No more typing reviews! Try our Samantha, our new voice AI agent.
reviewer2310330 - PeerSpot reviewer
Security Analyst at a consumer goods company with 501-1,000 employees
Real User
Nov 22, 2023
Helps to centralize and mitigate organizational risk
Pros and Cons
  • "The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI."
  • "SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end."

What is our primary use case?

We use the solution for endpoint threat detection. 

How has it helped my organization?

The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI. 

What is most valuable?

SentinelOne Singularity Complete's most valuable feature is reporting. People with less technical knowledge can understand the things happening. 

What needs improvement?

SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end. 

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.

For how long have I used the solution?

I have been using the product for a year. 

How are customer service and support?

I have not used support yet, which is a good thing. 

What other advice do I have?

SentinelOne Singularity Complete tries to go above and beyond to integrate with different vendors, which is good. It is very nice to pick a different vendor for my needs and pull in all the information I need. It is very beneficial to have a single point of activation. 

As with any tool, figuring it out has a learning curve. However, getting the information easily and quickly from the same tool is nice. It is also nice to login to a single platform instead of multiple ones, which was the case in my previous company.

SentinelOne Singularity Complete does a good job of reducing alerts. We run attack tests against our network. We can create a real-world scenario. 

The product has reduced our organizational risk. Any tool designed around security mitigates risk. 

SentinelOne Singularity Complete has centralized things and helped us save costs. It makes getting information in and out of the system easier for a small group of people. 

I like everything that the product has done as a strategic security partner. They are willing to work with other companies and are not afraid of being groundbreaking. They are working on AI. 

I rate it an eight out of ten. 

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2270853 - PeerSpot reviewer
Network Engineer at a government with 11-50 employees
Real User
Sep 21, 2023
Discovers and deletes problem-causing processes, but the support team lacks knowledge
Pros and Cons
  • "The tool deletes the problem-causing process and prevents issues."
  • "They should train their own people so that they can train us better. The theory is good."

What is our primary use case?

Every five years, we research tools that could replace our old software. We combine our AV and intrusion detection. We were trying to find out if there’s an agent for the whole nine-yard, and we came across SentinelOne.

What is most valuable?

The product has an automated process where we find security issues. It’s a 24/7 behavior analytical tool to execute certain actions. The tool deletes the problem-causing process and prevents issues. It discovers, kills, and protects. The software is good. I don't see much of an issue with it.

What needs improvement?

They should train their own people so that they can train us better. The theory is good. If the product is good, but we cannot rely on it or pass it along to the customer, it's useless. When we purchased the solution, we were told that certain functions could be done. I understand it is part of sales, but I feel like I'm being fooled. We couldn't test it because it was in production. We first had a proof of concept but didn't connect it to our Azure portion.

For how long have I used the solution?

I have been using SentinelOne Singularity Complete since February.

What do I think about the stability of the solution?

The product's stability is okay.

What do I think about the scalability of the solution?

The tool's scalability is average.

How are customer service and support?

The support people of SentinelOne do not know the different products offered by SentinelOne. How can they support their customer if one person knows one thing and the other doesn't? They tell us the issue does not come under them and point us to a different team.

There is a SentinelOne support team and a Singularity support team. SentinelOne's support team is okay. Once, the technical support and help desk director got involved with all our issues. However, the director got involved after we strongly complained about the issues. That's not the way it's supposed to be.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used Arctic Wolf.

How was the initial setup?

The initial deployment was good. The solution is cloud-based.

What about the implementation team?

We took help from SentinelOne to deploy the solution. We paid for it, but it was not worth the money we paid for. Two people from our company are required for the deployment. The solution requires maintenance.

What's my experience with pricing, setup cost, and licensing?

The licensing is okay. I don't see any issues with it.

Which other solutions did I evaluate?

We evaluated other options. We were trying to have one solution for everything. We heard that SentinelOne purchased another company. Other products like Rapid7 provide multiple solutions and products for our needs. We saw that SentinelOne provided us with one product and one support system. However, even while using SentinelOne, I have to contact different teams.

What other advice do I have?

When we purchased the solution, it did not do what we expected. We didn't use all of the features. It has quite a few options. There are a bunch of more add-on modules. Other products from SentinelOne are not good. I am really disappointed with them. The user must understand the solution by just reading the training documents. The team claims it is professional, but it lacks a lot of functions.

The integration is fine, but the feature is not how they market it. It looks good on paper, but it's not what we think it is. It's not a ready product in marketing. I am disappointed with it. The interoperability is still under development. Not many people know or understand it, including people from SentinelOne. When we call and try to figure out what's going on with the solution, not many understand what it is. There is a lack of training on their products and services.

The Ranger functionality is fine. It’s only been six months since we started using it. We're still learning as it goes. I think Ranger is probably better than Singularity. Sometimes, they send false positives. It's not really a big feature for us. It's good. They're trying to prevent any networking attack, but I don't think it’s there yet. They're just trying to discover what is on the network, but we already have other tools for that.

It is important for us that Ranger requires no new agents, hardware, or network changes. Ranger is just trying to discover whatever issues we have. I don't think it can prevent it. I don't think it can block issues or protect our devices.

Overall, I rate the product a seven out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
reviewer2271060 - PeerSpot reviewer
Cybersecurity Engineer at a energy/utilities company with 1,001-5,000 employees
Real User
Sep 11, 2023
Improves our visibility and response across multiple platforms in our enterprise network
Pros and Cons
  • "The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported."
  • "Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved."

What is our primary use case?

Our primary use case would be for active XDR protection. We wanted an innovative XDR to keep up with the rising dangers of malware, ransomware, et cetera.

How has it helped my organization?

Our visibility and response to a lot of the things that come with an enterprise network have improved. We have users doing multiple things across different platforms. There are applications, servers, endpoints, and certain things that fit in the wild, and it does a really good job protecting all of them.

It has saved time for my team because of what we can do in terms of device control that it provides externally. We have total control.

When it comes to detection, we have email alerts when a threat comes across, so it's pretty quick. And if we have predefined responses to certain threats, then obviously, our response is instantaneous. But in a lot of cases, we like to have our administrators take a look at it and make sure it gets remediated as quickly as possible.

As for security, SentinelOne Singularity puts us in a better place than most solutions. We can look at platform reviews that keep us in the loop regarding what's not considered a good solution.

What is most valuable?

The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported.

It also has a lot of flexibility with its ability to ingest things.

And the AI feature of the solution is prompt in how it learns a certain network and how it responds to certain things. If you do come across false positives, it's relatively easy to get around them.

What needs improvement?

There are some obstacles you have to overcome when it comes to whitelisting and the like, but that's true of every XDR platform.

Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved.

For how long have I used the solution?

We've been using SentinelOne Singularity Complete for about three years.

What do I think about the stability of the solution?

I would give it an A-plus in stability. A lot of times, when you download a new endpoint protection agent or an AV agent, you might run into a lot of compatibility issues or programs kind of freezing up.

What do I think about the scalability of the solution?

I would give it an A-plus for scalability as well.

How are customer service and support?

Our experience with their technical support has been straightforward and good. We got good, timely responses.

As a strategic partner, they're "the new guy on the block." There is some talk of them being bought out. I have heard some rumors like that. But from what I've seen, SentinelOne is just as good as, or better than, any other security partner out there.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use an endpoint protection platform, but I can't comment on which one we used.

How was the initial setup?

I was involved in the whole process of deployment. One thing that wasn't SentinelOne's forte was compatibility with a script for an on-premises software distribution tool. Most of what we did was homegrown to deploy the agents to the machines.

What about the implementation team?

We did it in-house. There were a handful of us involved, probably 10 at least.

What's my experience with pricing, setup cost, and licensing?

I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process.

Which other solutions did I evaluate?

We looked at a couple of other solutions but, again, I can't disclose more about those.

What other advice do I have?

The speed and user friendliness that this platform offers break down some complex aspects of the security industry, and the solution lays them out in a way that a general user can understand.

Definitely compare and contrast Singularity with other solutions. It depends on what fits best for you, what industry you're in, how mobile your network is.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Sasita Lamchaona - PeerSpot reviewer
Product Consultant at M.Tech
Reseller
Jan 19, 2023
The solution is stable, scalable, and easy to deploy
Pros and Cons
  • "The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
  • "I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions."

What is our primary use case?

I mainly focus on endpoint security. Customers often ask me about solutions to detect malware threats, and SentinelOne is one of the options I recommend. The main focus is detecting malware threats on endpoints.

What is most valuable?

The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.

What needs improvement?

I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

Our clients range from small, medium, to large scale and the solution is stable for all of them. I give the stability a ten out of ten.

What do I think about the scalability of the solution?

The solution is highly scalable. I give the scalability a ten out of ten.

How are customer service and support?

The technical support is very good, and quick.

How was the initial setup?

The initial SentinelOne setup is easy to set up in the environment and also easy to download the packet to install. 

What's my experience with pricing, setup cost, and licensing?

We do not encounter a lot of issues with the pricing of SentinelOne. The pricing is reasonable.

The solution offers a standard licensing fee.

What other advice do I have?

I give the solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
AANKITGUPTAA - PeerSpot reviewer
Consultant at Pi DATACENTERS
Real User
Dec 5, 2022
Reliable and straightforward to set up with good documentation
Pros and Cons
  • "The setup is very straightforward."
  • "There should be more integration models with different security operations tools or soft tools."

What is our primary use case?

The solution is agent-based, so it's on service, and it's a cloud solution.

We are using its API capabilities for our server for protecting us from cyber security threats and attacks.

How has it helped my organization?

Earlier, we used some internal protections. However, we moved to HD information for the cyber security portion. It's helped us to mitigate security attacks and provide solid defense.

What is most valuable?

We like the file-less monitoring and filtering are great in the context of security.

The setup is very straightforward. 

It is stable. 

The product can scale if the licensing is correct.

What needs improvement?

SentinelOne has some inputs, some traditional NPRs, or models like IPS and IDS. We can configure individual rules for particular machines. In a sense, control is not from the console.

There should be more integration models with different security operations tools or soft tools. It could provide a single pane for integration with the firewall, or a soft solution should be there.

For how long have I used the solution?

I'd been using the solution for eight months.

What do I think about the stability of the solution?

It's a stable, reliable product. there are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The product can scale. However, it depends on the license. 

We have 500 users on the solution right now.

Right now, we don't have plans to increase usage as we already have some buffer limit there.

How are customer service and support?

While I haven't directly contacted support, I have used their documentation surrounding KPIs and have found them helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Earlier, we were using Symantec and the One Protection Suite.

How was the initial setup?

The solution is easy to set up. It's not an overly complex process. We had no issues at all. 

One system engineer which has some knowledge of network security can handle the implementation.

What about the implementation team?

We handled the deployment in-house. 

What was our ROI?

SentinelOne has a very good XDR product, and it can also integrate with different security components. It's a single pane of glass for cyber security posture management. The ROI is good.

What's my experience with pricing, setup cost, and licensing?

The licensing is handled by another team. I can't speak to the exact cost of the product.

Which other solutions did I evaluate?

We also looked at CrowdStrike before choosing this product.

What other advice do I have?

Someone interested in the product should first do POC, and depending upon their OIS environment, they should consider this first before going for any XD solution.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Assistant Manager at airtel
Real User
Sep 10, 2022
Easy to deploy with good reporting and good rollback features
Pros and Cons
  • "The reporting part is awesome."
  • "Email security should also integrate with it to get more visibility on it."
  • "The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR."

What is our primary use case?

It is used in my customer's companies. It handles incident management, firewall implementation, and device control.

What is most valuable?

The most valuable feature is the rollback. 

Remediation is great. 

The ranger feature for work devices is most useful.

The reporting part is awesome.

It is easy to deploy the product. 

What needs improvement?

It should not limit itself to EDR. I need some other solutions to integrate into it. It should give us more visibility by integrating other solutions with it.

I want some other solutions like email security. Email security should also integrate with it to get more visibility on it.

Agent upgrades might cause some issues. Most of the time, an agent gets removed after it is not communicating with the server. After every three months, it will get automatically removed. That might cause an issue.

The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR.

For how long have I used the solution?

I've used the solution for around six months.

What do I think about the stability of the solution?

The solution is stable. We've found the performance to be good. It's light. There are no bugs or glitches. 

What do I think about the scalability of the solution?

We have 1500 users on the solution right now. It is pretty scalable. 

How are customer service and support?

With technical support, I've got an immediate response, and when I log a ticket, I get good assistance. 

Which solution did I use previously and why did I switch?

I had worked on Palo Alto XDR as well. However, the remediation is not so good. There is no option with the rollback as well. That might cause data loss during a ransomware attack.

I'm also aware of the Trend Micro solution. 

How was the initial setup?

It's easy to set up and has a very lightweight agent. It's very easy to deploy.

The time it takes to deploy all depends upon the number of uses, the number of clients, which machines are there, et cetera. In the Ranger, you have options. If you have advanced features for deployment, Ranger deployment, it is easy.

What's my experience with pricing, setup cost, and licensing?

The solution is a bit pricey and they should look at the costs involved. You have to pay extra for certain features, such as the Ranger feature. Everything should be included in the subscription. 

What other advice do I have?

We are partners. 

It's a good solution as compared to others. In terms of MML features, it is fine.

I'd rate it eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Developer at DSY medical
Real User
Sep 4, 2022
Flexible, secure, and great for writing custom rules
Pros and Cons
  • "We are able to write some custom rules on SentinelOne."
  • "The solution is stable and reliable, catches a lot of malicious and suspicious threats, and there are no bugs or glitches and it doesn't crash or freeze."
  • "Maybe they can develop some firewall aspects for it to better protect us."

What is our primary use case?

We primarily use the solution at our endpoints. We use it for security.

What is most valuable?

It's catching a lot of malicious and suspicious threats. That's good for us. 

We are able to write some custom rules on SentinelOne.

The setup is simple. 

What needs improvement?

Right now, the solution meets our needs. We do not need anything added to it. 

Maybe they can develop some firewall aspects for it to better protect us. If they did that, we can write a lot of rules for the firewall and custom rules.

For how long have I used the solution?

I've been using the solution for about two years. 

What do I think about the stability of the solution?

The solution is stable and reliable. It catches a lot of malicious and suspicious threats. There are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

The solution scales well and can work across platforms. We can use it with MacOS, Linux, and Windows Servers. You can use it with everything.

We have 600 people on the solution right now. It is used throughout the company.

We may increase usage in our company. 

How are customer service and support?

Technical support is great. They are very responsive. For example, today, if I open a ticket, they will likely give me an answer in 24 hours.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used FireEye and Symantec. However, SentinelOne is better than them. It's more flexible and catches more threats. 

How was the initial setup?

We found the initial setup to be very simple. You just click through, and you're up and running. 

I'd rate it five out of five in terms of ease of deployment.

We're deploying it every month. SentinelOne sends updates every month and we action them. 

What's my experience with pricing, setup cost, and licensing?

Licensing is paid on a yearly basis. I can't speak to the exact pricing. 

What other advice do I have?

I'm not sure which version number we are currently on. 

If a company has a lot of people and needs to protect its many endpoints, this is a great option.

I'd rate the solution eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Steve Pender - PeerSpot reviewer
Steve PenderManaging Member at a tech consulting company with 1-10 employees
Top 20Real User

It does what it is meant to do - Protects the end point 100% - Never been breached.  

Sheryar Saqib - PeerSpot reviewer
Sr Network Security Engineer at a tech services company with 501-1,000 employees
Real User
Aug 22, 2022
Good protection and management provided by this product
Pros and Cons
  • "The protection and management provided by SentinelOne is good."
  • "I would like to see the reports from SentinelOne more customizable, as there are very few options."

What is our primary use case?

We use SentinelOne daily for endpoint protection and restriction on using USB devices. 

What is most valuable?

The protection and management provided by SentinelOne is good.

What needs improvement?

I would like to see the reports from SentinelOne more customizable, as there are very few options.

For how long have I used the solution?

I have been using SentinelOne for four months. I work as a senior network security engineer.

What do I think about the stability of the solution?

The management of SentinelOne is easy, it does not put too much burden on the machine. We will be upgrading to Windows 11 in the upcoming months, we will be able to better comment on stability after that.

What do I think about the scalability of the solution?

Our organization has close to 3,000 machines with approximately 2,000 users. It is easy to scale.

Which solution did I use previously and why did I switch?

We were using McAfee prior to SentinelOne. McAfee has a wide range of reports and is more customizable than SentinelOne. We switched from McAfee because we were no longer satisfied with the support they provided. They were no longer providing prompt responses, tickets were taking too long to get resolved.

The other reason we switched was that McAfee was a traditional antivirus working on a definition basis. They have not moved on to the next generation of antivirus. McAfee needs to focus on the behavior of the program and machine files. If you want this, you need to choose a different McAfee product. They were not putting everything in one place, but rather offering a buffet of offerings, driving the cost up.

How was the initial setup?

The initial setup of this solution was simple. We did the setup ourselves, but did require a little help from the vendor.

I would give SentinelOne a four out of five for ease of setup.

What about the implementation team?

The deployment of SentinelOne is easy. If you calculate the installation of the product and make all the packages ready, it takes about a week. Implementation was another month to go through and replace the older systems and install the new ones.

What's my experience with pricing, setup cost, and licensing?

The pricing of SentinelOne is less than McAfee.

What other advice do I have?

I would advise anyone looking to implement SentinelOne to look before you set up. Know how many machines are working in your network and which type of communication they are doing, whether it is internal or on the internet. No matter what solution you pick if it is SentinelOne, Carbon Black, McAfee, or Symantec check the usage of your machines.

I would rate SentinelOne a nine out of ten overall.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Olivier Richard - PeerSpot reviewer
IT Support Director at Biotrial S.A.S.
Real User
Aug 10, 2022
User-friendly, easy to implement, and offers great visibility
Pros and Cons
  • "It gives you good visibility of any threats or vulnerabilities that you might have on your network."
  • "SentinelOne offers one of the best software quotes and has excellent reviews and everything."
  • "Some reports could be better."

What is our primary use case?

We primarily use the solution for security. 

Cyber threats are growing. I have some other colleagues from other companies that have had some attacks. For us, SentinelOne or EDR solution was something appropriate.

What is most valuable?

It's pretty easy to implement. 

It gives you good visibility of any threats or vulnerabilities that you might have on your network. 

It's very simple to use, and user-friendly as well.

What needs improvement?

I don't know how complicated it would be, however, a patch solution should be included inside of this. If we find a vulnerability, we should also be capable of patching the PC right away.

Some reports could be better. Sometimes you need to search inside of SentinelOne to get some information. Only then could one be done. 

A daily report would be helpful.

For how long have I used the solution?

I've been using the solution for six months. 

What do I think about the stability of the solution?

The software looks to be okay right now. It is very stable. I have no complaints regarding that.

What do I think about the scalability of the solution?

It is very scalable. Most of the software that is on-demand is scalable.

We have about 350 licenses for the solution right now. If the company grows, we will increase usage. 

How are customer service and support?

We use the SUP team that is provided by the provider of SentinelOne. However, I've never directly dealt with them. 

Which solution did I use previously and why did I switch?

Previously we had an antivirus. That was Kaspersky. However, we didn't have an EDR solution. It can't be really compared. 

Of course, with Kaspersky, now, with what's happening in Ukraine, there has been a break in trust.

How was the initial setup?

The implementation process is quite straightforward. It's not complex at all. 

The deployment process took a maximum of a month. That said, we were doing very slowly since there were some computers that we knew would not have any attacks on it. However, there were others that were using acquisition data. We needed to install it and maybe wait a week to ensure everything conformed, and after that, we patched the rest.

Maybe five or six people are maintaining. However, no one really has to worry about it full-time. Really, only one to two people would be required. 

What about the implementation team?

We did a third-party integration. Another company is hosting SentinelOne. 

What's my experience with pricing, setup cost, and licensing?

Since we are a French company in France, we partnered with a company called Arrange which is our vendor. We did some quotes and found they have a reasonable price for this kind of technology. SentinelOne offers one of the best software quotes and has excellent reviews and everything.

The licensing is done per device.

I'm not directly involved in the licensing process and can't speak to the exact costs. 

What other advice do I have?

This is an on-demand product. We are always on the latest version. 

I'd rate the solution eight out of ten. It's a good product. We like working with it. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1750386 - PeerSpot reviewer
Operations Manager at Proton Dealership IT
Real User
Jan 4, 2022
Excellent detection rate / allowed our team to focus on proactive management
Pros and Cons
  • "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
  • "My advice would be to implement SentinelOne immediately; it is one of the top things that we've implemented and it has saved us countless hours."
  • "One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them."

What is our primary use case?

Everyone who is a client of ours gets SentinelOne by default. It provides ransomware protection, malware protection, and increased security. Those are our top-three selling points for SentinelOne when we talk to clients.

How has it helped my organization?

Prior to deploying Sentinel One, we had a team of staff members dedicated to ransomware prevention and malware alerts. Since deploying Sentinel One, we have been able to allow that team to focus on other proactive security measures for our clients.

The dashboard alerting is great and it has helped us out a ton.

SentinelOne has also greatly reduced incident response time, based on the toolsets and the ability to deploy it to new companies through a script. That has been very helpful. It has decreased the amount of time spent on incident response by 40 to 60 hours a month.

And when it comes to mean time to repair, while we haven't had a situation where we've had to reload an operating system or repair to that extent, we've used the 1-Click Rollback feature which saves several hours over a reload of a PC. 

What is most valuable?

The detection and response feature is really good for us. 

Also, there is a feature called Applications, and it shows all the critical applications that are on devices that may need to be reviewed.

The solution’s Static AI and Behavioral AI technologies are great when it comes to protecting against file-based, fileless, and Zero-day attacks. I would rate that aspect at eight out of 10. They have been great at detection.

The solution’s 1-Click Rollback for reversing unauthorized changes is also huge for us. That is one of the top reasons we have SentinelOne in place. For example, we had a site that had downloaded malware on a share for their sales office. It was trying to move laterally throughout the network but SentinelOne detected it. We then used the 1-Click option to remove it from the 10 or so PCs it had infected. Then we blocked it based on the information SentinelOne provided to us. That way if it happened again, it would already be blocked and wouldn't be allowed to launch.

What needs improvement?

One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them.

Also, integration is almost non-existent. We would really like to see integration with ConnectWise. Within ConnectWise Automate, you're only allowed to deploy at the top-level group. Our company is dealership-focused, but if we have a parent dealership that has 10 sub-dealerships with SentinelOne, we have to treat them as one large group instead of one parent and 10 sub-groups. That's been a pain point for us. We've done some workarounds, but since there is no integration, it's tough.

For how long have I used the solution?

I have been using SentinelOne for about two years.

What do I think about the stability of the solution?

We haven't had any issues, outages, or upgrades. I would rate the stability at 10 out of 10.

What do I think about the scalability of the solution?

One of the features that we love about SentinelOne is that we don't have to buy licenses ahead of time. It just scales up as we grow. We're bringing on a client now that has 500 endpoints and I don't have to worry about contacting sales at SentinelOne and getting a PO for 500 licenses. It just scales up and we're charged based on what we use, which is awesome.

The solution is on 100 percent of our clients that we manage, and that's going to be the goal moving forward. Our sales team does not put in a contract without SentinelOne.

How are customer service and support?

SentinelOne technical support has always been very quick and responsive. We haven't used them a lot. We're a technology company as well and we're able to fix the minor stuff ourselves or by looking at a knowledge base.

One of our concerns or complaints at the beginning was the lack of training, which they fixed. They allowed us to schedule our staff to do the eight hours of free training, which was great. That would have been my only complaint, but that was resolved a few months ago.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We didn't have any EDR solution in place like SentinelOne. We had Bitdefender for antivirus, but that has been removed. Our existing antivirus was failing in several ways. It wasn't detecting everything that was coming through. That was the big catalyst for the switch.

Originally, we had SentinelOne through SolarWinds, which was our previous RMM tool. And when we migrated to ConnectWise, we moved our existing licenses over.

How was the initial setup?

The initial setup was straightforward. It was through our RMM. We bought licenses and we had a one-click deployment to deploy that software. And when we migrated, the gentleman who helped us was awesome. We migrated 9,000 endpoints from that RMM directly into SentinelOne, and he did a lot of the heavy lifting. We just had to check and confirm things were getting moved over.

The migration of the 9,000 agents took 10 to 14 days.

Our implementation strategy included a deployment where we would do a test phase. We picked certain endpoints at different clients and we would deploy and set it in a "listen-only" mode and see what it caught. If everything was good, we would then turn it on to regular mode. That process helped a lot in the implementation.

We have about 75 people in our company using SentinelOne. The main roles among them are about 60 percent help desk, which is view-only; 20 percent client-side, which is reporting and view-only; and the rest are our engineering level where they have the ability to do rollbacks and fix certain issues that are coming in. There is very little maintenance involved with the solution, maybe a handful of hours a month. We have it set up to auto-update. Prior to that, we had to set up our script to download the most recent version, but that's all been replaced now with automation. Maintenance on the actual system is very minimal.

What's my experience with pricing, setup cost, and licensing?

In the past, we had to purchase licenses in advance, so if we hit our license limit, we could not expand until we got a signed agreement in place with the sales rep after the back-and-forth. That meant if a client had ransomware and they had 200 agents, we couldn't deploy right away if we were up against our limit. So we always had that balancing act of figuring out if we were close to our limit and whether we needed to buy more licenses? We ended up paying for licenses we didn't need because we had to buy them in packages of 100.

We now pay based on usage. They do an audit once a quarter and calculate any overages. We pay a set amount quarterly, based on our licenses in use, and then they true-up the figure. Right now we have 12,800 agents with SentinelOne on them. We charge our clients monthly, so it would be really difficult for us to write a check to SentinelOne, in advance, for a full year's worth, at that level. It's been great for us to have the quarterly payments.

Which other solutions did I evaluate?

We looked at CylancePROTECT in addition to SentinelOne. We liked the pricing better and the contract options better with SentinelOne. The deployment also seemed to be easier. In addition, SentinelOne detected things that others missed. We did a few quick trials of other solutions, but SentinelOne seemed to be the best in terms of detection. For example, we did a test with Mimikatz and SentinelOne detected it immediately, whereas some of the others bypassed or didn't see it at all.

And when we talked to the ConnectWise sales rep—because ConnectWise was integrated with Cylance at that point, and SentinelOne was not—the rep told us that they were actually dropping Cylance and moving to SentinelOne over the next year for integration, which was a big factor for us.

What other advice do I have?

My advice would be to implement SentinelOne immediately. It is one of the top things that we've implemented and it has saved us countless hours. It's really hard to quantify the savings, but if a client were to get ransomware, it could involve weeks of several team members working around the clock to get them back up and running. Since we've implemented this, we haven't had to do that in an environment where we had experienced having to do so previously.

The biggest thing I've learned from using SentinelOne is that there are a lot more attacks out there than a typical antivirus will display. Regular antivirus, rather than an EDR-type platform, gives people a false sense of security because there are a lot of processes running in the background that the typical antivirus solution is not equipped to catch. It was eye-opening when we started deploying this at clients, locations where we felt we had very good peace of mind in terms of what was happening. SentinelOne started detecting things left and right that were completely unable to be seen prior.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.