SentinelOne Singularity Complete Reviews

SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.

SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.

The ransomware rollback feature is the best aspect of SentinelOne Singularity Complete that stands out the most. We haven't had to use it yet, but it allowed me to demonstrate to our insurance providers that I had a recovery mechanism for the rollback.

SentinelOne Singularity Complete has positively impacted my organization by helping with trust amongst the organization. There is no longer any doubt that we are protecting the endpoints. Also, with USB exclusions and other features, it has helped with data loss prevention. I am now able to measure DLP attacks.

My impression of SentinelOne Singularity Complete's ability to ingest and correlate across my security solutions is phenomenal. It's great to have that central location. With SentinelOne Singularity Complete, I have been able to remove three additional products from the environment.

I use SentinelOne Singularity Complete's Ranger functionality, and it's one of the most important things I have.

There really aren't any areas for improvement in SentinelOne Singularity Complete. I'm excited to watch the continuous improvement to the storyline.

SentinelOne Singularity Complete is stable in my experience.

SentinelOne Singularity Complete's scalability is extremely easy to achieve as new endpoints and new detection points come on board.

The customer support for SentinelOne Singularity Complete is phenomenal.

I would rate the customer support a ten on a scale of one to ten.

We were a new company, and we picked SentinelOne Singularity Complete first without using a different solution before.

SentinelOne Singularity Complete has helped free up my staff for other projects and tasks by saving us multiple hours a day because we can now get the visibility and the automation.

SentinelOne Singularity Complete has helped reduce my organization's mean time to detect by fifty percent.

SentinelOne Singularity Complete has helped reduce my organization's mean time to respond by eighty percent.

My experience with pricing, setup cost, and licensing for SentinelOne Singularity Complete was flawless while working with my account manager. For the first time in a long time, I enjoyed the process.

I did not evaluate other options before choosing SentinelOne Singularity Complete.

The advice I would give to others looking into using SentinelOne Singularity Complete is to have your inventory counts available, document your ingestion points, and proceed with the implementation. I think it's a great product. I would rate this review a ten on a scale of one to ten.

Public Cloud

I create policies based on the regarding policy, which means I created custom rules regarding the use case and customer use case.

Most of my use cases are related to the event ID and the process event, so it is easy to use.

My impressions of SentinelOne Singularity Complete's ability to ingest data and correlate across the security solutions is that it is better for blocking the hash value and generating the rules manually. It is easy to use.

Overall, SentinelOne Singularity Complete helps me consolidate my security solutions, being the best in endpoint, cloud, and identity.

The best features in SentinelOne Singularity Complete are in the SIEM solution, including the block list in hash value block list and anti-tampering mode.

The best part of the Ranger functionality is that it helps find known and unknown devices, locate IoT devices, and determine how many agents have not been installed in SentinelOne, making it easy to count how many machines are not installed and find IoT devices.

SentinelOne Singularity Complete has helped reduce alerts for me, with the best part being the exclusion, as it has already marked most of the alerts in the cloud as false positives.

SentinelOne Singularity Complete has helped free up my staff for other projects and tasks.

In the SIEM solution, I would like to see improvements in the data injection process, as it is very fast, and the log collector option is very nice. However, there are issues in blocking the hash, which is complicated due to different segregation for Windows, Linux, and macOS, so I ask for an improvement in this hash blocking function and the manual generation of how many VSS snapshots.

I have been working with SentinelOne Singularity Complete for the last two years.

The performance issue with SentinelOne Singularity Complete is very good, but the hash blocking remains complicated and generating many snapshots manually is a recurring challenge.

I work with the Ranger functionality in SentinelOne Singularity Complete, which is used to identify known and unknown devices both in and out of networks.

I evaluate the customer support team of SentinelOne Singularity Complete highly, stating that they provide good support with 24/7 availability.

Positive

I decided to switch to SentinelOne Singularity Complete because it offers a single solution for the endpoint SIEM and singularity purpose, and the console is very easy to handle.

There were challenges during the setup, particularly with the custom rule as the customer asked for application-level blocking that I did not fully understand.

The project time is not the means full completely solution but it saves up to 40 days.

Apart from the escalation matrix, I have seen improvement in the mean time to respond, with critical alerts raised below up to 15 minutes and false positive alerts raised in up to one hour.

I mostly use the custom rule and small things for the event type, event query, and searching in event query, focusing on endpoint based solutions in SentinelOne Singularity Complete and the SIEM solution.

I would rate the technical support of SentinelOne Singularity Complete a nine.

I have no recommendations for improvement regarding SentinelOne Singularity Complete as a product or solution.

I rate this review a nine overall.

Singularity Complete integrates well. We have changed our monitoring solution, and SentinelOne supports that solution. We are using SecureWorks to monitor our system. It is directly using the SentinelOne agent. All security logs for SentinelOne and other security products are being pushed to that one. SecureWorks consolidates all the logs and alerts, and we are getting 24/7 monitoring.

Singularity Complete significantly reduces alerts. It has reduced false positives by 30% to 40%.

Singularity Complete helps free up our staff for other projects and tasks. We have fewer false positives. We are very comfortable with it. Before, we had to provide extensive technical support for endpoint protection, but after installing the agent, administration became much easier.

Singularity Complete has been excellent, and we have not faced any issues in the last three to four years. It has reduced critical risks significantly.

Singularity Complete has reduced our mean time to remediate to a good level. It has also reduced the organizational risk.

We have used Ranger, but it is not always useful for us because most of our users are working from remote areas. It is a bit difficult for Ranger to identify them because they are working with some local networks. However, we are protecting our endpoints with the agents. It is mandatory for our technicians to install this agent.

APT and ransomware protection is valuable. We also use the Vigilance service from SentinelOne. It is a complete XDR platform for us.

Sometimes, support can be lacking. We would like to have more interactive sessions, which are not currently available. A chat service for technical support would also be beneficial. With other vendors, we are able to resolve small issues through the chat, whereas with SentinelOne, we have to open a ticket. Without a ticket, we cannot do anything. It takes more time.

They should host a data center in Saudi Arabia, making it easy for customers to go for a SaaS model.

We have been working with SentinelOne since 2019. It has been almost five years.

For EDR, the solution is perfect. Over the five years of using it, many improvements have been made. Initially, there were issues, particularly on the management side, but now the console is much more stable.

They can provide more interactive options for support. For example, a chat service would be beneficial.

Positive

Previously, we were using Trend Micro, which posed a lot of issues. Trend Micro has different products for different things. For example, they have a different product for servers and a different product for clients. For management and reporting, there is another product. We have to manage a lot of things in Trend Micro. 

SentinelOne has consolidated these functionalities into a single platform, greatly reducing our workload. 

The SaaS model is better, but due to some regulations, companies are hesitant to go for it. 

Deployment was challenging because we did not have software distribution capabilities at the time, and my technicians faced many challenges. I tried using group policy, and it worked for some clients, but not all, since half of my employees work remotely. Once deployed, agent updates were automated from SentinelOne. 

Maintenance is not required because we are using the SaaS model. We do not have any servers to manage, as it is a SaaS-based solution. When there is a new agent release from SentinelOne, we just have to deploy it from the console.

We have different entities inside our organization. It took us three to four weeks to deploy to about 1,500 endpoints. 

My team handled the deployments. We had five to six technicians.

We have not faced any attacks since we implemented it. We had some critical incidents before this. In that respect, we have saved costs.

Its cost is similar to Trend Micro, but the protection is much better. If you want protection, you have to pay the price.

This technology is perfect for us. They are good at innovation and enhancements. We have good visibility across the network and endpoints. The product is continually improving, and I am very satisfied with it. I have already recommended it to a few people.

Overall, I would rate SentinelOne Singularity Complete a nine out of ten. There are areas for improvement, such as support and hosting data inside Saudi Arabia.

For the major use cases for the client, I would mention EDR.

I have worked and implemented Purple AI. While we were in India, it is more about data privacy as a protection law which has been implemented. Purple AI is collecting all the information which needs to be evaluated and correlate this entire data and segregate and disseminate into different roles and privileges. We have utilized that. These are the mechanisms which are very new into the Indian market and customers and their team members created it and accepted it as well. That is one of the major reasons to sell SentinelOne Singularity Complete.

However, we have not implemented the SecOps feature in major installation as of now.

SentinelOne Singularity Complete helps to reduce alerts by almost fifteen to twenty percent. The false alert activation is much more effective in SentinelOne Singularity Complete in competition with all the comparative tools.

It helps to free up my people and staff for other projects. It depends on a project-to-project and team-to-team basis, but it really helps. I would estimate between thirty to fifty percent.

SentinelOne Singularity Complete helps to reduce MTTD by about twenty to thirty percent.

For MTTR, it is almost another way for between fifteen to twenty percent.

As a reseller and user, I would say that SentinelOne Singularity Complete is better than its competition. I have evaluated Palo Alto, Trellix, and CrowdStrike as well. SentinelOne EDR is much better than all of them. The capability and technical capabilities are superior. It is efficient and faster detection.

For ingestion and correlation across security solutions, the agent is quite heavier when compared to other competition. The agent has to be light-weighted. That is one of the drawbacks for the competition. They have to work quite a lot.

I have been selling the product for three and a half years.

As for stability, there are no issues. It is stable.

As for scalability, it is acceptable. The scalability depends entirely on how much security is required for it. It is easy to scale that.

I would say technical support from SentinelOne is excellent. Everyone in SentinelOne is known to us for the last many years.

I would rate support eight point five out of ten. One point five has been removed just because many times it has been delayed or the support has not been available due to vacation. That should be a challenge. Ten out of ten would not even be given to AWS.

Positive

SentinelOne stands out and is the best product among those, especially in India. There was a recent strike incident with Microsoft, and SentinelOne's approach is much better and much more effective.

It is easy to deploy. The deployment model depends on the type of organization. If it is government, then it has to be on-premises. If it is more like an enterprise and BFSI, that can be over the cloud. In India, it has to be done with the intent. It can be into the SentinelOne cloud with an instance in India, or whether it has to be AWS or Azure, they are acceptable in any format.

There is a chance to buy this product through AWS Marketplace, the CPPO. I did that previously.

It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the pricing.

I do sell SentinelOne Singularity Complete.

I am a Chief Security Officer for Technocentric.

I have been selling this product for the last three and a half years.

I have been involved in this domain for twenty-five years.

I would give SentinelOne Singularity Complete a rating of nine out of ten.

I use it for our XDR solution, managing various endpoints including Windows and Deepak. There are around twenty-five hundred endpoints where SentinelOne EDR or the Synchrony Solution is installed, helping me manage all my files. It is a next-generation antivirus solution with zero-day protection using AI or ML-based logic running in the backend to protect endpoints. Currently, there is no integration. It's an independent solution supporting my endpoint protection.

The XDR is a valuable feature. The AI-based engine protects against various behaviors and takes action on files being accessed. In terms of protection, I have an advanced app providing visibility of all my endpoints, which was not the case before. My time to respond to incidents has reduced, making it much more complete. I have the ability to isolate endpoints if identified as having malicious files or serious activity.

I think they should consider enhancing complete visibility. I haven't explored the network-related aspects, but if lacking, it is an area for improvement. Providing a single pane of visibility for the end user would be beneficial. This means not just seeing endpoints, but also the network and other connected devices through the Singularity portal. This would enhance decision-making and improve security posture.

I have used the solution for three years.

It's a stable solution. My endpoints use minimal resources, and I have encountered no problems with installation, making it a stable product.

From the console or admin perspective, as it is a SaaS product, scalability and management pose no problems. It's all auto-scale and auto-categorized, configuring automatically.

I think they were responsive, but there was a delay in reaching out to my team on one incident report. This happened only once, which is why I am rating them eight out of ten.

Positive

I had a normal antivirus solution before upgrading to the next-gen XDR solution, which is SentinelOne.

The setup is very straightforward. It took one month. Connecting to users was a manual process, but all network-connected devices were integrated without any challenges.

There was a three-member team from the vendor side assisting with configuration and communication with my internal team. One of my team members coordinated with the end customers, who are the employees of my organization.

There isn't significant cost saving as such, but it has protected me from numerous virus or malware infections. This demonstrates an ROI.

It's a fixed price per endpoint arrangement.

I have not used alternative solutions for the XDR solution. We were using an alternative antivirus solution before, but finalized on SentinelOne after considering other options.

I rate the solution nine out of ten. It prevented potential losses, though not directly affecting ROI. To make it work effectively, ensure proper configuration and understanding of your network landscape. Initially set it to detect mode, then to protect mode, and later to auto-protect and quarantine mode. Allow one to three months to understand the network and work with a knowledgeable partner.

Public Cloud

Microsoft Azure

I used SentinelOne Singularity Complete for endpoint security, and we selected it because we were looking for an AI-powered cloud solution.

The best features of SentinelOne Singularity Complete include a ransomware rollback feature that can be used on infected machines, which we have used before and appreciated. The deployment is fairly straightforward as well.

SentinelOne Singularity Complete's ability to ingest and correlate across our security solutions has not presented any problems. This capability provides a benefit when hunting for threats and leveraging the AI side of the platform.

Regarding alert reduction, I would not say the impact has been massive. One of the negatives we have found is that we receive quite a lot of false positives.

Overall, SentinelOne Singularity Complete saves me time, and I would say the time savings are approximately 10 to 15 percent.

The reporting in SentinelOne Singularity Complete could be improved as it is still somewhat clunky and lacks customization. Support response times could also be better.

I have been using SentinelOne Singularity Complete for approximately 18 months.

I would rate the stability of SentinelOne Singularity Complete as an eight out of ten.

I would rate the scalability of SentinelOne Singularity Complete as an eight out of ten.

I would rate the support of SentinelOne Singularity Complete overall as a six out of ten.

Neutral

SentinelOne Singularity Complete was already in place when I joined.

The deployment of SentinelOne Singularity Complete was straightforward and easy. It took approximately one day to implement SentinelOne Singularity Complete, based on the number of clients we had.

Regarding pricing for SentinelOne Singularity Complete, on a scale where one is cheap and ten is expensive, I would rate it as an eight.

When comparing SentinelOne Singularity Complete with other vendors, we use it for client-specific purposes, while other clients may use Microsoft or similar solutions. I have noticed it works well.

SentinelOne Singularity Complete has not helped us consolidate any security tools that I am aware of.

We do not use the Ranger functionality in SentinelOne Singularity Complete as we use other solutions for that purpose.

Maintenance of SentinelOne Singularity Complete is straightforward to perform. Approximately 60 users use the solution, and all users are local. SentinelOne Singularity Complete requires some maintenance as part of our internal checks to ensure policies are up to date, which we perform on a weekly basis.

We do not use Purple AI.

My advice for others looking into purchasing SentinelOne Singularity Complete is that I would definitely recommend it. I would rate this review an eight out of ten overall.

Public Cloud

Microsoft Azure

I have used SentinelOne Singularity Complete in a SOC environment where most customers were utilizing it. 

The solution has been helpful especially for the infrastructure security team. They can focus their energy on other business projects and priorities while having peace of mind knowing that even without real-time operation, SentinelOne Singularity Complete can detect vulnerabilities and contain threats until they intervene. This allows them to work on other projects, develop security policies, and strengthen their defense. The team can address other security loopholes while SentinelOne Singularity Complete manages their infrastructure.

One of the features I particularly appreciate is the hunting capability, specifically being able to use deep visibility for threat hunting. 

It's quite elaborate. It allows you to create and manage queries easily. Even if you're not very proficient in the language being used, it suggests the correct syntax when you type in plain text. If there's an error, it points out where you're wrong, enabling you to adjust the syntax. This feature is particularly beneficial for threat hunting using the deep visibility feature of SentinelOne Singularity Complete.

Additionally, the platform allows for compartmentalization, which is great because we use it for about 13 customers. It enables us to manage different environments from a single console and download relevant data for each customer.

What stands out is that this solution is not just about detection; it's also about response and containment. When it addresses an incident, it explains what occurred and suggests actions to take before further investigation.

Another excellent feature is its ability to filter events from the same company, helping to reduce noise. For instance, if a single user performs various actions that would typically trigger hundreds of alerts, this system consolidates those activities under that one user. This approach allows for tracking related events together rather than generating multiple alerts. As a result, you can analyze an incident from a holistic perspective rather than just viewing individual alerts in isolation. Overall, these capabilities enhance the effectiveness of threat management and incident response. That's my take on it!

It's capable of integrating with SIEM and other solutions. It offers enhanced interoperability. 

The main area for improvement relates to Linux compatibility. When deploying on a Linux system, the process isn't as seamless compared to other operating systems. They could enhance this by providing an easier way to implement or deploy on Linux OS systems.

I have used SentinelOne Singularity Complete for four years.

There have been no stability issues at the moment.

It's scalable.

Their support is very good. When we encounter an issue, we quickly raise support tickets, and the response time is very good.

Positive

It's not complex. It's straightforward, and the support is very good. 

SentinelOne Singularity Complete has shown a return on investment with its ability to detect threats at approximately 99% efficiency.

It's affordable. The pricing is competitive. 

SentinelOne Singularity Complete has proven beneficial in a specific case. In one instance, a customer had Microsoft licenses that were very expensive at the enterprise level. By implementing SentinelOne Singularity Complete, they were able to reduce their license plans and focus on this solution because it offered more robust features than their previous solution.

I would rate SentinelOne Singularity Complete a ten out of ten. It's a good solution.

I'm only dealing with Google SecOps right now, not other Google Cloud products. On a limited scale, I think we use Microsoft Defender for one particular customer; for the others, we are using SentinelOne Singularity Complete and Palo Alto Cortex.

I've seen a lot of improvements and simplifications, and Google SecOps has recently moved into Gartner's as the highest one for visionaries. The AI, agentic AI, integration with SOARs, and simplified SKUs and pricing are noteworthy. Most customers who have various platforms for cybersecurity do not choose Azure Defender unless they are on a Microsoft stack right now. SentinelOne Singularity Complete is the most capable in terms of detection and response, and I use it quite extensively for forensic capabilities.

SentinelOne Singularity Complete can be quite intrusive, but it has strong detection capabilities. The Ranger functionality of SentinelOne Singularity Complete for the EDR is extensively used for customers. Microsoft Defender has recently upgraded to XDR capabilities.

For Azure Sentinel, the main issue that needs improvement is the pricing; it's quite unpredictable right now in terms of cost. The use of many components within Azure itself is confusing, especially with the recent move in terms of the console from Azure Sentinel to the Defenders. The highlight is more into the pricing; it is too expensive and unpredictable right now.

For Google SecOps, the only improvement I suggest is in terms of the reporting, especially for out-of-the-box reporting that seems very lacking right now. There aren't too many useful reports coming from out-of-the-box; we have to develop them ourselves right now.

SentinelOne Singularity Complete needs to work more on increasing true positive detections to make it closer to 10. A weakness seen with one large customer was that the detections were too intrusive, blocking many applications that should have been working, which led to many false positives.

I think technical support is quite good; we have been in contact quite occasionally, and they provide expected answers.

Positive

I find the initial setup quite straightforward for SentinelOne Singularity Complete.

SentinelOne Singularity Complete can be quite intrusive; that's one of the drawbacks. It's also the first thing that we recommend right now. We prefer to use other EDR platforms such as SentinelOne Singularity Complete and Palo Alto Cortex right now.

I'm using Google SecOps. If you want, I can leave my opinion on Google SecOps.

While the others will be on the cyber threat intelligence, the primary is Google SecOps, and I think the other one is Azure Sentinel.

There is room for improvement for these solutions. It's mostly SIEM and MDR for SentinelOne Singularity Complete. I haven't used Vigilance MDR; I only know the name.

We mainly focus on SentinelOne Singularity Complete and Cortex, while the other EDRs that we have managed are less significant. It's almost similar since both SentinelOne Singularity Complete and Cortex have EDR and XDR capabilities.

In terms of non-locked XDR platforms, the best one is SentinelOne Singularity Complete right now for their XDR capabilities. Other ones such as Palo Alto Cortex or even CrowdStrike are locked into their own ecosystem right now since they have many products within that ecosystem. In terms of integration, even though it looks quite open, some are tightly coupled into their own ecosystem, especially for Palo Alto Cortex.

We haven't had that in-depth experience in terms of ingesting and correlating for SentinelOne Singularity Complete; we mainly use it right now for their EDR capabilities. Since we provide the MDR services, we mainly integrate those with Google SecOps right now for the overall SOC services. I think they are the most capable in terms of detection and response.

We only tried Purple AI but haven't used it quite extensively. I find the pricing very reasonable, especially right now compared to other top-tier EDR platforms at the same level. I usually recommend the product for both smaller and bigger organizations. My overall rating for this review is 9.

Public Cloud

Other