SentinelOne Singularity Identity Reviews

We initially chose an EDR solution for its reporting capabilities, but quickly realized we needed a solution that prioritized remediation. Our previous vendor overwhelmed our team with alerts, while SentinelOne's Vigilance team provided 24/7 support and actively remediated threats. This allowed my team to focus on high-priority alerts and observe the Vigilance team neutralize threats in real time. The proactive remediation has been invaluable, providing peace of mind and a significantly safer operating environment. While the Vigilance team initially contacted us frequently to confirm unusual behavior, after three years our environment is clean and contact is minimal, demonstrating the effectiveness of the EDR tools in protecting our company's IT systems, data, and reputation.

The biggest change SentinelOne has brought to my team is a significant reduction in pressure. Previously, we were inundated with an overwhelming number of alerts, leading to demoralization and the risk of losing team members. As a leader, it's my responsibility to prevent this, and SentinelOne has been instrumental in helping me achieve that over the past three years. By automatically handling many threats, it gives my team the confidence and capacity to focus on higher-level security concerns, allowing us to move forward in important areas we were previously unable to address.

SentinelOne significantly enhances our risk management by providing comprehensive visibility into potential threats, including identifying vulnerabilities highlighted in previous penetration tests. We recently acquired their identity capability, which promises to elevate our security posture by detecting and blocking lateral movement and malicious activities often missed by traditional EDR solutions. This addresses a critical vulnerability: attackers gaining network access through stolen credentials. The identity solution not only alerts us to these threats but also automatically blocks them, significantly lowering our risk level. While the identity capability is still being deployed, our proof of concept demonstrated its potential to provide real-time insights into attacker behavior and enhance our overall security.

The acquisition of the SentinelOne Singularity data lake two years ago has significantly enhanced our remediation capabilities. This powerful tool allows for efficient alerting and threat hunting within our data lake, empowering our analysts with advanced capabilities. The data lake's robust query language, rapid and clear results, and user-friendly console have greatly improved our daily work efficiency.

SentinelOne significantly reduced the volume of security alerts we received. Previously, we were overwhelmed by a constant influx of alerts, many of which were irrelevant, but we lacked the expertise to distinguish between genuine threats and noise. SentinelOne's vigilance team, with their specialized knowledge, effectively filtered out the irrelevant alerts, escalating only those incidents that required our attention. This allowed us to focus on critical threats and eliminate the burden of manually sifting through numerous alerts, freeing us to concentrate on higher-level security concerns.

False positives in cybersecurity are a significant issue, especially for junior analysts who often spend hours chasing them, leading to demoralization, burnout, and high turnover rates. These false alarms offer little value and hinder professional development. However, with the implementation of advanced tools like SentinelOne, false positives can be significantly reduced, allowing analysts to focus on true threats and experience a more fulfilling and productive work environment. While some false positives are inevitable and even desirable for assurance, minimizing them is crucial for maintaining a motivated and effective cybersecurity workforce.

SentinelOne has significantly improved our incident response capabilities. We've become proficient with the console, working with the SentinelOne Vigilance team. Although we haven't experienced a significant incident requiring its use, we proactively purchased SentinelOne's digital forensics and incident response service for more resounding support. This service has provided peace of mind for the past two years, and our ability to handle incidents independently has prevented its necessity. When investigating security breaches, the Singularity Data Lake allows us to quickly analyze logs, identify forensic breadcrumbs, and determine the scope and root cause of the incident. This enables us to adjust our security environment and prevent future occurrences.

SentinelOne's Vigilance service has significantly reduced our mean time to detect threats. While I'm curious about their back-end tools and processes, the results speak for themselves: rapid and effective threat detection. The EDR agent also provides valuable alerts that we can quickly address, further minimizing our response time.

SentinelOne's Vigilance service has significantly reduced our mean time to respond. While response still requires some analysis of logs on our end, the SentinelOne Singularity Data Lake makes this process quick and easy, providing excellent actionable results. This allows us to promptly contact impacted users and advise them on necessary actions, such as powering off devices or sending in hard drives, resulting in significantly shorter response times.

When I think of in-network adversaries, I consider insider threats or external actors who have compromised legitimate accounts. Without Endpoint Detection and Response alerts, we might only discover these threats after significant damage occurs. EDR, combined with identity monitoring, allows us to proactively detect malicious activity within our network, enabling us to quickly isolate, block, or deceive the adversary. We chose SentinelOne Identity to gain visibility into our network and address vulnerabilities we knew existed but couldn't previously identify. This solution represents a significant improvement in our ability to detect and respond to threats.

AI presents a dual-edged sword: it offers immense potential for both defenders and attackers in the cybersecurity realm. Bad actors are already leveraging AI, making it crucial for the defensive side to adopt it rapidly to maintain pace. Speed is paramount in cybersecurity, and solutions like SentinelOne's Purple AI are vital for evaluation and integration. Purple AI empowers junior analysts with natural language processing, enabling them to quickly perform complex queries without specialized coding. This ease of use and speed are essential to counter the evolving threat landscape. As attackers integrate AI into their operations, defenders must adapt, and the evolving capabilities of tools like Purple AI offer promising advancements in this ongoing arms race.

During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.

To improve SentinelOne, I would suggest adding a network detection and response capability. While many of my CISO peers utilize NDR, SentinelOne doesn't currently offer this feature, and I haven't seen it on their roadmap. This capability would be invaluable to my team, and I believe other SentinelOne users would agree. Therefore, I recommend that company leaders consider incorporating NDR functionality into their platform.

I have been using SentinelOne Singularity Identity for over three years now.

The technical support has been excellent. We have a customer success manager whom we meet with monthly, previously weekly due to some issues we were experiencing. We scaled back to monthly meetings to better suit our current needs. We now also have a dedicated threat analyst who provides support from a different perspective, ensuring we fully utilize our purchased services and maximize our investment. Our sales team has also been consistently excellent; we've had two very good sales representatives in three and a half years. Overall, we are happy with the support we receive.

Positive

We initially chose Rapid7 for its unlimited logging capability at no extra cost, unlike SentinelOne and other SIEMs that charge based on data volume. However, Rapid7's system proved difficult to extract information from, with queries often failing for longer time windows. This limitation hindered our threat hunting efforts and ultimately led us to switch to SentinelOne. SentinelOne's data lake has consistently provided fast and complete query results, exceeding our expectations and resolving the issues we faced with Rapid7. Our negative experience with Rapid7 helped us develop a comprehensive set of requirements for our next SIEM, which SentinelOne successfully fulfilled. We are extremely satisfied with SentinelOne's performance and its ability to support our incident remediation efforts.

To address our remediation needs, we sought an Endpoint Detection and Response solution that not only alerted us to threats but also provided automated remediation. After evaluating several vendors and conducting customer reference calls, we narrowed our choices down to two. Both vendors had excellent customer satisfaction and strong capabilities, though SentinelOne's technology appeared slightly better. Ultimately, SentinelOne's pricing, at two-thirds the cost of its competitor, proved decisive. We initially signed a one-year contract and were so satisfied that we renewed for an additional three years.

I would rate SentinelOne Singularity Identity ten out of ten.

I have recommended SentinelOne to many of my peers, some of whom have adopted it. I always encourage others to consider SentinelOne during their contract renewals, emphasizing its comprehensive platform. Initially, we chose SentinelOne primarily for its EDR capabilities, but it has since expanded to include central logging, a data lake, incident response, identity management, and AI-powered threat detection. SentinelOne has evolved from a point solution to a comprehensive platform that addresses a wide range of security needs. The company's continuous innovation and expansion into new areas make it a compelling choice for CISOs and security professionals. I highly recommend giving SentinelOne a thorough evaluation, as they are a leading provider in the cybersecurity industry.

The primary use case involves partnering with a government entity to meet specific requirements as part of an executive order. This includes implementing an endpoint detection and response tool as a part of a managed service model to ensure cross-agency visibility and enhance cybersecurity.

SentinelOne helped our federal client meet their business goals. Their business goals are lofty. They are tied to Federal Executive Order 14028, which enhances the nation's cybersecurity. It was critical for the government to gain cross-agency visibility into servers running in an agency environment. SentinelOne partnered with us to understand the need and to work together to ensure that the government got what it needed and that we were able to continue partnering with them as the solution continues to be built and rolled out.

The biggest initial benefit is that the government gains real-time access into endpoint data from multiple agencies. That enables them to go from a posture of being reactive where they have to request and then wait for data to being able to be a lot closer to proactive, which is to hunt and retrieve that data whenever they need it.

SentinelOne enhances our customers' risk management. It takes data that used to come with a question mark in terms of how fresh and reliable it is. It's made it real-time data. It's made it so that those who need to get that information have it as soon as they ask for it, which is a game changer. We've heard from the client that typically getting this data, especially if they're responding to an incident, would take them a couple of weeks to go on-site, deploy tools, integrate with an environment, and pull that data. Now when the need arises, they can pivot, query, and retrieve that data in real time. 

The analysts that we look out for on the client side are not your typical analysts. The work that they do is typically focused on cross-agency work that has never been done before. The ability to do their job had never been implemented before. The capability that's there makes it possible for them to do their work period before that cross-agency visibility is just fantastic.

Incident response is one of the key areas where the solution has been very useful. Whenever there is an incident, instead of being reactive, the government is now able to quickly gain the data that it needs to see what its end agency is also seeing and partner with them in real-time to look at the same data and to collaborate where needed, empowering the agency to be able to do their job.

When it comes to the mean time to detect, we see a night and day difference. When you have an MSP model with visibility across multiple entities, your ability to get a tip, follow up on the tip, and investigate it is night and day. There's no comparison between having visibility and having across-agency visibility.

SentinelOne has definitely reduced their mean time to respond. With this visibility, you can now respond. Before, there was no visibility, so we definitely see a big difference.

With visibility into endpoint telemetry, SentinelOne does provide useful information to find threat actors and empowers those who are in the business of threat hunting. Prior to this, the alternative was partnering with an agency. going on-site and getting access. Now, being able to do that work remotely in real-time, it's a ninety-day difference in terms of being able to quickly, correctly,  quickly respond and partner with the end agencies. That's a definite benefit.

As an architect, I'm very curious about how AI takes security the next step forward, what it enables people to do differently, more quickly, or more comprehensively, and how that meets some of the needs today. I think that AI holds a lot of potential, and it can allow analysts to do their job quicker. It can allow them to do their job with more helpful context and, as a result, be able to perform orders of magnitude better than they would have without the tool. 

There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies. Further development is anticipated to continue enhancing the solution.

We have been working with SentinelOne for the last year and a half.

We have partnered closely with SentinelOne, and they have been responsive to our needs as integrators and those of the client. They aim to achieve a collaborative partnership.

Positive

We used to have SIEM embedded in the solution due to specific government data location requirements. The government directly handles purchases and partnerships with SentinelOne, and we did not switch from another existing EDR solution.

We worked as integrators alongside the government, who acted as the managed service users.

I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.

There was a shortlist of leading EDR vendors as a part of the analysis of alternatives, and SentinelOne was selected as part of this list due to its ability to provide cross-agency visibility.

We partnered with a government that had a specific list of requirements that they needed to meet as a part of the executive order. As a part of that analysis of alternatives, there was a short list of EDR vendors that were selected, leading vendors, and SentinelOne was part of that list. We've been closely partnering with them ever since to stand up the solution.

Their specific case revolved around cross-agency visibility. They want to be able to pull all the data from multiple entities into one place, that was the main factor that allowed this solution to come to life. By finding those capabilities, we were able to work with leading EDR vendors to stand up solutions that took advantage of that, and gave the government the visibility that they needed to do their work and to achieve their mission.

I would recommend partnering with SentinelOne and approaching them with a clear list of requirements. They have shown a willingness to go above and beyond to understand and meet client needs. On a scale of one to ten, the solution is delivering about seventy percent of what is on our roadmap.

If you're considering SentinelOne, definitely have a discussion with them. Come with your list of requirements as best as you know them, and share it with them. My experience is one of SentinelOne going above and beyond to partner with us and understand our needs, to understand the needs of the client if you're working as an integrator, and begin a discussion. They're happy to form relationships to achieve your mission and to see your dreams come to life. I can wholeheartedly recommend partnering with them to have that discussion to expect frank conversations about the pros and cons of their solution and looking to see if it's a good fit to meet your use case. 

We use SentinelOne Singularity Identity for endpoint protection and leverage it within our MSP for management purposes. We aim to achieve a proactive security posture that prevents threats while enabling efficient data ingestion.

In the cybersecurity industry, an endpoint solution must not only stop malware but prevent it from executing, and SentinelOne leads in this area. Rigorous testing, including MITRE ATT&CK framework evaluations and zero-day malware simulations, consistently demonstrates its superior prevention capabilities. Unlike outdated endpoint clients, SentinelOne's code remains effective against new threats, even without updates, ensuring comprehensive protection against zero-day attacks.

The biggest benefit we get from SentinelOne is, it provides peace of mind by offering comprehensive endpoint protection that safeguards against accidental downloads and content filtering bypasses. Even with multiple security layers like ISP firewalls and content management, threats can still slip through. SentinelOne acts as the last line of defense, ensuring data safety with its malware prevention capabilities. This is the key benefit and value proposition that SentinelOne brings to the cybersecurity space.

SentinelOne significantly enhances our risk management posture by enabling users to perform their necessary tasks while minimizing security risks. Whether it's marketing teams accessing unique online resources or manufacturing personnel working with sensitive data, SentinelOne allows for business enablement without compromising security. As a critical component of our security stack, SentinelOne's endpoint protection capabilities provide the foundation for lowering risk and empowering business operations.

SentinelOne has significantly improved our efficiency. My team now focuses on more complex tasks because SentinelOne automatically handles the simpler ones, streamlining our day-to-day operations.

SentinelOne's platform utilizes advanced AI-driven algorithms to reduce false positives compared to traditional endpoint security tools effectively. This sophisticated approach allows SentinelOne to better understand and differentiate between legitimate and malicious activities, minimizing unnecessary alerts and manual intervention. Consequently, security teams can focus on real threats instead of constantly addressing false positives, improving overall efficiency and security posture. The platform's ability to accurately identify and block threats while allowing legitimate operations stems from its superior algorithms, designed to effectively recognize both normal and malicious patterns. This out-of-the-box capability sets SentinelOne apart from competitors by significantly reducing the need for manual whitelisting and constant monitoring, ultimately saving time and resources.

SentinelOne significantly improves our incident response. If we encounter a cyber-related issue, we know it's not due to SentinelOne missing a threat. It's usually related to legitimate user actions that bypass typical antivirus detection or threats that are undetectable by any AV platform. This allows our team to focus on incidents stemming from human error or intentional actions rather than automated processes or external hacking attempts. Essentially, SentinelOne enables us to prioritize our response efforts more effectively.

SentinelOne reduces our mean time to detect because its primary focus is prevention, utilizing AI to stop threats before they execute. Ransomware, or any malware, shouldn't run for a single second. Therefore, an effective AV endpoint tool must be AI-driven, continuously adapting and learning to stay ahead of evolving threats. Signature-based or even behaviour-based solutions are inadequate; AI is crucial because it encompasses both signatures and behaviours while dynamically adjusting its algorithms. This adaptability ensures that even a year-old client remains protected against zero-day threats.

SentinelOne's AI capabilities have significantly improved our response time by proactively preventing threats and eliminating the need for reactive measures. Any incidents that do require a response are typically unrelated to SentinelOne's performance but rather stem from external factors.

SentinelOne provides comprehensive protection against internal and external threats by blocking malware from all directions. Its AI-powered engine proactively prevents attacks, regardless of the traffic's origin, significantly reducing user risk.

SentinelOne's AI-driven platform is revolutionizing cybersecurity strategy by automating tasks and empowering analysts. Its AI capabilities eliminate the need for complex query writing, allowing users to leverage natural language for faster and more efficient threat detection. This accessibility enables quicker onboarding and increased effectiveness for security teams. The platform's comprehensive AI integration not only enhances productivity but also improves the accuracy and efficacy of security operations.

SentinelOne stands out due to its AI capabilities, which lead to excellent prevention. It deals effectively with false positives and handles both signatures and behavioral analysis. SentinelOne's AI prevents malware effectively, ensuring that we do not have to focus excessively on responding to incidents.

SentinelOne has been around for a number of years, consistently enhancing its platform with new features like its recently launched SIEM. By actively listening to customer feedback, SentinelOne has steadily improved its product suite, particularly the vulnerability management module. This commitment to customer satisfaction is why we partnered with them; we can directly influence their development process with our feedback. While every platform has room for improvement, SentinelOne is quick to address customer concerns and provide effective solutions. For example, we've brought three critical items to their attention regarding vulnerability management, two of which have been addressed, with the third in progress. This responsiveness and dedication to improvement position SentinelOne as a strong competitor in the vulnerability management market.

I am currently using SentinelOne Singularity Identity.

One of the best aspects of SentinelOne is its customer support. They are customer-driven and allow access to product management. This enables us to impact their roadmap meaningfully, and they are always open to listening.

Positive

Many major corporations, including ours, currently utilize a SIEM. We are particularly interested in SentinelOne's SIEM because of its advanced capabilities. Traditional SIEMs require manually building numerous correlation rules, while SentinelOne's platform offers automated correlation and adaptive adjustments. This next-generation SIEM platform represents a significant advancement in threat detection and response, making it a valuable solution for any organization.

SentinelOne Singularity Identity's pricing is unique to each customer based on their volume needs. Compared to competitors, it's well-priced for the quality offered, and I don't see anyone surpassing them in that regard. While price is always a factor, it's negotiable, and SentinelOne understands the market. They offer a high-quality product, which justifies its price point, even though it may not be the cheapest option.

We looked at SentinelOne in comparison to its competitors, assessing prevention, response times, and the MITRE ATT&CK framework. We evaluated 40 to 50 different criteria and SentinelOne excelled.

SentinelOne was selected as our EDR platform due to its robust prevention capabilities, which were a key requirement. We needed a solution that could stop malware and ransomware instantly, not just react to it. SentinelOne's superior prevention, confirmed by independent lab testing, and its ability to self-remediate and operate offline were critical factors. Additionally, we considered access to product management and a comprehensive comparison based on 40 to 50 criteria, where SentinelOne consistently outperformed competitors.

SentinelOne deserves a perfect ten. As a SentinelOne partner, I appreciate its robust prevention capabilities and promising future growth potential, particularly in the SIEM and vulnerability management spaces. Its high-quality offerings, combined with access to comprehensive endpoint data, consistently place it at the top of the market.

When considering SentinelOne, engage a security broker to leverage their expertise and market knowledge. Conduct thorough due diligence, including comparing prices and features of SentinelOne's main competitors. Security brokers can provide valuable insights and connect you with peers who have experience with the platform. Understanding market trends and peer experiences will help you negotiate better pricing and make informed decisions about adopting SentinelOne as a major security platform.

We primarily used SentinelOne Singularity Identity to replace outdated antivirus software throughout the company and implement a standardized enterprise security solution.

Our engagement with SentinelOne has yielded multiple benefits, primarily their exceptional customer engagement and partnership. They act as a true extension of our team, listening to our needs and tailoring their products to meet our specific demands. Ultimately, their AI-powered technology has enabled us to effectively detect and defend against modern threats.

SentinelOne has significantly improved our risk management due to its effectiveness and seamless integration. It hasn't disrupted our business flow or applications because it supports all our operating systems and addresses several critical use cases, including Airgap Solutions, that other vendors couldn't. This comprehensive coverage allows SentinelOne to effectively identify, prevent, and mitigate numerous potential threats and risks to our organization.

SentinelOne has helped us improve analyst efficiency in several ways. Its single pane of glass console allows analysts to view and correlate data across multiple solutions, streamlining their workflow. The integration of APIs and various tools further enriches this data, facilitating more effective analysis. Additionally, SentinelOne's partnership has provided valuable resources like SentinelOne University and educational offerings, enabling our analysts to quickly become proficient with the tool.

SentinelOne has significantly improved our alert management by reducing noise in the console. Their Vigilance service leverages their extensive customer base and experience to filter and manage alerts, triaging them to our Security Operations Center. This allows our SOC team to focus on critical threats and in-depth investigations, optimizing their time and resources.

SentinelOne has significantly reduced false positives for us. By tuning and testing agents through its discovery and AI features, we ensure that detections are true positives requiring action. We rarely encounter false positives or unnecessary actions.

SentinelOne has significantly improved our incident response by enhancing threat hunting through the use of STAR rules. This functionality allows our teams to thoroughly investigate incidents using the storyline feature, identify lateral movement, and gain a comprehensive understanding of the situation. The deep visibility tooling has been invaluable in providing in-depth insights into malicious activities across our attack surface. Consequently, we have reduced dwell time, improved mean time to resolution, and enabled our analysts to detect and triage threats more efficiently.

SentinelOne provides excellent visibility into potential insider threats by identifying concerning attitudes, behaviors, and activities. Its agent effectively analyzes user posture and behavior, allowing for early detection and defense against potential attacks.

SentinelOne has been an early adopter of AI, integrating it into their agent from the inception of their products. This benefits SentinelOne in several ways, especially as attackers increasingly leverage AI to enhance their own capabilities. AI helps automate tasks, reducing the workload for analysts and allowing junior analysts to benefit from the knowledge of more senior team members. This frees up time for investigating complex threats and enables faster, more efficient responses to a larger volume of events and activities.

SentinelOne's AI and behavioral analysis enable highly effective detection of modern and emerging threats. By recognizing malicious behaviors common to both known and unknown threats, it proactively mitigates zero-day attacks and other new threats. Additionally, SentinelOne enhances the detection capabilities of its agent, further strengthening its security product.

SentinelOne's customer focus is one of their superpowers. The effectiveness of their AI and behavioral analysis helps mitigate zero-day activities and detect new threats. They have helped reduce false positives and noise, and the deep visibility tool has been incredibly useful.

One area for improvement would be the self-healing nature of the agent. Ensuring the agents proactively check into the console and resolve issues that may cause them to fall off is crucial.

I am currently using SentinelOne Singularity Identity.

The agent stability has been fantastic.

With nearly 30 years in IT, I've worked with every major vendor, and none have matched SentinelOne's responsiveness and customer focus. Many vendors treat clients uniformly, placing them in queues with slow response times. However, SentinelOne consistently provides prompt and prioritized support for every issue or question I've raised to our sales representative or technical account manager. It's clear that their team is genuinely invested in our success, ensuring we have the necessary resources and support.

Positive

We previously used several different vendors for antivirus solutions. These vendors were unable to effectively mitigate the risks we faced.

SentinelOne provides excellent visibility into our network, especially for workstations and servers that may not be running the SentinelOne agent. Its network discovery feature enables us to see devices in proximity to our protected systems, identify rogue systems, and locate systems that should be running the agent but aren't. Additionally, it alerts us to potentially malicious behavior from devices like IoT devices and printers, which cannot run the agent but may still pose a security risk.

SentinelOne has been a fair partner, working with us strategically for some time. We consider them a true partner and an extension of our services and security suites. Their pricing has been fair, especially in the current market, and they haven't excessively increased prices at renewal times like many vendors do. They are transparent about their pricing models and changes, and overall, we are very pleased with their pricing.

Every three to five years, we conduct an RFP process to evaluate our security environment and ensure we're utilizing the most effective tools. In our recent evaluation of leading EDR and anti-malware solutions, SentinelOne consistently demonstrated superior technology and effectiveness, fulfilling all our use cases. While other vendors failed to address several mission-critical needs, SentinelOne's performance has given us no reason to consider replacing them.

Our primary selection criterion when choosing SentinelOne was to replace our various legacy antivirus solutions with a standardized enterprise tool. During our proof-of-concept testing, we found that other vendors did not effectively mitigate risks as promised. Therefore, our focus was on the tool's effectiveness, responsiveness, and ability to detect attacks and malware. SentinelOne proved to be the most proactive and effective solution.

I would rate SentinelOne Singularity Identity a nine out of ten. While it may not be perfect, as our large enterprise has many intricacies and dynamics from internally developed or sourced issues, the product has been very solid and performs well overall.

SentinelOne's primary selling point, which I always emphasize, is their genuine customer focus. This is one of their greatest strengths, as they prioritize listening to and addressing customer feedback, rather than being egotistical or forceful. As an early adopter, our feedback has directly influenced their product development, with features we suggested now being core components. Their willingness to listen and rectify issues has been invaluable, making them a true partner. Their receptiveness, responsiveness, and commitment to partnership have been crucial to our success.

SentinelOne is the first line of defense for all our endpoints. We have approximately 700 endpoints, and each has a SentinelOne agent controlled by the cloud. We have a first layer of support at the network gateway, but most people aren't covered by our firewall. They are roaming users, so providing these people with protection is our first priority.  

Singularity is a cloud-based solution, so we don't need to spend anything on the infrastructure. We don't have to procure the hardware to host the server application. 

The management is effortless. Anybody can operate it, and it has the ability to delegate day-to-day tasks to the help desk team that they can manage on their own. Once the devices are integrated and Singularity is configured, we hardly have to do anything. The console is nice. I don't have any problem with it.

I have limited knowledge about Singularity's identity protection features because we only started using the solution this year. We plan to integrate a few products with the SentinelOne platform to get more out of it. When we were transitioning from an EDR to an XDR, we raised this question to SentinelOne. In the meeting, they explained how this integration works and what type of security they provide. We have the authority to revoke the integration and the other reporting parts, so everything is clear over there, but we need more time to mature in this particular aspect.

Singularity offers deep and continuous visibility into our attack surface. We are notified via email, and there is always a link to a page that defines the specific threat. From that page, we investigate everything, including the affected files, root cause analysis, etc. The solution's detection and prevention capabilities are excellent, but we still must do more configuration, and there are plenty of false positives. Singularity has helped us reduce our mean time to detect. Compared to Kaspersky, we have 60 to 70 percent fewer attacks and investigations to do. 

I like the detection and protection features. We don't need to do anything, and it will alert us when the mitigation is not successful. We only need to target those endpoints. Otherwise, we don't have to do anything about that.

The policies could be more precise, and Singularity should use more templates like alternative solutions have. Endpoint management is poor. We cannot manage individual endpoints and must rely on policies, exclusions, or block lists to apply settings to a group instead of the individual agent. If I have to make settings for one computer, I need to create a group, apply the configuration, and move the agent there. It's challenging to manage endpoints that way. 

Singularity also lacks web filtering, a feature that came with other solutions we previously used. When we evaluated Singularity, we also did PoCs for EDR solutions by Trend Micro and Kaspersky. All of them had the ability to manage which websites were allowed. We need to do a workaround and use the firewall to block web access, but it doesn't take what we say as a wild card entry, so we have to define every part. That is one major disadvantage, but we have provided this feedback to the Sentinel support team and requested feature updates. 

Another issue is agent updates. Because it is a cloud version, Singularity doesn't have a proper management system for the agents. SentinelOne has a policy to release new versions of the agents at least every three months. However, the management console has no option to automatically update agents to the new version. We must create a policy or define the schedule based on a specific version of the agent to be installed, not the latest. That is one major drawback of using the cloud version.

We have used Singularity for four years. 

SentinelOne requires minimal CPU, and the management portal is never down, except during the maintenance window. They always notify us about scheduled maintenance well in advance, and it is done outside of business hours. 

The platform's stability has been solid, and we don't have issues with the agents crashing. In some instances, we had issues with installing and uninstalling the agents, but support has provided resources in a timely manner. They've given us utilities to clean up the previous installation files or current files. 

I rate SentinelOne Singularity seven out of 10 for scalability. It takes a little time to make your deployment mature. You can scale Singularity, but the process is a little slow. One of the pain points is agent management and the inability to automatically update the agents. Because of this limitation, I must say that it fell short of our expectations. 

I rate SentinelOne support eight out of 10. 

Positive

We previously used Kaspersky, but we wanted to transition to a next-gen EDR solution from SentinelOne. We switched to Singularity because of its management capabilities and EDR system. We like the policy and agent management. Kaspersky has a traditional signature-based detection system, not an AI-based solution like SentinelOne offers. 

The management was difficult with our previous solution. We struggled with managing agents, installation, uninstallation, creating and managing policies, device control, etc. All of those pain points prompted us to switch to a SentinelOne. Our usage has constantly grown in the past four years. We started with 500 agents initially, and now we have more than 700.

When we implemented SentinelOne, the main challenge was rolling out our agents. Since it is a cloud-based version, it was difficult for us to manage centrally because the console doesn't allow us to install the agents remotely. We need to use Active Directory or an endpoint management solution to push the agents. 

However, using the endpoint solution we still had trouble identifying the agents across 25 organizational units in a few directories. We also needed to structure the SentinelOne infrastructure, and we had difficulty with this. On top of that, we couldn't find a suitable vendor in the Oman market, so we had to buy it from another region. 

Our retailer is from Saudi Arabia, and the support from them was lacking because the sales team knew very little about the product. Their service was good, but they were poor in technical terms. We need to get help directly from SentinelOne.

The main return we see is from the protection SentinelOne provides, which is better than any other solution we've used in the past. Though they've been increasing the prices, it still fits our budget, and we haven't needed to invest anything in our infrastructure. 

Singularity is cost-effective. It's slightly cheaper than our previous solution.  However, the licensing policy is unfair. We were using SentinelOne's EDR solution before we renewed our license this year. They added the XDR solution that deploys to the Singularity platform. The platform offers 13 tools, but you don't need to use all of them. For example, if I want to use Mimecast for email security, I can integrate it with this, and all the logs from the third-party tools are fed into SentinelOne. 

At the same time, it isn't transparent because they raise the price every year, saying that they have to invest in research and development. However, we are hardly getting anything from their research and development. On the other end, agents can become outdated if they fail to update for a long time. 

The agent is capable of detecting and preventing threats, but they're not adding features. We are paying for research and development but not getting anything new. Also, they never disclose the price increases in advance. They tell us the prices are changing when it's time for renewal.

We looked at Trend Micro and Microsoft Defender. Before moving to Sentinel, we did a lot of research. Someone suggested Microsoft Defender, but the solution's capabilities are limited, and management is challenging. Microsoft suggests adding more products on top of Microsoft Defender, but then you need to add XDR or endpoint protection. On the other hand, Microsoft has a single platform for its products, so the integration is much better, but SentinelOne comes out ahead in detection and prevention.

I rate SentinelOne Singularity eight out of 10. 

When implementing SentinelOne, you need to plan for the number of endpoints and servers. It's crucial to define the structure and grouping of agents in the SentinelOne management portal and identify which policies are necessary for your requirements. I also recommend going through a proof of concept. 

One of the main use cases I describe is that we face lateral movement in our customer's server side. The customer is using 50 or more servers for the news channel, Daily Thanthi. Among those, one server does not have the SentinelOne Singularity Identity agent installed, and that server executes the malware file in the network lateral movement, specifically in the east-west traffic. Once we initiate the malware file, the classification detected is ransomware, leading to 1,200 incidents created in the SentinelOne Singularity Identity console page. I have founded the incident and protected the policy based on lateral movement. I have created the policy and mitigated actions in the policy side, which is the scenario I faced live on the customer end.

In terms of features, the most helpful feature is that SentinelOne Singularity Identity is very user-friendly; with one single policy, it can protect multiple servers.

SentinelOne Singularity Identity provides machine learning capabilities for threat detection. Among the use cases, I have found static AI, behavioral AI, and dynamic AI to help with malware detection, so there are three types of AI in the Singularity console agent.

Regarding benefits, I have seen improvements such as rollback options; if any attack occurs, we can roll back files.

Regarding improvements, I believe that API integration in third-party applications could be better. The Singularity tool uses its own credential in the record features.

I have been working with this tool for two years.

My opinion on the technical support team of SentinelOne Singularity Identity is very positive; they are a massive impressive team. When we encounter issues with legacy OS, when we download the agent and it fails to push to the end user, they take responsibility for providing solutions. We've had successful configurations on the end server side following ticket submissions, though my one concern is that they do not pick up calls immediately; typically, they follow up with an email or call within 24 hours.

Positive

The initial setup of SentinelOne Singularity Identity is not difficult at all; it is user-friendly and takes only a couple of hours. We download the agent, initiate the cloud, and since SentinelOne Singularity Identity only provides cloud-based solutions, we access the OEM side where they provide the agent, mapping the IP for download.

We push the agent through the AD server or any other method, and once the agent is configured, it shows up in the cloud console. After activating it, we run full disk scanning and schedule reports every Monday, generating weekly reports on threats and vulnerabilities. If there's an incident, we trigger notifications to the IT manager or vendor.

After checking incident classifications and SHA values, we use VirusTotal to evaluate scores, determining mitigation steps based on the Storyline that details any affected end-user machines, servers, and applications. Everything is outlined in the Storyline, and I will update by email with affected incidents and mitigation steps. Once quarantined in the SentinelOne Singularity Identity agent, if it turns out to be a false positive, we exclude the specific EXE or DLL files; if it's a true positive, we terminate that file.

Regarding competition, I find that CrowdStrike is a similar tool on the market; they offer next-generation SIEM, NGSIEM, and position themselves with robust policy control to inform customers that they provide policies to prevent ransomware in organizations. The SentinelOne Singularity Identity provides a rollback of files once a ransomware attack occurs, ensuring that ransomware does not affect servers and end-user machines while maintaining a robust policy.

In terms of difference between competitors, both SentinelOne Singularity Identity and CrowdStrike have lightweight agents that support legacy OS and will continue to support future single agents for both.

I work with the SentinelOne Singularity Identity products, as one of our customers is using it, and we utilize the TI, threat intelligence, and the record features, so we need to subscribe to the product that records features. Additionally, we are planning the Purple AI with core in the subscription pack on the OEM side.

I have two years of experience working with SentinelOne Singularity Identity. I don't have any integrated file in the Singularity; we only have the EDR. However, if in the future we integrate any customers, we may integrate any FortiGate firewall or any other syslog servers, Splunk, or other tools.

SentinelOne Singularity Identity is a cost-effective tool; we are facing many Indian customers who are concerned about economic costs, and it only provides enterprise and mid-range solutions.

On the topic of pricing, they are on the same level; both provide MSSP, offering monthly-based subscriptions where customers purchase the specific modules they need. The subscription package varies; once we go with EDR, we then need to purchase additional modules based on the customer's pain points; there are around 40 to 60 modules available for customers.

I rate SentinelOne Singularity Identity a nine out of ten.

Our primary use case involves working with customers to manage endpoints and cloud for our customers. We partner with SentinelOne specifically, as they are a leader in the industry.

SentinelOne, in partnership with LevelBlue, has helped our customers achieve their business goals by providing technology combined with our management resources. This partnership assists in mitigating risks, providing immediate action for incident response, and reducing mean time to detect.

Our customers experience multiple benefits with SentinelOne and LevelBlue. Primarily, they gain the ability to identify and mitigate risks effectively. Through our partnership, customers can implement SentinelOne and leverage its capabilities to take swift action against security challenges. More importantly, this aligns with their overall business risk strategies and desired outcomes, helping them achieve those objectives.

SentinelOne enhances our customers' risk management by collaborating with them to identify risks and implement appropriate controls, such as SentinelOne to mitigate those risks. Our 24/7 management, combined with SentinelOne's technology, provides customers with the responsiveness, time, and visibility necessary to maintain business operations.

SentinelOne has improved our incident response by enabling immediate action, a key differentiator for us when combined with our resources and personnel. Integrating people and technology enhances our market responsiveness and allows us to act quickly.

SentinelOne's cutting-edge technology helps our customers reduce their mean time to detection. Its continuous updates and advancements are recognized by our customers, who also appreciate the resources we provide to manage the technology on their behalf.  We utilize SentinelOne ourselves to improve our mean time-to-response capabilities and gain a deeper understanding of our customers' needs and desired outcomes, ultimately helping them achieve their security goals.

As AI evolves, our customers, in partnership with SentinelOne's technology, face increased risk when deploying AI to enhance business processes. While some customers recognize this risk, others do not. However, SentinelOne's advanced technology and forward-thinking vision provide confidence and trust, enabling customers to implement new technologies for increased efficiency, knowing they have a reliable partner to ensure their protection.

The response is a valuable aspect of SentinelOne.

To enhance our already strong partnership with SentinelOne, we should focus on improving collaboration. Specifically, we can become more flexible in adopting their forward-thinking technology. By embracing and quickly implementing their solutions, we can better assist customers and achieve mutual success.

I am currently using SentinelOne as an MSSP.

SentinelOne's support is outstanding, which reflects the strength of our partnership. Their support was a key factor in our decision to do business with them. We value the assistance we receive from their sales organization, sales engineers, and marketing teams. It's reassuring to enter the market with a partner fully committed to our shared success.

Positive

As a SentinelOne partner, we offer competitive pricing on comprehensive packages that include the SentinelOne license, our management services, and a proof-of-concept to ensure the technology meets your needs. We also provide opportunities to meet the resources assisting in managing your security.

When working with customers evaluating endpoint cloud technology, we often find they are considering SentinelOne, a company we proudly partner with. We chose SentinelOne because they align with the missions and focus on trust that are important to us, particularly in the cybersecurity landscape. As in any critical partnership, trust is essential, especially when facing evolving challenges and adopting new technologies. Our partnership with SentinelOne allows us to embrace those advancements, provide them to our customers, and ultimately offer a strong differentiator in the market.

We evaluated several options when selecting a cybersecurity provider to manage endpoint and cloud security for our customers. SentinelOne emerged as the leader in the industry, offering not only a superior product but also a strong partnership approach. Their commitment to innovation, particularly in AI, aligns with our vision for the future of cybersecurity. We are confident in our decision to partner with SentinelOne and leverage their expertise to enhance our customers' security posture.

I would rate SentinelOne Singularity Identity ten out of ten. We highly value our partnership with SentinelOne, ranking them among the best of our 20 partners. As a managed security services provider, we leverage various technologies to address diverse customer needs, and SentinelOne consistently excels in responsiveness and communication—essential pillars for successful business collaboration.

To convince a hesitant customer about SentinelOne, we suggest a proof of concept. This allows the product to demonstrate its value and effectiveness firsthand, building customer confidence in the technology. Combining SentinelOne's capabilities with our management expertise creates a strong solution, leading to positive outcomes in these situations.

I can rely on it. It does its job. I do not have to be on top of this. With the other product that we were using, I was constantly checking the application to see if everything was fine. It was more like I was doing the job. With the type of support that we have signed up with SentinelOne, I do not have to worry about that. I can rely on SentinelOne checking my endpoints, and if there is something, I know they are going to be on it. Previously, I had to call technical support to see what was going on. If they noticed something, I had to do the job. With SentinelOne, they are the ones who are checking the device and logs. If they notice something, they block it or do something about it, and then they let me know. I also receive notifications of the process they are following. I get various notifications saying:

• We identified this on this computer. This computer is disconnected. We are doing the next process.
• We have disabled this account.
• We have mitigated the problem, or the problem has not been mitigated. 
• We have identified this as being something that you do not have to be concerned about.
• You need to be concerned about this.

With the level of support that we are getting, I do not have to do it myself. Previously, I had to do it or somebody else in the team had to constantly check our endpoints. With SentinelOne, we do not have to do that.

The Singularity console provides a unified view. It is very important because we can see all our devices. We can see what is going on. It is very good. I like it.

It is not at all difficult to manage our environment using the Singularity console. Once you get familiar with the different tabs of the web console, it is easy to manage. It is very organized and descriptive. You do not get lost. What they have in the titles is what you see, so it is not at all difficult. It is very easy to use.

It does a great job of providing visibility. Management asks us for a lot of reports to know how well the systems are protected. It is easy to manage and get reports so that we can give them better visibility into what is going on. We can get reports on the fly to show what is going on. In terms of visibility, it is doing a great job.

It has done a great job when it comes to detection because there have been a couple of instances where users installed applications or tried to install applications and the system detected them immediately. It triggers an alert for us within seconds of a user trying to download or install an application. They also immediately try to remediate the problem at the same time. In terms of detection and protection, it is doing a great job.

They have different levels of support. We have the highest level where they are constantly checking all the endpoints. If at any certain point, they identify that a computer has been triggered by a virus, a link, or something else, they would automatically tell us that within 15 seconds. If they notice something, they automatically send us an email saying that they noticed something in the computer, and they are going to block it. If they identify that there is something wrong with the computer, they automatically block it. This constant checking of anything that may be happening on our endpoints is the most valuable feature of SentinelOne.

I would like to have the option to deploy or push an update on all my endpoints at the same time. I am not aware of such a feature being there. I have not seen it, but it would be good to be able to deploy or push an update on all my endpoints at the same time. Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one. We probably have to create a policy so that I can push it. That is the only thing that I do not like. I would like to have a button to update all the endpoints with a simple click. I have not yet seen that in this product.

We have been using it since March of this year.

It is very stable. We did not have any issues.

Its scalability is great.

Their support has been great. I do not know whether it is because of the type of support that we have. We have the highest level of support. There are different levels of technical support that you can get. We have got the highest one, and they are available 24 hours a day and 7 days a week. I know there are other options where we can get support from Monday to Friday from 8 to 5 or something like that, but because of the number of employees that we have in the IT department, we need to have more support. We do not have a lot of people. We are shorthanded, so we decided to get the highest level so that we can rely on SentinelOne to keep an eye on our devices 24 hours a day. If there is something going on, they contact me. Whenever I have the need to call them, I just open a ticket or call them, and they call me back right away. It is almost instant. In 5 minutes, I get a follow-up email. They reply quickly, and if they need to talk to me, they call me. It has been a great experience. I would rate them a nine out of ten. They are perfect.

Positive

We first used SentinelOne about five or six years ago. At that time, we switched from a major brand's antivirus to SentinelOne. We had SentinelOne on-premises, but it was not as good as it is now. It was not doing its job, and that is the reason we switched to Trend Micro.

We were using Trend Micro, and we had a bad experience with that product. They did not get the virus that we were hit with. The contractor we had mentioned SentinelOne. We gave it a try during that period when we were having this big issue at the company. We just started installing the application on all the endpoints. It was a great hit because the product was able to find all the computers that were infected. We were able to clean them. Especially during that time, we were able to narrow down the computers that were infected, and then we were able to remove them from the network. It was a great product. They helped us get all the policies set up for our account, so whenever a computer was connected to the network, it would automatically identify if the computer was affected, and then it automatically removed it from the network. It was a great thing for us because it saved us a lot of time from checking every single computer. That was the major experience that we had with this application. SentinelOne Singularity helped us clean up, identify, and block any computer that was infected.

When this contractor told us about SentinelOne, I was a bit skeptical because we had used SentinelOne before, and it was not doing its job. They told me that they have used it with other clients, and they are recommending it as one of the topmost solutions. They had seen SentinelOne catching a lot of viruses and threats with other customers. The contractor sold us the idea that they were doing a good job. We decided to give it a try, and I am glad that we did that because we do not regret it. Because we were in a very difficult time during that time, it was a matter of having something quick and easy to install and deploy. He was a partner of SentinelOne, and he was able to get us into SentinelOne within hours. It was very easy to deploy. We were able to push it to all our endpoints, and about a month later, we were able to get our own licenses through CDW, so the main reason was that it was very easy to install and deploy. We could get all the licenses together with the support.

I have not had much experience with Windows Defender. There are two versions of it. There is one that comes with the Microsoft Windows operating system, and there is also one with a paid license through Microsoft. There are two different ones. The one that comes with the Microsoft Windows operating system is not an antivirus, so I would not trust it. If it is the one with a paid license with Microsoft, it is very good. I have a little bit of experience with that, but so far, SentinelOne is one of the best ones that I have used. I would not recommend Trend Micro. It is terrible as an antivirus, but for email security, it is good. SentinelOne definitely has been one of the best ones I have seen so far.

The setup of Singularity was straightforward. SentinelOne's support was there, and we also had a contractor who had more experience with the setup process, so it was straightforward. The deployment was a smooth process.

The setup of Ranger AD and other products has been more challenging because we have not had the time to completely deploy them. It is a problem on our side because we have not had the time to get it completely done. We have to install a lot of clients from the server and do configuration and all that, but the support that we have had from SentinelOne has been good. They are on top of things, and they are always following up with us to get this completed and schedule something. When we schedule something with a technician from SentinelOne, they are always available. There are a lot of different time slots to work with them. They work around our schedule. That is a good thing.

We had the help of SentinelOne and a contractor. For the deployment, there were probably two people from our side. We were just asking the concerns or questions that we had on the system, but it was very easy. Most of the time, the setup of Singularity was done through our contractor and me. 

Its price is a little bit high. It is a nice product, but it comes at a cost. Compared to other products, it is not cheap, but you sometimes have to pay for the value you get. It is not cheap, but it is worth it.

It also depends on how many licenses you have. It becomes pricey because we not only have Singularity; we also have Ranger AD. We have three or four products from SentinelOne, so it becomes pricey for us, but at this point, safety comes first for us.

It is a product that you can rely on. This is the first endpoint solution that we have seen doing its job. Based on the experience that we have had, this is the best product that we have seen.

Overall, I would rate it a nine out of ten.

SentinelOne identifies problems and fixes most of them without our involvement. 

SentinelOne helps us find issues that we would have never been aware of and resolve them with minimal effort on our part. It's generally easy to manage our environment from the SentinelOne console. The console can't show us the number of machines that do not have the SentinelOne agent installed, but it does a great job once the agent is deployed. Having a central console is nice because we can see the various makes and models of machines in the same place, but it isn't too critical.

SentinelOne protects identities against exploitation well. The solution provides visibility into attack surface risk. I typically use it to find things that have already happened, but the information is there. The threat detection is impressive. 

Behind the scenes, SentinelOne has real people who evaluate problems and mark them as false positives. That's what I find most helpful.

I don't like SentinelOne's reporting tools. Their reports seem fine theoretically, but the issue is the sample size. For example, it will report that there were four incidents, and that equals 25 percent fewer incidents compared to the previous months. It would be a great improvement if I could expand the range to see reports for the last six months, but it's always one month. That would be an easy thing for them to resolve.

It's also challenging to know how many licenses we have. That number changes every day. We'll remove a bunch of machines, and they'll automatically give up their license after three months. I can easily report today's number, but I can't report over time. For example, we have 500 licenses, and when I checked one day, I found out we were using 509. I thought that would be a problem. Now, we've dropped down below that, so I think they're giving us a little leeway, which is great. It's kind of a mystery to me how close we are to using 100 percent of our licenses.

I started my current job in June, and they already had SentinelOne installed. I've been using it since then.

I haven't experienced any stability issues. 

I believe SentinelOne is extremely scalable. We haven't done it, but it would be easy to scale. 

I rate SentinelOne support eight out of 10. I've only contacted them indirectly through a coworker, but it went well. They resolved our issue fairly quickly.

Positive

Before SentinelOne, we had a traditional antivirus solution. We have a Microsoft license for Windows Defender, which I also think is useful, but I still recommend SentinelOne. It's a broadly different level of protection.

I rate SentinelOne 10 out of 10. SentinelOne will make you aware of things you did not know were happening, and it requires minimal effort to resolve issues. That's the perfect combination. A lot of tools will find problems and tell you about them, whereas SentinelOne goes that extra step in resolving them.

We wanted to add a detection tool for protecting our assets from any attack so that we could defend our domain. 

The solution provided us with an abundance of transparency, giving us awareness of attacker activity and anything targeting the critical domain server.

The responses were quite quick. The time that was defined in the SLA over the period of time we tested the solution was reasonable.

The solution widens the net for monitoring for possibly compromised devices. It covers all managed and unmanaged devices running within our operating system. 

We saw a lot of benefits in terms of actionable data. It provided a lot of visibility when defending our assets.

The Singularity Console provided us with a unified view of threats. It ensured limited access to only trusted and validated applications. It works with zero-trust programs. With zero-trust, the solution's ability to protect identities from exploitation is quite high.

It was easy to manage the environment using the Singularity Console.

The ability to provide visibility into our attack surface risk is quite good. Once you onboard your other resources, it basically handles unauthorized network reconnaissance. This module has a number of features. When it comes to data breaches, if something happens, it basically discovers the hidden elements in the network, and it gives you the results of its findings very fast. You will get a visual experience of the mapping of the networks, how the resources are connecting to any other resource, or if any incoming request is coming from a resource. It basically empowers security.

The solution's ability to detect and prevent threats is very good. It provides a lot of integrations. It also helps organizations to improve their identity security posture.

It's helped us improve our mean time to detect identity-based attacks. It limits the trust. It simply doesn't trust any outside requests. Then, we can control access management. It's reduced the potential for breaches by 90%.

The AI provides a futuristic ML model. That helps a lot when it comes to shifting security approaches and helps better forecast attacks. 

It has a lot of features in place. From my end, it isn't missing anything. 

They could always add a few more modules. 

Pricing could always be lower.

Support could be faster. They need a faster response time. 

We did do a POC for the solution. However, we are not using it at this time. It took us about 1.5 months or so to understand the product. We used it one year ago.

The solution was stable. I'd rate the stability 8.5 out of ten.

The scalability is very good. I'd rate the scalability nine out of ten.

Technical support was good. 

Positive

I previously used Palo Alto. The main difference is in the cost.

We deployed the POC, and within two months, we pretty much understood the product.

The product offers an easy implementation. It's frictionless, and the effort is quite low. The deployment is also flexible, and you can perform integrations easily. We were able to implement the POC in two weeks. We had two people working on the process and four people working with the solution post-implementation. 

We have witnessed an ROI in terms of time saved by 100%.

The pricing is okay when compared to other solutions. It's moderate, and the cost is not overly high or low. 

We were a customer and end-user during the POC. We just wanted to test it to see how it would operate.

If someone is looking at Singularity, and they already have Windows Defender, I'd warn them that Microsoft's cost is quite high. They may have better luck and pricing by shifting to Singularity.

I'd rate the solution nine out of ten.