SentinelOne Singularity Endpoint Reviews

We are using SentinelOne for an endpoint view of the corporate network.

The most valuable features of SentinelOne are the endpoint detection of threats, and it does not only rely on signatures for detection.

SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful.

I have been using SentinelOne for approximately one year.

SentinelOne is stable.

I rate the stability of SentinelOne a five out of five.

The scalability of SentinelOne is not a problem. These solutions can easily host up to 10,000 endpoints if not more, and we have 500. We do not have an immediate need to scale, but it is not an issue. As the company grows, the company will increase the usage of the solution.

I am satisfied with the support from SentinelOne.

SentinelOne is not too difficult to set up. The full deployment took a couple of months. The lengthy installation was caused by the fact that many people are remote working and we had 500 systems to install the solution on.

We did our own deployment of SentinelOne. We used three to five people for the deployment.

I rate SentinelOne an eight out of ten.

We primarily use the solution for endpoint detection.

The solution works well in general.

It's a small size and offers an easy deployment. It's very quick to deploy.

The solution is stable.

It's quite scalable.

Every site has its own key. I'm not sure how I can implement the key for the setup package. Therefore, with every installation, I need to do it manually and put on the site keys.

It is an expensive product. They could work on lowering the price a bit.

I've used the solution for one year.

It is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.

The solution is quite scalable.

The initial setup and deployment are easy. I can get it up and running in five minutes.

The cost is a bit high. It's around $8 per client per month.

We are partners. We are using the latest version of the product.

I'd recommend the solution to others. We really like it in general.

I'd rate the solution a nine out of ten.

We are a system integrator. We provide this solution to the end-users.

Most of the features are valuable. As a system integrator, agent deployment is valuable. It also fits the requirements of most of the clients.

They can improve the administrative interface. They can make it more user-friendly.

Its price can be lower.

I have been using this solution for three years.

It is stable.

It is scalable.

Its setup is of medium complexity. It is not complex, and it is also not straightforward.

Its price can be lower because I'm seeing competition from another vendor who beats it on commercials.

I would advise others to go for it. It is a good product, and it fits the requirements of most of the clients. It is very flexible.

I would rate it an eight out of 10.

We have SentinelOne installed on all of our workstations and servers. It is set up with the maximum protection except that Active is in Alert Mode, and everything else is blocked.

The most valuable feature is that it just unintrusively works in the background to carry out the protection. You don't have to babysit it. Instead, it will alert if it sees something, you deal with it and carry on from there.

Periodically we have an application that does not work correctly when SentinelOne is installed, yet performs as expected when SentinelOne is removed. SentinelOne gives no clue as to the problem, so to diagnose what is happening can be difficult. To make it worse, the behavior is inconsistent. Two people in the office might have the application working correctly, but a third person using the same program will have a problem.

Nothing is displayed by the agent that is running on the workstations, but it would be helpful to have a mode available where we can see feedback as to what it is doing. We wouldn't want it running all the time because there would be more overhead, but it could be helpful for debugging or diagnosing problems.

I have been using SentinelOne for between six months and a year.

In terms of stability, it has been good so far.

It appears to be scalable.

The initial setup is very easy.

Our licensing fees are about $5 USD per endpoint, per month.

Overall, this is a good product and I recommend it. That said, there are always ways to make things better.

I would rate this solution a nine out of ten.

We use SentinelOne to secure our entire environment, including all user endpoints and servers. We are also currently testing the Deep Visibility addon. We were using a definition-based AV prior to SentinelOne, and we were getting daily/weekly infections of a variety of malware. We are a mix of PC, Mac, and Linux. We have on-premises machines and servers, as well as cloud VMs that we were wanting to protect. We wanted to purchase a Next Generation AV client that would be algorithm-based instead of definition file-based.

SentinelOne has provided amazing security. We were getting new cryptolocker variant infections several times per month and the month following our SentinelOne rollout, the numbers dropped to zero. We have not had a single infection since.

The new console is not only visually appealing and simple to use, but it allows you to customize and apply labels to different areas. I don't have a good gauge on how much money SentinelOne has saved us, but we only get a handful of security alerts in our console each day. It has freed up our security staff to perform other tasks. 

We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access. 

The agent will now also report the location in AD. This allows you to create dynamic collections of machines in the cloud console based on their location in local AD. You can replicate your AD OU structure into the console and run deployments and reporting based on OU. It's a very powerful feature and something that was missing in our last product. 

The agent update schedule is a little sporadic, and the updates are frequent. You are definitely going to want to have a good management solution in place, such as SCCM, Intune, or Jamf in order to maintain the environment properly.

There is agent data, such as last known IP address, that is not stored historically. It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible. You can see a snapshot of the data at the moment, but once it changes whatever was there previously is not stored. 

I have been using SentinelOne for four years.

The agent is very stable, especially the later versions of the product. Agent never crashes and consumes minimal system resources. New agent versions are constantly released (which can be slightly difficult to manage if you don't have a good endpoint third party management solution like SCCM\JAMF). Release over release both stability and features have improved and been more fleshed out. 

It is very scalable and easy to deploy over any of the standard management solutions.

Customer service and our TAM are both very good. They are responsive and have never been unable to answer a question we asked. 

We switched because or old solution flat out was not picking up infections. It was really almost rather useless. 

The initial setup is straightforward. We do not have any on-premises infrastructure. Rather, we are using sentinel one in full-cloud mode. It was really just a matter of deploying the agent to the endpoints.

Our in-house team handled the deployment.

ROI is kind of hard to quantify but we definitely do feel like we get our money worth.

The costs are really rather minimal for what you receive with the product. No real advisement here. The larger count you have, the deeper discount you will receive in your contract.

We looked at Carbon Black. SentinelOne was more economical, and the feature set was comparable so we ultimately went with it.

Be ready to dedicate a good amount of time to learn the API. To really get the most from the product you need to tap the REST API.

We are an MSP supporting various business verticals (including medical and pharmaceutical). Our core monitoring/deployment solution is SolarWinds RMM, through which we were recently introduced to SentinalOne. We use the bundled automation to install, patch, and monitor antimalware protection to endpoints. We are in the process of replacing Bitdefender with SentinalOne for several clients. 

Deployment is automatable through the RMM, though a little clunky to do. The provided automation was a little challenging, but once you get it configured it's quite effective. Once we got it deployed to our users, it operates seamlessly and with minimal impact on system resources. Even our clients with lower-end workstations report improved performance since switching from Bitdefender. 

After migrating, this also picked up some latent malware that was not previously detected & cleaned it immediately with almost no interaction required. I was impressed with how little this bogged down the affected system. This was in our pilot run, so I was on-site.

The fact that this runs using AI instead of heuristics provides the best protection I've seen. It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting. 

I tested this by deliberately infecting an unpatched test machine with WanaCry. First of all, SentinalOne blocked the initial infection attempt. I had to put S1 into "notify only" mode on that system to actually infect the machine. Once infected, WanaCry did what it does... encrypted all the documents I had copied to the test machine and put up the background. 

We immediately got a notification on our dashboard that a system was infected. At the same time, we got a popup on the client machine notifying us of the infection, with the option to auto-repair the damage. It took less than a minute (granted, we only had about 200 MB of files on the test system) for S1 to repair the damage and put the machine back to normal with no evidence of the infection.

You also can't remove the client from the local machine without approving it within the dashboard. This is a nice feature to prevent tampering by either hapless users or even skilled threat actors. 

Set up is very labor-intensive. You have to provide multiple codes from multiple places within the S1 dashboard in order to use the provided automation, and it's different for each client (or "sites" as they call it). It very much feels like an enterprise application that has been adapted for SMBs, but not very thoroughly. It would be better if they had a "site package" similar to the one offered by SolarWinds for the RMM. You just run the package on the client machine and done. 

The stability is excellent so far. Once installed, it's "set it and forget it."

Scalability is great if you're scaling up, but scaling down may prove to be challenging.

Technical support is provided for us through SolarWinds, and they're very knowledgable.

We used Bitdefender (also through SolarWinds) previously. SentinalOne was pitched by SolarWinds a few months ago as an alternative with robust ransomware protection. Being a small MSP, a single ransomware infection at a client could spell disaster for our business. We are always looking for the latest technology, but not marginal improvements. 

The setup script provided by SolarWinds (proprietary to their RMM) was a little challenging to get going, but once it worked, it worked perfectly. Except it didn't run on Win7 systems because it uses Powershell commands from a later version than what's available on Win7.

The vendor team provided support, but we did the deployment.

We're making about seventy-five percent over the per-seat cost, and it's easy to sell at that price point.

The per-seat cost is low, but you have to commit to a certain number of licenses for a year.

We really hadn't seen EDR solutions in action before. Our decision was based primarily on the fact that it has SolarWinds integration. 

Definitely worth the money compared to heuristic solutions, especially for clients who tend to "stretch" their hardware as long as possible. The low impact and robust reporting go a long way to make this an easy sell, and the cost is excellent for the price point. 

The solution offers very rich details surrounding threats or attacks.

The price is a bit high. They should make their pricing model more affordable.

The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily.

The solution is stable.

It's hard to give an impression on the stability at this time. We haven't used it on a large scale yet. We're still testing.

We haven't needed to contact technical support yet.

We are currently using Webhook as we test this new solution.

We are using the public cloud deployment model.

I would rate the solution nine out of ten.

We use the public cloud version.

We have a preference for their receptor. It's good at finding many EFC files. Normally, EFC files could have a virus, but we need to exclude some of them.

It corrects all of the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated. 

From the client-side, some scanning and other features can be enabled for scanning viruses better. If they want to scan for an individual reason other than viruses, such as scanning for legal files, they haven't been able to gather that from the client-side.

Some features could be more user-friendly. For instance, setting restrictions in the explorer for what level one must be to use it is not user-friendly. It is difficult to find what we're searching for.

The solution is stable.

Out of ten, I would give this solution 8.5 for scalability.

When we need partners, they support us well. There have been no issues with that.

It's okay. It's a better solution than other competitors.

I would rate this solution as nine out of ten.