No more typing reviews! Try our Samantha, our new voice AI agent.
IT Security Consultant at Systemhaus for you GmbH
Real User
Top 5Leaderboard
Feb 24, 2026
Managed services have gained faster incident response and clear threat investigations
Pros and Cons
  • "The best features I and my clients like the most about Singularity Platform are that, first of all, it's easy to handle, it doesn't take a lot of time to get into, there's no real obscurity, it takes a load of work from the team, and in most cases, you can literally just configure it once and leave it running until something comes up, and it will just work."
  • "The areas that have room for improvement in Singularity Platform include the fact that I am really not happy with the vulnerability management."

What is our primary use case?

My use case for this solution is that we are an MSP. We take care of clients for small to medium-scale businesses. I think our current install base is around 7,000, maybe around there. Beyond that, we also are in the project business, so for larger customers, we handle it on a project basis.

My clients are small to medium businesses for the most part.

What is most valuable?

The best features I and my clients like the most about Singularity Platform are that, first of all, it's easy to handle. It doesn't take a lot of time to get into. There's no real obscurity. It's really easy to handle, takes a load of work from the team, and in most cases, you can literally just configure it once and leave it running until something comes up, and it will just work. There won't really be an issue in between then.

Singularity Platform saves me over 50% of my time or resources. If I have an incident I want to investigate, for example, I can just go in. I don't have to learn a complex query language. I can just ask the inbuilt Purple AI and ask about this situation. If I want to dive in deeper, I can, and it's really easy to do. I can very easily see the context, see what has happened, where it has happened, how it has happened, as opposed to other tools or even doing it manually. The time saved is almost immeasurable because it's just so much.

My thoughts on the real-time monitoring capabilities are that they are great. There's not really anything negative to say there; I like them.

When assessing the impact on supply chain processes, keeping it simple, it would basically be good. In use cases where customers are in a supply chain, the people who are concerned about them being in their supply chain usually have their concerns alleviated by SentinelOne being present.

My thoughts on the maintenance are that it is pretty easy. It is pretty much the way I would like it. If it works, you're not bothered by it. If it doesn't work, it's very easy and quick to figure out what is going wrong. The nice part about that as well is you can go the proper way and fix it as intended, or if that doesn't work, the wooden mallet is always an option to just fix it quick and dirty. Those work without issue.

What needs improvement?

The areas that have room for improvement in Singularity Platform include the fact that I am really not happy with the vulnerability management. I may or may not have a bit of a personal vendetta against vulnerability management as a whole. I feel that concept is a bit out of date in my opinion. But combine that with what I believe is absolutely subpar performance in the vulnerability management space. I just opened our console and am faced by a wall of red. We conduct regular internal pen tests on ourselves and our clients. I know those aren't able to be exploited, and seeing, even if I dive into the vulnerabilities, a good percentage of them isn't even real. Sometimes they may just be artifacts left over that are still being found and then identified. Last year, SentinelOne was awarded for best vulnerability scanner, and that was a bit amusing to me. But that's really the main part I would say could be improved. Other than that, there are a couple of minor features which I know are on the roadmap and I would like to see sooner.

For how long have I used the solution?

I've been using Singularity Platform since 2020.

Buyer's Guide
SentinelOne Singularity Endpoint
June 2026
Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.

What do I think about the stability of the solution?

When rating the stability, let me preface this by saying that thanks to the architecture of SentinelOne being not really cloud-dependent, it won't report to the cloud if the cloud is down. Thanks to that, I don't really care about occasional downtime on the console too much. That being said, I know there have been a couple of issues in the recent months, but those are getting a lot better. I would rate stability a nine.

What do I think about the scalability of the solution?

I rate the scalability of Singularity Platform a 10.

How are customer service and support?

From one to ten, I would rate the technical support an eight.

Which solution did I use previously and why did I switch?

I don't have any personal experience with CrowdStrike, sadly, but when comparing Singularity Platform to other solutions, one of the main parts is that performance is just so much better. Not just in threat detection and mitigation but also in regards to endpoint performance. If it works, nobody's going to complain, but the moment that performance is impacted just a tiny bit, it will come up. Even in those rare cases when that isn't optimal, it can very quickly be improved and worked around again. Looking at reports from MITRE ATT&CK, you can see that it works. That's what I enjoy so much about it; it's one of those things that let me sleep easy at night.

What about the implementation team?

Five specialists work with Singularity Platform in my organization.

What other advice do I have?

My thoughts on the customizable dashboards are somewhat detached on a general basis. I see the use for the dashboards; however, we have a bit of a unique issue because, as I mentioned, we are an MSP. We don't just have one console, but I think at this point we have 10, 13 or something consoles, all across different URLs. So I personally can't really use the dashboard customization for a lot of things. We are using it to some degree to monitor the full-service clients, but I generally recommend larger companies we onboard on a project business to utilize the customizable dashboards, especially for data ingestion. That's a real plus point to quickly visualize how much data and what types of data you ingest and where necessary, trim down on unnecessary data.

The minor features I would like to see sooner include, for example, the exclusions. When they trigger, I would like to know in retrospect and be able to see how often a certain exclusion has triggered in the past, let's say, year. So I could say that this hasn't triggered at all and I can just remove it. Also, for the upgrade policies, I would like to just be able to set that I want to upgrade agents on maybe one version behind, one major, one minor version behind, always update service packs, update with a delay of X weeks, and just do that automatically rather than having to adjust the target version manually all the time. But those are very, very minor gripes. That's pretty much all I would have as feedback.

I would rate Singularity Platform overall a 9 out of 10, as there are still some minor things that I think could be a tiny bit better.

The advice I would give others looking into Singularity Platform is that I would definitely recommend it. First off, it is easy to use. You can integrate it with everything, and you can integrate everything with SentinelOne. That isn't even an exaggeration. If you have anything that produces data, you can integrate it. That is what I love so much about it; it's just awesome. My advice would be to definitely do a proof of concept. Figure out the three to four main use cases or main causes of concern for your company, do a classic proof of concept, proof of value, figure out the key areas that you want to protect, and see if the agent plays nice with it and come to the conclusion that it does.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
Last updated: Feb 24, 2026
Flag as inappropriate
PeerSpot user
surajku32 - PeerSpot reviewer
SR SYSTEM ADMINISTRATOR at VATSIN TECHNOLY SOLUTIONS PVT LTD
Real User
Top 5Leaderboard
Jul 15, 2026
Endpoint protection has reduced alerts and saved time with real-time monitoring and rollback
Pros and Cons
  • "Singularity Complete helped free up my staff for other projects and tasks by saving the costs of two employees after implementing this solution."

    What is our primary use case?

    I typically use SentinelOne Singularity Endpoint for endpoint detection, including EDR and EPP, to secure my endpoints.

    A specific example of how I use SentinelOne Singularity Endpoint to secure my endpoints is that it provides AI-powered threat detection that will be very profitable for us. If any malware behaves suspiciously, behavioral analytics will notify us, and it can stop zero-day threats and fileless malware, saving our system from the threat.

    The main use case for SentinelOne Singularity Endpoint is to secure my endpoints.

    How has it helped my organization?

    SentinelOne Singularity Endpoint has positively impacted my organization by saving many systems because we have more than 100 systems that are very critical to monitor individually, and it helps secure all our systems.

    Managing and securing those systems with SentinelOne Singularity Endpoint means it provides real-time monitoring and threat analysis for each system, which is very helpful for us.

    Singularity Complete helped free up my staff for other projects and tasks by saving the costs of two employees after implementing this solution.

    What is most valuable?

    The best features that SentinelOne Singularity Endpoint offers are real-time monitoring, process visibility, attack timelines, root cause analysis, threat hunting, and MITRE ATT&CK mapping, which is the best feature.

    Real-time monitoring and process visibility from SentinelOne Singularity Endpoint help me in my day-to-day work because if any malware files are downloaded, it will take real-time action on them. Additionally, there is a rollback plan, allowing us to easily revert to the malware-affected system, which is a very beneficial feature available in the system.

    What needs improvement?

    SentinelOne Singularity Endpoint can be improved by ensuring that all our endpoints are completely secure and risk-free. If anything happens, a rollback plan will be there so that we can easily revert everything.

    For how long have I used the solution?

    I have been using SentinelOne Singularity Endpoint for the last six months.

    What do I think about the stability of the solution?

    SentinelOne Singularity Endpoint is stable.

    What do I think about the scalability of the solution?

    The scalability of SentinelOne Singularity Endpoint is good.

    How are customer service and support?

    The customer support for SentinelOne Singularity Endpoint is very good.

    On a scale of 1 to 10, I would rate the customer support for SentinelOne Singularity Endpoint a 10 out of 10.

    Which solution did I use previously and why did I switch?

    I did not use any other solution before using SentinelOne Singularity Endpoint, as I started using it directly.

    What was our ROI?

    I have seen a return on investment with SentinelOne Singularity Endpoint as it saves a lot of time and reduces our employee costs.

    Which other solutions did I evaluate?

    I did not evaluate any other options before choosing SentinelOne Singularity Endpoint.

    What other advice do I have?

    Singularity Complete has helped reduce alerts because my system currently has no threats, so I am getting very low alerts.

    SentinelOne Singularity Endpoint has helped reduce my organization's Mean Time to Detect by about two to three hours per day.

    The solution has helped reduce my organization's Mean Time to Respond by five hours.

    If you want to secure your endpoint, you can go for SentinelOne Singularity Endpoint; it is a very good product that you can use. I would rate this product a 10 out of 10.

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    Last updated: Jul 15, 2026
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    SentinelOne Singularity Endpoint
    June 2026
    Learn what your peers think about SentinelOne Singularity Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
    904,680 professionals have used our research since 2012.
    GANESAN K - PeerSpot reviewer
    Senior Technical Engineer at Safezone Secure Solutions Private Limited
    Reseller
    Top 5Leaderboard
    Nov 25, 2025
    Helps identify vulnerabilities, recover from attacks swiftly, and unify security management from a single console
    Pros and Cons
    • "During the time of attacks, if there is any data loss, we were able to easily roll back those attacks and retrieve that data for the client with a single click."
    • "The first thing I would say about the negative side of Singularity Platform is that it lacks some customization and integrations compared to competitors."

    What is our primary use case?

    I have worked with Singularity Platform, and I'm well-versed with Cloud Security, but I have not worked with the AI CM. Singularity Platform comprises three things: Identity Security, Endpoint Security, and Cloud Security. The platform has multiple products including Singularity Identity, Singularity Complete, and the AI-powered Singularity XDR. I have experience with Singularity Identity, Singularity Endpoint, and Singularity Complete products, and we will continue to work because we have more opportunities on this.

    Purple AI provides features and functionalities that have been asked for by customers, and we have given those functionalities to them using Singularity Platform.

    When we manage Identity Security and Endpoint Security, it's from a single console. We get data and visibility on everything happening in our environment and how it is related. We can integrate many other solutions such as Fortinet firewalls and Palo Alto firewalls. Singularity Platform provides a marketplace with many kinds of integrations with mail security solutions and firewall solutions that are very helpful for customers from the XDR point of view. We haven't used the SIM as of now, and we have not given the AI SIM to customers, but we have evaluated the product. To my knowledge, I think it's good, but when it comes to use cases, we will be able to tell how it exactly addresses the client's requirements, how it gives alerts, and how it stores data on correlation time. We need to implement it in the client's environment in order to get proper feedback.

    These were the features and functionalities which have been asked for by customers, and we have provided those functionalities to them using Singularity Platform.

    How has it helped my organization?

    For the past three years, after Corona, we have started using Singularity Platform.

    During the time of attacks, if there is any data loss, we were able to easily roll back those attacks and retrieve that data for the client with a single click. That's how Singularity Platform works for endpoint security. When it comes to Identity Detection and Response, it also gives much more visibility on what identities are weak. It scans all usernames and passwords in the Active Directory or Azure Directory. If you have Azure Directory, integrating with the Identity Security or Posture Management solution allows us to find out what users are in a vulnerable state and all the users to which they might have received five to ten attempts. If those kinds of attempts are received, that particular user account will be locked. We were able to write these kinds of rules from Singularity Identity itself. When it comes to threat intelligence, Singularity Platform holds its own threat intelligence data lake, and they have introduced Purple AI, which is very useful for us when dealing with attacks.

    For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

    What is most valuable?

    Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

    What needs improvement?

    Singularity Platform has an easy-to-use console. When it comes to customization, it has some options, but I wouldn't say it is very customizable. If you are asking if this is fully customizable, I would say it is partially customizable, not fully customizable. In some places, I can understand from a security background that they have kept those features considering security. However, it lacks customization and could enable much more than that.

    Even though Singularity Platform has multiple integrations with multiple solutions, it still needs more because competitive vendors such as CrowdStrike and Trend Micro provide more integrations than SentinelOne.

    The first thing I would say about the negative side of Singularity Platform is that it lacks some customization and integrations compared to competitors. We can integrate Fortinet and Palo Alto, which are big players, but there are many other small companies. Even Zoho is a significant player in our market, but there are no integrations for Zoho.

    For how long have I used the solution?

    For the past three years, after Corona, we have started using Singularity Platform.

    What do I think about the stability of the solution?

    In SentinelOne, we have not received reports regarding outages. Until now, we have not experienced any issues regarding stability. The product is pretty stable, and even if the agent is offline, it will handle the threats. This is pretty solid and stable.

    What do I think about the scalability of the solution?

    Singularity Platform has flexible licenses, and it is also easily scalable.

    How are customer service and support?

    The technical support from SentinelOne is very good.

    How would you rate customer service and support?

    Which solution did I use previously and why did I switch?

    One of our customers had an attack and they were using CrowdStrike. We proposed the SentinelOne alternative solution, and we were able to manage to get some details about the attack and present it to the customer.

    How was the initial setup?

    This is a straightforward approach. Singularity Platform provides pretty much everything that is easy to configure, even by a fresher. If a fresher has basic experience in configuring endpoint security, they would be able to handle SentinelOne. The console and the configuration part are that easy, but for an endpoint security specialist, an understanding of how threat vectors evolve and how they are attacked is necessary. The console view and everything, even writing queries in the XDR, are pretty simple.

    What about the implementation team?

    Singularity Platform is hybrid and has both on-prem deployment as well as SaaS deployment. However, when it comes to the implementation or deployment part, they recommend cloud. We have done only cloud because even from the SentinelOne team, they tell us that they do not recommend on-prem. I will say that the cloud version is better since we haven't done any on-prem deployments, and I don't believe they recommend that for customers.

    What was our ROI?

    For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

    What's my experience with pricing, setup cost, and licensing?

    It's average. It's not cheap, but not expensive—average cost and quite affordable.

    What other advice do I have?

    Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

    My remarks are purely based on feedback from my clients.

    The key unique selling points for SentinelOne are its patented rollback option and offline protection. Even when an agent is offline, we are still able to protect it. There are some protection events happening even when the agent is offline, which is not available with most vendors that expect the agents to be online. That's a good thing about SentinelOne. Additionally, we have not received any complaints regarding performance issues. I rate this solution an 8 out of 10.

    Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
    Last updated: Nov 25, 2025
    Flag as inappropriate
    PeerSpot user
    Kathiravan S - PeerSpot reviewer
    Technical Support Engineer Iii (Siem & Soar) at Barracuda Networks
    Real User
    Top 10
    Jun 9, 2026
    Advanced endpoint protection has prevented ransomware spread and supports precise threat triage
    Pros and Cons
    • "The fingerprint database is a particular feature I really appreciate, which captures almost every single malicious activity."

      What is our primary use case?

      I use SentinelOne Singularity Endpoint for threat analysis and threat detections on endpoint devices. Since Barracuda has the XDR product, that provides additional support for SentinelOne Singularity Endpoint. The product is primarily used for endpoint protection to identify threats, malicious payloads, unauthorized access, or accessing malicious websites. This is used for all endpoint level detections.

      While troubleshooting with one of the customers in the previous organization, they experienced a ransomware execution attack. The ransomware was changing file names and file properties while encrypting files. The customer called us to triage those particular incidents. I checked the endpoint to see which file was flagged. SentinelOne Singularity Endpoint had clear indications of a file with a hash that appeared to be malicious. It triggered an alert and blocked that particular file. I was able to identify which user clicked on this particular file, preventing the ransomware behavior. I contained that particular user using SentinelOne Singularity Endpoint and captured information about the ransomware attack. Additionally, SentinelOne Singularity Endpoint provides USB detection; if an endpoint device has a USB plugged in that contains something malicious, I can block it. It provides a very clean UI that allows me to control the entire endpoint with the options provided by SentinelOne Singularity Endpoint. I have many options along with user roles and can specifically give permissions to specific users. It has proven to be a very helpful platform for endpoint devices.

      I primarily use SentinelOne Singularity Endpoint for detection and threat analysis, containing that particular endpoint from the attacking surface. I also utilize it for whitelisting and blocklisting IPs, malicious hash values, or specific URLs. That is something I usually do while handling whitelist and blocklist tasks. It is a pretty easy task because SentinelOne Singularity Endpoint provides an option to upload text files with those parameters and indicators. The main use case is for threat analysis and triaging the incidents caused by a particular endpoint in an attacking way.

      SentinelOne Singularity Endpoint relates to ransomware attack cases and other incidents involving malicious file executions. In all those cases, it achieves specific outcomes, saves time, and prevents users from being exposed. It achieves these goals, although I do not remember a specific use case.

      What is most valuable?

      The best features SentinelOne Singularity Endpoint offers are clear fingerprints, malicious fingerprints, and the patterns they use to detect malicious files or activities. That fingerprint database is very unique and captures most threats. The fingerprint database is a particular feature I really appreciate, which captures almost every single malicious activity.

      The fingerprint database definitely helps me day-to-day, making my job easier and saving time. Most of the threats and malicious activities are flagged with those fingerprints. It makes me trust the software because when SentinelOne Singularity Endpoint flags something as malicious, it is most probably accurate. If it is not malicious, I can easily whitelist it. It helps in both ways, making my job easier as well as saving time on predefined threats. I do not need to check every time whether something is malicious; SentinelOne Singularity Endpoint has that feature, flagging it as malicious with proper notes and giving me trust that it has something to do with that.

      SentinelOne Singularity Endpoint positively impacts my organization based on the user experience I provide. Users mostly give good feedback about SentinelOne, which is a primary reason I support SentinelOne to assist customers. Most customers provide positive feedback since I support them on SentinelOne Singularity Endpoint regarding how endpoint detection works. I really appreciate using SentinelOne Singularity Endpoint to provide good support to customers using it.

      I find SentinelOne Singularity Endpoint to be a really good platform for ingesting and correlating across our security solutions. The correlation use case captures where the requests are coming from, who is making them, and who clicked them. All event logs, including Windows event logs, are captured from multiple devices, and it correlates event times from multiple systems to identify whether the execution affects the entire organization or just specific computers. I really appreciate that capability because when a ransomware attack happens, it executes almost simultaneously across 10 or 20 devices. This allows me to determine how many devices executed that particular file based on event time, enabling me to correlate and isolate all those devices.

      SentinelOne Singularity Endpoint has helped consolidate our security solutions. The same example I just provided helps prevent ransomware attacks and allows me to take appropriate actions immediately.

      What needs improvement?

      Although it has been almost six and a half months, I do not have many features in mind that I find necessary. However, I really appreciate how I can specify scanning folders or areas in the system. Since it is endpoint detection, I can specify which areas to always check for scanning. It has exclusions as well; for example, if I want to scan everything in a system but exclude particular folders or extensions, I can specify that in SentinelOne Singularity Endpoint. That provides me with more granular control over what needs to be scanned and what does not, helping me avoid many false positives and making the systems more reliable in alert conditions. The results become more accurate.

      I do not feel anything needs to be flagged for improvement, but everything requires some enhancements. While using SentinelOne Singularity Endpoint, I do not feel anything needs to be added as a feature or improved. Most of its functions work well.

      I cannot think of anything at this moment regarding needed improvements.

      For how long have I used the solution?

      I was using SentinelOne Singularity Endpoint for two and a half years until I worked at Barracuda Networks six months ago.

      What other advice do I have?

      I primarily use the AI capabilities in SentinelOne Singularity Endpoint for endpoint detections, threat analysis, and threat hunting.

      I have not extensively used the AI capabilities, so I do not have much experience to share or feedback regarding its accuracy and reliability.

      My review rating for this product is 8.

      Which deployment model are you using for this solution?

      Private Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Disclosure: My company does not have a business relationship with this vendor other than being a customer.
      Last updated: Jun 9, 2026
      Flag as inappropriate
      PeerSpot user
      Hussain Nogama - PeerSpot reviewer
      IT Administrator at a retailer with 201-500 employees
      Real User
      Top 20
      Jun 4, 2026
      Endpoint protection has blocked unknown threats and has improved incident response speed
      Pros and Cons
      • "The most valuable features I find in SentinelOne Singularity Endpoint are the EDR, lateral movement feature, and machine learning feature, which I find impressive."
      • "It shows the vulnerability but does not provide the package to resolve that vulnerability."

      What is our primary use case?

      SentinelOne Singularity Endpoint is used in my company as we are a client of Sentinel. The primary use cases are for endpoint security, policies, and other features.

      What is most valuable?

      The most valuable features I find in SentinelOne Singularity Endpoint are the EDR, lateral movement feature, and machine learning feature, which I find impressive.

      I am using the Ranger functionality in Singularity.

      SentinelOne Singularity Endpoint does provide network and asset visibility, but in Singularity, you do not have the complete feature. If you want more EDR and want to know from where the attack happened and what it does, you have to purchase the EDR. When I purchased Sentinel, it had three products: SentinelOne Core, Control, and Complete. We are using Core. If you want full visibility on an EDR, there is one more add-on that you have to purchase. As a product, I think most of the features remain the same. It does not allow the machine to work if it finds any unknown activity; it immediately blocks the machine from the network and isolates it completely. Regardless of the location or where you are, if your machine is connected to the internet, you will get an alert that this machine has been isolated. It does not allow you to work at all.

      What needs improvement?

      There are certain things that need to be improved, such as the roll-up things because not every upgrade or update is useful. They have to do more work on the configuration side, which I believe they are already working on.

      I would appreciate improvements in the patches. If I have Windows patches or application patches, it would be excellent if they could cover that on the same portal so I could go straight in and do it. It shows the vulnerability but does not provide the package to resolve that vulnerability. For example, if my Windows is outdated and Sentinel finds that there is an update that is not installed, there should be an option to install the Windows update from the portal itself.

      The additional features I would appreciate in the future are already present in the Complete feature of SentinelOne Singularity Endpoint. Since I am using Core, whatever features are lacking in Core are already in Complete, so if customers want those features, they can upgrade their product.

      For how long have I used the solution?

      I have been working with SentinelOne Singularity Endpoint for more than four years.

      How are customer service and support?

      The response is excellent from them; the moment I submit a ticket, I can expect their response within 15 minutes, less than 15 minutes.

      For technical support, I would rate them 9.5.

      What other advice do I have?

      For security solutions, we are also using different types of products, but I have never done the correlation across our different solutions.

      Regarding Purple AI, we have recently done that with ManageEngine.

      We have not integrated SentinelOne Singularity Endpoint with third-party solutions.

      My overall review rating for SentinelOne Singularity Endpoint is 9.5.

      Which deployment model are you using for this solution?

      On-premises

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Other
      Disclosure: My company does not have a business relationship with this vendor other than being a customer.
      Last updated: Jun 4, 2026
      Flag as inappropriate
      PeerSpot user
      Sankha Rajaguru - PeerSpot reviewer
      System Engineer at A-Networks
      Reseller
      Top 5
      May 29, 2026
      Endpoint security has improved and centralized control now simplifies device and alert management
      Pros and Cons
      • "SentinelOne Singularity Endpoint scales well and is scalable."
      • "Most of the customers in Sri Lanka are currently migrating from SentinelOne Singularity Endpoint to CrowdStrike."

      What is our primary use case?

      I am using SentinelOne Singularity Endpoint basically for endpoint protection, and some customers have requirements for USB control and network control as well.

      What is most valuable?

      When it comes to the favorite features of the customers, they appreciate the additional management opportunities that SentinelOne Singularity Endpoint provides. For example, remote shell execution, rebooting, restarting, and pushing messages to the endpoint are the most favorite features that customers are requesting.

      It has saved considerable time. For example, I can take device control and control all device control features and device control permissions through SentinelOne Singularity Endpoint. Otherwise, I would have to depend on a different solution to achieve that. Using SentinelOne Singularity Endpoint, I can achieve that as well.

      What needs improvement?

      When it comes to SentinelOne Singularity Endpoint, most of the complaints I am getting are related to the connectivity between the endpoint and the cloud console. It disconnects from time to time without proper reasons. Also, when I compare it to other next-generation antivirus or next-generation endpoints such as CrowdStrike, SentinelOne Singularity Endpoint has many dependencies on Windows. That is the most disliked aspect coming from the customers I work with.

      Other than Windows, when it comes to Linux and Kubernetes, SentinelOne Singularity Endpoint is great. However, when it comes to Windows, there are a lot of dependencies.

      There are some issues with collecting crash reports and crash logs on the endpoint. They are not visible over the console. Sometimes, the PC's hard disk and its available space is consumed by the SentinelOne Singularity Endpoint agent. I have to attend manually and clear the crash data. I can do it on the SentinelOne Singularity Endpoint management console as well, but I have to go with a restart. For critical servers, it is a huge headache for the end users.

      For how long have I used the solution?

      I have been working with SentinelOne Singularity Endpoint for about two and a half years.

      What do I think about the scalability of the solution?

      SentinelOne Singularity Endpoint scales well and is scalable.

      How are customer service and support?

      SentinelOne Singularity Endpoint provides pretty good support to their end customers.

      There are some improvements needed. When it comes to some troubleshooting, such as technical troubleshooting, I have to do some follow-ups in order to get relevant feedback from them.

      Which solution did I use previously and why did I switch?

      Most of the customers in Sri Lanka are currently migrating from SentinelOne Singularity Endpoint to CrowdStrike. CrowdStrike is the main alternative product in the market at the moment for SentinelOne Singularity Endpoint.

      I prefer CrowdStrike because it is easier to manage. When it comes to SentinelOne Singularity Endpoint, after the agent is pushed to the endpoint and the installation is done, I have to do a reboot to establish the connection and turn on the engines. With CrowdStrike, I do not need to do any restart upon installing the agent on the new device.

      How was the initial setup?

      SentinelOne Singularity Endpoint is easy to set up. It does not have any deployment mechanism, so I either have to install it one by one on the PC manually or I can use third-party tools to do the deployment. For example, I can do remote deployment through Active Directory. When it comes to deployment, it is not that difficult. It follows the same procedure as other vendors.

      What's my experience with pricing, setup cost, and licensing?

      Since I work in post-sales, prices are not revealed to me, but to my knowledge, SentinelOne Singularity Endpoint is a bit cheaper than other products in the market. For example, when I compare CrowdStrike with SentinelOne Singularity Endpoint, SentinelOne Singularity Endpoint is a bit cheaper. Since I work in post-sales, I do not get exact price information. Based on my understanding, that is the basic pricing.

      Which other solutions did I evaluate?

      Ranger functionality is used to detect the agents.

      Asset discovery is an important feature. As far as my understanding goes, once I enable the Ranger function in the console, I can initiate a network scan through the available agent. By doing that, I can identify what IoT devices and other devices are available in my network infrastructure. I can get better visibility over the network, which devices have the SentinelOne Singularity Endpoint agent, which devices do not have the SentinelOne Singularity Endpoint agent, and so on.

      What other advice do I have?

      SentinelOne Singularity Endpoint helps to reduce alerts because there are customizable options when it comes to the alerts. For example, if I get false-positive alerts over time, I can do exclusions for that particular alert. Similarly, I can reduce many alerts using SentinelOne Singularity Endpoint and the Singularity platform. I gave this review a rating of 8.

      Which deployment model are you using for this solution?

      On-premises

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Other
      Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
      Last updated: May 29, 2026
      Flag as inappropriate
      PeerSpot user
      reviewer2809476 - PeerSpot reviewer
      Technical Account Manager at a computer software company with 11-50 employees
      Real User
      Top 5Leaderboard
      Mar 23, 2026
      Endpoint protection has reduced ransomware impact and streamlines daily threat hunting
      Pros and Cons
      • "My advice for others looking into purchasing SentinelOne Singularity Complete is that I would definitely recommend it."
      • "One of the negatives we have found is that we receive quite a lot of false positives."

      What is our primary use case?

      I used SentinelOne Singularity Complete for endpoint security, and we selected it because we were looking for an AI-powered cloud solution.

      What is most valuable?

      The best features of SentinelOne Singularity Complete include a ransomware rollback feature that can be used on infected machines, which we have used before and appreciated. The deployment is fairly straightforward as well.

      SentinelOne Singularity Complete's ability to ingest and correlate across our security solutions has not presented any problems. This capability provides a benefit when hunting for threats and leveraging the AI side of the platform.

      Regarding alert reduction, I would not say the impact has been massive. One of the negatives we have found is that we receive quite a lot of false positives.

      Overall, SentinelOne Singularity Complete saves me time, and I would say the time savings are approximately 10 to 15 percent.

      What needs improvement?

      The reporting in SentinelOne Singularity Complete could be improved as it is still somewhat clunky and lacks customization. Support response times could also be better.

      For how long have I used the solution?

      I have been using SentinelOne Singularity Complete for approximately 18 months.

      What do I think about the stability of the solution?

      I would rate the stability of SentinelOne Singularity Complete as an eight out of ten.

      What do I think about the scalability of the solution?

      I would rate the scalability of SentinelOne Singularity Complete as an eight out of ten.

      How are customer service and support?

      I would rate the support of SentinelOne Singularity Complete overall as a six out of ten.

      How would you rate customer service and support?

      Neutral

      Which solution did I use previously and why did I switch?

      SentinelOne Singularity Complete was already in place when I joined.

      How was the initial setup?

      The deployment of SentinelOne Singularity Complete was straightforward and easy. It took approximately one day to implement SentinelOne Singularity Complete, based on the number of clients we had.

      What's my experience with pricing, setup cost, and licensing?

      Regarding pricing for SentinelOne Singularity Complete, on a scale where one is cheap and ten is expensive, I would rate it as an eight.

      Which other solutions did I evaluate?

      When comparing SentinelOne Singularity Complete with other vendors, we use it for client-specific purposes, while other clients may use Microsoft or similar solutions. I have noticed it works well.

      What other advice do I have?

      SentinelOne Singularity Complete has not helped us consolidate any security tools that I am aware of.

      We do not use the Ranger functionality in SentinelOne Singularity Complete as we use other solutions for that purpose.

      Maintenance of SentinelOne Singularity Complete is straightforward to perform. Approximately 60 users use the solution, and all users are local. SentinelOne Singularity Complete requires some maintenance as part of our internal checks to ensure policies are up to date, which we perform on a weekly basis.

      We do not use Purple AI.

      My advice for others looking into purchasing SentinelOne Singularity Complete is that I would definitely recommend it. I would rate this review an eight out of ten overall.

      Which deployment model are you using for this solution?

      Public Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Disclosure: My company does not have a business relationship with this vendor other than being a customer.
      Last updated: Mar 23, 2026
      Flag as inappropriate
      PeerSpot user
      Soc Analyst at Softcell Technologies Limited
      Real User
      Top 20
      Apr 23, 2026
      Advanced detection has strengthened endpoint protection and simplifies real-time threat response
      Pros and Cons
      • "The main benefits that SentinelOne Singularity Endpoint brings to the table are enhanced security and improved operational efficiency."
      • "I would like to see some improvements in SentinelOne Singularity Endpoint; there are features that are currently missing that I would like to see included or enhanced in the future."

      What is our primary use case?

      I use it primarily for endpoint protection, and I utilize it in various security scenarios. I work with SentinelOne Singularity Endpoint. I do use Purple AI, and data privacy and security are very important when utilizing Purple AI; it meets these needs well.

      What is most valuable?

      What I appreciate about it are its advanced detection capabilities and user-friendly interface; those are the best features in it.

      My impressions of SentinelOne Singularity Endpoint's ability to ingest and correlate across my security solutions are very positive; it works effectively. SentinelOne Singularity Endpoint has helped me consolidate my security solutions significantly. I have examples about the consolidation of my security solutions with SentinelOne Singularity Endpoint; I appreciate discussing the threats that we have encountered.

      I use the solution's Ranger functionality, and it has been helpful. SentinelOne Singularity Endpoint has helped to reduce alerts for me, making it easier to manage. SentinelOne Singularity Endpoint has helped to free up my staff for other projects and tasks, and I have seen time-saving aspects; I can share how much time it saved us.

      It detects threats in real-time, which does not require prior scenarios. If we observe multiple false positives, we reach out to clients directly if the alert is serious; SentinelOne Singularity Endpoint does the remaining part for us by identifying and securing the client's endpoint, so we do not have to do any manual work.

      Purple AI amplifies team knowledge effectively in my environment, and it has been very helpful. I assess Purple AI's capability in providing synthesized threat intelligence and contextual insights as strong. Purple AI's ability to streamline threat investigations has a positive impact on my SecOps workflows.

      The main benefits that SentinelOne Singularity Endpoint brings to the table are enhanced security and improved operational efficiency.

      What needs improvement?

      I would like to see some improvements in SentinelOne Singularity Endpoint; there are features that are currently missing that I would like to see included or enhanced in the future.

      For how long have I used the solution?

      I have been using SentinelOne Singularity Endpoint more than a year.

      What do I think about the stability of the solution?

      Regarding the procurement aspect, I do not know where I bought it from, but I have not experienced any crashes, downtimes, or performance issues with SentinelOne Singularity Endpoint.

      How are customer service and support?

      I would evaluate customer service and technical support as an 8 on a scale of 1 to 10.

      How was the initial setup?

      The initial setup process is straightforward for me; I do not find any complexities with the setup.

      What was our ROI?

      Regarding the pricing aspect, I have experience with it, and I have seen ROI with it.

      Which other solutions did I evaluate?

      The main differences, both pros and cons of SentinelOne Singularity Endpoint compared to other endpoint protection products I have worked with, are notable.

      What other advice do I have?

      I use the solution's Ranger functionality, and it has been helpful. Given my experience with SentinelOne Singularity Endpoint, my advice for organizations considering it would be to certainly assess its capabilities. I rate this product as a 9 overall.

      Which deployment model are you using for this solution?

      Public Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
      Last updated: Apr 23, 2026
      Flag as inappropriate
      PeerSpot user
      Ijeoma Nkemjika - PeerSpot reviewer
      Customer Success Manager at Digitank Technology
      Reseller
      Top 20
      Sep 27, 2025
      Has improved threat hunting through query suggestions and contextual incident storylines
      Pros and Cons
      • "SentinelOne Singularity Complete has shown a return on investment with its ability to detect threats at approximately 99% efficiency."
      • "The main area for improvement relates to Linux compatibility. When deploying on a Linux system, the process isn't as seamless compared to other operating systems."

      What is our primary use case?

      I have used SentinelOne Singularity Complete in a SOC environment where most customers were utilizing it. 

      How has it helped my organization?

      The solution has been helpful especially for the infrastructure security team. They can focus their energy on other business projects and priorities while having peace of mind knowing that even without real-time operation, SentinelOne Singularity Complete can detect vulnerabilities and contain threats until they intervene. This allows them to work on other projects, develop security policies, and strengthen their defense. The team can address other security loopholes while SentinelOne Singularity Complete manages their infrastructure.

      What is most valuable?

      One of the features I particularly appreciate is the hunting capability, specifically being able to use deep visibility for threat hunting. 

      It's quite elaborate. It allows you to create and manage queries easily. Even if you're not very proficient in the language being used, it suggests the correct syntax when you type in plain text. If there's an error, it points out where you're wrong, enabling you to adjust the syntax. This feature is particularly beneficial for threat hunting using the deep visibility feature of SentinelOne Singularity Complete.

      Additionally, the platform allows for compartmentalization, which is great because we use it for about 13 customers. It enables us to manage different environments from a single console and download relevant data for each customer.

      What stands out is that this solution is not just about detection; it's also about response and containment. When it addresses an incident, it explains what occurred and suggests actions to take before further investigation.

      Another excellent feature is its ability to filter events from the same company, helping to reduce noise. For instance, if a single user performs various actions that would typically trigger hundreds of alerts, this system consolidates those activities under that one user. This approach allows for tracking related events together rather than generating multiple alerts. As a result, you can analyze an incident from a holistic perspective rather than just viewing individual alerts in isolation. Overall, these capabilities enhance the effectiveness of threat management and incident response. That's my take on it!

      It's capable of integrating with SIEM and other solutions. It offers enhanced interoperability. 

      What needs improvement?

      The main area for improvement relates to Linux compatibility. When deploying on a Linux system, the process isn't as seamless compared to other operating systems. They could enhance this by providing an easier way to implement or deploy on Linux OS systems.

      For how long have I used the solution?

      I have used SentinelOne Singularity Complete for four years.

      What do I think about the stability of the solution?

      There have been no stability issues at the moment.

      What do I think about the scalability of the solution?

      It's scalable.

      How are customer service and support?

      Their support is very good. When we encounter an issue, we quickly raise support tickets, and the response time is very good.

      How would you rate customer service and support?

      Positive

      How was the initial setup?

      It's not complex. It's straightforward, and the support is very good. 

      What was our ROI?

      SentinelOne Singularity Complete has shown a return on investment with its ability to detect threats at approximately 99% efficiency.

      What's my experience with pricing, setup cost, and licensing?

      It's affordable. The pricing is competitive. 

      SentinelOne Singularity Complete has proven beneficial in a specific case. In one instance, a customer had Microsoft licenses that were very expensive at the enterprise level. By implementing SentinelOne Singularity Complete, they were able to reduce their license plans and focus on this solution because it offered more robust features than their previous solution.

      What other advice do I have?

      I would rate SentinelOne Singularity Complete a ten out of ten. It's a good solution.

      Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
      PeerSpot user
      Sr. Executive Engineer at a outsourcing company with 51-200 employees
      Real User
      Jul 15, 2026
      Automated detection and response have transformed how my team manages endpoint threats
      Pros and Cons
      • "SentinelOne Singularity Endpoint has positively impacted our organization by strengthening our overall endpoint security and improving our ability to detect, investigate, and respond to threats."
      • "SentinelOne Singularity Endpoint provides strong protection and automation capabilities, but there are a few areas where it could be improved, such as enhancing the user experience with more intuitive dashboards and simplified workflows."

      What is our primary use case?

      My main use cases for SentinelOne Singularity Endpoint include endpoint protection, threat protection, threat detection, and automated response. I primarily rely on it to monitor endpoints for suspicious activity, identify and stop malware, ransomware, and other advanced threats, and provide visibility into security incidents across environments.

      I utilize SentinelOne Singularity Endpoint to support automated remediation of any kind of threats, investigation support, and improving overall security posture by reducing response times and helping my security team quickly understand and contain potential threats.

      What is most valuable?

      The best features of SentinelOne Singularity Endpoint include AI-powered threat detection and prevention, autonomous response and remediation, Storyline incident tracking, ransomware protection and rollback, and endpoint detection and response capabilities. It also has a single lightweight agent, protection across different environments, deep visibility, and investigation tools, and it offers identity and attack path context with related Singularity capabilities.

      The AI-powered detection and autonomous response capabilities have helped my team by improving our ability to identify and respond to threats quickly instead of relying only on manual investigation or signature-based detection. SentinelOne Singularity Endpoint helps to detect suspicious behaviors and emerging threats in real time while reducing the workload on my security team by automatically containing threats, stopping malicious processes, and helping prevent further impacts.

      SentinelOne Singularity Endpoint has positively impacted our organization by strengthening our overall endpoint security and improving our ability to detect, investigate, and respond to threats. Its AI-driven detection and automated response capability have reduced the time needed to identify and contain security incidents, improved visibility across endpoints, streamlined security operations, and reduced the manual efforts required for threat investigation and remediation. By automating key response actions and providing better incident context, SentinelOne Singularity Endpoint has helped my team improve efficiency, minimize risk, and maintain a stronger security posture, which has resulted in reduced team operations time.

      What needs improvement?

      SentinelOne Singularity Endpoint provides strong protection and automation capabilities, but there are a few areas where it could be improved, such as enhancing the user experience with more intuitive dashboards and simplified workflows. These improvements would make it easier for administrators to quickly access important insights and manage threats. Additional customization options for alerts, reporting, and automation policies would also be valuable, allowing organizations to better tailor the platform to their specific security needs. Improvements in integrations with a wide range of third-party security tools would also be beneficial.

      For how long have I used the solution?

      I have been using SentinelOne Singularity Endpoint for the last two years.

      What do I think about the stability of the solution?

      SentinelOne Singularity Endpoint is very stable because it is used for threat detection, threat prevention, and automated remediation for any kind of security operations.

      What do I think about the scalability of the solution?

      SentinelOne Singularity Endpoint has handled our organization's growth and expansion effectively.

      How are customer service and support?

      Customer support was very good, and I would give customer support a rating of eight out of ten.

      Which solution did I use previously and why did I switch?

      I did not previously use a different solution, and we did not use any solution before SentinelOne Singularity Endpoint.

      What was our ROI?

      I have seen a positive return on investment with SentinelOne Singularity Endpoint. The main value has come from reducing manual security operations, improving incident response times, and consolidating multiple security capabilities into a single platform, with relevant improvements including faster threat detection and response.

      What's my experience with pricing, setup cost, and licensing?

      My experience with SentinelOne Singularity Endpoint's pricing, setup cost, and licensing has been generally positive. The licensing model is straightforward, and the setup cost is low.

      Which other solutions did I evaluate?

      I did not evaluate other products before choosing SentinelOne Singularity Endpoint.

      What other advice do I have?

      For organizations considering SentinelOne Singularity Endpoint, I recommend evaluating it based on your specific security requirements and environments. I would give this product an overall rating of ten out of ten.

      Which deployment model are you using for this solution?

      Public Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
      Last updated: Jul 15, 2026
      Flag as inappropriate
      PeerSpot user
      Buyer's Guide
      Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.
      Updated: June 2026
      Buyer's Guide
      Download our free SentinelOne Singularity Endpoint Report and get advice and tips from experienced pros sharing their opinions.