SentinelOne Singularity Complete Reviews

The primary use case for us is to use the lightweight SentinelOne agent on our endpoints. Our previous vendor's agent was heavier, which caused performance issues when scanning our systems. We were impressed with how lightweight the SentinelOne agent is and how few resources it consumes. We also use it for some of our infrastructure, which includes machines with limited resources. We wanted to find a solution that would not impact the performance of these machines.

SentinelOne Singularity Complete has streamlined the mitigation process and the time it takes to analyze and understand whether I have a true positive or a false positive. This has definitely saved me some time. The rollback feature is also a nice addition. Previously, our old solution would link out to services like VirusTotal, but it was difficult to follow these links to determine if an alert was a true positive or a false positive. For example, an alert might be labeled as a potentially unwanted application, which might not be as critical as a true positive. SentinelOne has made it easier to determine the severity of an alert. I have also noticed that SentinelOne has cut down on the number of false alerts. Our old solution would alert us to things like Chrome browser updates, which would download and make registry changes. With SentinelOne I have only encountered one alert that I didn't need to worry about.

We have definitely saved a lot of time. We had to spend some time setting up the environment correctly, scaling up the protections, and setting any exemptions. After that, the most I need to do is troubleshoot issues that are not related to SentinelOne, such as removing the SentinelOne agent if I need to troubleshoot another issue on an end-user device. Application updates, such as when a new installer is released, are the only other times I need to access SentinelOne, besides when I need to review an incident.

It has helped us reduce our MTTD. We are notified of threats quickly, and being able to see the threat on our dashboard has simplified the process. Once a threat is identified and I am on the screen, I can click once to view the visibility and see if the threat is anywhere else on our network. This is fantastic.

SentinelOne Singularity Complete has helped us reduce our MTTR.

Although it is difficult to quantify the direct financial savings of SentinelOne Singularity Complete, we have saved money indirectly through time saved.

Visibility is one of the most valuable features of SentinelOne Singularity Complete. It does not directly replace a dedicated SIM solution, but it works well for our environment and gives us the visibility into our systems that we need.

I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud. From the notification we can click into the incident to start reviewing, it is just a few clicks. I have all the data in a single pane, and I can pivot to other sources of information, such as VirusTotal, with a single click. I can also hunt for the incident on the network with a single click. This makes things much easier and saves me time from having to review logs.

One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves. This could be done in cloud storage or through our mobile device management platform. When they release a new package, whether it's an early release or a general release, I believe they could provide more value by hosting those packages directly. Currently, when they release a new package, I get notified, which is great. However, I then have to go to the portal, download the package, and replace the package that we have posted on our own cloud storage. This is time-consuming. If they could simply provide me with a link to the latest general release installer, that would be fantastic. Even if the link changes, I would only need to change the URL in our cloud storage. This would save me a lot of time.

I have been using SentinelOne Singularity Complete for five months.

I keep the central tab open in my browser. If I click Sign in instead of being signed in, the page refreshes, and I have to sign in again. I think this was just a session token expiring. I have not experienced any stability issues with SentinelOne Singularity Complete, such as crashing or downtime.

SentinelOne Singularity Complete is scalable to our infrastructure and endpoints. Once we figured out the deployment hurdle for Windows and Mac, we were able to push it out to all of our endpoints without any problems. I can break out devices into different sites and groups, and some of those groups can be dynamic. For example, if I'm looking for a Mac computer versus a Windows computer, I can just click on the group and see all of them there. I can also add tags for anything, such as the OS version or if the person might be a specific risk. These are non-relational attributes and values that we can set, so we can define whatever schema we want. It's fantastic.

The technical support team was quick to answer my question and their answer was precise. I didn't have to go back and forth with them or explain things multiple times. They gave me exactly what I needed.

We previously used BitDefender and Malwarebytes. SentinelOne Singularity Complete was priced similarly, and we felt that it had better support. When we had a support issue, it was answered and resolved quickly. Additionally, the visibility and ability to traverse the logs of all the other devices in our network were invaluable. This allowed us to see if a threat might be present elsewhere in our network. This is what ultimately led us to choose the complete solution over the other SKUs that they offer.

SentinelOne Singularity Complete has a lightweight agent. Additionally, some of our servers are running older operating systems. The agents from our previous vendor did not work well with these older systems. I specifically looked for a new solution that would not be a watered-down solution and would function across our legacy architectures as well as our current modern setup.

Another benefit of the Singularity Complete solution is the increased visibility it provides. We are able to collect data on endpoints that are connecting to specific IP addresses or installing specific files with similar hashes. This allows us to see how far a threat has propagated through the network or if anyone else has it installed. This is something that we could not do with our previous solution.

We use Windows and Mac computers. Deploying SentinelOne on Windows was fairly easy. We were able to do it through our remote management solution. The installation was straightforward and simple. The most difficult part of the process was that the device had to reboot in order for SentinelOne to connect to the visibility service and bring everything online.

Deploying SentinelOne on Mac was a bit different. This is primarily due to the way the macOS operating system works. We need to grant specific privacy permissions to applications in order for them to have full disk access or screen recording capabilities. We found that if we installed SentinelOne on the user profile of a Mac computer, the user's administrator could remove it. This is not ideal, so we had to go back to the drawing board and deploy SentinelOne through our MDM solution.

The biggest headache was that, in order to deploy SentinelOne through MDM so that users did not have to grant privileges to the application, we needed to create a Privacy Preferences Policy Control profile with the specific permissions granted for the SentinelOne bundle ID. We then pushed this profile out to all users. Once we did this, the installation was seamless.

A few colleagues and I completed the implementation in-house.

We have seen a return on investment in the form of time savings. We used to spend more time on incidents, but now we can quickly triage them and move on to other things. This has freed up our time so that we can focus on more important tasks.

We did receive a competitive price for SentinelOne Singularity Complete. However, I believe the retail pricing, or MSRP, is a bit high. I hope we can get the same competitive pricing through our reseller when it comes time to renew. I still believe there are benefits to the solution, even if we had to pay the list price. However, I think they could be more competitive with their upfront pricing.

I would rate SentinelOne Singularity Complete eight out of ten. The room for improvement is to add some additional features, such as Ranger, which they sell separately. I see a lot of value in Ranger, and I wish it was included with the complete purchase.

We do not have any direct plugins for SentinelOne Singularity Complete, such as Ranger. Ranger is an add-on that I believe can be purchased through SentinelOne to expand our visibility. We do not have that, and I wish it was included because there are quite a few nice features that I would hope to see eventually included or trickled down to the complete solution. I feel like those are just a few other cherries on top that would really put this package over the top. One of the struggles I have in a Mac environment is creating a custom application creating the Privacy Preferences Policy Control profile and setting everything correctly so that users do not need to interact with the application when it is pushed to them. SentinelOne has clear documentation and works with a few MDM vendors that have documentation already published. So when we were running a POC for a few of these vendors, it was very easy to get that set up, which is not something I can say for other applications.

SentinelOne Singularity Complete is an intuitive product. I found the getting started guide and active preparation checklist to be very helpful. The checklist is well-documented and comprehensive, and it covers everything from the initial purchase to GoLive. The support team was also able to answer any questions I had about navigating the application. The interface is mature and user-friendly. I have not encountered any major issues so far. Overall, I am very happy with SentinelOne Singularity Complete.

SentinelOne Singularity Complete is definitely valuable as a strategic security partner. SentinelOne Singularity Complete was our top choice, and we are happy with it. I would definitely recommend it to my colleagues if they were looking for a solution for their company.

Maintenance is only required when the vendor releases a new general access version of the installer. I need to download the new version, upload it to our servers, and make sure it deploys successfully to our machines. This is the extent of my maintenance responsibilities. I do not need to directly interact with the application itself.

I would recommend that people evaluating SentinelOne Singularity Complete try it out to see if it is right for their environment. SentinelOne offers a trial that can be set up for their environment. When an organization purchases the product, they will flip a switch and there is no need to set anything else up. This was beneficial for us because we did not have to waste time setting up and deploying the product to a few devices in our environment only to have to do it again after we purchased it. I would also recommend engaging with the resources that SentinelOne provides to get a good understanding of the product. We can tweak the settings and see how it responds to different threats. If organizations have any specific needs, they can talk to an engineer during the trial. This was helpful for us because the engineer was able to make changes to the settings to meet our needs. Overall, I would recommend taking a look at SentinelOne Singularity Complete. I was initially overwhelmed by the different SKU offerings, but I was able to work with sales to find the best package for our needs. The SentinelOne team has been very helpful.

We use SentinelOne Singularity Complete to manage incidents that come in. 

We wanted a solution that could help protect all of our endpoints. SentinelOne Singularity Complete is on all of our servers, and all of our endpoints, to protect against threats to the university.

SentinelOne Singularity Complete has aided our organization by offering a centralized platform for comprehensive visibility. It has enabled us to conveniently monitor all threats and manage our devices through the antivirus, all within a single interface.

SentinelOne Singularity Complete has certainly reduced the number of alerts over the past two years in my experience. We receive very few alerts now, which is excellent.

It has helped us free up our time to focus on other tasks. The solution is very helpful for configuring various exclusions. This ensures that the alerts we do receive, which are false positives, will not pester us in the future. This definitely provides us with more freedom and time to work on other matters.

Singularity Complete has helped reduce our MTTD and our MTTR, which is now just a few minutes after detection.

It has helped our organization save costs.

Singularity has certainly reduced the risk for our organization. With its installation across all endpoints and servers, we are confident that it will effectively protect us against malware or intrusions attempting to breach our environment.

I find the application inventory feature to be extremely useful. We utilize GreenMile for MAC management, and it's not as straightforward to locate the inventory of the applications installed on our computers. As a result, I have been using the application inventory feature more frequently to accurately identify the programs installed on each machine.

One aspect to consider is the SentinelOne network firewall they have in place. I believe they implemented it approximately a year ago. Initially, we faced challenges during the setup phase, which consumed a considerable amount of time. Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful. While the idea behind it appears promising, I think SentinelOne should consider removing it.

I have been using SentinelOne Singularity Complete for almost two years.

Singularity Complete is stable and I have not seen any downtime.

We don't possess as many endpoints in comparison to, I suppose, other companies and universities. However, I believe that if we were to double them today, scaling Singularity Complete would become quite effortless.

The times I've contacted customer support, it has been really good. There was only one instance when the support was very poor. However, after my concern was escalated to a supervisor or someone on the management team, my issue was resolved. So, I believe that was the only occurrence out of numerous customer interactions.

Positive

We previously used ESET. 

I would rate SentinelOne Singularity Complete a nine out of ten.

We currently only have a couple of integrations with Singularity Complete. I believe there is potential for more integration. As of now, we have only installed two apps that integrate with Singularity Complete.

No maintenance is required from our end.

SentinelOne is excellent as a strategic security partner. There have been numerous advancements, and since I began using the platform two years ago, they have undergone substantial changes. They have introduced many new features, and I have witnessed significant company growth over the past two years.

I suggest examining the various features available in SentinelOne's complete version. We have experienced numerous advantages with it. Often, when SentinelOne introduces new features, we don't notice them until they are fully developed. It's beneficial to explore some of the new features that are in beta. This allows us to experiment with them and assess how they can enhance our environment.

One of the companies we conduct business with received ransomware. As a result, we sought to enhance our security posture, commencing with our employees. SentinelOne Singularity Complete was procured to gain visibility into our company's resources. We aimed to possess the capability to detect whether our users were encountering malware, viruses, or incidents.

We used to employ Norton antivirus on all our assigned desktops and laptops. Unfortunately, we had no visibility in this setup. Consequently, if a user were to acquire a virus or download malware or anything suspicious, we wouldn't be informed. While users do receive prompts indicating suspicious activities, they might not always report them. Hence, gaining visibility became our top priority. I required a solution that would allow me to monitor such activities. For example, if a user were to download something malicious or suspicious unrelated to their daily tasks, or even if they were to download malware, I needed immediate visibility. This would enable me to promptly quarantine the threat, resolve the issue on the affected device, and collaborate with the respective employee. The goal was to raise awareness about their downloads, educate them on safe practices, and enhance their overall understanding of their actions. SentinelOne Singularity Complete helps address our requirements.

The primary advantage of SentinelOne Singularity Complete for our organization is enhanced visibility. The secondary benefit is my belief in the product having a much stronger support system. This implies that no one in the company has the necessary resources to identify and address malware effectively, resulting in their product not being up to par in terms of providing comprehensive protection for end users. While our previous endpoint management, Norton, was good, it fell short of greatness. I strongly feel that no other product truly excels. I've gone through numerous reviews, made comparisons with alternative solutions, and utilized other options. This wasn't just a slight improvement in polish; it genuinely ensures the safeguarding of end users and the entire company.

I haven't received many alerts. Ironically, of the alerts that I have received, most were originating from my device. As I am the technology leader for the organization, there were certain tools on my laptop that were flagged almost immediately upon installing the agent. So, in an ironic twist, I was flagged. However, it's actually quite positive that my end users haven't engaged in any activities that could be deemed malicious or suspicious. I receive emails and reports promptly, so I'm genuinely surprised that the tool behaves this way. Interestingly, when it did flag certain processes and software on my devices, they were actually legitimate pieces of software that I regularly use. Nonetheless, I'm pleased that SentinelOne Singularity Complete was able to promptly detect these instances.

I am the sole technical person in the company, and the solution has enabled me to concentrate more on enhancing the organization's security posture. This foundation and framework have paved the way for me to pursue additional projects in the field of security for our organization.

The mean time to detect is nearly real-time. When I identified potential threats, the response was nearly instantaneous after installing the agent and running the initial scan. It promptly identified all issues. I received an immediate notification to quarantine those processes and applications. This allowed me to conduct a more in-depth investigation and confirm that these processes should not be present on the device.

SentinelOne Singularity Complete has unquestionably aided in diminishing our organizational risk. The solution significantly reduces overall risk, just as it claims. I have examined numerous white papers and engaged in discussions with numerous individuals within the organization to establish a sense of confidence in recognizing SentinelOne as a market leader. Their enduring presence is apparent, coupled with their commitment to thorough research, which is consistently integrated into their products to ensure their relevance and continued usefulness for consumers.

The visibility component is the most valuable feature. Having the capability to delve into the specific resources that the devices are actively using provides us with the breadth and visibility that we seek. Additionally, being able to accurately track our users' activities, such as identifying when they are downloading PDF attachments, enables us to promptly detect any potential issues.

I would have liked the dashboard to be more user-friendly. I often have to navigate through several menus to locate exactly what I'm searching for. I had difficulty finding the site token required for device installation or agent installation on devices. It actually took me quite a while to locate these menus. Instead of having them at the top after selecting from the left-hand side, they list the sub-menus at the top. This forces me to scroll through my screen to access all the different sub-menus. If they were placed underneath the main menu or bookmarked on the left-hand side, it would make navigation significantly easier. 

I would appreciate having more comprehensive reporting. While I believe the current reporting is accurate, I find it slightly simplistic in my view. However, I want to note that I've been using the product for only about a month, so it might take more time to fully process the information and generate detailed reports.

I have been using SentinelOne Singularity Complete for 2.5 years.

SentinelOne Singularity Complete is stable. I haven't encountered any crashes or errors during installation. There have been no unusual glitches on the management console. Over the l;ast 2.5 years I'm extremely satisfied with the solution.

I don't have any issues with the console scaling. When I logged in earlier today, SentinelOne performed a complete site upgrade in the background, and I didn't even notice it. Scalability is also not a problem with agent inflation in my company. I have been able to deploy agents without any trouble. Initially, there was a minimum purchase requirement, which was slightly higher than our install base's cost. However, I was comfortable with purchasing the additional licenses. Therefore, if we do experience growth, licensing won't be an issue. I want to ensure that we remain within the appropriate range for that.

I have been informed that even if we experience a sudden surge in growth among our customers and we continue scaling and deploying agents, we will catch up with the licensing costs beyond our initial purchase price within the year. So, I am confident that they can scale effectively. Although my installation is relatively small in comparison to some larger organizations I've worked with in the past, I am aware that these products can scale to accommodate thousands of devices. I have full confidence that if we were to experience explosive growth within our company, I would be able to manage it without any issues.

I only had to use technical support once because my email address had not been added to various websites they have, such as their tech support and community website. For that issue, I had to contact my account manager because the tech support site hadn't recognized it yet. However, that single email was corrected almost immediately. Within five minutes, a community manager contacted me, informing me that I had been added, and I could proceed to log in to all the different sub-websites of SentinelOne to access the various resources they provide. The matter was resolved extremely quickly.

Positive

Norton AV.  We chose to switch to SentinelOne as a more advanced NextGen AV that was enterprise ready.  We made the switch as our company began to grow.

The initial setup is extremely easy. I collaborated with my team to grant trial access, allowing me to configure a single device and assess its functionality. Furthermore, the website's cloud segment was established automatically by SentinelOne. Upon downloading the package, it was promptly recognized, and the device was seamlessly incorporated into the cloud-based management console. This enabled me to effectively oversee, configure, and comprehend its settings. The overall process struck me as remarkably straightforward, even when I noticed that there was an error in the naming of my management console. A quick email to my account manager rectified the issue, with their prompt resolution at their end.

I completed the deployment on my own.

No 3rd party was used for the deployment.  After the initial portal was set up for us, the installation on the devices was straight forward.

No real ROI, however, I do feel more secure as a company knowing our devices and servers are protected with a terrific solution from SentinelOne.

Licensing and pricing were inline with my expectations.  There was a minimum license requirement, but as we continue to grow, we were ok with that minimum purchase requirement.

SentinelOne (Winner), Carbon Black, Trend Micro.

I would rate SentinelOne Singularity Complete as a ten out of ten. The reason is that I found the visibility I was looking for. It identifies suspicious software immediately; I experienced this firsthand when it detected such software on my device while I was using certain tools. This assures me of the solution's effectiveness. The management dashboard is largely user-friendly and provides all the information I require. It allows me to search deep within the processes of the running instances. Therefore, I consider it a strong offering, especially since many competitors provide similar services. In terms of knowledge, SentinelOne Singularity Complete competes well with these other vendors. I am highly satisfied with my purchase.

SentinelOne Singularity Complete's ability to save us costs is currently unknown. The purchase of SentinelOne Singularity Complete was significantly more expensive than the Norton software we had previously been using on our other devices. However, there is a balance, and I have visibility into this. I have the agent and the support of a much larger organization that is specifically focused on this. Therefore, the increased cost is justified for what we are aiming to achieve. While it might potentially save us a significant amount of money if one of those devices becomes infected with serious malware that leads to ransomware or similar issues, its primary purpose is also to prevent such situations. In conclusion, whether it will ultimately save us costs is a complex question with both positive and negative aspects.

I downloaded the package from the cloud and had to search extensively to find the site token for proceeding with the installation. It would probably be easier if the package were downloaded directly from the cloud. The solution would recognize that it has been downloaded from my account on the cloud and wouldn't require applying that token. I think that might be simpler from an administrator's point of view. I appreciate the ability to create automation for updating the agents. I found that feature very useful, as it eliminates the need to update each device individually to a newer version or to manually check the cloud for a newer version. Once I approve the update, the automation tool handles the update process automatically. I really like that aspect.

Maintenance is straightforward. I accomplish this by creating automation for the agent upgrades whenever new versions are released. Once I receive the email notifying me of a new version, I access the console. In a matter of five minutes, I can generate automation that will proceed to update all the agents within our console automatically. Therefore, performing this task doesn't require much effort from my end.

I value SentinelOne as a strategic security partner. I have experience with other security products within much larger enterprises, some of which are significantly more expensive. Certain products require an entire team to initiate and run, demanding a substantial amount of time and effort to set up the infrastructure, create the necessary site, and proceed with deploying project management, involving multiple meetings. My engagement with SentinelOne was quite streamlined. I had only two meetings with them: one to familiarize myself with the product and a second one to make the purchase and understand the procurement process. Everything was handled by their team from the backend. If I remember correctly, these interactions took place on the same day. I had a meeting around ten o'clock, and by approximately three o'clock, the management console was prepared for my access. This allowed me to start deploying the agent for testing purposes. In my view, SentinelOne exhibits a customer-centric approach. They not only focus on the security aspects of their consumable product but also prioritize their customers. The professionals I collaborated with demonstrated a clear understanding that their clients come first. Overall, I am deeply impressed with SentinelOne. While I have experience with other vendors and larger corporations that hold more industry recognition, my comprehensive impression of SentinelOne over the month and a half of evaluating the product, and the subsequent month of using it, is exceptionally positive. They indeed offer a highly effective product that aids consumers in maintaining the security of their devices.

I recommend that organizations conduct their own thorough research and due diligence. Don't solely rely on marketing speeches. The security field has numerous players, many of whom offer similar services. Personally, I have experience with some of these other solutions that function very similarly to SentinelOne Singularity Complete, including their management platforms and agent-based solutions. What stood out to me was the depth of SentinelOne's research. They delve into the core aspects of security, beyond just product user-friendliness, easy installation, or a visually pleasing dashboard. Their commitment involves meticulous research into prevalent malware and viruses. They ensure that the solutions they provide can rapidly detect zero-day attacks and malware, offering immediate protection to their customers. In my view, SentinelOne stands out because they genuinely prioritize their customers' interests. They demonstrate their commitment through their dedicated research and development, and by offering applications that effectively safeguard customers. 

We use SentinelOne Singularity Complete for EDR. It is a one-click recovery.

SentinelOne Singularity Complete stands out for its ability to collect logs from any security tool we have, bringing together all our data onto a single, unified console.

The Ranger functionality helps identify vulnerabilities in our environment.

Singularity Complete is a complete security solution that goes beyond just alerts. It provides a dashboard that displays all configured security alerts, including lateral movement, consumer attacks, and any other relevant events, on a single console for easy monitoring and response.

Singularity Complete helps free up our time and has reduced the mean time to detection.

It also helps reduce the mean time to remediation and helps cut our client's costs by 75 percent.

Singularity Complete helps reduce organizational risk and improve compliance.

The most valuable feature of SentinelOne Singularity Complete is the STAR Rules.

While our current remote access to SentinelOne Singularity Complete is achieved through publishing, having a direct GUI interface would be a significant advantage for our user and administrator team. This console access would provide a more intuitive and efficient way to manage the platform.

I have been using SentinelOne Singularity Complete for one and a half years.

I would rate the stability of SentinelOne Singularity Complete nine out of ten.

I would rate the scalability of SentinelOne Singularity Complete ten out of ten.

The technical support is excellent.

Positive

SentinelOne Singularity Complete is reasonably priced.

I would rate SentinelOne Singularity Complete ten out of ten.

SentinelOne Singularity Complete stands out in the EDR market by offering a unique million-dollar guarantee, demonstrating their confidence in the product's ability to effectively protect our systems. This financial backing signifies a strong belief in its performance, something no other EDR vendor currently offers.

SentinelOne Singularity Complete is a zero-maintenance product. It's supported by their management defense research team which is working on the console update as well as the automation of the agent-client updates.

I would recommend SentinelOne Singularity Complete.

I use the solution for endpoint protection, including features like EDR, antivirus, and advanced threat prevention.

Singularity Complete has significantly reduced response time for our clients. With its multifunctional capabilities, it streamlines processes, allowing quicker and more efficient responses to various issues.

The most valuable feature of Singularity Complete is the Ranger function.

Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions. 

I have been working with SentinelOne Singularity Complete for a year.

I would rate the stability of the solution as a nine out of ten.

I would rate the technical support of SentinelOne as an eight out of ten.

Positive

The initial deployment of the solution was straightforward. SentinelOne is typically used across multiple locations and departments for our clients. Fortunately, it demands very little continuous maintenance.

The solution is reasonably priced.

Before choosing SentinelOne, we evaluated other solutions, including SmartOps. SentinelOne stood out with its advanced AI engine, especially evident in recent micro-attack evaluations.

Singularity Complete offers strong integration capabilities with over 100 APIs and excellent integration with other SentinelOne solutions.

Asset visibility with Singularity Complete is crucial for my clients as it enables a clear understanding of their network and assets. It is important because without knowing what is in their environment, it is challenging to secure it effectively.

It is crucial for me that Ranger requires no new hardware or network changes. This is very important as it simplifies deployments and enhances scalability for us.

Ranger assists in preventing vulnerable devices from being compromised. It can isolate devices on the network in response to a threat, automatically detecting and responding to issues such as a virus, ensuring swift action and containment.

Singularity has successfully reduced alerts by 80%, significantly improving the efficiency of the alert management process.

Singularity has freed up people's time, reducing their workload by approximately 45%, and enabling them to focus on other projects and tasks more efficiently.

Singularity has proven to be cost-effective for our clients, with an estimated cost reduction of around 30%.

SentinelOne Singularity Complete is high quality and built for enterprise-level security.

I'm very pleased with SentinelOne as a strategic security partner. Overall, I would rate SentinelOne Singularity Complete as a nine out of ten.

My advice to new users is to adopt SentinelOne's Singularity Complete platform, and if feasible, opt for the visual response option for enhanced security measures.

We are a service provider with a huge customer base. Singularity Complete is a tool we use to protect our clients from ransomware and other external threats. SentinelOne has been our strategic partner for a long time, and we are one of their platinum partners in Central Europe. It covers all endpoints like laptops, desktops, and servers. It's used everywhere. 

We manage multiple clients with Singularity Complete, and the clients are happy with the protection it offers against external threats or ransomware attacks. It's an excellent tool for detecting those and preventing much greater damage.

Once you deploy the tool and spend a few weeks fine-tuning it, Singularity helps reduce the number of alerts. It decreases your alerts by around 25 percent. Singularity frees up staff for other projects and tasks.

Singularity has reduced our mean time to detect and respond. At most, detection takes up to 30 minutes. The response time depends on your configuration. Quarantine is happening in real-time. 

I like Singularity's rollback features, threat-hunting, and Ranger Insights. The Ranger feature scans the network and provides visibility into all the unsecured assets. It doesn't require any agents or network changes. It just gives us information about the unsecured assets that aren't managed by the IT departments of any company. It detects the vulnerabilities but doesn't prevent them. 

Singularity's reporting isn't that great. The dashboards could be more customizable. It could be better integrated with other tools. SIEM tools provide better feeds. Singularity is a separate product altogether. It does not give enough information to integrate with different solutions to correlate better.

I have used Singularity for three years.

I rate Singularity Complete eight out of 10 for stability. 

I rate Singularity Complete nine out of 10. 

I rate SentinelOne support four out of 10. Their response is usually slow, even for priority one issues. They don't get on a call and fix the issue. They keep asking questions, so it gets frustrating sometimes. 

Positive

Deploying Singularity was straightforward. The only issue is with the interoperability with other tools running in the customer's environment. We faced some challenges, but those were the initial teething issues. The solution requires some maintenance. You need to continuously update the agents and apply patches. We need multiple people to maintain the solution because we are a service provider with a huge customer base, but if you are deploying it for one client, one engineer is enough.

If an organization does not use this tool and gets attacked by ransomware or a threat, and it will incur costs in terms of a ransom or business loss. Singularity reduces organizational risk by about 30 to 35 percent. 

Singularity is reasonable, but a few clients say it's expensive because they're comparing it with traditional antivirus. The pricing could be much cheaper for the Asia-Pacific region because it's a price-sensitive market.

I rate SentinelOne Singularity Complete eight out of 10. Singularity Complete is a high-quality tool. The detections are good. We don't see many false positives. It's a good tool. It's still maturing but good. 

We use it mainly for EDR, alert handling, and development. It's a detection and response tool. It is mainly for protecting endpoints and having response capabilities. We use it as the one endpoint solution for all departments and all operating systems.

We get a lot of data from SentinelOne about threats, and obviously that helps protect the organization.

It helps reduce alerts because it can correlate the data. It doesn't just depend on hashes. It can see the behaviors, and that helps a lot to reduce alerts. Compared to our previous tool, it is detecting 20 to 30 percent fewer false alerts.

In addition, because it has real-time detection, it helps decrease our MTTR. Within seconds, we'll get the data. And for mean time to respond, we need to collect the data, and most of it is available. So it takes us five to 10 minutes to respond after detection.

For our organization, security is very important. If a solution is protecting us, it is like saving money. With SentinelOne's features and the fact that it is in the cloud, that makes it cheaper. As an EDR tool—the best one—it helps to reduce risk; in our organization by 30 to 40 percent.

They provide a map, a process tree, and that is pretty good for analysis.

Also, it can be integrated with third-party threat intelligence tools. From that perspective, it's good. And we can ingest SentinelOne data into Splunk and correlate and provide analysis on that.

It gets data from all the endpoints, and we'll have that in a centralized place, and we can track those cases to detect the threats. It helps protect the organization in that way.

And Ranger provides network and asset visibility. We have network-level data visibility, as well as endpoint data and application layer data. It has a good feature to collect all the domains that are initiated. That helps us see if there are any malicious connections on the machines. And it's simple because Ranger requires no new agents, hardware, or network changes.

They could add more visibility on the network side. That is currently done via a plugin.

Also, it would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations.

I have been working with SentinelOne Singularity Complete for about one and a half years.

It is a stable solution and it is growing.

It can be extended in the cloud, so the scalability is a 9 out of ten.

The tech support is really good. We get responses on time, as defined in the SLAs.

Positive

The SentinelOne team helps with the implementation, and as it is a cloud SaaS application, we didn't have to do much. They have pretty well-defined documentation, and it is straightforward. And similarly, the maintenance is taken care of by the vendor.

We are seeing ROI because we are securing and protecting the company and, obviously, protecting its money as well. As an EDR, it's doing a good job of protecting the endpoints.

It is comparatively cheap in the market and provides a good price point.

In terms of maturity, SentinelOne is a good tool.

It can be used in any department in an environment with Windows, Linux, and Mac machines.

Use it, but start with documentation. Once you understand the basics, it is pretty straightforward.

We perform a relatively detailed hunt in our environment for specific IOCs and indicators. Specifically in regards to compliance organizations or regulatory organizations that release data, we need to validate that no IOCs for those specific threats exist in our environment. We can go back to a specific period of time, so we can validate that things like that do not exist. We can also correlate activity in our environment with endpoint data with a high level of efficacy.

I have administered lots of different AVs in my long tenure as an AV EDR administrator. This is quite honestly the first one of this type. With a tool like Singularity Marketplace, getting an integration running is just a matter of creating an API key and plugging it in. It is really cool. With the Singularity data lake that we have been learning about during this conference, it looks like it is going to be pretty painless to ingest from sources that we are already collecting from and dump them straight into SDL. We have a higher level of visibility and a better grasp of the data we are collecting. There is a reduced time to detection and high efficacy correlations.

I am an analyst, and Singularity Complete definitely makes making a determination, researching a specific threat, or trying to correlate it much quicker. Instead of spending a whole day trying to research something, I can knock it out quickly and then move on to other tasks. It makes me capable of doing a job that would typically require another person at least. There is greater job satisfaction. I do not get burnt out.

Singularity Complete has helped us bolster our defenses, so the downstream impact is reduced alerts because we are able to not only triage issues but also proactively apply defense with STAR rules and things like that. We are able to reduce alerts just because we are getting protection on the front side. There is the granularity of the data that we can query through deep visibility in particular to refine our custom STAR detections. That does help decrease the work.

Singularity Complete has absolutely reduced our organizational risk. Compared to where we came from with the traditional endpoint protection, our ability to respond to emerging threats has really matured. The level of actual attacks that we have to respond to is drastically reduced. It is hard to quantify the reduction, but there is at least a 25% to 35% reduction.

SentinelOne is a big value-add to the organization. They are continually pushing forward and innovating. They are constantly developing new things. As I am learning about new features here at the conference, I am logging into the console, and some of those features are already there. I know they waited until this conference to release that, but they are still cool to see. It feels good to work with the product and to be learning a product that is not getting stale.

I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time. We typically go back 90 days for most things, but we could go back further.

The ability to pick it up is also valuable. It is very intuitive. It does not require a lot of training. For example, we had an intern over the summer who joined us. We were able to get him up and running in the visibility very quickly without a lot of hand-holding.

Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend.

I have been using this solution for between two and three years.

Its stability is excellent.

Its scalability is excellent.

I have dealt with a lot of support in my time, and SentinelOne's support is the most responsive one I have ever had. However, I currently have an ongoing support case, and I am struggling with getting that escalated, which colors my overall perception of it. We are getting active updates daily though, so they are engaged. Even if we have not found a fix yet, there is an active conversation or two-way communication. Overall, their support is superior to others that I have dealt with. I would rate their support a nine out of ten.

Positive

We were using another solution previously. The main reason for switching was the efficacy of the product. SentinelOne was tested against several competitors when renewal time came up, and it exceeded expectations and performed better than others. 

The previous product was a traditional endpoint protection. It was very signature-based. It always felt like we were behind with new types of attacks and new types of malware because we had to wait for signatures to come out and things like that. It felt like we were always trying to catch up. With SentinelOne, we feel like we are better protected from the start. 

There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare.

We evaluated Cisco AMP, Microsoft Defender, and McAfee. SentinelOne exceeded expectations and outperformed all of those. We did a bake-off against those solutions and found SentinelOne to be the most effective.

Overall, I would rate Singularity Complete a nine out of ten.