all endpoints is very important to our organization. 

I'd rate the solution nine out of ten overall. The ability to detect threats and the deep visibility on the endpoints is great. I like that it alerts you to patching requirements. It's great that, if a threat appears, we can drill down and see exactly what's going on.

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is deployed across all departments and devices, and everything is in Intune. When anything is deployed to Intune, antivirus is applied first. It is mandatory on all devices. We have 270 endpoints.

No maintenance is required on our end.

SentinelOne, as a strategic security partner, meets all the requirements for being the solution to our cyber risk on devices, which is essential for us to know that we are safe.

I chose SentinelOne Singularity Complete at a previous company and sold it to the company I am with now. It is very easy to do a proof of concept and see everything that is missing from other solutions. I recommend SentinelOne Singularity Complete.

It allows us to be innovative. It's fairly robust and one of the main leaders in the space. It's a pretty strong offering compared to others in the market. It is a quality product. 

It's important to test it first to see if the solution works well for your firm. I'd advise people to validate and test it out thoroughly. Bringing in a solution is not that difficult, however, ripping and replacing a solution is hard, so you want to avoid regretting any decisions. 

The solution is a helpful strategic security partner. 

I'd rate the solution an eight out of ten. 

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is a mature solution.

We have deployed SentinelOne Singularity Complete across multiple locations, departments, and operating systems, including Windows, Linux, and Mac. We have around one thousand endpoints.

The only maintenance required is the package updates that are released to keep the solution up to date. The cloud version is automatically updated by SentinelOne support, which manages it. The agents themselves must be updated manually which I do by clicking on them.

I recommend completing a POC to ensure SentinelOne Singularity Complete is a good fit before moving forward.

I would rate SentinelOne Singularity Complete a nine out of ten.

We currently only have a couple of integrations with Singularity Complete. I believe there is potential for more integration. As of now, we have only installed two apps that integrate with Singularity Complete.

No maintenance is required from our end.

SentinelOne is excellent as a strategic security partner. There have been numerous advancements, and since I began using the platform two years ago, they have undergone substantial changes. They have introduced many new features, and I have witnessed significant company growth over the past two years.

I suggest examining the various features available in SentinelOne's complete version. We have experienced numerous advantages with it. Often, when SentinelOne introduces new features, we don't notice them until they are fully developed. It's beneficial to explore some of the new features that are in beta. This allows us to experiment with them and assess how they can enhance our environment.

We have a SOC managing our environment. They are very happy with features that SentinelOne provides.

We will be upgrading to complete version next year, including Deep Visibility. This includes 2,000 endpoints for the USA and India. However, we currently haven't enabled this feature.

We have never needed the solution’s one-click, automatic remediation and rollback for restoring an endpoint, but the feature is very powerful.

Biggest lesson learnt from using SentinelOne: Never trust anyone.

I would rate this solution as a 10 out of 10.

I rate SentinelOne Singularity Complete 9 out of 10 overall. Singularity performs as well as expected, and it's less resource-intensive than other products.

I would rate SentinelOne Singularity Complete nine out of ten.

We recommend that people evaluate SentinelOne Singularity Complete before buying it. At a minimum, they should compare it to their current solution and other products to see the difference. They should do a small comparison of the major points that each product covers and does not cover. Once they have a good understanding of the options, they can have a demo or proof-of-concept before making a purchase. Additionally, it is helpful to check which companies are currently using SentinelOne Singularity Complete in their live environment for a long period of time without experiencing any challenges.

I'm not sure which version number we are currently on. 

If a company has a lot of people and needs to protect its many endpoints, this is a great option.

I'd rate the solution eight out of ten. 

I would rate it a nine out of ten.

I would rate SentinelOne Singularity Complete eight out of ten.

The Ranger functionality is not that important because it is optional, and most customers already have a solution for understanding their environment.

I would say that 90 percent of SentinelOne Singularity Complete is a quality product with only ten percent with room for improvement.

SentinelOne will not sell to organizations with fewer than 100 endpoints. Most of our clients are mid- to enterprise-level.

Maintenance is required, but the SentinelOne team maintains the cloud deployments, so we don't need to worry about it. The endpoint agents must be upgraded whenever an upgrade is available or when we have to fine-tune policies for customers to reduce false positives. One IT support person can handle any maintenance for the endpoints.

I suggest always doing a POC. If the customer is currently using traditional antivirus technology, they may not understand EDD, EPP, or EDR technology. Therefore, I always recommend a POC to help the customer understand these technologies. Customers should never implement an endpoint solution without a POC, because we don't know what endpoints are running on their system or how compatible the new solution will be with other endpoints. For example, if we are implementing a DLP solution, we should ask for a POC with all available agents, or we can deploy a test machine to understand the solution before implementing it in production.

I would rate SentinelOne Singularity Complete eight out of ten.

It is a mature and high-quality solution.

SentinelOne Singularity Complete as a tool is good but the support needs a lot of work.

Customers are very happy with deployments and stick with the solution year after year.

I rate the solution a nine out of ten. 

I would advise anyone looking to implement SentinelOne to look before you set up. Know how many machines are working in your network and which type of communication they are doing, whether it is internal or on the internet. No matter what solution you pick if it is SentinelOne, Carbon Black, McAfee, or Symantec check the usage of your machines.

I would rate SentinelOne a nine out of ten overall.

Singularity Complete offers strong integration capabilities with over 100 APIs and excellent integration with other SentinelOne solutions.

Asset visibility with Singularity Complete is crucial for my clients as it enables a clear understanding of their network and assets. It is important because without knowing what is in their environment, it is challenging to secure it effectively.

It is crucial for me that Ranger requires no new hardware or network changes. This is very important as it simplifies deployments and enhances scalability for us.

Ranger assists in preventing vulnerable devices from being compromised. It can isolate devices on the network in response to a threat, automatically detecting and responding to issues such as a virus, ensuring swift action and containment.

Singularity has successfully reduced alerts by 80%, significantly improving the efficiency of the alert management process.

Singularity has freed up people's time, reducing their workload by approximately 45%, and enabling them to focus on other projects and tasks more efficiently.

Singularity has proven to be cost-effective for our clients, with an estimated cost reduction of around 30%.

SentinelOne Singularity Complete is high quality and built for enterprise-level security.

I'm very pleased with SentinelOne as a strategic security partner. Overall, I would rate SentinelOne Singularity Complete as a nine out of ten.

My advice to new users is to adopt SentinelOne's Singularity Complete platform, and if feasible, opt for the visual response option for enhanced security measures.

SentinelOne Singularity Complete requires just a little bit of maintenance, as my team has to update agents and do some finetuning, but not too much.

My rating for SentinelOne Singularity Complete as a solution is eight out of ten.

My advice to people looking into using SentinelOne Singularity Complete is to ask for sample reports and processes to understand how SentinelOne would let you do it.

The company I work with is a SentinelOne customer.

We have used very little of SentinelOne Singularity Complete's interoperability with other solutions. It has looked like it has been nice because we have been scoping out the use of a managed detection and response and have SentinelOne Singularity Complete plugin with other solutions for log output. There hasn't really been anything we wanted to use that SentinelOne was incompatible with.

I believe SentinelOne Singularity Complete is very capable of ingesting and correlating across our security solutions. I don't think I've seen any solutions that would necessarily outperform it. It's done everything that we've needed it to. Again, we have not used it extensively.

SentinelOne Singularity Complete has not helped us consolidate our security solutions, but that's our choice. We like going into the console and seeing everything within there and the dashboards we already have access to.

I can't say that I think SentinelOne Singularity Complete has helped reduce alerts. We would like to use SentinelOne to correlate our alerts so we're getting alerts from multiple different areas to see what matches up there. Currently, we still have an ad hoc solution where we're looking at different sources for that information because we don't have it all trusting each other yet.

Overall, for supply chain attacks, we're hesitant to give access to other products to our SentinelOne. We just don't want to put all our eggs in one basket, but that's more of a mindset problem than a functionality problem.

SentinelOne Singularity Complete has helped free up our staff for other projects. The solution's automation functionality, notifications, alerts, additions with its API, and custom tools to do what we want have helped me not to have to go in and manually check for things. For example, SentinelOne says they do not need to do static file scans other than when you first install the agent.

Our compliance requires that we still have static agent scans on a regular basis, preferably daily. You can launch those from within the console, but it's not viable for me to log in to the console daily and initiate that. Since there's no ability to schedule that in the future, that was best done with the API script that runs automatically and can give us feedback on how it went.

I believe SentinelOne Singularity Complete has helped reduce our organization's mean time to detect. We get some good context within there of what the threat was. Most of the time, it has pretty good notes regarding what it got flagged for if it's behavior-based, but some static file threats don't show the indicators.

We do not know what to do with some threats or understand what it is. We've been told we would need to get the SentinelOne vigilance or managed detection and response to fill that gap. We have been looking at managed detection and response but haven't put it in place yet.

SentinelOne Singularity Complete has helped reduce our organization's mean time to respond from our previous antivirus solutions. The solution gave us some more context than we had and also the ability to isolate each endpoint. If an endpoint looks scary and we don't know what it's doing exactly, we can cut off all of its internet access except SentinelOne until we feel it's a clean endpoint. SentinelOne Singularity Complete has helped reduce our mean time to respond by 20 minutes.

Singularity Complete has helped reduce our organizational risk. There have been multiple things that could have potentially been an incident, and they were stopped in their tracks by the solution. For that, we've been able to demonstrate the solution's value to our leadership in terms of keeping it.

SentinelOne Singularity Complete has not helped our organization save on its costs. SentinelOne Singularity Complete isn't optional and was forced onto us from the licensing. We didn't really get a choice on whether we wanted those extra features, but we had to pay for the SentinelOne Singularity Complete add-on, which is just a blanket cost.

If it was up to us, we might not have chosen it, but it was not. We don't use many of the features, and many of the things we like are within the basic SentinelOne license.

We earlier used SentinelOne Complete, and then we used SentinelOne Complete with Singularity. There hasn't been a great improvement since we've done that. We haven't used many of its features or had any guidance on recommendations that would be helpful to put into place without having to buy anything else.

Most of the time, if we wanted to use anything in the marketplace, we would have to start paying for something we don't already have or integrate with something we aren't using.

I would say SentinelOne Singularity Complete is pretty mature, and there's a good amount of documentation of details. I would say it's much more mature right now than a year and a half ago when it was introduced. I looked into it then and said there's nothing that looks useful to us here.

Now, there are actually many more applications and things to integrate with it that we didn't have access to before. We're still not using a lot of it. As far as recommending it to somebody else or another company, I am confident that it will plug into all the major utilities and tools you may want.

SentinelOne Singularity Complete requires maintenance, but it's not bad. We need to go into the console and initiate updates for select devices when there are updates available. We need to ensure that we stay within supported and not end-of-life releases of SentinelOne. After those select devices have been tested out and we know there are not many issues with them, I will go ahead and release those to all the other devices we manage in the rolling phases.

That's not too much work. I would not classify it as maintenance, but when detection comes up while using the platform, that works well when we need to check that out. We haven't necessarily caught something that needed to be caught.

I am impressed with what they're doing both for detections for our endpoints and also for the security world at large. A while back, they headed up some of the investigations and publications about the supply chain attack for 3CX software, which was something that we had used and were impacted by. However, thanks to SentinelOne, we did not have any fallout from that attack.

Overall, I rate SentinelOne Singularity Complete an eight out of ten.

I have been a proponent of SentinelOne for many years. When I learn about somebody who has been hacked and wants to have protection against problems such as ransomware occurring, this is the one solution that I recommend.

The SentinelOne team is open to suggestions. They listen to the analysts and managers that are using their product and they innovate constantly. The improvements to the SentinelOne agent have enhanced its ability to catch everything and anything that comes in, including the detection of lateral movement attacks, which are the worst-case scenario.

When an unprotected agent penetrates the firewall and attacks a network, that unprotected asset has no protection on it so that the hacker can do whatever they want from that box with no impedance. But, the detection of it attacking from a lateral basis has been improved immensely over the last three years.

The improvement in the exclusions library has been phenomenal to help us get the new systems on the air with the new software. It allows the end-user to almost seamlessly get SentinelOne loaded and operational without impacting their business, which is incredibly helpful.

SentinelOne is working on something right now in the Ranger space that is going to allow us to remotely load endpoints that need the SentinelOne protection through the Ranger portion of the application. This is going to significantly improve the security of all of our clients, whether they be in long-term care or short-term incident response, it will help us protect them better. It's a significant improvement to our ability to protect the client.

Of all the products on the market today, I can say that they are the ones that I trust the absolute most to protect my clients.

I would rate this solution a ten out of ten.

The biggest lesson I have learned is that SentinelOne is an antivirus product which gives you, on the one hand, all information you could dream of if you need to analyze software or malware, especially, on the machine. On the other hand, it's simple and fast and easy to use, and that's something I really appreciate.

We have been playing around with the solution's ActiveEDR technology, to get an idea of what is possible. We have not gotten so far that we use it for building KPIs and the like. But we have noticed it and it seems it could be a big game-changer for us, but I can't really provide much information on that topic.

While I really use Storyline right now, I'm the only one who does so in our company. I'm not sure if we will use it in our company on a large scale. That's the other side of this product. We don't have many people who are able to work with the information you get out of the module from SentinelOne.

We don't use the rollback feature, we just use quarantine right now. We haven't had any outbreak of cryptoware encrypting files. So as of now, we haven't needed it. That might change in the future.

I would rate SentinelOne a 10 out of 10, and I don't give 10s easily. I really love how simple and effective the product is. I really love the visibility it gives me into the endpoint. I really love that they open their product to the customer to enhance it with custom-made software, giving you the APIs to program it. Those are all things competitors don't have.

I really feel like the software has made my life easier. As I said before, my workload for malware analysis dropped by 50 percent. That's why I'm really thankful and really appreciate the product. I would say to everyone, at least give it a try. For our company, it really fits.

Have a look at it. Compare it. It's a very good product to have.

It gives you a lot more insight. It has combined many products into one agent and it's expanding. There are a lot of things it can do now on the cloud, like containers. It gives you insight into a lot of the threats with the hunting ability. I have learned from the tool to see how our environment is. I've learned about certain behaviors of our applications, just by observing what pops up.

There is a console that is in the cloud and there are agents that are all over. You put these agents on Macs or Windows or Linux, or on whatever the cloud versions are of all these virtual devices. We are spread out across the globe. We've got nearly 50,000 endpoints in different parts of the world. We generally stay as close to the latest version of the agent as possible, but we go through change-control and it is very strict. We don't just put things on endpoints. We validate and test in our environment because we have nearly every type of operating system and variations of them in our environment. Therefore, sometimes we are something like .1 or .2 of a version behind. In terms of the console, we are at the latest version.

As a company, we use all variations of clouds, from Ali Cloud, which is China to Azure; we're predominantly Azure. We have AWS and GCP. SentinelOne manages that console and we have access to it. We own that part, our console. It's on AWS, I believe.

Overall, is there room for improvement? Absolutely. There are gaps in the reporting because we need to give reports to different levels. Ideally, we want to just drag and drop things to create reports. They have very nice reports but they're canned. We want to be able to choose what goes into a report. Otherwise, it's right up there and I would give it a nine out of 10.

I rate SentinelOne Singularity Complete eight out of 10. Singularity Complete is a high-quality tool. The detections are good. We don't see many false positives. It's a good tool. It's still maturing but good. 

It works great. One thing I wish I had done more in college is hands-on with EDR agents. I went to Purdue for the cybersecurity network engineering major. They had classes and labs for forensics, but one thing we did not get too much hands-on was EDR. I believe they lived in the world of Microsoft for their operations there. Since I have been working here, Singularity Complete has been a great product. We are expanding. We have gone into these other modules and platforms, and we have always had a great experience.

It is a mature solution. It has been here longer than ten years. I graduated from college in 2021 and from high school in 2017. It has been around longer than I have known cyber practices. It is a good one. Always do your research and compare, but it is definitely a top one. I believe it is up there on the Gartner's Quadrants as well. It is up there for a reason.

We will use it more as we get more tools and integrate it. Currently, some of the things are still in beta. I am not leveraging it to its full capability because things are either in testing or we are looking at the software that is going to be connected. From what I have seen and based on the demos and how the beta is going, I have to give it a ten out of ten.

I would rate SentinelOne Singularity Complete nine out of ten.

We have one engineer who maintains SentinelOne Singularity Complete.

I recommend SentinelOne Singularity Complete based on each organization's business model and what it is protecting. Organizations should definitely consider this solution when evaluating other products. The remediation feature that SentinelOne Singularity Complete offers is superior to other EDR solutions and can help remediate a situation quickly.

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is not a static platform, and new features are released all the time. This adds new value to the product on a regular basis. Compared to other systems, which can be difficult to understand, Singularity Complete is seamless and easy to use. We don't need to do anything to activate new features, and we are notified by email when they are ready to use. It is then up to us to decide whether or not to use them.

SentinelOne Singularity Complete is a mature solution, and our organization is booming because of it. We're not experiencing the issues that we typically encounter with new companies or solutions.

We have 800 users and Singularity Complete is deployed across multiple countries and locations.

For maintenance, we need to ensure our agents are always up to date.

We decided to start using the mobile agents because they were part of our initial purchase. We have already taken the next step and are now looking into Ranger AD. We will be looking into this next year to increase our security level. SentinelOne Singularity Complete is a very easy-to-use product that provides a high level of security and is very usable for us. This is how most security solutions should work. I am very positive about SentinelOne Singularity Complete as our security partner.

I suggest doing a POC to see if SentinelOne Singularity Complete is the right fit.

The speed and user friendliness that this platform offers break down some complex aspects of the security industry, and the solution lays them out in a way that a general user can understand.

Definitely compare and contrast Singularity with other solutions. It depends on what fits best for you, what industry you're in, how mobile your network is.

We do not use the Ranger feature at this time. We would need to upgrade if we wanted to use that, apparently. So we just decided not to go with that.

The quality is good. I like the way it works and the amount of options it has. However, it has so many options and functionalities you need to really figure out how it works. It takes care of a lot of things for you. You can just set it and forget it. 

They are great as a strategic security partner. They worked closely with us and were good at explaining the layout and how the solution would work. They are very helpful.

I'd recommend the solution for users looking for antivirus or endpoint management. It's got great features for both small and large companies. I'd talk with SentinelOne about a company's individual needs. They are quite flexible.  

I'd rate the solution eight out of ten. 

I am satisfied with the solution and rate it an eight out of ten. 

I'm a customer and end-user. 

I'm not sure which version of the solution I'm using. 

I'd rate the solution eight out of ten. It's a good overall product. 

I would rate SentinelOne Singularity Complete eight out of ten. I've been using the solution for three years now. It's been generally reliable, but certain capabilities are needed in today's environment that are lacking.

Our clients primarily utilize Office365, we also assess Microsoft Defender for 365 to ascertain if it might be a more viable option, especially if clients intend to enroll with Intune and MDM. This option would be more cost-effective as it is already included within their existing licenses.

Most of our clients are small to medium-sized businesses. This is why the logs and the number of endpoints are not very high. So, unless we specifically require the use of Ranger, we don't need it. However, cybersecurity compliance standards are becoming increasingly stringent. As a result, we are looking into obtaining a solution that can help us perform at least the vulnerability assessment and patching tasks, along with complaint handling.

SentinelOne is an innovative cybersecurity solution. In terms of reputation, SentinelOne excels, particularly in passing third-party and independent audits. Having SentinelOne in our environment gives us the confidence to say that our EDR capabilities are well-managed. So, in that regard, SentinelOne is outstanding. Feature-wise, while SentinelOne's patch and new feature releases aren't always perfect, I would rate them an eight out of ten.

SentinelOne is a well-established product in the market. The addition of new features and modules to the existing platform is a significant step forward. The positive reviews of the product further reinforce its value.

The maintenance revolves around moving to the next stable version. Our standard practice is to always test the version before rolling it out. Therefore, internally, we generally update all the endpoints as soon as we have identified the next stable version. This is the only maintenance that is required, as we are using the cloud version.

SentinelOne is a reliable tool that we rely on. However, when it comes to strategic solutions, we need a tool that can provide us with the capabilities to have a broader discussion with the company's management. I'm not sure if SentinelOne can export reports that could be presented to upper management. If we are seeking management approval for a security budget, we can't simply base our conversation on an EDR solution. We need to address a wider range of security concerns as well. Another drawback of SentinelOne is its lack of support for SysLog from network devices. This is a limitation that often leads people to consider integrating SentinelOne with other solutions, such as a SIEM. My feedback is that if I have to deploy SentinelOne and pay $70,000, I would expect it to provide comprehensive capabilities so that I don't need to look for additional solutions. Otherwise, it becomes tough for technicians and the company as a whole to manage multiple solutions for different security modules.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete is a mature solution of the highest quality.

We have deployed SentinelOne Singularity Complete worldwide in airlines from Australia, throughout Europe, and across Africa in a complex environment.

We have 4,500 endpoints and around ten active users.

The maintenance level for SentinelOne Singularity Complete is relatively low.

SentinelOne is good as a security partner. They do exactly what we expect of them and it protects us.

I would always conduct a proof of concept for these types of products, as each environment is different. Even though SentinelOne Singularity Complete works well, a POC should always be done.

I would advise others to go for it. It is great. As an MSP, the peace of mind it gives me is really significant. While the cost of SentinelOne is higher than Webroot, the reality is that the peace of mind and the knowledge that you are probably not going to get a complete attack, simply because SentinelOne stepped in and stopped it, is worth every penny.

I would rate it a ten out of ten. It is absolutely fantastic.

If you are considering SentinelOne, you should consider the cost of storage. Otherwise, the product is easy to deploy. You either need to have your own security operating center or hire someone that will use Sentinel or the secondary service. For you to consume the data, you may have had an internal security center or Sentinel.

With SentinelOne you have to invest extra cost. You have to always think of how much it will cost you to delay a response by a couple of days. If the incident is going to cost two days of revenue for the organization, that is much more than the cost of the solution.

I would rate SentinelOne an eight out of ten because of the price point and the features you get. 

We are a customer and end-user. We deal with a SentinelOne partner. 

I can't speak to which version we are using.

Whether or not the solution would work for an organization depends on the environment and other factors. That said, we are very satisfied with the product overall. 

I'd rate the solution ten out of ten.

The advice I would give others that are thinking of implementing SentinelOne is if they have any other solutions, I would highly recommend them to start using it, especially if they have Active Directory. It's very good at picking up weird anomalies.

I  rate SentinelOne an eight out of ten.

I would rate this solution a nine out of ten. 

I would say it is important to understand all the settings to deliver exactly what the customer requires. 

We have a partially view of the Storyline technology because we don't have the full license of SentinelOne. The Storyline technology's ability to auto-correlate attack events and map them to MITRE ATT&CK tactics and techniques is very clear and nicely presented. They make it very clear on what phase it is in the attack. If it's a lateral movement, they make it very easy. I'm very happy with that.

I would rate this solution as a 10 out of 10.

When we purchased the solution, it did not do what we expected. We didn't use all of the features. It has quite a few options. There are a bunch of more add-on modules. Other products from SentinelOne are not good. I am really disappointed with them. The user must understand the solution by just reading the training documents. The team claims it is professional, but it lacks a lot of functions.

The integration is fine, but the feature is not how they market it. It looks good on paper, but it's not what we think it is. It's not a ready product in marketing. I am disappointed with it. The interoperability is still under development. Not many people know or understand it, including people from SentinelOne. When we call and try to figure out what's going on with the solution, not many understand what it is. There is a lack of training on their products and services.

The Ranger functionality is fine. It’s only been six months since we started using it. We're still learning as it goes. I think Ranger is probably better than Singularity. Sometimes, they send false positives. It's not really a big feature for us. It's good. They're trying to prevent any networking attack, but I don't think it’s there yet. They're just trying to discover what is on the network, but we already have other tools for that.

It is important for us that Ranger requires no new agents, hardware, or network changes. Ranger is just trying to discover whatever issues we have. I don't think it can prevent it. I don't think it can block issues or protect our devices.

Overall, I rate the product a seven out of ten.

For me, the experience has been very good. I would rate SentinelOne a nine out of ten.

It is a good solution. You just need to check out the managed service part of it.

I would rate it a nine out of ten.

My advice for anybody who is implementing this product is to fully understand all of the elements that it provides and to be aware of all of the features. For myself, I think it's important to have a deeper and better understanding of all of the functionality that the product offers.

At the moment, we have a lot of trust in SentinelOne. If it continues to stop future threats then I will continue to rate it highly, or even perfect. At this time, I wouldn't say it's perfect because I can't say that I haven't been compromised because of it.

I would rate this solution a nine out of ten.

I would rate SentinelOne Singularity Complete eight out of ten.

SentinelOne Singularity Complete has a lot more functionality right out of the gate.

I recommend considering SentinelOne Singularity Complete for anyone researching security solutions.

SentinelOne Singularity Complete is deployed on our corporate and hosted endpoints. We have between 5,000 and 9,000 endpoints.

We have six people that monitor SentinelOne Singularity Complete. 

Our agent updates require maintenance and close monitoring. We sometimes have to manually enable policies that are disabled due to the disruption caused by unexpected reboots. We must carefully plan these updates.

SentinelOne Singularity Complete is a good strategic security partner.

I would definitely recommend doing a POC to see if SentinelOne Singularity Complete is a good fit for the environment.

It has competitive pricing and great support. It is a complete solution.

As a strategic security partner, they collaborate with us quite a bit on our overall posture. They constantly have webinars and education sessions for us to deepen our security knowledge and how to use their product. They have assisted us on various PoCs for different offerings that they have and different services they offer. They help us to understand how each of those components integrates into our overall security posture. We did a PoC of the Ranger functionality.

I would rate SentinelOne Singularity Complete a seven out of ten.

I'd rate the solution eight out of ten.

I'm an end-user and not very technical.

While the solution is cloud-based, there's an on-prem server, and that is for the administration of our nodes. Mainly, the subscription is controlled by the cloud.

I'd rate the solution seven out of ten. Depending on the use case and if it makes sense for the company, I'd recommend the product.

I rate this solution a ten out of ten. SentinelOne is the next-generation EDR solution. Once it is installed, no action is required from the end user. It's machine learning and AI integrated, and 95% of threats are blocked. It's a great product.

I rate SentinelOne eight out of 10. It's a good endpoint security tool, and I wouldn't hesitate to recommend it to others. 

I'm using SentinelOne, the EDR solution.

SentinelOne is deployed on the cloud, probably the public cloud, though I wonder if it's private or public. It's on the cloud because it has many more features and doesn't use up many resources even when there's a high workload, and as a tool, SentinelOne performs very well. It may be on AWS or Azure, though.

Within the company, twenty people personally use SentinelOne daily.

My company is a partner of SentinelOne, so my team recommends it to clients, especially if clients require more detection and easy onboarding.

I'd tell anyone looking into implementing the tool that it's fun to learn and use. You can use it without needing many clicks to isolate the machine or perform your required activities. One of the best features of SentinelOne is that it has minimal mouse actions. For example, when you click on a machine, you'll get the hyperlink that shows you the machine details, the uptime, when it was first and last seen, the memory, and all the machine details. You get the details in one location, such as the applications installed on the machine, the network-related configurations of the machine, and the machine processes. You won't get as many features from other EDR solutions. You can isolate the machine, repair and update the machine, update the knowledge base and software, and onboard a particular device on SentinelOne. The tool has many more features. It's a good tool.

My rating for SentinelOne is nine out of ten. Still, if the twenty-thousand event limitation is removed, then that's the time I'd give the tool a score of ten because if there's no limit set, then you can get all process details related to your investigation.

I'm a client and end-user. 

The solution is pretty easy to implement and administrate. We have not tried to integrate it with other solutions. While the pricing is reasonable, it's a bit more than typical antivirus software. That said, it has advanced functionalities that make the price worthwhile. Therefore, I would rate it nine out of ten. 

We are using the latest version of the solution.

I highly recommend the solution to others.

We’re just customers.

I’d rate the solution nine out of ten.

Definitely worth the money compared to heuristic solutions, especially for clients who tend to "stretch" their hardware as long as possible. The low impact and robust reporting go a long way to make this an easy sell, and the cost is excellent for the price point. 

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation. 

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario. 

The product has reduced our organizational risk. Any tool designed around security mitigates risk. 

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people. 

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI. 

I rate it an eight out of ten. 

I give the solution a nine out of ten.

On average, once the implementation phase is complete the solution only requires two people to maintain it.

We are a customer of SentinelOne.

SentinelOne does not have a version. SentinelOne is a centralized platform that is hosted in the cloud. It's the agent that we install on servers and clients, it has versions we are using the latest version of agents. 

The product has two deployment options, cloud deployment, and on-prem deployment. Most people prefer to use cloud deployment in the way we do.

I recommend this solution often. I'd rate the solution eight out of ten.

My advice for other companies that do not use SentinelOne is this: that everyone, every company, likely has its own antivirus solution, whether it's McAfee, Symantec, Kaspersky, and so on. These platforms provide only an antivirus solution, however. If they replace their solutions with SentinelOne, they will have two features: EPP, endpoint protection from antiviruses, and EDR, endpoint protection and response features. They will not need to install two applications, one antivirus, and one EDR, on their clients' computers; only one agent can do anything.

SentinelOne provides an amazing amount of visibility over clients and servers. Anything done on a server, on a client, with a network connection, login, logout, changes in directories, et cetera, is recorded. Using query searches, you can find what happened very easily.

Be ready to dedicate a good amount of time to learn the API. To really get the most from the product you need to tap the REST API.

I rate SentinelOne Singularity Complete a nine out of ten,

If you are running an enterprise business, you should definitely go with CrowdStrike, but if you are on a tight budget, you could look into SentinelOne, but CrowdStrike is the better option. If you can stretch your budget.

If you need next-generation antivirus and EDR solutions or if your budget is limited, you can consider SentinelOne, but if you can increase your budget or convince your management to increase your budget, CrowdStrike would be ideal.

I am simply checking. I am not a customer. I am not a partner. I'm a CrowdStrike partner. I am only using it for my own needs. Because people frequently inquire about the differences between other brands and CrowdStrike. 

People come to me for CrowdStrike assistance. And I have to explain the key differences between the two products. And BattleKart does not accurately reflect the information. When compared to BattleKarts, the real-time experience is more valuable.

I would rate SentinelOne a seven out of ten.

I would rate this solution an eight out of ten.

I would advise people to consider this solution, because the combination of SentinelOne and SonicWall Capture ATP is very powerful. I would also advise people to have a look at the Capture Client and test the differences with other AVs.

SentinelOne has a patented feature with a Sandboxing technique, they have four Sandboxing techniques. They also have an AI technique, machine learning from SonicWall, and millions of sensors around the world to detect threats and zero-day attacks. This corroboration of security threat data shared by everyone makes the solution a powerful security engine. As Capture ATP also works on the firewall, it's not only their AV clients who are feeding the machine learning and the threat data, but also their firewalls.

My advice is check out SentinelOne. See how the system works in a real-time attack. Only when you see how it works in real life, in real time, will you understand the ROI of the system. Simulate an attack, simulate a file, simulate that file changing something, and see how it works. I can say to my manager, "I have McAfee installed on my system, I'm safe," and they'll check the checkbox and move on, without understanding what they are doing. I need to sleep well at home and I can do so by knowing I have a system that has my back. That is what SentinelOne is.

We are a partner of SentinelOne. We are happy with SentinelOne as our strategic security partner. 

I would rate SentinelOne Singularity Complete a ten out of ten.

As a partner, I find them to be highly effective, especially since they are increasingly focusing on the enterprise market. Overall, I would rate it nine out of ten.

I would recommend that anyone considering using this solution first understand exactly how this solution works and what their business needs. 

I would rate this solution a nine out of ten. 

I rate the solution a seven out of ten. The solution is good but can be improved by ensuring threats are being mitigated on the platform and considering reducing the license cap for an on-premises solution.

I recommend it. It just works. 

First-time users of this solution should prioritize what they want to protect, and establish if they have the expertise to maintain it. The solutions don't require any high-end expertise to be deployed or maintained but a normal IT system administrator is needed to do it.

I would recommend this solution to others.

I rate SentinelOne Singularity a nine out of ten.

With solutions like these it's important to keep in mind that any automated system can give false positives, especially when they first encounter your software. Be patient, work with the SOC and the technical support team. If your work is implementation, then do whole sites at one time. It's best to do it in sections, let it sit for a couple of weeks and then do the rest.

I would rate this solution a ten out of 10. 

SentinelOne Singularity Complete has freed up my staff's time and helped them focus on other tasks. 

The product's interoperability with other SentinelOne solutions and third-party tools is good. 

The solution has reduced our organizational risk. We have faster responses to incidents. 

SentinelOne Singularity Complete is a mature and solid product. I like the standard EDR capabilities. 

I rate it a nine out of ten. 

We're a partner.

We sell SentinelOne. We implement and deploy. We have a partnership, basically. 

I'd rate the solution eight out of ten.

My advice to other users is if you are going to any solution out there, number one is to make sure if there are issues tey can be easily fixed. With this product, you won't have to have a problem going for three months unsolved or going for two months unsolved. 

I would advise someone considering this solution to make sure that you leverage the features. It's particularly very useful in sites such as the threat timeline where it gives you a breakdown of the files and network connections.

Call the SOC, the Security Operations Center, with questions. They're always proactive and very helpful but do not rely on the automation to do everything for you. I had an instance where just glancing at the activity timeline, it was very obvious to me there was something traversing the customer's network. There was an infection that was at least partially taking hold and it was worming its way through their network and I would think that the Security Operations Center should see. If they're seeing multiple infections at the same site they should have the same inference happen and call us and notify us and do something about it.  That required manual intervention and it would've been nice to get an earlier notice on it without manual review of activity by myself.

I would rate SentinelOne an eight out of ten. 

At the moment, we are very pleased with the solution.

We saw the Storyline technology briefly. However, the Storyline is only when you have actual attacks, and they are not caught in the beginning. Most of our attacks were caught just by static recognition of the files, so there was no story because the file was not allowed to activate. In the beginning, we did some fake file checks in an enclosed surrounding and in a CM setup, which is how I saw the Storyline facilities, but we don't use it.

I would rate this solution as a nine (out of 10).

My advice is to start with a few endpoints and become comfortable with SentinelOne, and test the exclusion rules for endpoints running specific software.

At present, it looks like the most advanced EDR solution on the market, but I think we have to stay tuned to the market and to what's happening in cybercrime, as 100 percent security doesn't exist.

I would give the product a ten out of ten. 

I didn't do a technical job; I just evaluated the product. I don't have a partnership with SentinelOne. 

I'd rate the solution seven out of ten. They are pretty good overall. 

We can see the difference between traditional antivirus and what we can do with SentinelOne. Even if the price is a little bit more, we can see what we can do with it. We can use EDR, stop network activity, do whatever we need on the endpoint, from the security engineer side. We can see that it's at a completely different level. We have a traditional antivirus but we're going to rid of them at the end of the licensing period.

My advice would be to go with the Cloud version, not on-prem. 

I would rate SentinelOne a ten out of ten. It's a ten out of ten in terms of the EDR. It's also a 10 of 10 for the product and company. The solution does a lot. 

I strongly recommend this solution. I would recommend that you get onto a next-generation endpoint security device like this one. It's much better protection for corporate environments particularly with a lot of cloud integration and platforms like Office 365. If you're going to start using those sort of services, then you really need a next-generation endpoint protection device like SentinelOne.

I would rate it an eight out of ten. 

We are partners. We are using the latest version of the product.

I'd recommend the solution to others. We really like it in general.

I'd rate the solution a nine out of ten.

This is a good product, but it has some issues so I rate it eight out of 10. 

Contact me on cybersec[at]global[dot]co[dot]za

I have done POCs with this solution for two customers and there has been no negative feedback.

My advice for anybody considering this product is to do a POC and check to ensure it fits their environment. In some areas, this may be the best product to use, but in another environment, another product or another solution would be a better fit. It's always a matter of doing the POC and trying to get the most out of the product, depending on the environment.

I would rate this solution an eight out of ten.

I would rate SentinelOne a seven out of ten.

I rate Singularity Cloud Workload Security an eight out of ten. 

Overall, this is a good product and I recommend it. That said, there are always ways to make things better.

I would rate this solution a nine out of ten.

I would give SentinelOne a rating of eight out of ten.

I rate SentinelOne an eight out of ten.

If you have the budget, this is a top-notch solution. We have used the solution for over a year now, and we plan to continue using the solution for our most critical users (those with access to sensitive or confidential data). Truly an excellent solution.

They have an impressive product.

Understand how endpoint protection technologies work, since they do not rely on signature databases anymore. Also, follow deployment guidelines, such as initially deploying it in their production environment using a monitor only policy and giving the agents maturity of at least one to two weeks to allow the management console to build a solid behavior base for their environment.

Ask about accountability for hidden and dormant threats that could be in your network.

It's okay. It's a better solution than other competitors.

I would rate this solution as nine out of ten.

I would give SentinelOne a rating of eight out of ten.

I would rate this solution as an eight out of ten.

I would rate this solution a seven out of ten. 

We don't have a plan to increase the usage, it is purely based on our business requirements.

This product is nothing but different from a traditional anti-virus. We were very apprehensive to try it. Once we tried it, it gave us a good impression.

I would rate SentinelOne Singularity a nine out of ten.

We're an MSP, so we deploy SentinelOne for customers, e.g. 70 to 80 endpoints.

We've had some stability issues with the solution, and that's definitely a concern. I'm still pushing forward with SentinelOne, because it's the only kind of option we have in this space.

In terms of recommending SentinelOne, I'd give it a six out of ten.

I would advise others to go for it. It is a good product, and it fits the requirements of most of the clients. It is very flexible.

I would rate it an eight out of 10.

We have one person who maintains the solution.

I rate SentinelOne a seven out of ten.

It's very important to understand how industry-wide endpoint security solutions work to avoid possible issues.

We are using the public cloud deployment model.

I would rate the solution nine out of ten.

I just had a conversation with a colleague who has bought McAfee ePO. He was saying that he was able to do much more in that tool than in SentinelOne. For example, he mentioned that he was able to see traffic on a particular port on a particular system, using ePO. We cannot do that using SentinelOne. In this tool, everything is already in place and there's not much that we can do.