SentinelOne Singularity Endpoint is used for endpoint security to detect, prevent, and respond to cyber threats in real time. Using AI-based behavior analysis, it helps the SOC team to investigate incidents, automate responses and actions, and protect systems from malware and ransomware. SentinelOne Singularity Endpoint includes EDR, XDR, and NGAV.
Automated threat response has reduced alerts and protected endpoints with rapid rollback recovery
Pros and Cons
- "Everything is perfect with SentinelOne Singularity Endpoint; there are no stability problems, and the system is very reliable and hands-on."
- "Dislikes include high false-positive alerts and resource consumption issues with CPU and disk usage."
What is our primary use case?
What is most valuable?
A favorite feature of mine about SentinelOne Singularity Endpoint is the VSS rollback feature, which is most valuable. If a laptop is infected with any malware, there is an option to rollback files and recover them from before the attack happened.
Using SentinelOne Singularity Endpoint has helped me reduce alerts because it is integrated with FortiSIEM, one of the leading SIEM tools, and with SOAR technology. Whenever alerts come on SentinelOne Singularity Endpoint, they are directly raised to SOAR technology automatically. This is an automatic tool, so manual interaction is not required. All work is done by SentinelOne Singularity Endpoint, and I only have to take action on the analyst's verdict to determine if it is a true positive or false positive and investigate accordingly.
What needs improvement?
Dislikes include high false-positive alerts and resource consumption issues with CPU and disk usage.
Ranger functionality is for network discovery and control features. Its primary role is to identify and manage unmanaged devices on the network by detecting rogue devices in detections. It ingests logs from network sources and captures threat metrics, including IOCs. However, I cannot confirm if SentinelOne Singularity Endpoint releases the alert through Ranger, as I have not worked heavily on this feature because the Ranger functionality license is not available. SentinelOne Singularity Endpoint captures different telemetry from network devices.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for 2.3 years in my career.
Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
What do I think about the stability of the solution?
Everything is perfect with SentinelOne Singularity Endpoint. There are no stability problems, and the system is very reliable and hands-on.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is very good in scalability. Scalability is extremely easy to achieve as new endpoints and new detection points come on board. The system can scale any number of times, and only the license for each endpoint is needed.
How are customer service and support?
Whenever I get stuck on any alert with SentinelOne Singularity Endpoint and do not understand it, or when I face any admin task challenges, I manually open a ticket with the customer team. Every time they help regarding the case. Each day, if I get stuck anywhere in SentinelOne Singularity Endpoint, whether with any admin task or threat hunting, the tech team or support team will surely help.
For the support team of SentinelOne Singularity Endpoint, I would rate them nine out of ten because there is a human voice there, so they are listening and responsive.
Which solution did I use previously and why did I switch?
For the first two years in my organization, I used Symantec AV. After that, I changed my domain to SentinelOne Singularity Endpoint.
How was the initial setup?
The initial deployment of SentinelOne Singularity Endpoint is easy and very straightforward. All that is needed is to set up a tenant and create a package file. Once installed, it automatically connects to the management console, and the entire system can be set up in one or two hours.
What about the implementation team?
For one customer of SentinelOne Singularity Endpoint, one to two people are enough for deployment. Because we are a partner with SentinelOne and have many customers, one to two members are sufficient for each customer deployment.
What's my experience with pricing, setup cost, and licensing?
I do not have knowledge about the pricing of SentinelOne Singularity Endpoint, as the sales team handles that. However, based on my knowledge, SentinelOne Singularity Endpoint is very flexible in its pricing range at approximately $9 to $10 per endpoint. We have 5,000+ endpoints because we are an MSSP provider, making it cost-effective.
Which other solutions did I evaluate?
I would choose SentinelOne Singularity Endpoint. In Symantec AV, there is only signature-based and behavior-based threat detection, whereas SentinelOne Singularity Endpoint has advanced behavior AI and pre-static AI. In Symantec AV, alerts must be manually raised and actions taken on the endpoint, but SentinelOne Singularity Endpoint has fully automated AI. The use cases are moderate in Symantec AV, but SentinelOne Singularity Endpoint is very easy with a modern UI. I prefer SentinelOne Singularity Endpoint because I have worked with both.
What other advice do I have?
The mean time to detect with SentinelOne Singularity Endpoint is very low. The mean time to respond for SentinelOne Singularity Endpoint is approximately two to three minutes since it is integrated with SOAR, and alerts are raised within that timeframe. From endpoint to console, alerts are received in real time with no lagging. SentinelOne Singularity Endpoint requires no maintenance. Since we have a partnership with the SentinelOne Singularity Endpoint team and are an MSSP provider, no maintenance is required. My overall rating for this review is eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. MSSP
Last updated: Apr 19, 2026
Flag as inappropriateCyber Security Trainee at DataSpace Academy
Log analysis has become faster and more accurate, enabling precise threat detection
Pros and Cons
- "I have tried some paid tools, but I have found that Singularity Platform is far better than others, and as a log analyst and SOC analyst, I find it better than others."
- "Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced."
What is our primary use case?
My use case for the solution is scientific research involving legacy software on older OS versions for complex overflows.
What is most valuable?
The best features of Singularity Platform are AI-powered autonomous threat detection and extended detection and response, along with cloud workload protection.
Regarding the real-time personalization features, I find that it helps me in detection. It assists me to find detections and furthermore evaluate the detections. It helps me a lot because it is completely beneficial, showing fewer alerts than competitors. In other competitors, alerts are excessive, but here the alerts are fewer rather than too many. It is much more useful for me compared to other products.
The real-time monitoring capabilities are much faster. I would say that it is significantly faster in decision making. In my previous experience with other log analysis tools, whether paid or free, the processing time was excessive, but here the processing time is very minimal and I get what I need very quickly.
What needs improvement?
Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced. If the control were more robust, then it would be better. For instance, when I analyze a log using Singularity Platform, the logs I see are clear, but if they were more descriptive, it would be much better. For example, when I find a log suspicious, if it automatically points out that a particular point in the log at a specific timing or frame is looking malicious, it would be easier for me. I would not have to go through many logs to find this information.
For how long have I used the solution?
I have been using Singularity Platform, which refers to SentinelOne, for a few months, approximately five to six months.
What do I think about the stability of the solution?
Regarding stability, I have not encountered any downtime. Depending on my system where I use it, I have seen that even with less RAM, it does not lag. In other SIEM tools, they give lags and glitches, but I have not found any bugs. It is working well.
For stability, I would rate it a nine out of ten.
What do I think about the scalability of the solution?
Singularity Platform is scalable. On scalability, I would rate it between eight and 8.5.
How are customer service and support?
For technical support, I have not needed any technical support until now, so I cannot answer clearly. However, I hope it will be nice because if the application is working so well, why would I need technical support? I think if I need technical support, it will be good.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I have tested Splunk Enterprise edition and the paid editions, and I have also tested Wazuh. I have tried some paid tools, but I have found that Singularity Platform is far better than others. As a log analyst and SOC analyst, I find it better than others.
How was the initial setup?
The deployment is easier. When I compare it with other SIEM tools, it is much easier. There are not too many settings I have to adjust. For example, with Splunk, it takes too many settings to set up on AWS, but here it does not require too many settings and it does its work well.
What about the implementation team?
Initially, we used two people, and then we expanded to three people using it.
What was our ROI?
If I estimate how much time it has saved me, I would say it has saved almost 30 to 40 percent of time compared to other tools.
What's my experience with pricing, setup cost, and licensing?
In terms of pricing, I will say that it is worth it for me. Living in India, it is natural for us to prefer things a little cheaper, but whatever the price is, it is worth it. However, as a SIEM tool, if it were priced less, many more people could explore it.
What other advice do I have?
Regarding the fraud detection feature, I did not use it until now, but I have explored the features of fraud detection.
In fraud detection, the logs which are generated and captured are much clearer, meaning clarity is very good in respect to other platforms. I found that the clarity is very good. It also minimizes false positives, which is critical in some situations. Furthermore, the method is top-performing with a wide range of data sets and evaluation matrices.
Maintenance is necessary with Singularity Platform, as artificial intelligence is implemented, so it is 100 percent needed. It depends on the user and the application totally, but the maintenance is needed.
My feedback is that I will surely recommend it. I have already recommended it to many of my colleagues and I will continue to do so in the future. If it is giving us benefits, then why would I not recommend it? I would give a rating of 10 out of 10 for recommendation.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Mar 2, 2026
Flag as inappropriateBuyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
Security Engineer at Softcell Technologies
Autonomous threat detection has reduced alert fatigue and improves endpoint protection
Pros and Cons
- "SentinelOne Singularity Endpoint offers the best features in the market at an affordable rate, providing a secure solution."
- "I feel that the custom dashboard feature is absent in SentinelOne Singularity Endpoint, as I can only use a default dashboard."
What is our primary use case?
I deploy SentinelOne Singularity Endpoint agents on my client's servers and other endpoints to secure those systems.
What is most valuable?
SentinelOne Singularity Endpoint offers the best features in the market at an affordable rate, providing a secure solution. The easy-to-understand user interface and Purple AI are standout features.
Correlation is important, and I have correlated SentinelOne Singularity Endpoint with other types of devices and created several correlation use cases, making it feasible to create multiple correlating use cases.
It helps secure my infrastructure because it has a very fast response. The moment it detects a vulnerability or any threat malware on any file, it creates an alert and quarantines that file automatically, proving very reliable and saving significant time.
It does help reduce alerts. Although it generates many false positive alerts initially, when managed properly by deploying custom use cases, it detects only the required alerts, saving considerable time by marking only true positive alerts.
SentinelOne Singularity Endpoint is a fully AI-based model, negating manual tasks and allowing me to save considerable time to manage other priorities.
It saves a lot of time by detecting alerts in real-time and automatically quarantining malicious files.
It does help reduce my organization's mean time to detect.
I have used the Purple AI feature that SentinelOne Singularity Endpoint provides quite extensively.
I have used Purple AI for identifying IOCs on my client infrastructure. Regarding data privacy, I do not rely on external LLMs like ChatGPT or Claude due to potential misuse of my valuable data. Purple AI, being SentinelOne Singularity Endpoint's in-house automated intelligence, is much more reliable from a data privacy perspective.
Purple AI has been very effective for my team, providing various features including the Copilot feature, which allows me to identify many non-present IOCs quickly and retrieve information in a very fast manner, saving considerable time.
It provides IOCs, which are a form of threat intelligence. By utilizing Purple AI, I am effectively preventing my clients from various forms of threats.
For Security Operations, it saves considerable time by performing quarantine automatically whenever a threat is detected.
The biggest benefit SentinelOne Singularity Endpoint brings to my particular customer is its fully autonomous capabilities, automating threat detection and auto-remediation rules, making it efficient.
What needs improvement?
I feel that the custom dashboard feature is absent in SentinelOne Singularity Endpoint, as I can only use a default dashboard. Additionally, for clients with large infrastructures of over a thousand endpoints, resource consumption can become high, which could be improved.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for more than a year.
What do I think about the stability of the solution?
There have not been any issues regarding stability. It is fully scalable, allowing me to scale up or down as needed.
What do I think about the scalability of the solution?
Regarding performance, I have faced some resource consumption issues for one particular client with a huge infrastructure. However, customer support resolves issues within the day, so I do not worry much about finding solutions.
How are customer service and support?
The customer support team is very good at responding to queries on the same day. I would rate them ten out of ten in customer support.
How was the initial setup?
I feel it is very easy to install SentinelOne Singularity Endpoint on any endpoint, as it just takes a few seconds to deploy and install the agent.
What's my experience with pricing, setup cost, and licensing?
I am aware of the pricing module for SentinelOne Singularity Endpoint, although I am not the person handling it directly.
The cost for SentinelOne Singularity Endpoint depends on a per-device basis, charging around eight to ten dollars per month per device, which can be multiplied by the number of devices I want to deploy.
It is very cost-effective compared to other solutions, as SentinelOne Singularity Complete is not that expensive and has an aggressive price point.
What other advice do I have?
I feel that in a week, for a particular client, five to seven alerts are generated. Out of those, if I estimate seven alerts, three would be suspicious, two false positives, and the remaining two or three would be true positives. I feel that twenty to twenty-five percent of alerts are false positives.
I would recommend that organizations choose SentinelOne Singularity Endpoint due to its impactfulness and low price, as I believe no other product offers what it does. My overall review rating for SentinelOne Singularity Endpoint is eight out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
Last updated: Jun 16, 2026
Flag as inappropriatePresales Lead & Delivery Lead at a construction company with 1-10 employees
Security has improved as I manage applications, automate investigations, and gain deeper visibility
Pros and Cons
- "Because I have done many deployments for SentinelOne, starting from 500 to 3,000 and 4,000 user customers, I can say that from the deployment perspective, SentinelOne Singularity Endpoint deployment is far more easy and very smooth."
- "When I write that I need a query for AnyDesk blocking, they say again that this is not part of their job."
What is our primary use case?
I am using only the XDR part of SentinelOne Singularity Endpoint. There are multiple use cases for SentinelOne Singularity Endpoint. From a deep visibility perspective, I need the XDR license. Whether I want to create a STAR custom rule or check multiple processes and multiple source process storylines, I need that XDR. I am looking for hop-to-hop malware detection, which requires XDR. If I am looking for any destination IP address and what is running in my organization for any ports that are open, perhaps the particular event type, there are multiple URL actions and categories to consider.
What is most valuable?
There are two or three things I would like to highlight about SentinelOne Singularity Endpoint. The first is the application inventory part. Many endpoint solutions do not provide inventory and the risk of the application, such as the severity in the endpoint machine. For that, we need to enable the policy, which is a different part. The application management is valuable because there are multiple applications running on endpoints. Without SentinelOne, I would need to purchase a new OEM or a new security tool to know the inventory of the machine. In SentinelOne Singularity Endpoint, apart from endpoint security from malware and other threats, we have the application management.
The second thing I appreciate the most is Purple AI. As a security analyst, there are many things I would rely on, perhaps on SentinelOne pre-sales or a security technical person to know after initial deployment. With Purple AI, I can search for what I need. If I want to create any block policy, create any specific allow rule, or do the whitelisting part, I can do it from there. Purple AI is overall the best thing I can highlight.
However, there are many things Purple AI cannot do. I do not know what relevance Purple AI is using in the backend. There is one module in SentinelOne called STAR custom rule. If I want to block AnyDesk or any other application on my endpoint, I need to run an SQL query for that. To run that query, I need to create it. If I am relying totally on Purple AI, I am not able to get the correct query to run. If I want to block any application, I may be relying on another head security analyst or I can do it on my own. I may need to create multiple queries. I do not think the STAR rule query in Purple AI is that efficient and not running as expected.
What needs improvement?
For maintenance of SentinelOne Singularity Endpoint, there are two things. If I need to create any maintenance or upgrade policy, that is a different matter. The customer is looking for the maintenance window and wants the upgrade part mainly on Sunday or Saturday, the weekend part. They do not want the auto-upgrade whenever SentinelOne pushes from the backend.
If I am looking at the impact of Purple AI on amplifying team knowledge, there are multiple things. If I am looking at how many endpoints are in my organization, how many endpoints have this application, and how many endpoints have multiple threats and alerts, I want to know how to reduce them. If I am asking particularly how to reduce the threat count, I do not think Purple AI can give this answer because AI is not particularly for this enterprise account. Purple AI is something I can rely on for multiple things, such as if I need to know how to create tags, policies, blocklists, exclusions, network control, device control, how to enable the firewall, and how to create a block policy with the hash. There are many things. If I need to install any agent on a particular Windows machine, whether it is 64 or 32-bit, or a Mac machine, or a Linux machine, or any other machine, how I need to add the token, and how I need to download the package are all considerations. Additionally, how to ensure that the agent is connected with my management plane is important.
For how long have I used the solution?
I have been using this product in my career for more than two years.
What do I think about the stability of the solution?
As a user interface, I am more comfortable with SentinelOne Singularity Endpoint. When talking about overall security, as far as I am concerned, there is no threat leaked, as I have seen in SentinelOne as well as in CrowdStrike. As a user interface and as a security analyst, I am much more comfortable with SentinelOne Singularity Endpoint.
What do I think about the scalability of the solution?
I have not experienced that much difficulty because I think two years back, there was no reduction I could see. However, nowadays, I think there is minimal reduction in changes. This is because two years back, the customer size was very different. Now SentinelOne is globally present, and in India, there are many customers using this. There are many data centers, which is why I think the reduction is possible.
Because I have done many deployments for SentinelOne, starting from 500 to 3,000 and 4,000 user customers, I can say that for the deployment perspective, SentinelOne Singularity Endpoint deployment is far more easy and very smooth. I have given the prerequisite document that is publicly available to the customer with all the things I already told them, such as what needs to be bypassed from the firewall. After that, for a 500-user deployment, I accomplished it in one day with the policy making.
How are customer service and support?
I have contacted the technical support and customer support of SentinelOne Singularity Endpoint.
I can tell you the complete story of my last case regarding the quality and speed of the support. I was taking up a query for the STAR custom rule. If I want to block AnyDesk for one of the customers, and the customer requirement is to block AnyDesk, there are multiple queries I can get from SentinelOne SEs, but the query is not working in my environment. My team raised a support ticket with SentinelOne, and the first thing they asked for is the logs. If I need only the query and do not have any problem with my endpoint, then there is no point to add a log. Without logs, communication is not possible. I need to collect logs from my machine, which is totally wasteful. I need to upload them, and then they will revert from SentinelOne support.
When I write that I need a query for AnyDesk blocking, they say again that this is not part of their job. It is part of SentinelOne SE or a product deployment team. I have two or three queries, and when I send them, there is no good response from their side. There may be a very long delay from getting answers.
Which solution did I use previously and why did I switch?
Apart from SentinelOne Singularity Endpoint, I am working on the EDR of CrowdStrike. The endpoint security is the same, but their approach and persona is very different to cater to customers. SentinelOne customers are totally different.
How was the initial setup?
In the initial deployment, the customer is facing many threats in the incident windows. From my experience, I can say that this is largely because in the backend, SentinelOne AI confidence level and the analyst's verdict are undefined. This is because it depends on whether the customer is taking the MDR or not. If the customer is relying on their threat analysis or on my analysis, there are many applications which are allowed in the organization, but by default, SentinelOne is blocking them because they are executable files. For decreasing the threats, I need to allow the hash value or I can directly go to the threats and allow it because there is a production thing which is needed in the enterprise. Initially, the flow is from 500 to 1,000 alerts in a day. Day by day, I think the analyst's verdict is what I need to refine. There are many false positives and true positives, and suspicious items. As an analyst, I may not be capable of knowing whether something is a real threat or not. I need to check the hash value for that on public security websites. If anything is publicly available, the hash is publicly available. I can directly rely on other public websites. If I enter the hash value, I can know whether it is part of something that another organization has faced. I can also take the verdict that it is a suspicious and true positive. I can mark it as the true positive.
What other advice do I have?
For the overall SentinelOne Singularity Endpoint, I would give a score of eight for the whole product. Regarding the price point of SentinelOne Singularity Endpoint, I do not know the exact number, but I have come from the community and attended many events. As far as the cost is concerned, before the CrowdStrike blue screen attack, CrowdStrike pricing was far more increased rather than SentinelOne. After the CrowdStrike shares decreased due to the blue screen attack, they are very competitive with SentinelOne nowadays.
The impact of Purple AI on investigations ultimately depends on what incident I got. I do not think the analyst should rely completely on Purple AI because there are many hashes or threats that are not publicly available. If things are not publicly available or not learned by the AI, I do not think I should rely completely on Purple AI. If I have any sort of data and see any pattern from my analyst's perspective, I can completely tell Purple AI that I think it can demonstrate the storyline that I am right. Based on that, I can take a decision, but I should not rely on the decision solely on Purple AI. My overall rating for this product is eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Last updated: May 22, 2026
Flag as inappropriateData Center Engineer at Impact Infotech Pvt. Ltd.
Automated endpoint protection has improved real-time threat detection and simplified compliance
Pros and Cons
- "Comparing SentinelOne Singularty Endpoint with other XDR solutions, the first thing is that it is easier to understand with a user-friendly interface."
- "As a user, I personally feel that in SentinelOne Singularity Endpoint, the customized dashboard could be improved. We were not able to create a customized dashboard in it."
What is our primary use case?
In my previous office, we used SentinelOne Singularity Endpoint for endpoint detection and response purposes. We deployed the SentinelOne Singularity Endpoint agent on our clients, client servers, desktops, laptops, and all other endpoints. We deployed those for monitoring and compliance purposes to secure those endpoints for security purposes.
What is most valuable?
In SentinelOne Singularity Endpoint, the fast response and detection it offers are what I appreciate the most. The biggest benefit I feel as a customer is that it is fully automated with threat detection capabilities. We just have to deploy the agents and we are good to go. There are already default use cases included with the product, so we do not have to customize the use cases every time in SentinelOne Singularity Endpoint. We just deploy the agent and as it is fully automated, we are good to go for threat detection.
Although it is a disadvantage, the false positive alerts generated by SentinelOne Singularity Endpoint is substantial, but if it is handled properly and the use cases are properly mapped with MITRE techniques and tactics, then I feel that the false positive alerts can be reduced to more true positive alerts.
SentinelOne Singularity Endpoint detects alerts in real-time. It has both static and dynamic types of detection. We do not have to wait for detection. It is much more secure because it is detecting alerts in real-time scenarios and does not take any extra time so that the SLA of our client can remain valid. Because it detects in real-time, it is much more secure.
What needs improvement?
As a user, I personally feel that in SentinelOne Singularity Endpoint, the customized dashboard could be improved. We were not able to create a customized dashboard in it. The default dashboards were only present and we were not able to customize anything. I think that could be improved. The resource consumption, such as high CPU and disk usage, can also be a downward factor.
Ranger functionality was present for SentinelOne Singularity Endpoint, but in our organization, that Ranger functionality was disabled.
What do I think about the stability of the solution?
I have never seen any downtime in SentinelOne Singularity Endpoint.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is scalable. We can scale up and scale down the number of endpoints we need depending upon the requirement. It is very scalable-friendly.
How are customer service and support?
For SentinelOne Singularity Endpoint, we get in touch with technical support because there have been multiple scenarios when we have to stay connected when we have no clue what we need to do. As the client has multiple requests, there are times when we just raise the query to customer support and they respond to us very quickly. There have been no issues, I feel. We have always been in touch with customer support and they reply to us on the same day. I have noticed this multiple times. Whenever we feel we do not know what to do, what to respond to the client, or how to do a particular thing, then customer support does help us multiple times.
The support of SentinelOne Singularity Endpoint deserves a rating of ten out of ten.
Which solution did I use previously and why did I switch?
We have used multiple alternatives. We have used CrowdStrike as well for XDR. Let me talk about other environments. We have used the same platforms and other platforms such as Splunk as well. For XDR, I have used CrowdStrike and SentinelOne Singularity Endpoint.
How was the initial setup?
I have not worked on integration, but I do know that the initial setup of SentinelOne Singularity Endpoint is very straightforward and very easy to do. All we need to do is set up the tenant, create the page file, and once we install it, it automatically connects within an hour. We just have to deploy the agent on whatever the server, desktop, laptop, or whatever the endpoint is.
What about the implementation team?
We worked as an MSSP, so we worked as a service provider. We provide services to multiple clients. Clients come and they go. The integration part happens, then we have to decommission it. There are several factors related to whether SentinelOne Singularity Endpoint was already deployed or when it was deployed.
What was our ROI?
For maintenance in SentinelOne Singularity Endpoint, we have to stay connected with the OEM in perspective of the version upgrade to stay up to date. The only thing is version updates. If there is any new update, then we have to stay updated.
What's my experience with pricing, setup cost, and licensing?
I cannot say exactly, but I can guess the pricing model for SentinelOne Singularity Endpoint. We have heard about the pricing model. While we were working on a client, our manager sent a proposed email to the client at that time. We saw how they were costing. They were costing on a per-device basis. Based on how many endpoints the client needs, they were charging per endpoint.
What other advice do I have?
Comparing SentinelOne Singularty Endpoint with other XDR solutions, the first thing is that it is easier to understand with a user-friendly interface. When we log in as a user, it is very user-friendly with sections for Threat, Incident, and Admin. The UI is very user-friendly. SentinelOne Singularity Endpoint is reliable and can be relied upon for security purposes to secure our systems. That would be a major factor comparing it with other products.
I have used the Purple AI feature in SentinelOne Singularity Endpoint for quite some time.
I feel data security is a very big factor when we talk about reliability and trust issues in terms of Purple AI. Nowadays, there are different LLMs such as Claude and ChatGPT, but reliability is the most competing factor. The Purple AI feature in SentinelOne Singularity Endpoint makes it reliable because we do not have to search for IOCs outside our environment by going to other large language models. Through Purple AI only, we can get recent IOCs and vulnerabilities circulating around. Purple AI does help us for reliability and integrity of our data.
I would rate this product nine out of ten overall.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 8, 2026
Flag as inappropriateSoc Analyst Trainee at Softcell Technologies Limited
Deep visibility and AI-driven rules have strengthened endpoint threat detection and response
Pros and Cons
- "I would recommend SentinelOne Singularity Endpoint to other users because its threat detection and alerting are very quick."
- "One area that has room for improvement in SentinelOne Singularity Endpoint is the inability to create a custom dashboard."
What is our primary use case?
My use case is for EDR purposes.
What is most valuable?
According to me, the best feature of SentinelOne Singularity Endpoint is the Deep Visibility. I think it is easy to check what a user is doing and what command is run. You can track this with the help of Deep Visibility.
SentinelOne Singularity Endpoint's ability to ingest and correlate across my security solutions is interesting. First is the Deep Visibility. The second one is a real-time threat you can detect in SentinelOne Singularity Endpoint. Then you can raise the alert to the client within a short period. Another one is Purple AI, which is the best, according to me.
Purple AI helps with my data privacy and security by providing a feature called Star Custom Rules. You can create a Star Custom Rule, and Purple AI is similar to ChatGPT, but it only gives answers specific to SentinelOne Singularity Endpoint. For example, you can create any rule and ask Purple AI, 'Please give me this type of alert query.' Then Purple AI will create a query according to your needs. There are many types of use cases already stored in Purple AI that you can use for your monitoring, and it is better for both your client's environment and our environment as well.
Purple AI plays a crucial role in my team's knowledge by allowing us to create rules that are not created in SentinelOne Singularity Endpoint by default, and it helps to create many types of alerts. For example, you can block any RDP tool such as Anydesk, and you can create such types of rules with the help of Purple AI.
Regarding how much SentinelOne Singularity Endpoint has reduced my alerts, we can say that on a daily basis, we have 8,000 to 9,000 endpoints from multiple clients, and we have triggered 10 to 15 alerts. When you start a full disk scan, the Sentinel scan runs on your machine, and during that time, alerts that are usually not triggered in SentinelOne Singularity Endpoint can be triggered.
The time to detect in SentinelOne Singularity Endpoint is around 15 to 20 minutes, which is when we raise an alert to the client and get confirmation. These alerts involve various EXE types, and we inform the client about these alerts triggered in their machines, allowing them to confirm if it is genuine or not.
What needs improvement?
One area that has room for improvement in SentinelOne Singularity Endpoint is the inability to create a custom dashboard. You cannot create any dashboard according to your needs, which limits alert triggers across different countries. If they improve this feature to allow for custom dashboards, it would greatly benefit our customers.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for the last two years and one month.
What do I think about the stability of the solution?
I rate the stability of SentinelOne Singularity Endpoint as 10 out of 10.
What do I think about the scalability of the solution?
I rate the scalability of SentinelOne Singularity Endpoint as 10 out of 10.
How are customer service and support?
I give SentinelOne technical support a 10 out of 10 because it is the best EDR tool.
Which solution did I use previously and why did I switch?
I have not used any other EDR, but according to me, SentinelOne Singularity Endpoint is the best. We have used CrowdStrike, but only for one and a half months. While CrowdStrike has more functions, it cannot provide visibility the way SentinelOne Singularity Endpoint does. SentinelOne Singularity Endpoint offers many options in a compact format, and its use is better than other EDR tools.
What other advice do I have?
I would recommend SentinelOne Singularity Endpoint to other users because its threat detection and alerting are very quick. We have used CrowdStrike for one and a half months, but SentinelOne Singularity Endpoint triggers alerts much faster. Its compact features allow us to check seven to eight features effectively, and its pricing is lower than other EDR products.
SentinelOne Singularity Endpoint has better pricing compared to other endpoints. CrowdStrike has a high value, but SentinelOne Singularity Endpoint's pricing is easier for any organization to handle.
Regarding maintenance, there is no need for maintenance according to me.
I give this product an overall rating of 10 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
Last updated: Apr 27, 2026
Flag as inappropriateAssociate Vice President at Novac Technology Solutions
Unified AI-driven protection has reduced alerts and accelerated cloud and endpoint security response
Pros and Cons
- "SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent."
- "I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete."
What is our primary use case?
My use cases include protecting my cloud security and endpoint security workloads with SentinelOne Singularity Complete.
What is most valuable?
The biggest benefit I get from SentinelOne Singularity Complete is that it protects my cloud security workloads and my on-premises server workloads against ransomware attacks and zero-day attacks.
SentinelOne Singularity Complete has a legacy API integration to connect my existing log management tool and my endpoint protection tool to interconnect my SOAR and SIEM platforms. This ability to ingest and correlate across my security solutions has been valuable.
SentinelOne Singularity Complete helps with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
SentinelOne Singularity Complete definitely helps reduce alerts in my case because it has AI functionality that investigates and detects threats. This detect and investigate capability from AI has helped us reduce alerts by almost twenty-five to thirty percent.
SentinelOne Singularity Complete helps reduce mean time to detection as it has an important feature called auto-remediation, which is a one-click rollback that allows us to restore identified files. This feature also helps on the false positive front.
SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent.
SentinelOne Singularity Complete helps free up my staff for other projects and tasks because it is easily scalable and managed with a single platform, allowing us to concentrate more on DevSecOps and providing visibility across endpoint, cloud workload protection, and my server environment in one platform.
Purple AI in SentinelOne Singularity Complete is important for data privacy and security as it provides granular level information on where I need to go and fix issues, which helps accelerate my operations for better performance.
The contextual intelligence feature of Purple AI in SentinelOne Singularity Complete helps me get the threat intelligence platform across my environment and allows me to share the advisories with my other platforms as well.
Purple AI amplifies team knowledge as I can use it in the manner of a managed detection and response service, allowing me to create a use case with my existing security analyst in response to alerts or triggering information. This provides me complete visibility across my security landscape.
Purple AI impacts SecOps workflows by providing complete end-to-end visibility across my channels and reducing manpower. The agentic workflows created by AI allow my analysts to have an easier job.
What needs improvement?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need to depend on one more module to get alert visibility. The alerting mechanism shows alerts on a single page, but I have to navigate to another page to get detailed visibility, which could be improved in the user interface.
For how long have I used the solution?
I have been using SentinelOne Singularity Complete for two years.
What do I think about the stability of the solution?
I have never seen any issues such as glitches, downtime, or latency with SentinelOne Singularity Complete.
What do I think about the scalability of the solution?
I do not face any scalability issues with SentinelOne Singularity Complete since it is a SaaS platform.
How are customer service and support?
The technical support for SentinelOne is good. I would give them eight points for support on a scale from zero to ten. To reach ten points, they could improve on threat intelligence and provide faster responses.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
SentinelOne Singularity Complete has helped with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
How was the initial setup?
I find the installation and deployment of SentinelOne Singularity Complete very easy.
What about the implementation team?
The deployment of SentinelOne Singularity Complete was done with a partner.
What was our ROI?
In terms of return on investment for SentinelOne Singularity Complete, I find it better since I am using the AI platform to reduce manpower costs, which helps with the return on investment.
Which other solutions did I evaluate?
SentinelOne Singularity Complete is less costly compared to CrowdStrike. From a technical side, I do not see much difference between SentinelOne Singularity Complete and other vendors.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Feb 16, 2026
Flag as inappropriateSenior Manager Ict & Innovations at Bangalore International Airport Limited
Unified security has reduced endpoint risk and streamlines protection across all devices
Pros and Cons
- "This solution has really very good capabilities across the endpoint devices."
- "As a customer, the price is also high for me."
What is our primary use case?
My main purpose is to have protection for all my endpoint devices. I would like a unified solution which can reduce my operational cost and ensure my risk is less compared to other things. The primary use case is that I want to have my entire server and endpoint security solutions covered. I want to consolidate to ensure my maintenance and operational cost are streamlined in a better way.
What is most valuable?
This solution has really very good capabilities across the endpoint devices. It has real capabilities to ensure my endpoint device coverage across my organization. It can correlate my various threats so that it gives me clear detailed information across my entire enterprise landscape.
It is enabling my security solutions from my servers, Linux, Windows security, all at various touchpoints. It gives my all my laptop devices and everything the entire range of security purpose.
It prevents my vulnerable devices without any confirmation and without being compromised. The network and asset visibility has real visibility because it can see various types of devices connecting to my network.
What needs improvement?
It has reduced the MTTR significantly, at least 40 to 50 percent.
When coming into the picture with AI, I think it has to enhance the time to respond and can increase in that way. Time to respond is a delay that should be improved. Documentation also should be in a better way. As a customer, the price is also high for me.
It is not easy for engineers or for any new engineers, highly trained people would be better. For L2 engineers, it is not that easy for them.
For how long have I used the solution?
I have already shared on LinkedIn the solutions what I am offering. I am using the endpoint security and all the protection platforms. I am using SentinelOne Singularity Endpoint Go and SentinelOne Singularity Endpoint Cloud also and also SentinelOne Singularity Endpoint Identity. It is almost two years that I have been a customer.
What do I think about the stability of the solution?
Stability is very good.
What do I think about the scalability of the solution?
It is highly scalable.
What was our ROI?
In terms of my solution, the return on investment is better. I am able to get my staff reduced in that way. If the cost also can be decreased, then I will be happy.
Which other solutions did I evaluate?
I have already shared on LinkedIn the solutions what I am offering. I have shifted to another company which is called Wysely Digital. Microsoft Defender is another alternative that exists as an EDR.
What other advice do I have?
I am currently using SentinelOne Singularity Endpoint Go, SentinelOne Singularity Endpoint Cloud, and SentinelOne Singularity Endpoint Identity. It has eliminated all false positives that are generated. This has helped my staff to focus on other purposes. The cost price point at one hundred dollars or higher is a consideration. I would rate this solution an eight out of ten. It is on-premises deployment. For this review, I would give this solution an overall rating of eight.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Jul 13, 2026
Flag as inappropriateSecurity Administrator at EbixCash
Endpoint protection has improved threat blocking and simplified centralized device control
Pros and Cons
- "For endpoint protection, I see SentinelOne as the perfect solution, and for the server, I feel that Deep Security from Trend Micro is working fine as I have seen various organizations using it."
- "I am utilizing Purple AI, but I feel that it is not available in our infrastructure since we have offloaded SentinelOne only on our servers and not from the vendor."
What is our primary use case?
We are using SentinelOne Singularity Endpoint as an EDR currently in our organization, and we are mapping the hash values into it so that the endpoint detection and response system will block all the corresponding prefix regarding that hash value. We also use it for USB blocking, such as blocking USB on particular devices or on the whole network.
What is most valuable?
From the administrative perspective, I appreciate the best features of SentinelOne Singularity Endpoint because we can block each and every traffic based on the hash value. We can manually check for this, and we have the AI feature to scan the vulnerability type and migrate that framework vulnerabilities. Additionally, we have the whole privilege to manually control the device, such as the endpoint, so we can close the running application or uninstall the applications that are malicious.
SentinelOne Singularity Endpoint is very good in terms of time-saving, as no other task is getting hampered by installing it. Initially, when we install it on a particular endpoint, it scans all over the machine, and the user may feel that the machine is a bit slow. However, after the scanning is completed, the machine comes to the top factory stage, so the user has not faced any issues with the software.
The key benefits I have seen from using SentinelOne Singularity Endpoint include that agent installation is pretty easy. We just need to run the EXE file and paste the key. After deployment, it works by scanning everything in the background, creating logs in SentinelOne and also in the client console app if it fails at anything. We have not encountered any malicious attacks, such as ransomware, and I feel that SentinelOne is working very well by patching it in the background.
What needs improvement?
I would like to see improvements in SentinelOne Singularity Endpoint where if the user agent is deployed on a particular machine, the user only sees the logs, and the rest are deleted, while the quarantine part is done by the console itself. Users should be given permissions to block or use the application as needed.
In terms of features, I would like to see that if I need to deploy software in my environment with an endpoint EDR installed, I could use SentinelOne for that. It would be perfect for the software part, such as deploying an EXE file remotely to all employees so that it gets installed on every endpoint.
For how long have I used the solution?
I have been working with SentinelOne Singularity Endpoint for about two and a half years or more.
What do I think about the stability of the solution?
As for the stability of SentinelOne Singularity Endpoint, I do not have any negative thoughts. It was pretty clean and had a nice installation.
What do I think about the scalability of the solution?
I have not had any scalability issues with SentinelOne. We have deployed it in both 64-bit and 32-bit architectures, and both are working fine. We also received troubleshooting steps such as running commands in the command prompt or PowerShell to ensure its installation.
How are customer service and support?
I evaluate customer service and technical support of SentinelOne as adequate. We are not proactively calling them since our server management team is responsible for crashes or other issues and they bring in SentinelOne team when necessary.
Which solution did I use previously and why did I switch?
I have worked on Kaspersky EDR solutions and also SentinelOne Singularity Endpoint. We are deploying Deep Security from Trend Micro for the servers. For endpoint protection, I see SentinelOne as the perfect solution, and for the server, I feel that Deep Security from Trend Micro is working fine as I have seen various organizations using it.
In my previous organization, they were using Kaspersky EDR solutions, so I did not switch from Kaspersky to SentinelOne. Instead, Deep Security is being installed in our servers here.
How was the initial setup?
The initial setup of SentinelOne Singularity Endpoint was straightforward, and there were no issues with it.
What about the implementation team?
We are not in a partnership with SentinelOne. We are just the end-users of the solution. SentinelOne has provided us with the EDR solution installed on our own servers, and if any updates need to be made, the vendor has to come and install them manually.
Which other solutions did I evaluate?
SentinelOne is indeed very highly regarded in the industry and is seen as a supreme solution. This is a significant advantage for us in our organization.
What other advice do I have?
I am not certain how to answer if SentinelOne Singularity Endpoint has helped to consolidate our security solutions.
At the moment, I do not use SentinelOne Singularity Endpoint's Ranger functionality for network and asset visibility, and I am not aware of it, so there are no issues.
SentinelOne Singularity Endpoint has helped to reduce alerts because we have predefined the hash values, and the mitigation part is done by automation itself.
Currently, I am just in the deployment phase, and the administrator part is handled by another team, so I do not have specific data points on how much the alerts it has helped to reduce.
SentinelOne Singularity Endpoint has indeed helped us to reduce our organization's mean time to detect, as the major vulnerabilities have already been patched by it, and we are not facing any downtime or related issues.
As far as I know, regarding mean time to respond metrics, the alerts are getting in the queue itself, but I am not the right person to answer this at this time.
I am utilizing Purple AI, but I feel that it is not available in our infrastructure since we have offloaded SentinelOne only on our servers and not from the vendor.
Based on my experience with SentinelOne, I recommend that it should be available for home users as well, and I believe they are using SentinelOne for Azure cloud services, which is pretty good. I would rate this review as an eight out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Jul 15, 2026
Flag as inappropriateSecurity Administrator at Softcell Technologies Limited
Autonomous endpoint protection has strengthened investigations and reduced response times
Pros and Cons
- "The main benefits of using SentinelOne Singularity Endpoint are its capability to secure our clients' infrastructure effectively, providing better reliability compared to other tools like CrowdStrike, with a focus mainly on security."
- "SentinelOne Singularity Endpoint generates a high number of false positive alerts, which is a downside, along with high resource consumption leading to poor network connectivity."
What is our primary use case?
I am currently working with SentinelOne Singularity Endpoint for endpoint detection. As an MSSP, we provide services to our clients by deploying use cases to identify threats on their endpoints and servers.
For our clients, SentinelOne Singularity Endpoint is mainly used for investigation, incidents, and taking action to protect systems from malware and ransomware. We utilize AI-based behavioral analysis in real time to prevent cyber threats and different types of attacks.
SentinelOne Singularity Endpoint has helped us consolidate security solutions because we rely on it for security purposes, especially for ransomware, with incidents occurring almost every week among our clients. We have deployed SentinelOne Singularity Endpoint on our client servers and laptops using an on-premises deployment model.
What is most valuable?
The biggest benefit for my customer is that SentinelOne Singularity Endpoint is autonomous, where mostly everything is automated, including threat detection, auto-remediation rules, and setup, with the user interface being the best aspect.
SentinelOne Singularity Endpoint has been great for integrating and correlating with other products because it is very easy to set up and very reliable for correlation with any other use cases and products.
The main benefits of using SentinelOne Singularity Endpoint are its capability to secure our clients' infrastructure effectively, providing better reliability compared to other tools like CrowdStrike, with a focused mainly on security.
SentinelOne Singularity Endpoint has reduced the mean time to detect for us because it detects threats and malware in real time, triggering alerts as soon as any red alarm is detected by its AI-based behavioral engine. This allows us to take action and report true and false positives based on our own analysis.
SentinelOne Singularity Endpoint has helped reduce our organization's mean time to respond because the dynamic threat engine often detects true positive alerts, which decreases our clients' overall SLA.
What needs improvement?
SentinelOne Singularity Endpoint generates a high number of false positive alerts, but by optimizing it frequently based on our client's requirements and fine-tuning the rules we have created, we manage the false positives and detect true positives reliably for our clients.
SentinelOne Singularity Endpoint generates a high number of false positive alerts, which is a downside, along with high resource consumption leading to poor network connectivity. Additionally, the inability to create customized dashboards is something that could be improved.
I have not identified any missing features in SentinelOne Singularity Endpoint as it meets our current requirements, though I believe there could be improvements in network security.
For how long have I used the solution?
I have been using SentinelOne Singularity Endpoint for more than a year.
What do I think about the stability of the solution?
We have experienced performance issues and downtimes, but the customer support from SentinelOne is excellent, allowing us to resolve issues quickly whenever we get stuck.
What do I think about the scalability of the solution?
SentinelOne Singularity Endpoint is very much scalable since it charges per endpoint, allowing us to scale up or down as needed.
How are customer service and support?
I would rate the tech support a ten out of ten.
How was the initial setup?
Although I am not part of the integration process, I know that the initial setup of SentinelOne Singularity Endpoint is very easy, requiring just the installation of the agent on the endpoints.
What was our ROI?
There is a good return on investment with SentinelOne Singularity Endpoint, as we charge our clients significantly more than our deployment costs, leading to substantial revenue, especially with clients deploying thousands of endpoints.
The key differences with SentinelOne Singularity Endpoint compared to competitors lie in the excellent return on investment and security for our clients' infrastructure, which is superior to what other solutions offer.
What's my experience with pricing, setup cost, and licensing?
The pricing aspect of SentinelOne Singularity Endpoint is reasonable because the value provided is excellent, charging on a per-device basis; thus, more endpoints lead to higher costs.
What other advice do I have?
The Ranger functionality is blocked in our environment, so we are not using it. It is meant for agents on networks where the servers do not have the endpoints installed.
We have used the Purple AI feature in SentinelOne Singularity Endpoint.
Data privacy is very important, and while using other large language models like ChatGPT, there is uncertainty about data security. However, Purple AI, being an in-house feature of SentinelOne Singularity Endpoint, provides reliability because we know our data is being handled securely. We use it for identifying IOCs, which helps manage recent vulnerabilities in the outside world, along with fine-tuning rules.
The retrieval time in Purple AI is very fast, allowing me to ask co-pilot questions and see the telemetry matches in the system immediately, making it very useful for confirming any queries before deploying.
Purple AI is very useful for detecting IOCs, serving as a source of threat intelligence from which we can manage our detection rule engine much better.
Purple AI helps streamline our SecOps workflows by managing and assessing workflows with proper detection, especially in scenarios where we are uncertain about the actions to take.
Other organizations should definitely consider SentinelOne Singularity Endpoint because of its reliability, which is crucial in the security domain where data is everything. I rate this review a ten out of ten overall.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: May 31, 2026
Flag as inappropriateBuyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Endpoint Detection and Response (EDR) Endpoint Protection Platform (EPP) Anti-Malware Tools Extended Detection and Response (XDR) AI-Powered Cybersecurity Platforms AI ObservabilityPopular Comparisons
CrowdStrike Falcon
Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint
IBM Security QRadar
Elastic Security
Huntress Managed EDR
Trellix Endpoint Security Platform
HP Wolf Security
WatchGuard Firebox
TrendAI Vision One
TrendAI Vision One – Cloud Security
Microsoft Defender XDR
Buyer's Guide
Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- Which is better - SentinelOne or Darktrace?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- Cortex XDR by Palo Alto vs. Sentinel One
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- Does SentinelOne have a Virtual Patching functionality?
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?





















