We had Defender at this company before.

We were using CylancePROTECT, one of the early innovators in machine learning next-gen AV. Then they added on an EDR component called  CylanceOPTICS. CylancePROTECT was an outstanding product for us. It was extremely low overhead and highly efficient. It crushed it in the proof of concept and did an excellent job for us.

Blackberry acquired the solution in 2019, the last year of our three-year agreement. It was awful. Development essentially stopped. All of the intelligent people started leaving. I found out that some went to SentinelOne. It was clear my worst fears were realized: that Blackberry was going to screw up yet another good thing.

We previously used Trend Micro. It was cheaper and had more features under license. However, management was looking for cyber security insurance and methodology. Therefore, management decided to go through Sentinel One.

My current organization only uses SentinelOne Singularity Complete, but in my previous organizations, more traditional antivirus was used, like BitDefender, and it was fine.

With SentinelOne Singularity Complete, I'm more confident that it can detect threats better and will miss fewer incidents coming in because of the more modern ways it detects malware.

We had CrowdStrike. We switched because of two things. One was the price. CrowdStrike was expensive, and the other thing was that we needed to protect legacy devices. As a manufacturing company, we have a lot of old software and hardware in our environment, and CrowdStrike did not protect those devices. We either had to come up with a solution where we network quarantine those machines or have them segmented somewhere so that they do not talk to anything else, or we just get SentinelOne and they function the same and require no extra work. As long as it is on there, it is protecting them, and it is much cheaper.

Previously, we used Microsoft Defender, but I also used SentinelOne Singularity Complete in a former company. I like it a lot, and that's part of why my company uses SentinelOne Singularity Complete now. 

We were previously using Sophos. The primary reason that we switched was Sophos did not provide us the extended capabilities we needed to support our infrastructure, both on-prem and on the cloud. Sophos did not support any of the Kubernetes cluster environmental containers systems on the cloud. It did not have the advanced AI engines that SentinelOne does. Overall, Sophos was very bulky, needing a lot of resources and a number of processes. In contrast, SentinelOne was thinner, very lightweight, and more effective.

We previously used Sophos and Fortinet for the firewall but switched to SentinelOne Singularity Complete because of its more robust capability, ease of integration, and lower cost.

SentinelOne Singularity Complete stands out as the most innovative and forward-thinking solution in the market. Through strategic acquisitions, SentinelOne has gained a distinct edge over its competitors.

We used Fortinet as well. We've used a few products and this solution does everything we've asked it to do. It was a good replacement for the free Fortinet solution and it protects against things Fortinet does not. 

In the past, for some reason, we found that somehow or another, the agent was disabled, and we have not determined as to why that is just yet. 

I previously used ESET and McAfee. We sometimes still use Microsoft Defender for some use cases and we have some clients that still prefer to use CrowdStrike.

We had used Crowdstrike and Trend Micro a bit. 

We first switched to Sentinel One based on an audit. It was a next-generation antivirus. There are new options on the market now. We continue to use it due to the fact that are always improving their offering and I don't see a better option on the market.

I've also used Bitdefender. I didn't stop liking Bitdefender. I love Bitdefender. I have nothing against Bitdefender. The only reason I did move to this product is due to the SOC that I work with. Bitdefender doesn't work with the stock that I use as well as SentinelOne does. SentinelOne also offers better support. Bitdefender's platform can be a bit more cumbersome to try to get through in terms of getting your agents to install, for example. SentinelOne is very simple. 

SentinelOne is more secure and offers better scope for threat hunting on Linux than other security solutions, such as CrowdStrike and Microsoft Defender for Endpoint. SentinelOne Singularity Complete allows us to consolidate solutions and is easy to administer from a single console.

We had three different AV platforms. We eliminated McAfee, Defender, and ESET. Singularity Complete does everything better than these because it has got capabilities that these products did not even have. The biggest thing for us is the single pane of glass, so we can see right down to the machine. It is great at machine isolation, and it has better detection and mitigation capabilities than any of these products. It does a lot of it behind the scenes. A lot of it is automated and does not require us to do anything.

We faced issues with our previous endpoint solution, Panda Adaptive Defense 360. SentinelOne Singularity seemed to be a more reliable and easier-to-manage alternative. Panda Adaptive Defense 360 caused significant downtime during deployments and updates.

We had Sophos Intercept X Advanced Cloud Security initially. We had acquired all these tools through a different program. Despite having these tools, a virus managed to get through and bypass all our defenses. This is why we opted for SentinelOne Singularity Complete – we wanted to test the effectiveness of the AI-based approach compared to the traditional signature-based method.

We were not officially using a similar solution. We had other products that we were using, but we did not have a full solution like SentinelOne. We were using multiple things. One of them was McAfee. We switched because they got bought by Trellix, and nobody knew what was going to happen with them. That was our most recent one and what I am most experienced with.

We used CrowdStrike previously.

We previously used IBM Security QRadar but it did not provide the level of data ingestion we required so we switched to SentinelOne Singularity Complete.

It has helped us consolidate our security solutions. At one point, we had Rapid7 and SentinelOne. However, we realized we could take what Rapid7 has and consolidate it into one platform. At a high level, they're almost the same tool, but SentinelOne has a few more features and functionalities.

Also, we could see how many operating systems we have in our current environment through the standard image system we had. But now, we can see that through SentinelOne. That has been a key takeaway because we can see how many Windows, Linux, Apple, and Android devices we have.

I have used it in two different workplaces. Both workplaces were replacing platforms that just did not perform well and did not give you good visibility into what was going on on the endpoints. Both had a higher rate of false positives, and neither had the various detection engines that SentinelOne provides.

We previously used Bitdefender as our antivirus solution. We switched to SentinelOne because we wanted to improve the overall security of our endpoints. SentinelOne offers more advanced and comprehensive protection than a traditional antivirus solution.  

We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.

We used Sophos. Sophos was more cumbersome. The agent was clunky. We were not getting alerts. There were a lot of false positives, and the customer support was not the best. We felt that it was not valuable to us. It was causing more harm than benefit.

Previously, we utilized McAfee for our servers and Microsoft Defender for our endpoint protection on desktops and laptops. However, we desired a unified EDR solution to streamline our security management. Upon evaluating SentinelOne Singularity Complete and confirming it met all our requirements, we transitioned to this comprehensive solution.

We previously used Tanium and Symantec, two separate sets of tools. Tanium is a first-generation tool that is not specifically designed for the cloud. It requires a significant amount of manual effort to configure and manage, rather than automate these tasks. Symantec does its job, but we are essentially buying two tools to do what SentinelOne Singularity Complete can do on its own. Therefore, the switch to SentinelOne is primarily a cost-saving measure.

In the past, I have used Trend Micro. This was prior to endpoint detection times. It was more than nine years ago. I used Trend Micro, Kaspersky, Norton, and McAfee. I have also used ESET and Malwarebytes. Typically, we were using those in layered approaches. We put ESET and Malwarebytes on the same machine because they served different purposes, but I have not used those in nine or ten years.

By implementing SentinelOne Singularity Complete, we were not necessarily trying to solve a problem. We wanted to try and find a best-of-breed solution that was more effective than legacy AV because legacy AV is based on somebody getting hit by the virus, and then it allows the fingerprint to be used to block hashes, etc. Somebody has to get hit, and then everybody else can benefit from that. That was the old model, and we wanted to go next-gen. We wanted to make sure that we were using something that could be as protective as possible on zero-day outbreaks. After reviewing many of the solutions out there, we felt like SentinelOne was the best of the breed. That is justified year over year, and that is why we have continued to stay with them both in my last organization and this one. When you review different reports that are out there every year, SentinelOne is the leader year after year.

Before, we had a mix of dozens of different solutions across the enterprise. We didn't have any one, ubiquitous solution. We had a mix of McAfee and Panda and Kaspersky. You name it, we owned a copy of it, and that didn't provide a unified field of view. It also didn't provide the best protection that money can buy and, in my opinion as a professional in this industry for 25 years, this is the best protection money can buy.

In my previous company, I used VMware Carbon Black. When I changed jobs, my new company was already using SentinelOne Singularity Complete. 

Our previous solution, Cybereason was not very good at detecting things happening in memory, so we were looking to replace it with SentinelOne, CrowdStrike, or Cortex XDR by Palo Alto Networks. The replacement had to be able to see things happening in memory and deal with ransomware attacks. SentinelOne Singularity Complete was able to meet our requirements.

We previously used ESET but we were often missing threats and not finding out until after the fact.

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others. 

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start. 

Years ago, we were probably running four to five solutions, but then we kept comparing it with them. We were like, "This is the noise we are getting from X. Let us load SentinelOne." The noise reduced with SentinelOne. That proof of concept worked for us.

We currently have an agreement with a competitor where we have to pick up the remaining part of their contract. That is not a place where we are going to increase our expenditure, but we are waiting for that contract to come to an end. The customer knows SentinelOne, but they are tied into another solution till the end or mid of 2024. We are just waiting for that. What makes SentinelOne Singularity Complete different from others for us is the peace of mind. We know we are covered, and we feel that we are covered. Anytime we have had an incident or event, they have always been there for us. They have responded quickly, and we have not had any flashbacks or second attempts at it. Usually, we could stop it the first time, and that has worked for us in all the years we have been with SentinelOne.

We previously used BitDefender and Malwarebytes. SentinelOne Singularity Complete was priced similarly, and we felt that it had better support. When we had a support issue, it was answered and resolved quickly. Additionally, the visibility and ability to traverse the logs of all the other devices in our network were invaluable. This allowed us to see if a threat might be present elsewhere in our network. This is what ultimately led us to choose the complete solution over the other SKUs that they offer.

SentinelOne Singularity Complete has a lightweight agent. Additionally, some of our servers are running older operating systems. The agents from our previous vendor did not work well with these older systems. I specifically looked for a new solution that would not be a watered-down solution and would function across our legacy architectures as well as our current modern setup.

Another benefit of the Singularity Complete solution is the increased visibility it provides. We are able to collect data on endpoints that are connecting to specific IP addresses or installing specific files with similar hashes. This allows us to see how far a threat has propagated through the network or if anyone else has it installed. This is something that we could not do with our previous solution.

I don't have any personal experience working with other solutions. 

We were using Carbon Black before, but SentinelOne Singularity Complete is much easier to use. The portal is more intuitive, the email alerts are more intuitive, and everything about it is easier on the eyes. It has a simpler view. Their cost was comparable to Carbon Black, but the solution was much better.

We were using another solution previously. It was long ago. We were using Berkeley, which was bought by Alert Logic. The Berkeley product was pretty good, but when they were bought by Alert Logic, I did not like the way they did things. It was complicated. It was not intuitive. Their sales program was a little shady. We got locked into a contract that was not intentional. It was not a great experience. They have a product that is not a direct competitor to SentinelOne. We tried it, and it was super noisy for alerts. If I tried to clear all the alerts in the system, I would not have time for anything else. We were not necessarily looking for it, but because of the platform that we were on, we tried the other offerings that were included in the platform, and it just was not a good fit.

SentinelOne is a much more robust platform than Berkeley or Alert Logic in terms of endpoint protection. In terms of the ability to be innovative, SentinelOne provides tools. If we had stronger security requirements, they have other tools that we could utilize, such as Ranger. 

My company was looking for a solution encompassing a wide range of protection, and SentinelOne Singularity Complete matched what the company was looking for. The company used another product, particularly Webroot, and then moved to this solution.

Moving to SentinelOne Singularity Complete was my company's decision as it had more features, was more advanced and was more suitable for an enterprise application. Hence, the solution was ultimately a better fit when compared to Webroot.

We implemented SentinelOne Singularity Complete to move away from a legacy EDR platform, Cylance Protect, that did not perform as well as a modern EDR solution should.

We are technology agnostic in the sense that if a customer doesn't have a solution, we'll make a recommendation. If they don't have a solution, then our recommendation goes along the lines of SentinelOne, Palo Alto Cortex, Microsoft Defender ATP, or ESET. These are the ones that I typically would recommend, but Microsoft Defender ATP is problematic because you have to have the Azure and Office licenses to get it. For the other ones, you can buy the licenses separately. We also take over other solutions. I have some customers on Kaspersky and other solutions.

We didn't have any EDR solution in place like SentinelOne. We had Bitdefender for antivirus, but that has been removed. Our existing antivirus was failing in several ways. It wasn't detecting everything that was coming through. That was the big catalyst for the switch.

Originally, we had SentinelOne through SolarWinds, which was our previous RMM tool. And when we migrated to ConnectWise, we moved our existing licenses over.

Comparatively, SentinelOne has certain drawbacks, particularly when measured against CrowdStrike. CrowdStrike offers a free sandbox at hybrid-analysis.com, allowing the examination of links and downloaded files on a virtual machine. This proves especially valuable in assessing potential phishing emails. Uploading the file or link to hybrid-analysis.com provides a detailed analysis, complete with screenshots of what transpires on the virtual machine. This includes actions like the opening of links, prompting CEO impersonation attempts, and other background information. While SentinelOne may lack these specific features, its advantage lies in being an all-encompassing solution, whereas CrowdStrike functions primarily as a managed service, which may not align with specific preferences.

Previously we had an antivirus. That was Kaspersky. However, we didn't have an EDR solution. It can't be really compared. 

Of course, with Kaspersky, now, with what's happening in Ukraine, there has been a break in trust.

We previously used McAfee ePO and we switched to SentinelOne just because of the customer service and the product.

We were previously using Trend Micro Deep Security. The primary reason why we switched was that it is rubbish. It is a legacy-based AV. We had a lot of problems functionality-wise. It was missing a lot of things, e.g., no EDR, no NextGen capabilities, and it had interoperability problems with our Windows platform deployments. So, there was just this big, long list of historical problems.

We specifically selected SentinelOne for its rollback feature for ransomware. When we started looking into securing a new endpoint solution about 24 months ago, there was a big uptick in ransomware attacks in the territory where I am based. This was one of the leading criteria for selecting it.

We previously used Automox only for device management, not as a complete EDR.

Previously, we used CylanceOPTICS by BlackBerry but transitioned to SentinelOne Singularity Complete due to its enhanced user-friendliness. The latter platform boasts comprehensive investigation capabilities, allowing us to delve deeper into the specifics of security incidents. We can examine parent-child relationships, delve into registry entries, and analyze memory ranges with ease. The feature set is truly extensive.

While CylanceOPTICS offered some of these functionalities, it could not identify pivoting areas within an attack. If I needed to investigate the pivot itself, CylanceOPTICS wouldn't suffice. SentinelOne proves invaluable in such situations. By examining registry entries or monitoring running processes, it helps us pinpoint the root cause, be it a Run DLL or a Windows EXE file disguised as innocuous activity. While CylanceOPTICS might catch the attack, it wouldn't reveal the underlying malicious intent. SentinelOne grants us this crucial level of insight, empowering us to respond effectively.

I previously used Microsoft Defender and Sophos. SentinelOne is a much better solution than Defender and has a quicker response time to alerts and attacks than Sophos.

I previously used McAfee but it was not able to detect some of the malware threats that SentinelOne Singularity Complete does.

We had previously used a few solutions, including FireEye and Endgame. We left Endgame when they got bought out shortly after we bought them and it felt stagnant. 

We were using another solution before SentinelOne. We made the switch because of functionality, compatibility, interoperability, visibility, and ease of integration. It checked all the boxes that we needed. We definitely needed to go this way.

We previously used Sophos. We switched to Singularity because it's simpler, easier to use, and rated higher.

When looking at the quality and maturity of Singularity, it's a great program. Depending on what program you are coming from, there might be a little learning curve, but once you get past that, it's easy to use, and it becomes very intuitive after some time.

It was a product by Carbon Black called Carbon Black Response and Carbon Black Defense. We switched because Carbon Black was purchased by VMware at the time, and their customer service was diminishing substantially. Some of the older products that we still had by Carbon Black were not being supported as well as they were previously. Their technology roadmap was not fantastic. We started looking at other products. We found CrowdStrike and SentinelOne to be more up-to-date and more modern EDR solutions. We saw a noticeable improvement in terms of technology and detection. At the time, SentinelOne was priding itself on the level of number of detections it could detect. A lot of that came into the reviews of the product at the time and the type of tests that it was undergoing and its performance in those tests. That was a primary reason for deciding to go with SentinelOne and going away from Carbon Black. Pricing was another excellent aspect of the platform.

I have used Kaspersky, CrowdStrike, and Carbon Black. After using these solutions for a year, I chose Singularity Complete. The other solutions are existing products and are leaders. However, Singularity Complete is better than them from a financial and technological perspective.

We previously used Symantec antivirus but switched to SentinelOne for its EDR features. 

I had worked on Palo Alto XDR as well. However, the remediation is not so good. There is no option with the rollback as well. That might cause data loss during a ransomware attack.

I'm also aware of the Trend Micro solution. 

The previous solution we used was the Windows System Center Endpoint Protection, which is a part of the Microsoft Active Directory. It's a solution that's packaged with all the Windows products. It has a centralized means of communicating back when it detects an error. However, it was woefully inadequate. We had no idea how bad that was until we tried SentinelOne. We had no idea how teetering our environment was on the threats of viruses until we actually had the insight that we did through SentinelOne.

We switched because we knew the product. We knew what we were using. We were getting to the point where we knew that our current solution was inadequate. We started looking around. We looked at Red Hat, Cylance, and a couple of other ones. We looked at these vendors of these products to gain greater insight. We knew we had to spend the money to get what we needed to get. SentinelOne was brand new at the time and we decided to give them a shot. The Chief Information Security Officer had gone to a conference and was interested. SentinelOne came in, made their pitch, we went through some examples and some tests, and they let us do a proof of concept.

I was around a day and a half into the proof of concept and I was sold. It was an unbelievably effective product so we decided to go with it. Within a month of that, we had another level of agents out there. We were covering the bulk of the machines we needed to cover and we have not looked back since. It's been one of the few things that we have done here that we have never second-guessed.

When we looked at the solutions, Cylance had similar capabilities as far as having a behavioral engine and a static engine, but the difference was the usability of the interface. SentinelOne's interface is phenomenally well laid out, easy to do, and very efficient. The other products we looked at were nowhere near as efficient on the user interface side.

We didn't test them thoroughly enough to find out if there was something that got through on SentinelOne that didn't get through on the other solutions. I don't know how it does it this quickly, but in addition to its own engine and its own ability to check through behavior, it actually references VirusTotal. VirusTotal is a website of centralized virus information. Even if their engine were somehow not detected, it checks the threat against VirusTotal and if any other engine out there has detected that threat, it flags it. It actually uses the intelligence of the other anti-malware products. It does it quickly. I have no idea how it does it that quickly, but it's impressive.

Before SentinelOne the company was using F-Secure. It started as an antivirus and then F-Secure also made a cloud-based endpoint protection solution from it, with a managed base and automation and checking for updates. It works with a database, which is not the way SentinelOne works. F-Secure is much cheaper.

They switched to SentinelOne because it is more for malware. F-Secure doesn't do anything in malware, just virus scanning.

My company had an endpoint solution previously, but I was not with this company before they had Singularity Complete. They already had Singularity Complete when I got here. It was replacing the previous endpoint solution, so I cannot say whether Singularity Complete reduced our alerts or mean time to detect than the previous solution.

We previously used Sophos. The biggest reason for the switch to SentinelOne was the system resources that were used. Whenever it would kick in, I would get tickets related to machine performance. 

We tried CrowdStrike. The issue with it was that it was not compatible with older iOS and Windows OSes. We have some old servers in our data center that are now undergoing a migration process. On top of that, we have some Windows machines that are running on Windows 8, and it did not support them. We had to switch to SentinelOne since it supports those clients. CrowdStrike is also a very expensive solution.

Trend Micro is not smart; sometimes it's unable to detect malicious files.

SentinelOne is faster. It scans and detects issues and vulnerabilities on endpoints in real time. That's the main thing you look for when it comes to EDR.

Earlier, we were using Symantec and the One Protection Suite.

I used CrowdStrike before, but SentinelOne is easier because I can do more stuff on that. For example, let's say I want to fetch some files from an end user's machine or install something, but I do not manage the machine as a security person. If we need to do something inside, I can do a full scan and use remote access to see everything. 

The SentinelOne suite is appropriate for our use case. If the scope and tasks were different, another EDR might be better. CrowdStrike has built-in UEBA, but it's not as user-friendly as SentinelOne. 

We used McAfee and found how it looked at threats was old school. We wanted to explore new solutions and technologies. A vendor recommended this solution and when we looked at it we found all users are pretty happy with them. 

I previously used McAfee and it often caused our machines to blue screen and crash. SentinelOne, on the other hand, is a stable agent. If we install the latest agent on our machines, it will not affect their performance or speed. Many other agents can have adverse effects on our machines, but SentinelOne will not.

SentinelOne Singularity Complete is a next-generation antivirus that is far more innovative than McAfee. One of its selling points is that it constantly improves and looks for new threats, while McAfee has not changed significantly in years.

We have CrowdStrike as an EDR tool for Windows, and CrowdStrike did not really support our Linux kernels. That's when I did an evaluation with different vendors, and Singularity was able to support our Linux kernels.

We replaced Symantec Endpoint Security Complete with SentinelOne Singularity Complete to improve our security posture because Symantec was outdated.

We previously used ESET. 

Previously, we had the McAfee, which was complicated to managed. 

We heard about this SentinelOne and its new antivirus, so we contacted our consultant who organized a PoC. After the PoC, we decided to migrate the solution.

I have been satisfied with the new antivirus.

I previously worked with Sophos and ESET. The primary reason we prefer SentinelOne is that it doesn't consume a lot of resources. 

We previously used Kaspersky, but we found that it could not clearly identify all of our assets and risks. With SentinelOne Singularity Complete, our environment is more secure.

I used FireEye and Symantec. However, SentinelOne is better than them. It's more flexible and catches more threats. 

We previously used CrowdStrike Falcon, but SentinelOne Singularity Complete is easier to deploy. CrowdStrike Falcon has many features and policies that need to be configured, while Singularity Complete is straightforward. It has a single policy and is very easy to deploy compared to CrowdStrike Falcon. However, CrowdStrike Falcon offers more features.

Based on a management decision, we switched from CrowdStrike to Singularity Complete.

We were using McAfee prior to SentinelOne. McAfee has a wide range of reports and is more customizable than SentinelOne. We switched from McAfee because we were no longer satisfied with the support they provided. They were no longer providing prompt responses, tickets were taking too long to get resolved.

The other reason we switched was that McAfee was a traditional antivirus working on a definition basis. They have not moved on to the next generation of antivirus. McAfee needs to focus on the behavior of the program and machine files. If you want this, you need to choose a different McAfee product. They were not putting everything in one place, but rather offering a buffet of offerings, driving the cost up.

We previously used Atos as our SIEM tool and wanted to replace it with a newer technology, so we're now using SentinelOne Singularity Complete.

Primarily in the last year, the number one solution clients had, in cases where we replaced it, was probably Sophos. Next, it was CrowdStrike, and then Malwarebytes. The primary reason that these solutions are being replaced is ransomware protection.

Almost every client that I get involved with has been involved in a ransomware case. They've all been successfully hacked and we can place it onto their boxes, clean them up, along with all of the other malware that everyone else missed, no matter who it was. SentinelOne cleans up those systems, brings them to a healthy state, and protects them while we are helping them get over their ransomware event. This gives them the peace of mind that another ransomware event will not occur.

Personally, of the EDR tools, I have worked with Cylance, Carbon Black, and CrowdStrike. I've also worked with legacy antivirus solutions, such as McAfee and Symantec. However, this tool outshines all of them. It has ease of use, provides valuable information, and protects against attack. The autonomous nature of SentinelOne combined with artificial intelligence gives us the protection we cannot experience with any other EDR tool today.

SentinelOne does not provide equal protection across Windows, Linux, and Mac OS, but it's the first antivirus solution we have had in our company which provides any antivirus protection for all these very relevant operating systems. None of our previous antivirus solutions were on Linux and on Mac. That is really helpful for us because we have it all under one hood.

We had McAfee, and we were using it for other things too.

I'd never heard of SentinelOne in 2017. I knew of the other big guns but I came across it just by chance by looking at studies that spoke about SentinelOne. I had their sales guys and engineers demonstrate but it didn't mean anything. I still thought it might be fluff. So we had to test it and go through that whole rigmarole.

For all intents and purposes, they delivered. You have to remember that they were fighting a battle against all the big guns in the industry, solutions that were already entrenched. When we did our test, we actually broke a couple of their competitors, not because we wanted to. We were just comparing and doing it as a proof of concept. SentinelOne kept catching everything that I thought the other guys should have caught.

Also, they were never defensive; they were straight-easy to work with. Their responsiveness was also very good. If we needed to get something — and this might be because of the size of their company — we could go right up the chain and something would happen right away. If changes were required they happened really fast.

It was already in place when I joined the organization. We run Defender as well. It is like a dual-stack. We have E5 for other reasons, and we use it because it is already there, but our team has gone for SentinelOne. We have had other people, especially the research teams, who want to use their own agent, but we are so comfortable with SentinelOne's abilities and what we have set up to keep us secure that we have looked away from those other SIEMs who want their agent. We have looked away from other software in the realm of MDR that may not work with SentinelOne. It is a staple piece for us that would be a hard buy to remove.

We previously used Trend Micro but switched to SentinelOne Singularity Complete after a successful ransomware attack. We were already looking for a different solution because Trend Micro was time-consuming to maintain, difficult to extract information from, and generated a lot of false positives. We never felt in control of our security posture.

We did use an endpoint protection platform, but I can't comment on which one we used.

We had a current vendor called Carbon Black who did our antivirus software, however, it wasn't it wasn't working as well as we would have liked. So we went with SentinelOne to give us a more complete solution.

There is just a lot of functionality on the end of SentinelOne that we just didn't have with Carbon Black, and it just made a lot more sense to go with this. Even though it was priced a little bit more.

We actually use regular antivirus solutions as well, such as Sophos and McAfee.

I have experience using Cisco Nexus and the Nmap Scripting Engine to identify vulnerabilities and strengthen security postures. I have also used Wazuh, primarily for its comprehensive PCIBSS SOC and GDPR compliance reports, which provide detailed vulnerability listings and mitigation strategies. I believe this focus on compliance is crucial as cybersecurity standards become increasingly mandatory for businesses.

We discontinued using Wazuh because we were unwilling to pay $25,000 annually for a product that provided only CIS benchmark support, a basic vulnerability report, and essentially replicated capabilities we already possessed. I believe a Nexus subscription would be a more cost-effective alternative, costing only a quarter of Wazuh's price while still fulfilling our vApp exercise logging requirements. I am capable of conducting vulnerability assessments, applying patches, re-scanning for vulnerabilities, and proceeding to penetration testing. Our primary goal is to provide vApp capabilities to our clients, and that is where we are seeking a solution. If SentinelOne offered this functionality, we would not need to explore alternative options. However, since SentinelOne lacks this crucial capability, we must seek solutions elsewhere.

We previously used a legacy solution. The migration over to SentinelOne Singularity Complete was relatively trouble-free.

I've also used Microsoft Defender.

I have previously used Microsoft Windows Defender.

We trialed an ESET product, but it didn't provide us with the solution we needed. 

Our previous antivirus server was on-premise. When we did the updates, then all the clients needed to be connected to that on-premise server. However, with COVID-19 happening, we have been very happy that SentinelOne is in the cloud because even when an endpoint leaves the company, they are still protected by SentinelOne and receiving updates. SentinelOne gives more time back to a small team as well as always being accessible, even if you're not at the company.

I have used Arctic Wolf.

Prior to SentinelOne, we used Symantec Endpoint Protection. We switched because SentinelOne offered various features such as Deep Visibility, threat analysis, and application inventory. There were a lot of features that SentinelOne had that Symantec didn't, at the time.

We previously used Cylance, which our hosting provider provided along with Endpoint Detection and Response. However, we experienced several challenges with Cylance, so we purchased SentinelOne Singularity Complete for our corporate network. SentinelOne functions and deploys significantly better than Cylance, so we asked our hosting provider to switch us to SentinelOne instead.

I was not here when they bought this solution, but I know why we bought the tool. We replaced another EDR solution, and then we used it as our enterprise EDR solution for ransomware prevention, threat hunting, and security investigations. We were using CrowdStrike previously. SentinelOne Singularity Complete also saved us money. It is very competitive compared to CrowdStrike.

I have used a couple of EDR solutions. SentinelOne Singularity Complete is less mature than CrowdStrike, but it is definitely one of the top players in the industry.

SentinelOne Singularity Complete has not helped reduce our organizational risk. It is about the same as CrowdStrike in this aspect.

We were using Carbon Black previously. Singularity has been much better about mean time to detect. It's likely 15% to 20% better by comparison. 

Carbon Black also didn't operate from a place of integrity.

We also have Microsoft Defender. They are two different products. We use Defender on our machines and workstations, however, not for endpoint security reasons. 

We switched to SentinelOne because Trend Micro was too complex.

This is the first time we have used endpoint security. We were using an antivirus solution before this. I would say Sentinel One is doing the job perfectly.

My company chose SentinelOne over other solutions because it's powerful in the areas of detection, flagging for alerts, and logs. The alert creation is stronger in SentinelOne, so my company went with this tool.

This is the first EDR solution we used. We did not have another solution in place beforehand. We only used basic antivirus software previously.

I'm still using VDAT on Windows endpoints. We use Defender. Windows is comprehensive as well. Most Windows users with personal PCs have Windows Defender, and it works well. That said, I was not sure and still am not sure how well it will protect the servers if there is any ransomware attack on the network.

We used Bitdefender (also through SolarWinds) previously. SentinalOne was pitched by SolarWinds a few months ago as an alternative with robust ransomware protection. Being a small MSP, a single ransomware infection at a client could spell disaster for our business. We are always looking for the latest technology, but not marginal improvements. 

We did previously use a different solution. However, I can't speak to which product that was.

Other solutions that I usually use in other organizations were on-premises.  This one is cloud-based. The point is, when you have your antivirus or EDR solution on-prem, that's your responsibility to troubleshoot the core server and do that maintenance patch and all of those kinds of tasks. When the solution is hosted in the cloud, all of these responsibilities belong to the provider, in this case, SentinelOne. When a new patch is getting released from the vendor, normally, if we were using legacy platforms, we would have to upgrade each endpoint one by one. By using cloud-based EDRs, it can be done automatically and reduces maintenance time.

We switched because or old solution flat out was not picking up infections. It was really almost rather useless. 

I have previously used BitDefender.

Within our company, we use a Sophos product, as we have been working with them for 25 years and have a more established relationship. 

Prior to using Sentinel one we were using McAfee Endpoint Security. We switched because I understood that the systems that are only checking file signatures don't work anymore.

I have worked with Symantec and one more solution for endpoint protection. Singularity Complete has an AI engine. There is no need to download anything.

We used Trend Micro before we switched to SentinelOne. We made the switch because SentinelOne is not signature-based, it's an AI solution. 

We used two solutions for the comparison, CrowdStrike and McAfee. We did do tests before going to SentinelOne Singularity in many areas, such as ease of use, technical comparison, scanning capabilities in terms of cybersecurity perspective, and ransomware protection. Ransomware blocking is a better feature in SentinelOne Singularity.

We have a team of people who have a set of parameters that we use to scan all these tools. They perform comparisons on each and every aspect and SentinelOne Singularity scored better. 

I've previously used several antivirus programs and then I got to the point where I wanted to use an artificial intelligence program. Originally I used CrowdStrike, which I also liked, but the main reason I switched to SentinelOne is because it's incorporated as part of my MSP solution suite.

I'm also working with CrowdStrike Falcon. I have worked with Carbon Black as well. SentinelOne is better than Carbon Black.

The priority of EDR before any complex feature is the ability to detect and then prevent malware attacks. That will be main reason of an EDR. SentinelOne does a very good job of detection of online threats. Once you get targeted by a ransomware attack, SentinelOne will notice that. Carbon Black doesn't do that.

We still use our traditional antivirus packages, Vipre and Bitdefender, depending on the customer and their use case.

Before this solution, we used McAfee, which was not enough for our use. Then, SentinelOne came into the picture. It not only had static virus checking (antivirus), but it also had the Behavioral AI features, like triggers, that we could investigate.

The McAfee solution that we had was more demanding, more expensive, and had less functionality. Three to four years ago, we had an incident with ransomware, and it wasn't detected at the time by the McAfee on all the points. There were two points that were affected. Since it wasn't noticed by the McAfee. we were considering other software solutions from that point on.

SentinelOne offered a good solution, which is the main reason that we went with them. It was easy to manage, although we didn't use McAfee the way we use SentinelOne right now. McAfee was incorporated in our company about 20 years ago, so we probably didn't use all the facilities that McAfee can offer now. 

SentinelOne made us a good offer, especially regarding the Behavioral AI aspect of the protection. Therefore, we just wanted to see what they could offer us. After a year, we are still very satisfied.

SentinelOne had a smaller footprint, both in resources and time-wise, as in load, than the McAfee solution that we had previously.

We used traditional antivirus solutions. None of them could stop ransomware attacks and that's the main reason we choose SentinelOne.

In terms of the time it takes for SentinelOne to catch malware compared to our previous platform, the results are similar, with an advantage of SentinelOne being its discovering of Zero-day threats and ransomware.

A SOC provider showed us the product, and we worked out a global agreement for EDR and SOC with them.

I've used CrowdStrike, Carbon Black, and Microsoft Defender as well. 

SentinelOne, CrowdStrike, and Carbon Black do the pretty much same thing. It all depends on the money.

The good thing about Microsoft and CrowdStrike is they can detect the device based on the traffic they're coming from. This is one of the advantages you have. With SentinelOne, this is where they're lacking. For example, for Windows Defender, if you're using your phone, you can figure out it's coming from your phone, or as long as it's coming to your enterprise network, you will know where it's coming from. This is one of the things I could not find in SentinelOne. You can only define it once you deploy it. However, without a proper deployment, you can't actually see it. For the other technologies, even though you don't deploy them, you can actually have a good understanding of the entire fleet and what's happening. For example, all emails are going to Office 365, so that's another way you get an excellent picture of the inventory assets. That's a very good NDM thing that you got it for free. With SentinelOne, they're not to that level yet.

We were previously using another solution and it was a corporate decision to switch to this solution. 

I did not use a different solution previously.

We chose Singularity Cloud Workload Security because our team wanted a cloud-native solution instead of a legacy. 

Yes, we continue to use Kaspersky for our other users.

As of now, SentinelOne still serves as an augmentation for our existing AV, but some of our devices are now using it as their sole endpoint protection.

Yes, Sophos, I switched because SentinelOne does more things and guarantees against ransomware and can find hidden threats that other solution could not find.

We previously used Kaspersky but it lacked visibility onto zero. That was the main reason that we switched SentinelOne Singularity.

Yes, Kaspersky Lab. They don't have a good next gen endpoint in order to protect against new threats.

We are currently using Webhook as we test this new solution.