No more typing reviews! Try our Samantha, our new voice AI agent.
Chris East - PeerSpot reviewer
IT Manager at a tech vendor with 1,001-5,000 employees
Real User
Sep 29, 2023
Provides a stable portal, great visibility, and saves us time
Pros and Cons
  • "The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive."
  • "The adware and pop-up blockers have room for improvement."

What is our primary use case?

SentinelOne Singularity Complete is the best antivirus available, and it also provides a vigilant service, so I don't need to keep an eye on the portal. Someone else monitors my antiviruses and all the threats out there for me.

How has it helped my organization?

SentinelOne Singularity Complete helped us address the missed viruses and potential ransomware attacks from a single location for our security needs.

The interoperability with other SentinelOne solutions and third-party tools is good. We have integrated it with Mimecast.

SentinelOne Singularity Complete ingested all the data from Mimecast and displayed it in a single location.

It has helped consolidate our security solutions in one place.

It has helped our organization improve its visibility by allowing us to see which users are risky, which machines are at risk, and which machines are outdated.

SentinelOne Singularity Complete has helped reduce the number of alerts. In addition, we use Vigilance to hide all alerts, so we don't see any of them.

We have freed up 30 percent of our staff time. As the only person in the IT department, I can now focus on other tasks. SentinelOne Singularity Complete is like having an extra pair of hands.

It has reduced our MTTD by up to 80 percent depending on the time of day.

SentinelOne Singularity Complete has reduced our MTTR. We have an SLA with Vigilance, and they respond quickly to alerts.

SentinelOne Singularity Complete has reduced our organizational risk by 40 percent.

What is most valuable?

The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive.

What needs improvement?

The adware and pop-up blockers have room for improvement.

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for six years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable. The portal has never been down. We occasionally have an agent fall off the network, but this is usually due to the latest version of Windows being installed on an old agent, which causes it to stop working. However, this is very rare.

What do I think about the scalability of the solution?

As a growing company, I'm glad that the SentinelOne Singularity Complete portal will show more and more devices, but I'm not particularly concerned about that because I've paid for Vigilance service. I'm confident that we're covered no matter how many threats or issues arise.

How are customer service and support?

Technical support is quick and provides great documentation to explain issues and remove agents.

Which solution did I use previously and why did I switch?

I previously used McAfee and it often caused our machines to blue screen and crash. SentinelOne, on the other hand, is a stable agent. If we install the latest agent on our machines, it will not affect their performance or speed. Many other agents can have adverse effects on our machines, but SentinelOne will not.

SentinelOne Singularity Complete is a next-generation antivirus that is far more innovative than McAfee. One of its selling points is that it constantly improves and looks for new threats, while McAfee has not changed significantly in years.

How was the initial setup?

The initial deployment was straightforward. SentinelOne provides easy-to-follow well-documented instructions. I completed the deployment myself within half an hour.                                   

What was our ROI?

SentinelOne Singularity Complete has protected us against infected machines, resulting in a 20 percent return on investment.

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete is fairly priced. After discussing the per-user cost, we found it to be acceptable for the functionality it offers, and we are happy with the protection it provides.

What other advice do I have?

I would rate SentinelOne Singularity Complete a nine out of ten.

SentinelOne Singularity Complete is deployed across all departments and devices, and everything is in Intune. When anything is deployed to Intune, antivirus is applied first. It is mandatory on all devices. We have 270 endpoints.

No maintenance is required on our end.

SentinelOne, as a strategic security partner, meets all the requirements for being the solution to our cyber risk on devices, which is essential for us to know that we are safe.

I chose SentinelOne Singularity Complete at a previous company and sold it to the company I am with now. It is very easy to do a proof of concept and see everything that is missing from other solutions. I recommend SentinelOne Singularity Complete.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2276829 - PeerSpot reviewer
SecOps Lead at a manufacturing company with 11-50 employees
Real User
Sep 21, 2023
Offers a centralized dashboard to respond from, saves us time, and reduces alerts
Pros and Cons
  • "I like the centralized management with the web dashboard."
  • "SentinelOne should include Ranger Pro out of the box with Singularity Complete."

What is our primary use case?

We use SentinelOne Singularity Complete for the EDR piece, and we have it installed everywhere.

How has it helped my organization?

Singularity Complete works well with other SentinelOne solutions. We must make sure to whitelist the right binary with other tools, and that is all.

The ability to ingest and correlate data across our security operations is good. We can send all of the events to our SIEM system, or we can use Singularity Complete's built-in SIEM functionality. I believe the retention period is 14 days by default, but we purchased the additional package that allows us to store data for longer.

Ranger is a great tool that lets us see what's on our network which is extremely important. It pings other devices on the network and tells us what kind of devices they are. We're big fans of Ranger!

Ranger does not require any new agents, hardware, or network changes. It automatically starts mapping out the network, which is great for us.

Ranger helps prevent vulnerable devices from becoming compromised by alerting us to their presence. This allows us to proactively install SentinelOne on these devices, which is a very helpful tool.

SentinelOne Singularity Complete has helped improve our organization by preventing hacks and providing us with visibility into our devices through the Deep Visibility plugin that we have enabled.

It has reduced the number of alerts we receive by 80 percent. We spent the first six months tuning the workflow of different admins and users, and after that, we only received alerts that required action.

It has helped free up our staff to work on other projects and tasks. They now only receive actionable alerts, without any false positives, which saves them a few hours per week.

Singularity Complete has reduced our MTTD by 40 percent.

Singularity Complete has helped reduce our MTTR. We are alerted right away and we can access the dashboard and respond from there quickly.

What is most valuable?

I like the centralized management with the web dashboard. It allows me to quickly view incidents and see what's happening in a well-organized way. I can also easily query different points.

What needs improvement?

SentinelOne should include Ranger Pro out of the box with Singularity Complete.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one and a half years.

What do I think about the stability of the solution?

We have run SentinelOne Singularity Complete on many different machines without any stability issues.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is scalable.

How are customer service and support?

We've had nothing but fantastic things to say about the support. Our technical account manager is great, and the support staff has been very helpful. We've also been onboarded with SentinelOne Singularity Complete, and everyone from the account manager all the way down to the support engineer has been excellent.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We replaced Symantec Endpoint Security Complete with SentinelOne Singularity Complete to improve our security posture because Symantec was outdated.

How was the initial setup?

The initial setup was straightforward and required six people for deployment, which took a few weeks to complete. Some teams took a little longer to figure out their deployment, but we deployed the whole system enterprise-wide within a month or two.

What other advice do I have?

I would rate SentinelOne Singularity Complete nine out of ten.

SentinelOne Singularity Complete is a mature solution.

We have deployed SentinelOne Singularity Complete across multiple locations, departments, and operating systems, including Windows, Linux, and Mac. We have around one thousand endpoints.

The only maintenance required is the package updates that are released to keep the solution up to date. The cloud version is automatically updated by SentinelOne support, which manages it. The agents themselves must be updated manually which I do by clicking on them.

I recommend completing a POC to ensure SentinelOne Singularity Complete is a good fit before moving forward.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
Head - Network & Security at a manufacturing company with 1,001-5,000 employees
Real User
Sep 11, 2023
Provides immediate MTTD, and automatic remediation, but the support needs a lot of work
Pros and Cons
  • "The most valuable feature is the automatic remediation."
  • "SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance."

What is our primary use case?

We use SentinelOne Singularity Complete for our endpoint security.

How has it helped my organization?

The visibility that SentinelOne Singularity Complete provides throughout our organization is good.

SentinelOne Singularity Complete's capability to intake and correlate across our security solutions is great. As long as we have configured everything correctly and are monitoring the logs to respond to potential threats, we have the assurance that the threats are being identified and thwarted. A year ago, we faced a malicious attack that was detected and halted by SentinelOne EDR, which played a pivotal role in saving me.

SentinelOne Singularity Complete has certainly helped reduce the number of alerts we were receiving. Previously, I was using McAfee, and I had numerous threats and malware present in my environment that were only detected by SentinelOne Singularity Complete. This assistance facilitated the remediation of those threats and subsequently led to a decrease in security alerts.

SentinelOne Singularity Complete has saved us time by identifying the threats in real-time saving us long investigation times.

SentinelOne Singularity Complete's MTTD is immediate.

The MTTR is good.

What is most valuable?

The most valuable feature is the automatic remediation.

What needs improvement?

The reporting dashboards require improvement. Currently, they lack customization options, preventing me from generating a summarized executive report for management. 

SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance. The quality of after-sales support is also subpar and requires enhancement. The support is not meeting the expected standards, and as a result, I am feeling dissatisfied.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for one and a half years.

What do I think about the stability of the solution?

SentinelOne Singularity Complete is stable.

How are customer service and support?

The customer service and support are unsatisfactory. I have been attempting to initiate the MDR services and have reached out to my account representative at SentinelOne for three months now, with no results. I am disappointed that I am unable to integrate any details into my environment, which would allow me to present information on a monthly and quarterly basis. I require this information to assess the performance with my MDR representative, but these matters are not progressing. I feel deceived.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

I previously used McAfee but it was not able to detect some of the malware threats that SentinelOne Singularity Complete does.

How was the initial setup?

The initial setup is straightforward as long as we are not dealing with legacy systems. In the manufacturing industry, many systems utilize older operating systems like Windows 2000, which run traditional applications that cannot be removed. Deploying on Unix is also challenging, whereas Windows Ten is straightforward.

We deploy in large manufacturing environments and there were around 80 people involved in the deployments.

What about the implementation team?

The implementation was completed by the SentinelOne team.

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete can be expensive for the SMB market but is suitable for enterprise-level organizations. The service provided by SentinelOne is not up to par with the cost we are paying.

Which other solutions did I evaluate?

I carried out a Proof of Concept with several Endpoint Detection and Response solutions, including CrowdStrike, Trend Micro, and VMware. However, none of them were able to meet my requirements in the same way that SentinelOne Singularity Complete does.

What other advice do I have?

I would rate SentinelOne Singularity Complete a six out of ten.

Currently, I have not yet completed the integration with third-party tools. However, I am utilizing the Sentinel logs as inputs for my Security Operations Center services, and I am gaining comprehensive visibility from this approach.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Tim Hayes - PeerSpot reviewer
System Administrator at a wholesaler/distributor with 1,001-5,000 employees
Real User
Sep 5, 2023
Lightweight, ready to go out of the box, and simple to use
Pros and Cons
  • "The product is a lighter client. Our previous solution ran heavy on the workstation and caused performance issues."
  • "The biggest thing for me in terms of improvements is the online console. There are frequent updates, and sometimes we'll get a little agitated getting signed in."

What is our primary use case?

We primarily use the solution as an antivirus and also as a network control with built-in policies regarding device control. 

How has it helped my organization?

The product is a lighter client. Our previous solution ran heavy on the workstations and caused performance issues. This is lightweight and doesn't take up system resources. 

What is most valuable?

You can use the solution right out of the box. It's ready to go with baseline policies and is good to use without any changes. It's only gotten better since we've added custom rules. 

It's simple to use and intuitive. It gives you good visibility and shows what is going on. 

The product works well with other SentinelOne solutions and third-party tools. It's pretty seamless. They make it pretty easy to integrate with other products and you can pull data pretty easily from the other solutions. 

The solution's ability to ingest and correlate across our security solutions is excellent. It has allowed us to blend data from another product we own. 

It's helped us consolidate our other security solutions.

The product provides network and asset visibility. The Ranger piece is probably one of the best items. We have other solutions for asset management, yet none is never 100%. With Ranger, we really get that visibility we need. Having Ranger built into one client and being easy to use has been perfect. It helps us prevent vulnerable devices from being compromised. We've discovered a few assets within our organization we were not managing fully and Ranger has helped us secure our environment just that little bit more. 

There are fewer complaints from users when scans are running. The previous solution just used up so many resources. This product runs seamlessly in the background and we know it's running since we get triggers on alerts that are legitimate catches. SentinelOne does a good job at detecting. It's reduced our alerts by 25%.

The product has helped to free up our staff for other projects and tasks. It's freed around 50% of their time. 

It's reduced our company's mean time to detect by 40% or more. It's also drastically improved the mean time to respond. We don't have to worry about false positives. We know when we get an alert that it's legitimate, and we need to act on it. That's improved by about 40% to 50%

What needs improvement?

The biggest thing for me in terms of improvements is the online console. There are frequent updates, and sometimes we'll get a little agitated getting signed in. However, on the product itself, I would not recommend any changes.

For how long have I used the solution?

I've used the solution for a little over a year.

What do I think about the stability of the solution?

The solution is very stable. Our old solution required babysitting to make sure everything was running correctly.

What do I think about the scalability of the solution?

Pretty much everybody in the company uses the solution. We have 1,300 deployed agents and ten administrators. 

The solution is absolutely scalable. 

How are customer service and support?

I have not had to use technical support.

Which solution did I use previously and why did I switch?

We previously used Sophos. The biggest reason for the switch to SentinelOne was the system resources that were used. Whenever it would kick in, I would get tickets related to machine performance. 

How was the initial setup?

The console is on the cloud, however, the devices are on-premises. The initial setup was very straightforward. Overall, it was fairly quick. We had more trouble getting the older product uninstalled than SentinelOne installed. We did the implementation slowly based on the business requirements. We deployed it over the course of a month. 

The company does a good job with training and keeping its documentation up to date.

It does not require much maintenance. Every now and then we might have one or two false positives.

What was our ROI?

We've seen a great ROI on the product. Obviously, we're still within our contract. That said, we've definitely seen a ROI. We've had a couple of incidents where something wouldn't have been detected previously.

What's my experience with pricing, setup cost, and licensing?

The solution is fairly priced for what you get. 

What other advice do I have?

We're a customer and end-user.

They do an excellent job at remaining innovative - including with their detection engines and everything involved in their product. They are doing an excellent job compared to everyone else.

SentinelOne has not been around for many years - yet the product is ahead of its time.

With any solution, I'd advise doing a proof of concept first. After that, I would not shy away from fully deploying this solution.

I'd rate the solution eight out of ten. The only thing that would improve the product is reducing the online console updates. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Rashid Torrence - PeerSpot reviewer
Principal Manager of Business Services at ATC Communications (Idaho)
Real User
Aug 25, 2023
Good automation and storytelling feature with a great GUI
Pros and Cons
  • "The GUI is really easy to use."
  • "We'd like to have a network map or scan to cover network security."

What is our primary use case?

In most cases, the product is used as an XDR or MDR for our customers internally as well. It is used for us to provide some customers with a light SOC service so we could also manage that solution. So as an example, if they don't have dedicated resources to look or monitor it offers that ability for them to do the monitoring for you or for some customers. That is very handy. But most of the time, we use it as an MDR XDR solution for our customers.

We mostly provide customers with MSSP services. We do not resell it as a standalone.

What is most valuable?

The ease of use and has some integrations within their marketplace. Those come in handy. The GUI is really easy to use.

The storyboarding gives you a play-by-play of how an instance or alert came to be.

Some of the automation tools are really good. 

Singularity's ability to ingest and correlate across our security solutions is great. I don't see a platform that does it better. At least from an MDR standpoint. It really is a central tool to ingest that data to begin with and correlate and then it's pushed out other solutions like Splunk or other solutions.

Singularity has helped reduce alerts. The automation tools have been able to lower the number of alerts. We desensitized alerts as there are too many of them. Sentinel One has helped repair it with our team to do that. Just the ability for the automation tools to be in use has been really helpful.

Singularity has helped free up our staff for other projects. The automation tools have really helped there.

Our security team is about ten people. Two people no longer have to worry about anything. We've saved about 20% to 30% of our labor, our staff. 

Singularity helped reduce our organization's mean time to detect. We're able to detect or even dive in and look for issues. We have the freedom to look and inspect. We're proactive now.

Our mean time to respond is good. It helped us fill operational procedures.

Singularity helped save costs. We've saved in terms of operational costs or even salary in terms of time-savings. We didn't save on platform to platform, yet we saved on time. 

It's helped us reduce organizational risk. We're able to monitor our networks better.

They are probably the most mature product at the moment. For the price point, we're getting a good middle ground of price and value. 

What needs improvement?

I would hope that they would increase their prebuilt migrations. As an example, they have one Active Directory in Azure Cloud, which is really good. If they can expand that to other pretty well-known software, some platforms, that'd be great. What they have now is good for some of the key players like Azure, Google, and Splunk. I would just like to see that being expanded.

We'd like to have a network map or scan to cover network security. That would be good to have.

For how long have I used the solution?

I've used the solution for five to six years. 

What do I think about the stability of the solution?

The stability is great. I'd rate the stability nine out of ten. They are never really down. It's usually up and running. 

What do I think about the scalability of the solution?

The solution is very scalable and very easy to scale. 

How are customer service and support?

Every time we have an issue, we get somebody who knows the product and can talk us through it. We can resolve issues pretty quickly. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had used Crowdstrike and Trend Micro a bit. 

We first switched to Sentinel One based on an audit. It was a next-generation antivirus. There are new options on the market now. We continue to use it due to the fact that are always improving their offering and I don't see a better option on the market.

How was the initial setup?

I was part of the deployment. The initial setup is pretty straightforward. 

We have three people involved in the deployment of the product. 

There isn't too much maintenance. It just works. 

What about the implementation team?

We did use a consultant to assist with deployments in the past. At this point, we just do it ourselves. 

What's my experience with pricing, setup cost, and licensing?

The pricing is good. They are in line with the market.

Which other solutions did I evaluate?

We looked into Crowdstrike, Carbon Black, and Microsoft.

What other advice do I have?

In terms of Ranger, I've used it. I have not used it recently. I'm actually trying to get back into and play with that again.

Sentinel One is good as a strategic security partner. The platform is great and there are a lot of features. Using their managed service really does help. We can partner with them to provide that service to our customers. 

I'd rate the solution ten out of ten. 

I'd advise others considering the solution to get with a good MSP or MSSP. Users should try the complete version and all the features to find out about the entire system. Get the higher feature set and go down from there. I'd also advise at first new users get a good MSP to work through the initial installation process. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Greg Walia - PeerSpot reviewer
IT Manager at a healthcare company with 501-1,000 employees
Real User
Aug 25, 2023
If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked
Pros and Cons
  • "Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked."
  • "The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."

What is our primary use case?

We use Singularity to protect our staff computers, the hospital network, and virtual machine servers. Singularity helps us ensure our environment is fully protected in light of the increasing cyberattacks hospitals face.  

How has it helped my organization?

Singularity's Ranger feature provides deep visibility. We implemented some rules, and Ranger scans the system based on the criteria we set. Ranger's ability to scan without agents or network changes is crucial because we want to minimize the number of changes needed on end-user machines. It's an excellent tool for minimizing risk and detecting threats before they disrupt our network.

The solution has decreased the number of alerts we seeWe get notifications and email alerts that some user machines are compromised. Singularity does a good job with bad files and data, allowing us to tackle those threats before they become bigger problems.

Singularity has helped free up staff time. For example, it automatically updates virus definitions so we don't need to do that work manually. Singularity pulls the latest virus definitions on its own. It actively monitors our machines without us having to do anything.

It has reduced our mean time to detect by about 70 percent. Singularity has reduced the mean time to respond by roughly 90 percent because we can choose to respond to a threat by rolling back, deleting, or quarantining it. It greatly reduces our overall risk by about 30 percent. 

What is most valuable?

Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked.

The interoperability is solid. We've integrated Google Authenticator with SentinelOne for multifactor authentication, so it works well. We also use Citrix multifactor authentication. It works well with our other systems. 

What needs improvement?

The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load. 

For how long have I used the solution?

I have used Singularity for about a year.

What do I think about the stability of the solution?

I rate SentinelOne Singularity seven out of 10 for stability. The stability and performance could be better. 

What do I think about the scalability of the solution?

Singularity is highly scalable. We can easily cover all our machines with it. 

How are customer service and support?

I rate SentinelOne's support seven out of 10. SentinelOne's customer service isn't that great. There's only so much they can do before they just tell you to look at the documentation.

How would you rate customer service and support?

Neutral

How was the initial setup?

The deployment was straightforward. We worked with a trainer and implementation specialist over at Sentinel. Four people from our team and one from the vendor were involved. After installation, the primary maintenance is ensuring the agents are deployed to the end-user machines. 

What's my experience with pricing, setup cost, and licensing?

Singularity is fairly priced. 

What other advice do I have?

I rate SentinelOne Singularity Complete eight out of 10. It's a high-quality product compared to what else is on the market. When implementing Singularity, it helps to organize your machines into groups like laptops, servers, and desktops and then push the agent to those groups separately.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Dinesh Yadav - PeerSpot reviewer
Sales Director at CLOUD MIND
Reseller
Top 20
Jul 31, 2023
Offers MITRE ATT&CK reports, forensic investigation, and ransomware prevention
Pros and Cons
  • "The most valuable features are forensic investigation and ransomware prevention."
  • "The channel policy has room for improvement."

What is our primary use case?

SentinelOne Singularity Complete offers a ransomware warranty. In the event that any customer is attacked or falls victim to ransomware, they provide compensation of approximately one million dollars. Additionally, they offer 24-hour version monitoring, which allows them to continuously monitor the customer's environment. This monitoring helps them identify the source of any issues or attacks. They conduct thorough investigations to ensure everything is checked properly. Furthermore, they provide threat analysis reports.

How has it helped my organization?

SentinelOne Singularity Complete can ingest and correlate data across security solutions. It monitors the entire environment and accesses it in case of any incidents. It performs quarantining and provides detailed information to the customer about the origin of the incident.

It helped us consolidate our security solutions.

SentinelOne Singularity Complete helps reduce false alerts by 60 percent. It has also reduced our MTTD to 60 to 90 seconds.

Our MTTR has been reduced to 40 seconds.

SentinelOne Singularity Complete has saved us costs by preventing ransom attacks that could have cost us millions of dollars in the future.

SentinelOne Singularity Complete has helped reduce our organization's risks by 90 percent.

What is most valuable?

The most valuable features are forensic investigation and ransomware prevention.

What needs improvement?

The channel policy has room for improvement.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete for five years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

SentinelOne Singularity Complete is scalable.

How are customer service and support?

The technical support is good.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

SentinelOne Singularity Complete meets all enterprise requirements and is priced accordingly.

What other advice do I have?

I would rate SentinelOne Singularity Complete an eight out of ten. They are a market leader and have been established for a significant period. Additionally, their MITRE ATT&CK reports are quite helpful.

SentinelOne Singularity Complete agent is light and easy to deploy.

SentinelOne Singularity Complete is a mature product that has been in the market since 2011, and the company is well aware of what to do and what not to do.

SentinelOne, as a strategic security partner, is satisfactory.

I recommend SentinelOne Singularity Complete for enterprise organizations with a sufficient budget to invest in their security.

Disclosure: My company has a business relationship with this vendor other than being a customer. partner
PeerSpot user
reviewer2082525 - PeerSpot reviewer
IT Manager at a construction company with 51-200 employees
Real User
Jul 28, 2023
It's an innovative platform that addresses issues automatically
Pros and Cons
  • "SentinelOne has improved the overall security posture of the firm without creating a lot of hassle for our end users. Everything is a bit more secure. We think Singularity Complete has helped us reduce our organizational risks."
  • "I rate Singularity Complete a seven out of ten for affordability. It's more expensive than our previous solution, but it does its job well. At the same time, there is some room for improvement. Cheaper is always better."

What is our primary use case?

We use Singularity Complete as our EDR software. It's replacing our old antivirus solution. It covers about 80 endpoints. 

How has it helped my organization?

SentinelOne has improved the overall security posture of the firm without creating a lot of hassle for our end-users. Everything is a bit more secure. We think Singularity Complete has helped us reduce our organizational risks. 

What is most valuable?

SentinelOne detects threats automatically and performs the remediation itself, so we don't need to constantly look at the logs. It reduces the meantime to respond because it automatically responds to the detected threats.

For how long have I used the solution?

We started using SentinelOne Singularity at the start of this year, so it has been nearly seven months.

What do I think about the stability of the solution?

I have had no stability issues so far. 

What do I think about the scalability of the solution?

We only started using it at the beginning of this year, so the number of users has stayed the same. I have no experience scaling it up, but it's easy to add more devices to the platform. I don't foresee having any problems with scalability.

How are customer service and support?

We receive technical support from our partner, so I have no experience with SentinelOne support. 

Which solution did I use previously and why did I switch?

We previously used Bitdefender as our antivirus solution. We switched to SentinelOne because we wanted to improve the overall security of our endpoints. SentinelOne offers more advanced and comprehensive protection than a traditional antivirus solution.  

How was the initial setup?

We contracted with a partner to deploy SentinelOne, so I wasn't involved in the deployment. Our partner also handles the maintenance.

What was our ROI?

SentinelOne is more expensive than our previous tool, but we're hoping to see a return by saving money on recovering from some kind of incident.

What's my experience with pricing, setup cost, and licensing?

I rate Singularity Complete a seven out of ten for affordability. It's more expensive than our previous solution, but it does its job well. At the same time, there is some room for improvement. Cheaper is always better.

Which other solutions did I evaluate?

Though Microsoft's solution was suggested, we only seriously considered SentinelOne. That was the one that stood out during research. Also, I heard from my peers that it was the best one, so I didn't look at other options.

What other advice do I have?

I rate SentinelOne Singularity Complete a nine out of ten. I recommend it. SentinelOne works as advertised. It's an innovative solution, but it's hard for me to compare it to other products because I don't have much security expertise. It's a mature solution that has no bugs that I've experienced. I have confidence in it.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Brian Fulmer - PeerSpot reviewer
IT Manager at American Incorporated
Real User
Aug 29, 2022
The MDR service is convenient for a small team like ours
Pros and Cons
  • "SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday."
  • "In 18 months in with SentinelOne, we've seen the same lack of drama, with no endpoints compromised to the degree that it has negatively impacted our network."
  • "Managing the false positives creates additional management overhead. The behavioral analysis engine might misinterpret real user behavior as malware. For example, a drafter was cleaning up a Revit folder and deleting 4,000 files. That looks like ransomware. The SentinelOne agent kicked his computer off the network."
  • "Managing the false positives creates additional management overhead."

What is our primary use case?

We're a construction company using SentinelOne for endpoint security with endpoint detection and response. SentinelOne covers all of our endpoints and servers. It protects everyone across the company, even those not actively using an AV.

How has it helped my organization?

SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday.

We have the Ranger feature for network scans, allowing us to pick up any new devices that show up on a network. That was especially useful for us when we shifted to working from home.

If two or more agents are in a remote network, they will scan the network and give you an inventory of the MAC addresses and device types they see. This is handy when you have a small office or someone working from home. We do not allow employees to bring their own devices, but people are plugging their company computers into their home network, exposing them to risks. The ability to report on connections in remote networks is handy.

What is most valuable?

SentinelOne's machine learning engine is purely behavioral. The engine will shut down anything that's bad, isolate the system from the network, and alert everyone. We had tremendous success with CylancePROTECT for over five years. Zero successful attacks. In 18 months in with SentinelOne, we've seen the same lack of drama. No endpoints have been compromised to the degree that it has negatively impacted our network.

What needs improvement?

Managing the false positives creates additional management overhead. The behavioral analysis engine might misinterpret real user behavior as malware. For example, a drafter was cleaning up a Revit folder and deleting 4,000 files. That looks like ransomware. The SentinelOne agent kicked his computer off the network.

We interrupted that process and then isolated his computer and the file server. It was somewhat disruptive in the middle of the day. At the same time, it was a perfect simulation of what ransomware would do, so it was reassuring that SentinelOne stepped up and said, "Nope!" 

It was not a malicious process running that was detected. It was simply behavior he shouldn't have done. Now, our drafters know to co my team when they're going to do some file cleanup. The false positives are just inherent in just the large amount of poorly written software that's out there. Any competent antivirus is going to have a behavioral, heuristic engine looking at what's actually being done.

It might be something bad done by the software you use. We used a machine learning engine for five years. The Wire Hauser Corporation builds subpar software because they're supposed to be building lumber products. It triggered a false positive, that's about the only negative for any modern AV is just false positives.

In the future, I would like to see SentinelOne implement integrated patch management. It would be great to manage endpoint patching through SentinelOne. We're on our third patch manager in three years because they are lackluster. It would be nice to have a new patch management tool.

For how long have I used the solution?

I have been using Sentinel One for about a year and a half.

What do I think about the stability of the solution?

SentinelOne is stable and constantly improving. Today I did a demo of a new acquisition they made for Active Directory. Ranger is the product that scans networks. This is a new product from a company they bought.

They do automated scans of your Active Directory infrastructure to identify fixable problems and anyone trying to take advantage of the unfixable problems. They're improving their core product while adding new functionality and products that I'm interested in.

What do I think about the scalability of the solution?

SentinelOne is highly scalable. I know folks with 10 times the number of endpoints we have, and they're pleased with it. One fellow I know has 4,000 endpoints under management.

How are customer service and support?

I rate SentinelOne support nine out of 10. I wish our other vendors had tech support as good as SentinelOne. I can only think of one other vendor that possibly has better tech support, but the vast majority of software companies have sub-par tech support. Little goes wrong, but get a quick turnaround time when something comes up. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were using CylancePROTECT, one of the early innovators in machine learning next-gen AV. Then they added on an EDR component called  CylanceOPTICS. CylancePROTECT was an outstanding product for us. It was extremely low overhead and highly efficient. It crushed it in the proof of concept and did an excellent job for us.

Blackberry acquired the solution in 2019, the last year of our three-year agreement. It was awful. Development essentially stopped. All of the intelligent people started leaving. I found out that some went to SentinelOne. It was clear my worst fears were realized: that Blackberry was going to screw up yet another good thing.

How was the initial setup?

I had prior experience with this kind of antivirus, so I thought setting up SentinelOne was very straightforward. We stood up three different products in the course of 60 days to do this test. I didn't think there was anything unusual or unexpected about setting it up. It's perfectly understandable if you know what you're doing.

We have automated tools for deploying software. The biggest problem was getting the old endpoint solution off and the new endpoint solution parked on top of it. We had a 30-day window to get it all done for 250 endpoints.

My IT group has four people, including me, but it's not hard to manage or deploy. It fits right within our normal imaging endpoints, so it's super-low overhead.

What about the implementation team?

We did the deployment in-house. I'm paranoid. I wouldn't let anybody touch our security software.

What's my experience with pricing, setup cost, and licensing?

We pay $30,000 a year for 275 endpoints. We're growing, so I plan to buy another 75 endpoints. There is still a year and a half left in my three-year subscription, so I'm going to increase my endpoint count by 30 percent.

I'm buying midterm. We're a little over our licensing right now—less than 10%—but we'll correct our device count and plan for future growth. We pay for additional managed detection and Ranger network scanning.

Which other solutions did I evaluate?

We started doing proofs of concept for a short list of candidates in October 2020 when things calmed down a little bit. In addition to SentinelOne, we were looking at Sophos Intercept X, and CrowdStrike Falcon, which I assumed would win the bake-off. I had every expectation that Falcon was going to be our new endpoint. SentinelOne was kind of a startup. CrowdStrike Falcon was number three. Our second choice would've been Sophos Intercept X.

We left behind traditional AVs like Symantec and Norton Antivirus in 2016. It's awful stuff. We would've been good with Intercept X or Falcon, but SentinelOne has just proven to be the right choice for what we're doing. I hope they don't get bought.

What other advice do I have?

I rate SentinelOne 10. It's an excellent next-gen AV with none of the signature-update nonsense. It'll kill anything that does something bad, which sometimes is an Adobe product, etc. False positives are expected in that situation, but it's not a problem.

If you're considering SentinelOne, devote time, money, and staff to a thorough proof of concept. If you don't test your use cases, You will regret it. Just assume it's going to be an exit project to do an endpoint security selection. Ignore Gartner's and the press. Don't pay attention to the big analysts. Read the peer reviews and the community feedback. 

Do the heavy lifting with a proof of concept. If you think you're spending too much time on it, you're probably not spending enough. It's so important. Treat picking a product like you would any other big project.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Chief Information Officer at a tech services company with 1-10 employees
Real User
Top 20
Dec 14, 2025
Reduces alerts, allows data from everywhere, and helps to be as secure as we can be
Pros and Cons
  • "The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not."
  • "Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly."

What is our primary use case?

We use it for protection and endpoint detection across our entire customer base because we are a managed service provider. It is also for endpoint protection of our internal machines. 

We have Linux, Mac, and Windows. It has essentially replaced our antivirus solutions. It is our full endpoint detection. We then work in and partner with our outside XDR and our SOC. We interface SentinelOne identifications and alerts into the SOC so that they can manage those for us.

How has it helped my organization?

It is very strong in terms of the ability to ingest and correlate across our security solutions. They have added cloud capabilities. Some of that is through acquisitions, but a lot of it is native. It allows us to bring in data from everywhere, analyze what we need to analyze, and make sure that we are as secure as we can possibly be. When we have SentinelOne running in an environment, it always makes us feel more comfortable. We require it for every one of our customers. They may have a license elsewhere, but regardless of that, we essentially say that if they are coming on and going to be a customer of ours, we are going to remove whatever they have, and they are going to SentinelOne just because it is a far superior product that we have tested and evaluated.

With SentinelOne, we have not consolidated security solutions, but we have reduced our TCO because we do not have to support customers utilizing other endpoint protection solutions. We simply would not work with other solutions. We enforce SentinelOne to be the only endpoint protection solution that is monitored or managed by us. That obviously has helped our TCO in terms of the knowledge base and being able to support and protect our clients, but we have not reduced any applications or vendors that we work with because we stuck with SentinelOne from day one.

We have used the Ranger functionality a little bit. It provides network and asset visibility. It lets us see everything else that may be on the network that we may not already have an idea of. Just by having an agent in the environment, it lets us see additional switches that may have vulnerabilities or new machines that may pop up on the network that we are unaware of. There is a large benefit to that, for sure.

The fact that Ranger requires no new agents, hardware, or network changes is crucial to it being effective because a lot of different solutions out there require you to have something else running on the network to be able to perform the functions of Ranger. However, the way they designed SentinelOne, we can essentially have the regular SentinelOne singularity agent installed on a machine out there and enable the Ranger functionality on the agent. It will then do the work for us. Rather than having an additional appliance or an additional software service running in the environment to capture the information that we are looking for, we get it from Ranger. Ranger can help to prevent vulnerable devices from becoming compromised, but we have not used it this way.

SentinelOne Singularity Complete without a doubt has helped reduce alerts. With the policies that we enable across the board for our customers through SentinelOne Singularity Complete, we can onboard new clients, and as we onboard them, we are able to quickly and easily protect their environment without filtering through a ton of random alerts that are typically false positives when you are onboarding a new customer. That, to me, has been a huge benefit to having SentinelOne and reducing our overhead to manage the new customers that we are bringing on.

SentinelOne Singularity Complete has helped free up our staff for other projects and tasks by reducing the false positives that we get for our existing customers and when we onboard new ones. It obviously allows us some engineering time to be focused elsewhere. We have been able to do more automation and tie in other protection solutions into SentinelOne, such as our XDR with our SOC.

SentinelOne Singularity Complete has reduced our mean time to detect (MTTD) without a doubt. We get alerts regularly from the console that get notified to our SOC and also internally. We are able to respond to those very quickly. In fact, on average, about 90% to 95% of the time, SentinelOne Singularity Complete automatically remediates the solution based on how it is set up with our policies. Therefore, we do not have to do anything other than verify that it was a legitimate threat that was blocked.

Our mean time to respond (MTTR) is a lot faster than what we experienced with other solutions in the near past. It is almost immediate. It sees the process kick off. It remediates it 90% to 95% of the time, and even when it does not remediate it, it alerts us immediately. We are not waiting for a weekly scan or a daily scan that the other solutions typically use because it is all in real-time with the Singularity agent.

SentinelOne Singularity Complete has helped reduce our organizational risk. It is one of those solutions that lets us sleep easier at night when we have it on a machine. Security, in general, is not set-it-and-forget-it. It is not a single layer. You have to have multiple layers. We have other solutions that we partner with SentinelOne to try and make the environment as secure as possible, but SentinelOne is definitely the starting point. It gets us protected, and it makes our lives easier with the device. We feel more confident that the device is secure from everyday end users who do not necessarily know the difference between a fake or a phishing email that has a fake Adobe or Word Document attached to it that they are going to download and try to run. It definitely makes our life easier, and in my role, it helps me sleep a little better at night knowing that all of our machines are protected by that, both internally and across the board of our customers.

What is most valuable?

The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not. There is always that concern that you protect what you know, but items can be brought into the network that you are unaware of because you are not sitting at every customer location every day or every office every day, so the ability to quickly identify anything new on the network has been a huge benefit to the application. It is something that they have added over time. It has been huge for us.

What needs improvement?

Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly. It is very effective, and it protects our environment like no other solution that we have ever worked with or tested. It is very strong, but you have to get in and look at the visibility reports and the information in the system, in the console, and on the dashboard to really identify if something is being blocked and causing a performance issue for a customer or on a machine. They have the flexibility there, but it can be a little frustrating at times to find the needle in the haystack until you get used to the console and understand how it works. So, there are times when it can impede the ability of an application. The way I typically look at that is that the application developer or whoever developed the app is probably using some functionality that is not standard, and that is why SentinelOne is effectively not allowing it. The only issue there is that we do not always know that SentinelOne is not allowing it. It could be impeding the traffic for an application or a database connection, but we do not know that initially. It does not flag that as a threat or block anything, so there is no alert.

They have device and network control that they have added over time. It allows you to take over control of the firewall through the network control, and you can block and manage CD-ROMs and USB devices. One thing that I always thought would be beneficial for device control is the ability to enforce encryption on USB and external hard drives. You do not have to have a separate agent to handle any of that even if it is just tying into BitLocker on Windows devices or BitLocker To Go capabilities. To me, that would be a huge benefit to the product so that there is no other application, and you do not have to privately manage BitLocker settings for USB devices or external hard drives.

Lastly, it would be very beneficial to have a solid SentinelOne agent for mobile devices that easily ties into the existing endpoint dashboards.  With the proliferation of mobile and email threats that are exploited on mobile devices having a centralized console for managing these endpoints would be crucial in the future.

For how long have I used the solution?

Between my current organization and prior organization, I have been using SentinelOne for close to 12 years.

How are customer service and support?

We have not had any incidents where we have had to contact them for an emergency. There were no ransomware outbreaks and no major attacks or threats running through our environment, so I have not had to deal with that level of support. Typically, we reached out to their support when we had a question on interoperability or we were seeing some weird effects or an agent upgrade not wanting to push from the dashboard properly. For the most part, their support is pretty strong. The turnaround time is usually pretty good. We had only one ticket that had to be escalated above the initial tier 1 support. They get prioritized based on criticality, and even that ticket was closed within eight calendar days. To me, it was not a critical issue. I did not think it was an issue, but it took eight days. That was well within the expected time frames. I would rate their support a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

In the past, I have used Trend Micro. This was prior to endpoint detection times. It was more than nine years ago. I used Trend Micro, Kaspersky, Norton, and McAfee. I have also used ESET and Malwarebytes. Typically, we were using those in layered approaches. We put ESET and Malwarebytes on the same machine because they served different purposes, but I have not used those in nine or ten years.

By implementing SentinelOne Singularity Complete, we were not necessarily trying to solve a problem. We wanted to try and find a best-of-breed solution that was more effective than legacy AV because legacy AV is based on somebody getting hit by the virus, and then it allows the fingerprint to be used to block hashes, etc. Somebody has to get hit, and then everybody else can benefit from that. That was the old model, and we wanted to go next-gen. We wanted to make sure that we were using something that could be as protective as possible on zero-day outbreaks. After reviewing many of the solutions out there, we felt like SentinelOne was the best of the breed. That is justified year over year, and that is why we have continued to stay with them both in my last organization and this one. When you review different reports that are out there every year, SentinelOne is the leader year after year.

What was our ROI?

It has helped us save a lot of soft dollar costs. I do not know if they offer it to everybody, but we have the ransomware insurance policy from SentinelOne that provides us a certain amount of reimbursements per endpoint should there actually be a ransomware outbreak. In all our time, we never had to use it because there simply has not been a ransomware outbreak on a single one of the machines that has SentinelOne properly installed on it.

What's my experience with pricing, setup cost, and licensing?

We buy the licensing in bulk. From a pricing standpoint, because we buy in bulk, we get very good pricing. Based on its functionality and capabilities, it is well worth the price. I do not think it is at all expensive based on what you get in the solution. We use the complete up to the core. Our pricing is probably a little bit more than somebody who is on the core. In general, it is well worth what you get for the price you pay.

What other advice do I have?

Overall, I would rate SentinelOne Singularity Complete a nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Dec 14, 2025
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.