SentinelOne Singularity Complete Reviews

This is our primary and only EDR in our environment. We have this deployed to corporate workstations and servers, utilizing a variety of operating systems including Windows, macOS, and various Linux distributions. The data ingested into Deep Visibility provides great insight into what is going on in our environment. The XDR capabilities in there almost make you not even need a traditional SIEM anymore. The Identity solutions involing Active Directory security provide great information on our environment for continuously auditing and remediating threats.

SentinelOne's ability to prevent, detect, and respond to threats like ransomware and zero-days without requiring immediate human intervention saves us a lot of time and manpower. We have seen multiple occasions of rogue applications, suspicious downloads, and unauthorized USB drives get flagged and quarantined before anything could happen.

We have gained 2-3x more visibility into our endpoints with the benefits from Deep Visibility. The timelines created from incidents paint a very accurate picture of what happened in a given time window.

The platform has significantly enhanced our security posture through three key areas:

1. Unified Visibility and Simplified Integration (XDR):
   • Excellent Data Correlation: The solution excels at ingesting and correlating data across multiple security tools (we integrate it with three to four other platforms) inside of Deep Visibility. It doesn't just receive data; it processes it to provide actionable insights, saving us significant manual parsing time.
   • Seamless Integration: We rarely need custom API work due to its strong native integration support with our common platforms, streamlining our security architecture and allowing us to consolidate several tools into the platform itself.
2. Network Visibility (Ranger):
   • The Ranger functionality provides comprehensive network and asset visibility without requiring new agents, hardware, or network changes. 
   • Ranger has enabled us to quickly identify and manage numerous unknown endpoints, successfully reducing our unknown endpoints count from hundreds down to single digits.
3. Improved Security Metrics and Risk Reduction
   • Thee solution has measurably improved our Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), giving our SOC quick alert times and the ability to react almost immediately to incidents.
   • We estimate it saves us several days' worth of analyst time overall. While direct financial savings are hypothetical, the platform has clearly and significantly reduced our organizational risk compared to our previous security posture.

The grouping feature needs improvement. There are many times I've wanted to do blacklisting or exclusions for specific people in a group, however, I don't want to remove them from the group itself. Giving admins the ability to create subgrouping would allow for all parent exclusions to be applied without the need to create all new scopes. 

The integration of an MFA push when signing into the admin console. I know this is a small thing but it is much more convenient to accept a push versus scroll through my many 2FA profiles to find the code for SentinelOne's platform.

I've been using the solution about 5 years while being on both an IT support team and Cyber Security team.

They are pretty stable. The company is expanding at a good rate and they are releasing new features to maintain the stability effectively. Downtime on their end has been very minimal.

Technical support is quick and helpful. They do a good job of addressing issues at level one and escalating if needed.

We are at about 98% deployment. There are endpoints that pop up that don't have the agent to get it, however, we're past the deployment phase or past the initial configuration phase. It's all just maintaining and tweaking, and as new features come out, we adjust.

I wasn't here for the initial deployment process. I've done a lot of configurations for new features that they've implemented.

Our team does general maintenance. They do a really good job of giving you the information you need to troubleshoot. Their knowledge base is very helpful to those brand new to the console and even more experienced users of SentinelOne.

The solution seems to be quite innovative. They are coming out with new features every month and continue to roadmap impressive products for the future as well.

This is a great product. If a company is unhappy with its current EDR, SentinelOne is a good choice. They are acquiring a lot of companies and solutions to add to their roster in order to provide a more centralized platform. I look forward to what they will bring in the future.

I'd rate the solution nine out of ten. It's going to be a good one-stop-shop and I enjoy working with them.

We use Singularity Complete for end-to-end endpoint security protection, including EDR integrated with other platforms for XDR. The ransomware rollback feature of Singularity is a key reason for its use. 

It is primarily for integration with SIEM to have a single pane of view, integration with web security for sharing insights, and automation of remediation tasks. Additionally, network discovery from the Singularity platform is used to identify rogue devices quickly.

Visibility is greatly improved with Singularity Complete as it allows visibility into endpoint devices and the processes running on them. 

The most valuable feature is the ransomware recovery and rollback feature. The platform's ability to easily integrate with various other platforms is also highly valuable.

It also enables integration with other technologies, saving costs associated with having point solutions. The integrated system allows for significant automation, reducing the time and effort needed for management.

The mean time to response has reduced from hours to minutes due to integrated automation systems.

Improvement is needed in terms of product support. The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not.

I've been working with Singularity Complete for three years.

Singularity is a very mature product that supports most assets available in any enterprise environment. It runs seamlessly without challenges.

Singularity Complete is suitable for large and mid-scale enterprises.

Technical support could be better. I would rate it around six on a scale of one to ten.

CrowdStrike is a competitor. Singularity is better because it supports the ransomware rollback feature.

The setup process is simple and user-friendly.

Initially, anyone can deploy out of the box. When tuning aligned with the environment is required, assistance from a system integrator is recommended.

Integration helps save costs by reducing the need for point solutions.

Pricing is not pocket-friendly. It can be difficult for small-scale companies.

SentinelOne's main competitor in the market is CrowdStrike. However, Singularity Complete is preferred thanks to its ransomware rollback feature.

We provide SOC services for mostly UK clients and use SentinelOne to monitor our clients' endpoints and remedy threats. Some threats are remedied automatically, but others require investigation. We analyze the file and log any new vulnerabilities in our threat intel account. 

Singularity Complete is a one-stop solution that encompasses all the endpoint protection solutions from SentinelOne. We've eliminated about 99 percent of our other solutions by switching to Singularity. It's easy to integrate SentinelOne logs, and we don't need any other tools for threat hunting or SIEM. Everything is on one platform. You can fully realize Singularity's benefits after about 3 months of deployment and training.

The solution is supported by Vigilance, SentinelOne's MDR service. They monitor 24/7 since we have other things to do. We have an SLA that threats will be mitigated within 45 minutes to an hour after detection. Singularity has virtually eliminated our organizational risk from threats. 

Singularity's threat-hunting platform is user-friendly, and I like the built-in remote access feature. External parties can log in securely via the S1 agent. It's easy to integrate S1 logs with our SIS. That's one good thing. We don't need to use any other tools, like a SIEM. 

I would like SentinelOne to add a threat-hunting report and more UEBA features. They could add more SIEM functionality. It would be nice to have the ability to easily drag all the logs from the agents, so there's no need for multiple agents installed on the endpoint. 

I have used Singularity Complete for a year and a half. 

We haven't seen any downtime outside of normal maintenance windows every few months. 

Singularity's scalability is good. 

I used CrowdStrike before, but SentinelOne is easier because I can do more stuff on that. For example, let's say I want to fetch some files from an end user's machine or install something, but I do not manage the machine as a security person. If we need to do something inside, I can do a full scan and use remote access to see everything. 

The SentinelOne suite is appropriate for our use case. If the scope and tasks were different, another EDR might be better. CrowdStrike has built-in UEBA, but it's not as user-friendly as SentinelOne. 

I'm not involved with purchasing decisions, but I believe Singularity must be cost-effective because the management selected it. 

I rate SentinelOne Singularity Complete 9 out of 10. It's an excellent solution for monitoring and managing endpoints. I recommend doing SentinelOne's training to familiarize yourself with how to leverage the entire product. 

SentinelOne Singularity Complete is an MDR solution. It is used mainly to detect advanced threats in our teams and on-site teams.

I have used two different vendors before Singularity. Each had its pros and cons. However, Singularity is the most complete tool for EPP and EDR. From a financial, operational, and performance point of view, it is very efficient to have a single solution.

Ranger is a good feature. The XDR functionality provides the timeline of the attack. The product provides deep analytics for threat hunting. My team uses it to detect incidents and for threat hunting. I like the app inventory feature. It is very good for detecting unauthorized apps by our security policy.

I have raised a couple of comments regarding the speed of investigating incidents and performing analysis by the MDR service team. We are a telecom company. We are sensitive to the information of the users. The speed of investigation of the MDR service team must be improved.

I have been using the solution for one year.

The product is pretty stable. It didn't create any issues on the endpoints, laptops, and PCs.

We haven't tried to scale the tool yet, but the solution will be scalable after we increase our license.

The support team is very collaborative. We have a dedicated account manager who is also a part of our support line. We do not face any delays or major inconveniences from the support team. I rate the support an eight out of ten. I will give it a ten out of ten when SentinelOne has better coverage in the Middle East.

Positive

I have used Kaspersky, CrowdStrike, and Carbon Black. After using these solutions for a year, I chose Singularity Complete. The other solutions are existing products and are leaders. However, Singularity Complete is better than them from a financial and technological perspective.

The initial setup is not complex. It's similar to any endpoint solution implementation. We require one staff to deploy the solution. We mainly use AWS as our cloud provider. We also use GCP.

We did the implementation ourselves. It was like any other solution. We faced similar issues. They were not big issues, though. It doesn't require a lot of technical expertise.

We have seen a return on investment because we have saved at least 50% to 60% since we bought the tool. It is an achievement when we get one solution instead of two at 50% less cost. It improved our KPIs.

The licensing is convenient, straightforward, and very clear. I care more about the breakdown of the license than the licensing itself. Some vendors have very complex licensing schemes. SentinelOne's licensing scheme is very clean.

Carbon Black has a competitive version of Singularity Complete, but it is not at the same level as Singularity Complete. It lacks features like threat hunting and Ranger. So, I chose Singularity.

We didn't have any major issues related to the integration. However, we had some issues related to the implementation on the server site. It was solved by upgrading the agents. Initially, we had a couple of issues related to integration, but after that, it was solved.

The solution gives us more visibility into alerts but doesn't reduce them. It might help after we conduct the patching and vulnerability management, but we haven't tested it yet.

Singularity Complete has helped free up our staff for other projects and tasks. We have a full-fledged SOC team that uses SIEM tools. We use it to complement our SOC and our XDR and MDR solutions. We have Singularity Complete as a technology for further investigation and threat hunting.

When we get an alert from the SOC team, we use the tool to do the analysis and threat hunting in 30 minutes per incident. It is a considerable saving in the team's time because we have limited engineers and security analysts. The tool saves 50% of the staff's time.

The product has helped us save on operation and acquisition costs by 70%. We have replaced two solutions from other vendors with Singularity Complete. Singularity Complete has surely helped reduce our organizational risk. We had a lot of alerts from the previous vendors. Now, we see fewer alerts.

Compared to its competitors, Singularity Complete is very mature. It exceeds in some areas, especially in threat hunting. I have seen other solutions. They have very strong capabilities in detection but not in threat hunting. Singularity Complete makes a difference with our analysts when they perform threat hunting and threat analysis.

I like the product's vision very much. Everything has to be on a single agent, and the integration is very much worked on. It has a very good integration roadmap. It has a very complete and strategic vision. It doesn't sell only endpoint products. I like the completeness of its vision.

People who want to buy the tool must test all the features to see how they will get value from the product because it's very complex and feature-rich.

Overall, I rate the solution a seven out of ten.

The solution provides endpoint protection for all our desktops, laptops, and servers. We also use it for some of the firewalls on the endpoints. We are also doing asset discovery for devices.

Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product. So, we can push SentinelOne onto those devices.

Recently, the vendor took away my ability to create a ticket, mostly because we're in an MSSP environment. It has created a lot of extra hoops to jump through. I recently had a single sign-on issue on the console. I had to go through my MSSP. It took a month and a half to two months to get any resolution on it because my MSSP can't test our single sign-on. They don't have an account in that system. It has been very detrimental to effectively solving issues. I understand that the vendor does not want the clients of the clients submitting tickets. However, when I'm the one who's doing the majority of the work inside of SentinelOne, removing that from my ability has been very inconvenient.

The filtering features of the application management console could be improved. If I search for applications that shouldn't be installed on our endpoints, filtering is not the most straightforward process. Running through the search process takes a lot of time and effort. It would be hugely beneficial if the tool blacklists the applications that are not allowed to be installed. It would help with the management of unapproved applications or malicious applications that might be installed.

The automated agent upgrade system could use a little bit more fine-tuning. The maintenance windows must be a little bit more robust. I have to manually set what agent we're pushing each time we want to change instead of asking the tool to do N-1 for agent upgrades. It's automatic, but it's not quite automatic.

I have been using the solution for two years.

We've had fewer issues with stability recently, mostly because they made some changes to the actual agents. Shadow copies were filling up the drives and causing some crashes. However, the more recent agents have been much more stable, which has been wonderful.

The tool is very scalable. If we use all of our agents, it's very easy to ask the vendor to add more agents to our license. They get that taken care of, which is really nice. It's been very easy to change and modify groups as we need to.

Exclusions have been very straightforward. I would love to see the exclusions to look at the machines in a group and inform us when we have exclusions that are not found in the directories on the machines. It will help with the removal of redundant or unused exclusions. It will remove some of that risk.

I don't have access to create tickets. The vendor removed the ability. I need to talk with our MSSP for support. They sometimes send us support articles that we already have access to. It takes an extra three to four days to get things resolved. In the most recent case, it was a month and a half.

We used Symantec Endpoint Protection before. We switched to SentinelOne Singularity Complete because Symantec Endpoint Protection was very old and was not being updated by Broadcom anymore. It was not as effective in terms of reporting. It was very clunky. So we were looking for something new and a little bit easier to work with than what we had at the time.

The initial deployment was pretty straightforward from my perspective. We were able to take the package and deploy it, which made it really easy to get it on all of our endpoints. About ten people were involved in the deployment.

Our MSSP helped us do the deployment. We used the asset management tool Ivanti to push out the agents.

The pricing is packaged in with our MSSP. The cost of endpoint protection is fairly reasonable. Some of the other systems are a little expensive, but there's still value behind them. It's pretty close to what I would expect.

We haven't stepped into other integrations quite yet. We're looking to explore it next year. We're trying to rebuild our security stack. The endpoint protection was one big step. We're planning on expanding a little bit more. I love that it is pretty straightforward to connect between different systems. It makes my life a little easier.

The solution’s ability to ingest and correlate across our security solutions is nice. We haven't done much of that with our systems yet, but having one source of truth to look at all those different pieces is hugely beneficial because we have a very small team. Anything that allows us to connect all the dots and pieces makes our lives really easy.

We're rebuilding our security stack from scratch. We do not have to get many other solutions because much information is built into Singularity Complete. We did a POC of the Ranger functionality for a little bit of time. Ranger's network and asset visibility are about the same as in Rogues.

The automation would be great if I didn't have to create a couple of extra security holes by opening up ports on our devices. So we've gone back to using just Rogues rather than Ranger because there isn't a lot of added value for that extra piece. I can take the whole list, export it, and take it to one of our other solutions and have the agent pushed from there.

It is nice that Ranger requires no new agents, hardware, or network changes for most of the part. If we're going to automate the installation process from another Ranger agent, it will require opening up some extra security holes. I don't love that part. I love that it discovers assets that don't have SentinelOne but could potentially have SentinelOne. It has been beneficial to us.

We like Ranger because it helps find the missing pieces. We must ensure that we're not going over on our licenses, but it helps us discover the devices in our network and how we can better protect the environment. It also gives us an inventory of devices. If they are vendor devices, we can go to our vendors and ask them why the devices have old software versions.

The product has done a much better job of giving us high-fidelity information. The system that we had before was old and antiquated and did not work well. We are getting better-quality alerts. The solution has helped free up our staff for other projects and tasks. All the information is in one place, and a lot of the system has been automated for us. The tool resolves threats almost instantaneously for us. It's hugely beneficial for a very small team.

The product has helped reduce our mean time to detect. It is a lot better at discovering threats and mitigating them quickly than our previous solution. However, I wouldn't say that it's perfect. The solution has helped reduce our organization’s mean time to respond. We have a managed security service provider that's doing a lot of the research for us, but it's been very helpful for us to have the information.

The tool has helped us with a couple of audits that we've had. It has also helped us with some of our cyber insurance because we're able to give much better reporting compared to our previous solution. The reporting is available on the fly rather than us trying to go through multiple systems to try and get some information from it.

The product is easy to use. It is very easy to navigate around. The vendor has added features that we've wanted. It has made our lives quite a bit easier. People who want to buy the product must evaluate their exclusions ahead of time and understand what level of exclusion they need for each system. We spent the most time reevaluating exclusions for each server system.

It was not too big of a deal for our desktops and laptops. However, for some of those bigger systems, especially with us being a healthcare organization, ensuring we weren't impacting the end-user experience was central. For example, we have EMR, which is electronic medical records. If we impact that, it affects patient care, which in turn can be not great.

It was a very big jump for our process to go from monitor-only mode to full-protect mode. We allowed things to just sit there for a very long time and understand the changes in our environment.

Overall, I rate the solution an eight out of ten.

We use SentinelOne Singularity Complete as an antivirus product. We also use SentinelOne's product called Vigilance, which monitors and takes action on active threats in the environment. So, basically, if someone clicks a file, Vigilance recognizes it and takes action for us, providing recommendations and remediation steps. This is a huge value add, and it's in addition to Singularity Complete's ability to monitor threats on devices from the cloud and offer remediation steps.

Our previous antivirus solution was not providing adequate protection. Threats are evolving and mutating rapidly, making it difficult for older antivirus solutions to keep up.

We have not experienced any interoperability issues. Initially, SentinelOne flagged some older software that was trying to run, but we could allow an exception to continue using the software. SentinelOne would still scan the software's location, but it would not block the processes from running. This flexibility is very useful.

SentinelOne Singularity Complete gives us peace of mind when it comes to day-to-day threats, knowing that nothing will get past them and they are always vigilant in detecting and responding to active threats on the network. It helps us sleep better at night.

It does not produce many alerts, but it has reduced the number of threats we have. Alerts are good, but only if they are not too frequent. When there is an active threat, the alert is clear about what is happening, who is affected, and the name of the machine. The alerts are also concise.

It allows our staff to focus on other more important items.

SentinelOne has helped reduce our MTTD and our MTTR because we pay for Vigilance.

SentinelOne Singularity Complete reduces our risk of major attacks, lowering costs.

SentinelOne Singularity Complete has reduced our organizational risk.

The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products. SentinelOne is more than just an antivirus software, it provides insights into threats and shows the flow of attacks. It also allows us to set policies in the cloud so that any other system that is affected by the same bug or virus will be automatically killed, removed, and rolled back. Cloud automation is truly amazing.

I would like to see a privilege access management feature added to SentinelOne Singularity Complete. This would allow us to generate alerts when users try to run applications as administrators to approve or deny these requests and create policies within SentinelOne. I think this would be a great addition to the suite, as it would eliminate the need to purchase a PAM solution from another vendor. It would also give us greater visibility into user activity, as the SentinelOne portal is already very good.

SentinelOne needs to improve its endpoint deployment process. To illustrate, compared to ConnectWise, a remote management software that also has some security features. In ConnectWise, we can generate an installation package based on a group and deploy the software to all endpoints in that group without the need for a script.

I have been using SentinelOne Singularity Complete for three years.

I would rate the stability of Singularity Complete ten out of ten.

I would rate the scalability of Singularity Complete ten out of ten.

We pay for Vigilance, which is a 24/7 instant response team. However, if we did not pay for Vigilance and I had a question for technical support, they would usually respond within a few hours or the next business day, depending on the issue. I feel that they ask too many irrelevant questions when we are generating a ticket, but I understand why they do it.

Positive

We were using Carbon Black before, but SentinelOne Singularity Complete is much easier to use. The portal is more intuitive, the email alerts are more intuitive, and everything about it is easier on the eyes. It has a simpler view. Their cost was comparable to Carbon Black, but the solution was much better.

The initial deployment was moderate. It would be much better if SentinelOne had a better way to induct the site token into the installation process, rather than requiring users to create a script.

The deployment took a couple of weeks to complete and required two people. We captured 80 percent of the endpoints within the first day, and then it took a couple of weeks to catch the more subtle ones.

Nothing good is cheap, and SentinelOne is no exception. However, as a market leader with a great product, they don't have to be so timid with their pricing. I would like to see lower prices, but I understand why they charge what they do. It is what it is when it comes to SentinelOne Singularity Complete.

I would rate SentinelOne Singularity Complete nine out of ten.

I would focus more on how the product is delivered and maintained. Maintenance of any type of antivirus product is always an important question when it comes to how to maintain this product and how to use it without dedicating a lot of resources to it. SentinelOne has just introduced an automatic upgrade feature for their client agent that allows us to set a policy to always keep our agents on the general mobility version. This will automatically upgrade our agents for us, saving IT a lot of time. Before, we had to manually upgrade our agents from the cloud, but now this process is fully automated. This is a huge value-added feature, and the agent is not very disruptive.

We have SentinelOne Singularity Complete deployed on our Windows servers across the country. Around 15 people are using the solution.

We must constantly monitor the portal to review items that Singularity Complete has blocked. Occasionally, we must decide whether to allow or deny access. We must definitely stay engaged with the portal, as it is not a fully hands-off solution. This is appropriate, as some interaction is necessary. However, the level of interaction required does not bother me.

If I were to recommend SentinelOne Singularity Complete to anyone else, I would definitely help them understand these types of products. People who are looking at cloud antivirus are usually coming from on-prem antivirus, so they may be shocked by the price. I would help them understand that yes, cloud antivirus products cost more than normal antivirus, but they offer peace of mind. Once they understand this, they can start to appreciate the value of the product.

We are a partner of SentinelOne and we provide demo proofs of concept to customers. Most of our customers use traditional antivirus software, which does not have the capability to perform zero-day analysis, block ransomware, or block zero-day attacks. SentinelOne, on the other hand, is an endpoint detection and response and endpoint protection platform solution, which means that it has the capability to block zero-day attacks, ransomware, and machine learning-based threats. SentinelOne Singularity Complete does not have antivirus technology, but rather it is an anti-malware solution.

Our customers switched to Singularity Complete primarily for security and ease of use. It is easy to install, troubleshoot, and upgrade. Singularity Complete is purely cloud-based for our customers.

Singularity Completes' interoperability is straightforward. They have easy API integrations with all major integration platforms, so it's simple. There are no complications.

SentinelOne can ingest and correlate data well. It has its own EDR and XDR technologies, so it provides threat defense, detection, and monitoring. The models work like a SIEM for endpoints, so customers can correlate logs, identify patterns, and visualize everything. It is very visible.

I deployed Ranger for one of our customers with a large infrastructure. Ranger provides clear network and asset visibility.

Singularity Complete was very helpful to our customers during the COVID-19 pandemic because many of their employees were working from home. When employees work from home, they often need to open ports from outside to active networks, which can make those networks more vulnerable to ransomware attacks. One of my customers had a traditional antivirus running, but it was unable to detect the ransomware. I deployed Singularity Complete to understand the attack pattern and block it. The customer was so happy with SentinelOne Singularity Complete that they renewed their subscription for four years in a row.

Singularity Complete increases the number of true positive alerts by detecting attacks that antivirus software misses.

Singularity Complete helps save time.

Singularity Complete has reduced the MTTD by ten percent.

Singularity Complete has reduced the MTTR. Where a traditional antivirus may take ten minutes, Singularity Complete takes two to three minutes.

Singularity Complete helps reduce organizational risk.

The anti-ransomware capability to analyze the threats and user-friendliness are the most valuable features.

When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools. It offers a variety of Falcon tools, including deep inspection, while Singularity Complete does not have all of these features. It still sticks to EDR or EDP. Therefore, I need improvements to match the features that CrowdStrike offers, such as a higher level of vulnerability assessment and a better understanding of the IOCs in our system so that we can apply fixes.

SentinelOne Singularity Complete needs improvement on Linux machines. We identified a few issues with most of our Linux customers' machines. Specifically, the application is not working properly after installation.

A major area of Singularity Complete that needs improvement is the restart option. We do not need a restart after installing a CrowdStrike agent. So for organizations that are running 24/7 and can't restart their machines, we do not recommend SentinelOne Singularity Complete.

I have been working with SentinelOne Singularity Complete for five years.

I would rate the stability of Singularity Complete nine out of ten.

Singularity Complete can scale easily. 

Overall the technical support is good but we sometimes have difficulty getting a hold of them.

Positive

We previously used CrowdStrike Falcon, but SentinelOne Singularity Complete is easier to deploy. CrowdStrike Falcon has many features and policies that need to be configured, while Singularity Complete is straightforward. It has a single policy and is very easy to deploy compared to CrowdStrike Falcon. However, CrowdStrike Falcon offers more features.

The initial deployment is straightforward. We receive a URL extension from the company and we set the policies and install the agent.

I deploy the solution for POCs using 20 machines. We demonstrate the deployment methods, and the customer completes the rest of the process. We typically complete this task in two days. For larger organizations that have a lot of departments and branches, the deployment can take up to 15 days.

SentinelOne Singularity Complete is cheaper than CrowdStrike but more expensive than any traditional anti-virus solution.

I would rate SentinelOne Singularity Complete eight out of ten.

The Ranger functionality is not that important because it is optional, and most customers already have a solution for understanding their environment.

I would say that 90 percent of SentinelOne Singularity Complete is a quality product with only ten percent with room for improvement.

SentinelOne will not sell to organizations with fewer than 100 endpoints. Most of our clients are mid- to enterprise-level.

Maintenance is required, but the SentinelOne team maintains the cloud deployments, so we don't need to worry about it. The endpoint agents must be upgraded whenever an upgrade is available or when we have to fine-tune policies for customers to reduce false positives. One IT support person can handle any maintenance for the endpoints.

I suggest always doing a POC. If the customer is currently using traditional antivirus technology, they may not understand EDD, EPP, or EDR technology. Therefore, I always recommend a POC to help the customer understand these technologies. Customers should never implement an endpoint solution without a POC, because we don't know what endpoints are running on their system or how compatible the new solution will be with other endpoints. For example, if we are implementing a DLP solution, we should ask for a POC with all available agents, or we can deploy a test machine to understand the solution before implementing it in production.

We use SentinelOne Singularity Complete to provide endpoint protection for all endpoint servers and Kubernetes clusters in our environments where SentinelOne is supported. We also use SentinelOne to help manage our systems and provide visibility into the assets in our environment.

We have found that Singularity Complete integrates well with our existing SIEM solution, Splunk, and some of our other system management tools, such as Okta and Armis. We are also looking forward to the additional future integrations that are planned.

I appreciate Singularity Complete's ability to ingest and correlate data across our security solutions. I use this feature quite often, either to perform deep visibility searches to correlate data across different sources if I have specific concerns about security events, or even to track running or operational issues as well. Singularity is not only a security product but it can also be used for troubleshooting non-security and related issues on devices.

Compared to the previous EDR solution, Cylance Protect, we had substantially fewer false positives when we implemented Singularity Complete.

Singularity Complete has reduced our MTTD.

Singularity Complete has reduced our MTTR somewhat compared to our previous EDR solution.

Singularity Complete has reduced our organizational risk by 20 percent, specifically the risk profile associated with malicious activities on protected devices.

The most valuable features, of course, are the protection and support for the devices. In addition to that, the ability to see the last log-on dates for time-tracking purposes has been helpful. The most useful feature of all is deep visibility. I think it was recently renamed to something else, but it is the ability to run IOC queries across all devices and gain information to look at any kind of potential events that might occur.

We have had cases where Singularity Complete has caused applications to malfunction. The existing interoperability rules have not necessarily been sufficient to resolve those conflicts. SentinelOne needs to work on interoperability with other systems and on the interoperability rule set.

I have been working with SentinelOne Singularity Complete for one year.

We have not had any stability issues in our environment with Singularity Complete.

Singularity Complete is scalable.

With any support service, it depends on the person we get on the line. Some are better than others. But overall, I find the technical support team to be good, comparable to other good technical support teams I've seen from other vendors.

Positive

We implemented SentinelOne Singularity Complete to move away from a legacy EDR platform, Cylance Protect, that did not perform as well as a modern EDR solution should.

The initial deployment was complex due to the complex environment. I would agree that deploying to a single device would be straightforward, but we have a manufacturing environment that requires bespoke applications, which makes any migration complex.

Fifteen people were required for the deployment.

The implementation was completed in-house.

The pricing and licensing make sense. We worked with a third party to help us with licensing, and the licensing we obtained through that process was ultimately reasonable and comparable to other products on the market.

We evaluated Microsoft Defender, CrowdStrike, and Cortex XDR by Palo Alto Networks.

I would rate SentinelOne Singularity Complete ten out of ten.

We are considering the possibility of using SentinelOne to consolidate some of our security solutions, but have not moved in that direction just yet.

Singularity Complete has not yet saved our staff time because it takes more time to deploy and migrate to the point where we have time savings. I think it will in the next couple of years.

We see a lot of innovation from SentinelOne. They are acquiring many other products that are integrating with the platform we looked to adopt in the next couple of years if it works out well. New features and functionalities are also regularly released. So, in terms of innovation, that's one of the reasons we chose SentinelOne Singularity Complete in the first place.

Singularity Complete is a mature product that can sufficiently protect our assets. I would say that the core features associated with that functionality are in place and work well.

Maintenance is relatively low, but systems need regular updates, and we need to troubleshoot all of them. So, there is some work involved.

SentinelOne is a good strategic security partner. We appreciate the direction of their product roadmap and its current coverage. One area where they could improve is in having their EDR support teams reach out to us. We don't believe we have an EDR or anything similar setup, but it would be helpful if they offered quarterly or semi-annual meetings to check in, see how we're doing, and give us an opportunity to provide feedback.

People researching Singularity Complete should first understand their environment and deployment goals to ensure compatibility between their existing solutions and the new product. They should also evaluate multiple competitors before making a commitment.