SentinelOne Room for Improvement

Director - Global Information Security at a manufacturing company with 10,001+ employees
The area where it could be improved is reporting. They have some online reporting, but it would be nice to be able to pick and choose. When I'm looking at the console, I would love to be able to pull certain things into a report, the things that are specific to me. They're very responsive. They regularly ask customers to provide feedback. They've been working on their reporting since the last feedback meetings. It's not only me but other customers as well who would like to see improvements in the reporting. File Integrity Monitoring is not a gap, but to do it you have to type several times. It's not the few-click intuitive situation. It would be nice to have some data leakage included. Also, when it comes to data leakage, while you can get out everything that a person does on a machine, there needs to be a proper way of doing so, like other products that are just focused on data leakage. I can't wait to see their advances in the cloud infrastructure (containers and serverless). It would be nice (and is critical) to allow administrators to notate when they make changes to the console configurations - perhaps a tag for reporting. I might, for example, whitelist an application. If I did that today and I leave the company at some point, someone might wonder why I did this. There should be a place to easily notate everything. View full review »
Tony Tuite
Consultant with 51-200 employees
Set up is very labor-intensive. You have to provide multiple codes from multiple places within the S1 dashboard in order to use the provided automation, and it's different for each client (or "sites" as they call it). It very much feels like an enterprise application that has been adapted for SMBs, but not very thoroughly. It would be better if they had a "site package" similar to the one offered by SolarWinds for the RMM. You just run the package on the client machine and done. View full review »
Engineer II, Enterprise Client Support at a media company with 10,001+ employees
The agent update schedule is a little sporadic, and the updates are frequent. You are definitely going to want to have a good management solution in place, such as SCCM, Intune, or Jamf in order to maintain the environment properly. There is agent data, such as last known IP address, that is not stored historically. It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible. You can see a snapshot of the data at the moment, but once it changes whatever was there previously is not stored. View full review »
Find out what your peers are saying about SentinelOne, Cylance, Carbon Black and others in Endpoint Protection (EPP) for Business. Updated: February 2020.
397,983 professionals have used our research since 2012.
Zed Burnett
Field Technician at Sonrise Technology Solutions
The automation of certain features could use improvement. For example, it seems common sense to me that if a threat was executed out of a task in your task scheduler that part of neutralizing the threat would be removing that task from the scheduler. I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage. View full review »
Lindsay Mieth
CISO with 1-10 employees
The SentinelOne is one of my daily consoles and I use it regularly to identify the root cause of some infections. However, when a file is flagged as suspicious it would be very helpful to have the system highlight precisely what event or characteristic of the file SentinelOne considers potentially dangerous. In this way it would help focus our investigations on the specific characteristics or actions of the file. View full review »
Managing Partner at a tech services company with 11-50 employees
This solution would be more attractive to customers if the price were lower. View full review »
Security Analyst at a tech services company with 1,001-5,000 employees
There is not much flexibility in terms of policy fine-tuning. We can turn it off or turn it on, but there's nothing much else to do. Everything is predefined. It's good in a way, but you don't get much flexibility if you want to do something particular. View full review »
IT Operations Manager at a retailer with 1,001-5,000 employees
In terms of improvement, I would like to see better alerting to let us know if there is anything wrong with SentinelOne working on the endpoint of the computer. View full review »
Zaul Hug
IT Manager at apex
It corrects all of the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated. From the client-side, some scanning and other features can be enabled for scanning viruses better. If they want to scan for an individual reason other than viruses, such as scanning for legal files, they haven't been able to gather that from the client-side. Some features could be more user-friendly. For instance, setting restrictions in the explorer for what level one must be to use it is not user-friendly. It is difficult to find what we're searching for. View full review »
Massimiliano De Cò
Socio Fondatore e Proprietario at 2DC srl
The price is a bit high. They should make their pricing model more affordable. The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily. View full review »
IT Security Manager at a tech company with 1,001-5,000 employees
The reporting needs improvement and I would like to see a more granular level of administrative privileges. View full review »
Find out what your peers are saying about SentinelOne, Cylance, Carbon Black and others in Endpoint Protection (EPP) for Business. Updated: February 2020.
397,983 professionals have used our research since 2012.