What advice do you have for others considering Singularity Platform?

I do recommend SentinelOne Singularity Endpoint to other users as part of my day-to-day responsibilities. I have given this review an overall rating of eight out of ten.

For the overall SentinelOne Singularity Endpoint, I would give a score of eight for the whole product. Regarding the price point of SentinelOne Singularity Endpoint, I do not know the exact number, but I have come from the community and attended many events. As far as the cost is concerned, before the CrowdStrike blue screen attack, CrowdStrike pricing was far more increased rather than SentinelOne. After the CrowdStrike shares decreased due to the blue screen attack, they are very competitive with SentinelOne nowadays. The impact of Purple AI on investigations ultimately depends on what incident I got. I do not think the analyst should rely completely on Purple AI because there are many hashes or threats that are not publicly available. If things are not publicly available or not learned by the AI, I do not think I should rely completely on Purple AI. If I have any sort of data and see any pattern from my analyst's perspective, I can completely tell Purple AI that I think it can demonstrate the storyline that I am right. Based on that, I can take a decision, but I should not rely on the decision solely on Purple AI. My overall rating for this product is eight out of ten.

SentinelOne Singularity Endpoint provides alerting into the dashboard, but I did not configure it correctly and never received alerts over emails. If such a feature exists within the product, that would be awesome, and I could incorporate and configure it. Currently, I do not have visibility on it. Once I log into SentinelOne Singularity Endpoint, it provides visibility within the dashboard showing how many endpoints have been detected as infected, how many endpoints are impacted, and how many endpoints have been identified as malware where SentinelOne Singularity Endpoint has quarantined those files, and I can do analysis and further processing. However, currently, I did not configure it if it is available, but I am unable to navigate it. I do not have visibility on whether any endpoints or target machines have been impacted so that I receive email notifications or SMS notifications alerting me that a machine has been impacted and needs to be worked on urgently. This is a critical function I need to perform right now. If this would be configurable or is available in SentinelOne Singularity Endpoint, that is awesome. If not, then the alerting mechanism needs to be improved to get alerts over emails or SMS for at minimum critical assets. I can say that I currently did not implement it in such a way because for what I am using SentinelOne Singularity Endpoint for, it is the on-premises infrastructure for some organizations and just for endpoints in other organizations. In that case, I believe for SaaS products, I am currently not utilizing it for such things. My question is whether SentinelOne Singularity Endpoint is an agent-based solution that I can only utilize on endpoints or servers or where the operating system is Linux or different flavors where the operating system is running. However, for the serverless environment, SentinelOne Singularity Endpoint cannot work. Is that the right expectation? Obviously, the core concern is about data protection and privacy. There is something I have to adopt with AI. If I do not adopt it, I am not running with the market and chasing new goals. The thing is I have to implement frameworks such as ISO 42001 to manage data and contain my data's confidentiality and privacy. This is core importance for me in my job role. I take care of this all the time, and obviously if I am integrating solutions that utilize AI-based features into their product, I do have vendor management or vendor risk management to perform with vendors. I currently look into AI standards or framework implementation within organizations if they are providing me with full core data security. This is the point I engage in with existing and onboarding vendors. Additionally, I am currently utilizing AI and making AI models within my organizations. I implement security standards and maintain the whole implementation and operationalization of data protections within AI models and machine learning models. This is the function that can be adopted, and if it is in the product, obviously this is a positive point and I do encourage that utilization of AI models within products. As I mentioned, if I got email alerts or SMS alerts for critical systems and if AI has been engaged into threat modeling with well-known algorithms that identify what threats, viruses, or malicious insights have been identified in the system, and if AI can guess that certain operating systems, files, or things are critical to my organization and can do this on a real-time basis, that would be a positive point. Obviously, as I mentioned, if I want to run with the market, I have to integrate those AI threat modeling or AI remediations within my organization. I have to do that. I give this review an overall rating of eight out of ten.

With SentinelOne Singularity Endpoint, we have detected incidents that triggered alerts, and we can raise them within a maximum time of 10 to 15 minutes later. I recommend blocking the connection and taking other necessary actions. The importance of the Secret Scanning feature in SentinelOne Singularity Endpoint is significant because it scans newly engaged endpoints for malicious activities. It detects harmful EXE files or suspicious abnormal behaviors, ensuring the health of our endpoints is maintained. I recommend implementing SentinelOne Singularity Endpoint because the integration part is very simple and suited for small organizations. It is reasonably priced, and the installation of the endpoint on the client side takes only two to three minutes. I can also explain how it compares with other endpoints and the types of alerts generated, making it suitable for potential clients. Deep visibility, full disk scan, and rollback features are impressive, especially in cases of ransomware attacks. The rollback feature helps easily revert to a safe state prior to attacks, while the full disk scan ensures that all machines are scanned for threats, thus maintaining endpoint health.

I do not use the Ranger functionality because I am an L1 and I have only read-only access, but I know the functionality. The main function is network discovery and control, which identifies and manages unmanaged devices on the network and detects rogue devices on the system. Before I joined, I can say my organization reduced alerts by 30-40% due to integrating multiple devices with SentinelOne Singularity Endpoint, impacting mostly the false positive alerts. Data privacy and security with Purple AI are important for my organization; the co-pilot feature of Purple AI helps pull down any IOC present in my network, allowing me to identify any IOC, hash, vulnerability, or malicious activities that occur. I am the only SOC analyst L1, and while my organization has an investigating team that uses Purple AI mainly for investigation and threat hunting purposes, I have only used it for basic commands and queries for investigation. My clients are medium-sized, not exceeding 2,000 to 4,000 crore companies. If you are considering implementing SentinelOne Singularity Endpoint in your organization, I have several recommendations: first, train the SOC team, especially if there are new joiners; second, start with a pilot deployment rather than deploying to all endpoints; third, integrate SentinelOne Singularity Endpoint with other products such as SIM tools or SOAR tools to realize the true value of SentinelOne Singularity Endpoint; using it alone will not provide its full potential. I would rate this solution a nine out of ten overall.

SentinelOne Singularity Endpoint has helped reduce alerts for us by almost 50%. Before implementing it, my colleague told me that we were using an AV, but I do not have knowledge about which AV it was. After using SentinelOne Singularity platform, the time has reduced by 50%. There is up to 30 to 40% mean time reduction in MTTD. For mean time to resolve, whenever we get the alert from the console, we integrate SentinelOne Singularity with a sub-console, so it raises the alert within five minutes. I would rate this solution a 9 out of 10 overall.

I do not have anything else to add about my main use case or how SentinelOne Singularity Endpoint fits into my workflow. The unified platform experience certainly helps streamline our security operations, making things easier for my team. In terms of adaptability to new and unknown threats, I believe SentinelOne Singularity Endpoint is the tool I have used the most, and while I cannot compare right now since I have only used CrowdStrike once, I find SentinelOne Singularity Endpoint easier to use than CrowdStrike. I was not aware of the possibility to use an Offensive Security Engine, but I will seek more information on it. Having built-in integrations that unify various aspects of cloud security is very significant for my team, as it makes everything easier to manage. I advise others looking into SentinelOne Singularity Endpoint to check the ease of usage of the tool, as the platform is very helpful and the protection it provides is truly exceptional. I have given this review a rating of 10.

Purple AI is a tool I have used because we have the analyst access. I had limited access to Purple AI, but I have used it for finding the IOC in our networks and our customers' networks. It is a co-pilot feature where I can use a pull-down menu to identify based on the present IOC. The retrieve time is very fast, and we get the answer within five to ten seconds. We have IOC, zero-day vulnerability, or any other hashes present in our network. Because I am an L1 analyst, we have a forensic analyst team also, and they are using Purple AI. This tool is very helpful for our forensic team. SentinelOne Singularity Endpoint is reducing our time because we do not have that access to Purple AI. SentinelOne Singularity Endpoint is reducing our time to find the IOC in the organization. I gave this review an overall rating of 10 out of 10.

I would recommend SentinelOne Singularity Endpoint to other users because its threat detection and alerting are very quick. We have used CrowdStrike for one and a half months, but SentinelOne Singularity Endpoint triggers alerts much faster. Its compact features allow us to check seven to eight features effectively, and its pricing is lower than other EDR products. SentinelOne Singularity Endpoint has better pricing compared to other endpoints. CrowdStrike has a high value, but SentinelOne Singularity Endpoint's pricing is easier for any organization to handle. Regarding maintenance, there is no need for maintenance according to me. I give this product an overall rating of 10 out of 10.

In terms of consolidating our security solutions, I would rate SentinelOne Singularity Endpoint a 9 out of 10 because it meets all our use cases effectively. It provides granular insights into endpoints and comes with feature roadmaps, including AI security analysis that helps us understand the usage of shadow AI in our environment, vulnerabilities, and overall system alerts. This functionality allows us to monitor how many threats were remediated and triggered, significantly enhancing our security posture. We assessed the Ranger functionality a few months ago; we activated it for a trial and subsequently turned it off. During activation, it scanned our network for shadow endpoints without SentinelOne Singularity Endpoint, identifying devices such as printers or scanners, and provided insights into unknown devices on our network, offering valuable reports through the Singularity dashboard. Although we have not yet activated Purple AI, the guidance provided when alerts occur is helpful, summarizing what triggered the alerts and offering analysis steps for our small team, providing high-level alert overviews. I rate this review a 10 out of 10.

We are managing 7,000 to 8,000 endpoints for clients, and the setup is very easy. I have given SentinelOne Singularity Complete an overall review rating of 10 out of 10.

In our environment, we do use Purple AI as part of SentinelOne Singularity Complete to help with threat analysis, investigation workflows, and speeding up the incident triage. Purple AI acts as an AI-powered security analyst, helping translate complex data into actionable insights and enabling faster threat hunting and investigation across our endpoint security data. Purple AI plays a critical role in amplifying our team knowledge by helping us interpret alerts, investigate threats, and identify patterns across endpoints quickly. It essentially amplifies our team's knowledge by providing contextual insights, suggesting remediation steps, and correlating between security events that might otherwise be missed. SentinelOne Singularity Complete has significantly reduced the number of alerts our IT team has to handle manually. By leveraging AI-driven behavior analysis and automated threat automation, low-risk or duplicate alerts are filtered out, allowing the team to focus on the most critical incidents. In our experience, the platform has reduced actionable alerts by fifty to sixty percent. SentinelOne Singularity Complete has significantly reduced our organization's mean time to detect. With real-time AI-driven detection, automatic alerts, and behavioral analysis, threats are identified almost immediately upon occurrence. In our environment, we have observed that mean time to detect has improved by approximately sixty to seventy percent, meaning our IT team can detect and respond to incidents much faster than before. The rapid detection has been critical in preventing escalation and minimizing potential impact on end-user systems. SentinelOne Singularity Complete has significantly reduced our organization's mean time to respond, thanks to automated remediation, rollback capabilities, and prioritized alerts. Our IT team can respond to incidents almost immediately. Mean time to respond has been reduced by approximately sixty-two percent, allowing threats to be contained and resolved in minutes rather than hours. For others looking into using SentinelOne Singularity Complete, I advise utilizing the Purple AI summarization. The alert without much manual investigation allows us to determine if it is a true positive or not by seeing the Purple AI alert summarization, what happened, what process, activity, and what the underlying behavior is. Overall, SentinelOne Singularity Complete is highly effective, but organizations get the most value when they combine automation, AI, incident, and proactive management. Regularly reviewing the report with audit features is valuable for complete tracking of trends. Utilize the AI-driven insight to amplify your team knowledge and reduce alert fatigue. Planning for deployment across sites if you have multiple locations is essential, as is planning your policy and endpoint coverage for centralized management. I rate this solution a nine out of ten.

From a features perspective, there are no missing functionalities in Singularity Platform; the features are quite good for now. The overall review rating for Singularity Platform is 8.

Regarding Singularity Platform's real-time personalization feature, it does help with my customer experience strategies because, in my personal experience, I have taken a role as Treasury Manager and I am dealing with investment accounts every day. To do all that work manually compared to any type of platform work is pretty painful, so I would say anything in an automated space for any investment, any company with a bunch of investments in a portfolio, Singularity Platform is an option. Singularity Platform does help with fraud detection in the financial services as it has rules involved for risk management. If there was a purchase done, the way Singularity Platform works is it is fed in the custodian feeds as well as the bank feeds. There is no current trading platform associated with it, but there may be things in the works that will include a trading platform. I would say that there is a compliance module within Singularity Platform that helps clients determine if they want to remix their portfolio balances to stay compliant with whatever loan agreements they may have. Regarding Singularity Platform's customizable dashboards, I believe they help optimize operational efficiency. Since my role was really behind the scenes, not as a developer but on the QA implementation side of things, I believe any platform that can customize for any client will actually help them in the long run. I believe that having reports that are unique to each individual client helps them in their own way, so whatever reduces the manual workload for the client, especially customizing UI, is a good idea. I would absolutely recommend Singularity Platform to other users, but it depends on what their expectations are for the investment accounting software they plan to implement. For a smaller size insurance company, I believe that is fine. However, there are things that Singularity Platform cannot do that Clearwater does, and I am sure there are things that Clearwater does not do that Singularity Platform does. Therefore, it is hard to say definitively; it really depends on the client's needs. For a full-blown investment accounting and reporting system, I would still recommend Clearwater over SS&C. In terms of asset management and banking solutions, I cannot really respond because I believe SS&C and Clearwater probably have the same application capabilities. I would rate this solution a seven out of ten overall.

Singularity Platform functions as a security information and event management solution, and that is an inbuilt part of it. I believe in the correlations that I get because we work on it, but we don't use the Purple AI part of it. I'm not able to get clarity regarding the real-time personalization feature in Singularity Platform. I do not use the real-time personalization feature in Singularity Platform. It is a matter of false positives when people use it in my area. Regarding the impact of Singularity Platform on supply chain processes, I don't have much on it, but it's a good product and the tracking is better with the log capturing and the data that we get from it. The customer does require customizations on the dashboards as per the requirement of their organizations; if it's manufacturing, medical, or financial institution or banking, then they will have different requirements for their dashboards, which are yet not available, so we have to actually build up those dashboards for them. I can recommend Singularity Platform to other users. I have provided this review a rating of 9.

Regarding Singularity Platform, I would go for the platform. I am most familiar with that one. I do not currently know what version of Singularity Platform I am using. I will have to check. Probably I am using the latest version because we have automatic updates. We are not using the fraud detection feature in financial services, as we are not doing any financial services. Regarding Singularity Platform's real-time personalization feature, we are using it. Overall, if I had to rate Singularity Platform from one to ten, I think an eight would be appropriate. It is quite up to our standards. I would rate this review an eight overall.

I would rate Singularity Platform a nine out of ten.