SentinelOne Singularity Endpoint Reviews

My use case for the solution is scientific research involving legacy software on older OS versions for complex overflows.

The best features of Singularity Platform are AI-powered autonomous threat detection and extended detection and response, along with cloud workload protection.

Regarding the real-time personalization features, I find that it helps me in detection. It assists me to find detections and furthermore evaluate the detections. It helps me a lot because it is completely beneficial, showing fewer alerts than competitors. In other competitors, alerts are excessive, but here the alerts are fewer rather than too many. It is much more useful for me compared to other products.

The real-time monitoring capabilities are much faster. I would say that it is significantly faster in decision making. In my previous experience with other log analysis tools, whether paid or free, the processing time was excessive, but here the processing time is very minimal and I get what I need very quickly.

Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced. If the control were more robust, then it would be better. For instance, when I analyze a log using Singularity Platform, the logs I see are clear, but if they were more descriptive, it would be much better. For example, when I find a log suspicious, if it automatically points out that a particular point in the log at a specific timing or frame is looking malicious, it would be easier for me. I would not have to go through many logs to find this information.

I have been using Singularity Platform, which refers to SentinelOne, for a few months, approximately five to six months.

Regarding stability, I have not encountered any downtime. Depending on my system where I use it, I have seen that even with less RAM, it does not lag. In other SIEM tools, they give lags and glitches, but I have not found any bugs. It is working well.

For stability, I would rate it a nine out of ten.

Singularity Platform is scalable. On scalability, I would rate it between eight and 8.5.

For technical support, I have not needed any technical support until now, so I cannot answer clearly. However, I hope it will be nice because if the application is working so well, why would I need technical support? I think if I need technical support, it will be good.

I have tested Splunk Enterprise edition and the paid editions, and I have also tested Wazuh. I have tried some paid tools, but I have found that Singularity Platform is far better than others. As a log analyst and SOC analyst, I find it better than others.

The deployment is easier. When I compare it with other SIEM tools, it is much easier. There are not too many settings I have to adjust. For example, with Splunk, it takes too many settings to set up on AWS, but here it does not require too many settings and it does its work well.

Initially, we used two people, and then we expanded to three people using it.

If I estimate how much time it has saved me, I would say it has saved almost 30 to 40 percent of time compared to other tools.

In terms of pricing, I will say that it is worth it for me. Living in India, it is natural for us to prefer things a little cheaper, but whatever the price is, it is worth it. However, as a SIEM tool, if it were priced less, many more people could explore it.

Regarding the fraud detection feature, I did not use it until now, but I have explored the features of fraud detection.

In fraud detection, the logs which are generated and captured are much clearer, meaning clarity is very good in respect to other platforms. I found that the clarity is very good. It also minimizes false positives, which is critical in some situations. Furthermore, the method is top-performing with a wide range of data sets and evaluation matrices.

Maintenance is necessary with Singularity Platform, as artificial intelligence is implemented, so it is 100 percent needed. It depends on the user and the application totally, but the maintenance is needed.

My feedback is that I will surely recommend it. I have already recommended it to many of my colleagues and I will continue to do so in the future. If it is giving us benefits, then why would I not recommend it? I would give a rating of 10 out of 10 for recommendation.

My use cases include protecting my cloud security and endpoint security workloads with SentinelOne Singularity Complete.

The biggest benefit I get from SentinelOne Singularity Complete is that it protects my cloud security workloads and my on-premises server workloads against ransomware attacks and zero-day attacks.

SentinelOne Singularity Complete has a legacy API integration to connect my existing log management tool and my endpoint protection tool to interconnect my SOAR and SIEM platforms. This ability to ingest and correlate across my security solutions has been valuable.

SentinelOne Singularity Complete helps with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.

SentinelOne Singularity Complete definitely helps reduce alerts in my case because it has AI functionality that investigates and detects threats. This detect and investigate capability from AI has helped us reduce alerts by almost twenty-five to thirty percent.

SentinelOne Singularity Complete helps reduce mean time to detection as it has an important feature called auto-remediation, which is a one-click rollback that allows us to restore identified files. This feature also helps on the false positive front.

SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent.

SentinelOne Singularity Complete helps free up my staff for other projects and tasks because it is easily scalable and managed with a single platform, allowing us to concentrate more on DevSecOps and providing visibility across endpoint, cloud workload protection, and my server environment in one platform.

Purple AI in SentinelOne Singularity Complete is important for data privacy and security as it provides granular level information on where I need to go and fix issues, which helps accelerate my operations for better performance.

The contextual intelligence feature of Purple AI in SentinelOne Singularity Complete helps me get the threat intelligence platform across my environment and allows me to share the advisories with my other platforms as well.

Purple AI amplifies team knowledge as I can use it in the manner of a managed detection and response service, allowing me to create a use case with my existing security analyst in response to alerts or triggering information. This provides me complete visibility across my security landscape.

Purple AI impacts SecOps workflows by providing complete end-to-end visibility across my channels and reducing manpower. The agentic workflows created by AI allow my analysts to have an easier job.

I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need to depend on one more module to get alert visibility. The alerting mechanism shows alerts on a single page, but I have to navigate to another page to get detailed visibility, which could be improved in the user interface.

I have been using SentinelOne Singularity Complete for two years.

I have never seen any issues such as glitches, downtime, or latency with SentinelOne Singularity Complete.

I do not face any scalability issues with SentinelOne Singularity Complete since it is a SaaS platform.

The technical support for SentinelOne is good. I would give them eight points for support on a scale from zero to ten. To reach ten points, they could improve on threat intelligence and provide faster responses.

Positive

SentinelOne Singularity Complete has helped with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.

I find the installation and deployment of SentinelOne Singularity Complete very easy.

The deployment of SentinelOne Singularity Complete was done with a partner.

In terms of return on investment for SentinelOne Singularity Complete, I find it better since I am using the AI platform to reduce manpower costs, which helps with the return on investment.

SentinelOne Singularity Complete is less costly compared to CrowdStrike. From a technical side, I do not see much difference between SentinelOne Singularity Complete and other vendors.

SentinelOne Singularity Complete is being used comprehensively for all capabilities. It is being used for endpoint detection and response, and for XDR purposes. For example, Entra data is being ingested into the platform to get a more complete picture, and also for non-incident-based threat hunting.

The ability to ingest and correlate across various security solutions is impressive. It could be a bit more widespread, but fortunately it is using OCP, and the built-in Purple AI understands more and more of it. On a scale of one to ten, I would rate this a seven to eight.

SentinelOne Singularity Complete has helped me and my clients consolidate security solutions absolutely. I have clients who are no longer using old school SIEMs and they have moved everything into SentinelOne. It has been replacing old AV or non-performative EDR solutions.

The best features in SentinelOne Singularity Complete have to be Purple AI. SentinelOne has not been doing AI for only the past three years, but they have done it since they started. They do have a more realistic grasp on their technology. Using Purple AI, it is very easy to quickly get a grasp on your data, to get the data that you want, and get it properly formatted.

Writing the parsers for data ingestion can be a bit annoying in SentinelOne Singularity Complete. When you do not have a native integration, parsing to OCP or OCF can be a bit tedious. Nothing major aside from that data ingestion aspect.

I have been using SentinelOne Singularity Complete since 2020.

I would rate the technical support for SentinelOne Singularity Complete a nine.

Positive

The deployment process for SentinelOne Singularity Complete is easy. The documentation for it is really well-made. I might have overengineered it a bit to always automatically deploy the latest version via the API, making it perhaps more complicated than it needs to be, but once you have it set up, you do not need to worry about it again.

The initial deployment for SentinelOne Singularity Complete depends on the size of the customer, but usually half a day for full deployment is very doable.

I still work with SentinelOne Singularity Complete as well. I am partnered with SentinelOne.

I absolutely use SentinelOne Singularity Complete's Ranger functionality. It is awesome to get a quick grasp on shadow IT, to know what you really have in your environment and what you perhaps do not even know about, what is covered, and what is not covered. The quick rollout feature or the deployment feature via Ranger is differentiated. In my opinion, when you see a device not having SentinelOne Singularity Complete in the Ranger overview, that indicates an issue with the process. You can use the band-aid by quickly deploying it, but in my opinion, that is a band-aid and you need to look at the process first.

It is hard to put into numbers how much SentinelOne Singularity Complete has helped reduce alerts. If it was just a percentage, I would have to say 90% and above. SentinelOne Singularity Complete correlates alerts. If something is happening in the same general incident, it is added to that incident rather than being a new alert. I remember being in the rollout for a larger client and they had another solution still in place at the time. They were running simultaneously for a while. In their old solution, they got hundreds and hundreds of alerts for a single occurrence, 99% of which were false positives. In SentinelOne Singularity Complete, we had a single notification, a single alert, making it much easier to quickly work through and finish.

Regarding my false positive rate reduction, I would say roughly 80%.

SentinelOne Singularity Complete absolutely saves time for me and my clients.

In numbers, I would say 80%. It is a lot of automation, and you can trust in the product to pretty much work. After you have set it up, you can essentially leave it running until you get an alert. That can mean you can leave it alone for a couple of weeks, and that is completely fine.

I would say roughly 70% for how much it has helped reduce my mean time to respond. Getting the alert is only half the benefit. Being able to quickly get all the information you need and then make an appropriate decision is simplified so much. Going back to the topic of XDR, because you can integrate pretty much any data you want into the console. You do not have to have 20 different tabs open. You can have SentinelOne Singularity Complete open and that is it. You can have all the information right there, even within the threat page itself. That simplifies things so much.

So 70% for detection and 70% for response.

Regarding Purple AI, data privacy and security when utilizing AI are important, and it meets my requirements and needs. Every time I interact with someone who is not from Germany, it is always the topic of data security and privacy for Germans. I think Germans are a bit different on that topic. Purple really does meet all the criteria for that. There has never been a single complaint.

With Purple AI, I would assess the capabilities in providing synthesized threat intelligence or contextual insight at six to seven out of 10. There is room for improvement. In a lot of cases, it might just be seeing issues where there potentially are none. If you look at a single event, for example, it may give you the information that this might be threat-related, but when you look into the data, it might also not be. Generally, it does perform really well and if there is something definitely malicious in an event, it will tell you. There is room for improvement.

SentinelOne Singularity Complete helps streamline threat investigations by making it so easy. It is actually unbelievable. Anyone can get started. For example, I recently introduced a new apprentice to the threat hunting capabilities via Purple AI, and that same day he was able to use it because the barrier to entry is so low. You do not need to learn a new query language. You do not need to learn the syntax. You can get right to it and get started.

In my thoughts on pricing for SentinelOne Singularity Complete, it is cost-efficient, definitely. Being pretty much solely on the technical side, I am a bit removed from that.

I would compare SentinelOne Singularity Complete favorably with other solutions or other vendors. It is easy to set up. It is easy to administrate. As with all solutions, you do need to put some effort into the initial deployment. That is going back to the whole beauty of it. It is easy. It takes a workload away from your team. You do not need to worry about so many things after you have it deployed.

My clients have mainly deployed SentinelOne Singularity Complete in the cloud, on-premises, and hybrid models.

I deploy SentinelOne Singularity Complete for myself and for my clients using the cloud for the console, but the agents on all the endpoints.

It is super easy to maintain SentinelOne Singularity Complete. When there is a new agent version, I do ring testing, for example, I do an internal deployment first before I roll it out to my clients. New versions come out every couple months. Beyond that, if there is an arising issue, if a client starts using new software, that also may come up if there are issues in interoperability with SentinelOne. In banking software for example, that is a common thing. Beyond that, it is super easy to maintain.

My advice to those looking into SentinelOne Singularity Complete is to do a proof of concept. Do a small-scale deployment across all your departments. See how it performs and see if there are any issues.

My use case working with Singularity Platform was to implement clients from the insurance business onto the platform.

Singularity Platform's best features are its scheduled reports and its automated end-of-day business capabilities, which allow any activities that occur projected or expected to come in overnight without manual intervention.

Concerning Singularity Platform's real-time monitoring capabilities, they are not truly real-time, as they were always a day behind, meaning they look at results from the prior T+1 business day. They are getting as much real-time information as they can, and depending on what the insurance team decides to do in terms of logistically buying and selling on a certain day, they can see their impacts on their current cash balances. This allows executives to determine if they have to liquefy any of their assets at a certain point in time, providing a great view in terms of risk management and current available cash balances while also considering the strategic direction in the next year or two where they plan on going with their cash balances.

I believe there is room for improvement in Singularity Platform regarding its product. First of all, with all automated systems, they need to have the capabilities to expand rather quickly. When I was there, I do not believe they had the ability to do that. In addition, they are very concentrated on certain clients which they have contractual obligations to meet.

As for other areas that could be improved in Singularity Platform, I believe there are a bunch of customer-facing uploads that need improvement. The communication between clients and the teams working internally with that client also needs enhancement. The automation itself has to be increased in terms of bandwidth or capability of the system. For example, there were times when there were severe lag problems on the system due to capacity issues. They may not have had enough servers. There was a lack of response time at times.

My experience with Singularity Platform is over three years.

I would rate the stability of Singularity Platform as a nine. Of course, you will sometimes have outages across certain regions; it just happens. However, during the amount of time I worked on it, I did not have any instances of an outage, although I cannot say everything is perfect.

Regarding scalability, I believe it deserves a seven out of ten, or a seven and a half. I believe that the system is scalable but it all goes back to personnel behind the scenes and the availability of those people, plus the knowledge they hold in terms of being able to bring larger clients onboard. I am not saying they are awful; they just need to ensure that they have the right personnel.

I would rate the technical support of Singularity Platform as a six.

The reason I rate it a six out of ten is because they have a lack of IT resources to be responsive in real-time, and they are very siloed in terms of knowledge. A lot of people have to reach out to one sole person who has basically developed the system, creating a bottleneck for responses and making it hard to know when you will get a reply or where it stands in terms of priority.

Positive

I believe that CAM and Clearwater are superior to Singularity Platform.

Overall, I believe that in any cloud-based platform there are challenges. However, in terms of implementation for Singularity Platform, the average implementation is about 90 days, which is pretty reasonable given the circumstances. I do not believe there is any advantage or disadvantage in moving from Singularity Platform to any other platform.

In terms of pricing for Singularity Platform, I believe they are competitive with the market. I do not believe they are cheap or expensive; I believe they try to be within a few basis points of other offerings. My philosophy is you pay for what you get, so if you decide to cheapen out on the cost of your platform, you are not going to get what you want.

If Singularity Platform is reasonably cheaper than Clearwater, then you could use it as it will still do what you want, though it may not be as comprehensive as Clearwater.

Regarding Singularity Platform's real-time personalization feature, it does help with my customer experience strategies because, in my personal experience, I have taken a role as Treasury Manager and I am dealing with investment accounts every day. To do all that work manually compared to any type of platform work is pretty painful, so I would say anything in an automated space for any investment, any company with a bunch of investments in a portfolio, Singularity Platform is an option.

Singularity Platform does help with fraud detection in the financial services as it has rules involved for risk management. If there was a purchase done, the way Singularity Platform works is it is fed in the custodian feeds as well as the bank feeds. There is no current trading platform associated with it, but there may be things in the works that will include a trading platform. I would say that there is a compliance module within Singularity Platform that helps clients determine if they want to remix their portfolio balances to stay compliant with whatever loan agreements they may have.

Regarding Singularity Platform's customizable dashboards, I believe they help optimize operational efficiency. Since my role was really behind the scenes, not as a developer but on the QA implementation side of things, I believe any platform that can customize for any client will actually help them in the long run. I believe that having reports that are unique to each individual client helps them in their own way, so whatever reduces the manual workload for the client, especially customizing UI, is a good idea.

I would absolutely recommend Singularity Platform to other users, but it depends on what their expectations are for the investment accounting software they plan to implement. For a smaller size insurance company, I believe that is fine. However, there are things that Singularity Platform cannot do that Clearwater does, and I am sure there are things that Clearwater does not do that Singularity Platform does. Therefore, it is hard to say definitively; it really depends on the client's needs. For a full-blown investment accounting and reporting system, I would still recommend Clearwater over SS&C. In terms of asset management and banking solutions, I cannot really respond because I believe SS&C and Clearwater probably have the same application capabilities.

I would rate this solution a seven out of ten overall.

SentinelOne Singularity Complete is an XDR solution for endpoint protection and EDR. I am an integrator and reseller of both their SIEM and XDR platform.

SentinelOne also has an AI SIEM that operates as a different solution on top of the XDR platform, which is very useful especially for organizations that do not have any SIEM but already have the XDR platform. With the XDR platform, I am able to correlate data from other solutions.

Their AI SIEM consolidates everything under one platform. The way it is very easy is that one agent does everything. Whether it is cloud, on-prem, or endpoints, one agent handles that part. If you have the SIEM as well, you can ingest logs from your cloud workloads, from your on-prem devices, whether it is a security device or other devices like your network switches and applications. It is able to ingest data from all platforms.

SentinelOne Singularity Complete is your endpoint platform that covers everything. It covers Linux, Mac, and Windows environments as well as your cloud workloads and Kubernetes workloads. If you are looking to integrate other solutions or devices, you need the AI SIEM, which will take care of third-party solutions, firewalls, identity access, PAM, and other integrations. If you want to bring those feeds onto that platform, you need the AI SIEM part for it. In terms of XDR, it covers the major platforms including Linux, Windows, and Mac.

The Ranger functionality is good, though I believe they have renamed it recently. If you want to do network discovery on your network to know what is running on it, Ranger is very good.

Purple AI is built into SentinelOne Singularity Complete platform. Purple AI helps engineers perform threat hunting without requiring SOC analyst experience. You are able to threat hunt and respond to threats using normal language conversation.

Because you are able to converse with it using natural language, you are able to build out responses using Purple AI that it will enact autonomously.

It is priced by endpoint device, making it one of the well-priced solutions. It is not too expensive and is a very good enterprise solution.

The most valuable feature is rollback on ransomware and malware because it is one of the only solutions that can do real-time rollback on ransomware and malware.

With SentinelOne Singularity Complete, you have virtually 99.9% zero false positives, which means when it is doing its detection, it is very good at it.

Because the detection engine can be fully autonomous and AI-based, the IT team is not bogged down looking for threats or hunting for threats. Most of the threats will be detected and remediated autonomously, which makes it very useful.

Because of the false positives and the detection engine that it uses, it vastly reduces the detection time because it is AI-based.

Because it is autonomous, you have more or less instant response if it detects a threat.

It is doing most of the work currently. The only thing that would help complete the solution is the ability to execute and perform patching from the system since it is able to discover vulnerabilities and CVEs on the system. That is the one improvement that I have had from clients.

Five years plus.

I have not had any issues personally. I do not know everyone's experience, but I have not experienced any yet.

It is extremely scalable, so it is very good. I would rate it a ten out of ten. You can use it for very small organizations all the way to extremely large organizations.

I have not had to contact them for troubleshooting. When we are doing proof of concept, I speak with the SentinelOne team. In terms of them having to come in and troubleshoot something, that has not happened yet.

The material is readily available for anyone, and mostly they have what I need. I do not need to refer anywhere else.

The only new solution that I have added is SentinelOne, not any other.

The setup is very straightforward and not difficult to do. All you need to do is deploy the agent onto the endpoint machines and then configure the detection and response policies. Other than that, it is not much and is very easy.

Setup is normally done by SentinelOne, but deployment is handled by us. The setup is an online setup unless it is on-prem. For on-prem, I am involved, but most users will not get on-prem deployments. Cloud deployment is done by SentinelOne themselves, and then we come in to do the deployment.

SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.

SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.

The ransomware rollback feature is the best aspect of SentinelOne Singularity Complete that stands out the most. We haven't had to use it yet, but it allowed me to demonstrate to our insurance providers that I had a recovery mechanism for the rollback.

SentinelOne Singularity Complete has positively impacted my organization by helping with trust amongst the organization. There is no longer any doubt that we are protecting the endpoints. Also, with USB exclusions and other features, it has helped with data loss prevention. I am now able to measure DLP attacks.

My impression of SentinelOne Singularity Complete's ability to ingest and correlate across my security solutions is phenomenal. It's great to have that central location. With SentinelOne Singularity Complete, I have been able to remove three additional products from the environment.

I use SentinelOne Singularity Complete's Ranger functionality, and it's one of the most important things I have.

There really aren't any areas for improvement in SentinelOne Singularity Complete. I'm excited to watch the continuous improvement to the storyline.

SentinelOne Singularity Complete is stable in my experience.

SentinelOne Singularity Complete's scalability is extremely easy to achieve as new endpoints and new detection points come on board.

The customer support for SentinelOne Singularity Complete is phenomenal.

I would rate the customer support a ten on a scale of one to ten.

Positive

We were a new company, and we picked SentinelOne Singularity Complete first without using a different solution before.

SentinelOne Singularity Complete has helped free up my staff for other projects and tasks by saving us multiple hours a day because we can now get the visibility and the automation.

SentinelOne Singularity Complete has helped reduce my organization's mean time to detect by fifty percent.

SentinelOne Singularity Complete has helped reduce my organization's mean time to respond by eighty percent.

My experience with pricing, setup cost, and licensing for SentinelOne Singularity Complete was flawless while working with my account manager. For the first time in a long time, I enjoyed the process.

I did not evaluate other options before choosing SentinelOne Singularity Complete.

The advice I would give to others looking into using SentinelOne Singularity Complete is to have your inventory counts available, document your ingestion points, and proceed with the implementation. I think it's a great product. I would rate this review a ten on a scale of one to ten.

I create policies based on the regarding policy, which means I created custom rules regarding the use case and customer use case.

Most of my use cases are related to the event ID and the process event, so it is easy to use.

My impressions of SentinelOne Singularity Complete's ability to ingest data and correlate across the security solutions is that it is better for blocking the hash value and generating the rules manually. It is easy to use.

Overall, SentinelOne Singularity Complete helps me consolidate my security solutions, being the best in endpoint, cloud, and identity.

The best features in SentinelOne Singularity Complete are in the SIEM solution, including the block list in hash value block list and anti-tampering mode.

The best part of the Ranger functionality is that it helps find known and unknown devices, locate IoT devices, and determine how many agents have not been installed in SentinelOne, making it easy to count how many machines are not installed and find IoT devices.

SentinelOne Singularity Complete has helped reduce alerts for me, with the best part being the exclusion, as it has already marked most of the alerts in the cloud as false positives.

SentinelOne Singularity Complete has helped free up my staff for other projects and tasks.

In the SIEM solution, I would like to see improvements in the data injection process, as it is very fast, and the log collector option is very nice. However, there are issues in blocking the hash, which is complicated due to different segregation for Windows, Linux, and macOS, so I ask for an improvement in this hash blocking function and the manual generation of how many VSS snapshots.

I have been working with SentinelOne Singularity Complete for the last two years.

The performance issue with SentinelOne Singularity Complete is very good, but the hash blocking remains complicated and generating many snapshots manually is a recurring challenge.

I work with the Ranger functionality in SentinelOne Singularity Complete, which is used to identify known and unknown devices both in and out of networks.

I evaluate the customer support team of SentinelOne Singularity Complete highly, stating that they provide good support with 24/7 availability.

Positive

I decided to switch to SentinelOne Singularity Complete because it offers a single solution for the endpoint SIEM and singularity purpose, and the console is very easy to handle.

There were challenges during the setup, particularly with the custom rule as the customer asked for application-level blocking that I did not fully understand.

The project time is not the means full completely solution but it saves up to 40 days.

Apart from the escalation matrix, I have seen improvement in the mean time to respond, with critical alerts raised below up to 15 minutes and false positive alerts raised in up to one hour.

I mostly use the custom rule and small things for the event type, event query, and searching in event query, focusing on endpoint based solutions in SentinelOne Singularity Complete and the SIEM solution.

I would rate the technical support of SentinelOne Singularity Complete a nine.

I have no recommendations for improvement regarding SentinelOne Singularity Complete as a product or solution.

I rate this review a nine overall.

I work with Purple AI and utilize it in SentinelOne.

In my day-to-day activities, SentinelOne Singularity Complete detects malicious activity or dynamic or static activity very quickly within the console.

I have been working with SentinelOne Singularity Complete, which is scalable and easy to deploy for the solution and has strong automation.

The main features of SentinelOne Singularity Complete that positively impact my organization are the useful rollback features, the anti-tampering mode, and automated local version upgrades or downgrades.

The rollback features represent the most usable feature of SentinelOne Singularity Complete. When a machine is infected, I can optionally roll back to the earliest date, providing ransomware protection.

Apart from the rollback feature, the most valuable features include the Ranger functionality, which provides network and asset visibility or endpoint visibility. It ingests logs from network sources and captures any threats, including the IOCs.

Overall, SentinelOne Singularity Complete helps me consolidate my security solutions, as it provides strong automation, reliable support, and valuable rollback capabilities.

I would like to see improvements in the hashes function, particularly in the hashes tab, as multiple hashes are difficult to add in the correct format in SentinelOne Singularity Complete for Windows, Linux, and Mac.

I would like to see included SIEM functionality, with enhancement in log collection capabilities in SentinelOne Singularity Complete.

I have been working with SentinelOne Singularity Complete for the last 2.5 years.

In terms of stability, I believe it is not prone to downtime; it is a stable solution.

I find it easy to scale up when necessary.

I evaluate the customer service and technical support of SentinelOne Singularity Complete as very supportive, with fast response times.

I have seen improvements in meantime to detect and respond, with detection times being very good, less than 15 minutes or even less than 10 minutes.

I previously worked with Trend Micro for EDR, XDR, and endpoint solutions.

The key differences between SentinelOne Singularity Complete and Trend Micro include the biggest benefit of automation, where most functions are automated, including threat detection and auto-remediation rules.

The initial setup of SentinelOne Singularity Complete was straightforward.

I have seen a return on investment with SentinelOne Singularity Complete solution, as it is very easy to understand and functions through one unified agent managing the cloud, SIEM, and EDR solutions.

I find the licensing cost to be very cheap, and implementation is easy, making it so easy to deploy for customers.

SentinelOne Singularity Complete has helped reduce my organization's meantime to detect by minimizing false positives, especially for hashes and IOC blocklist functions.

It is the best method for reducing alerts through the exclusion method in SentinelOne Singularity Complete.

I use the SentinelOne Singularity Complete Ranger functionality.

Ranger in SentinelOne Singularity Complete reduces alerts by capturing different telemetry from the network devices, which is important for my organization as customers mainly use it for both public and private networks.

I don't have specific data to share, but it helps through exclusion and performance-based interoperability to reduce alerts.

Regarding time saving, I find that SentinelOne Singularity Complete helps free up my staff for other projects and tasks as it is a very good product compared to other solutions.

My recommendation for organizations considering SentinelOne Singularity Complete is particularly on the hash part, especially for Linux.

Overall, I would recommend SentinelOne Singularity Complete to others, as I find the solution very good and easy to understand. I have given this review a rating of 9.