SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.
SentinelOne Singularity Platform
SentinelOneExternal reviews
300 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Outstanding Security Solution with Seamless Compliance
What do you like best about the product?
SentinelOne was the only player in the market willing to sign a business associate agreement and ensure HIPAA compliance. I also appreciate the really great price they offer considering these features. SentinelOne Singularity was willing to work with us despite our smaller size and heightened compliance requirements, whereas some other companies wouldn't even quote us given our limited number of users. I found the initial setup to be very easy.
What do you dislike about the product?
None, we love it.
What problems is the product solving and how is that benefiting you?
I use SentinelOne Singularity to fulfill compliance requirements, protect endpoints and our network. It offers great pricing and signed a business associate agreement. They were one of the only vendors in the space that would sign a BAA and for HIPAA compliance, and one of the only vendors willing to quote us despite our small size.
Effortless to Use with an Informative, Well-Designed Dashboard
What do you like best about the product?
Easy to use, well-designed, and informative dashboard.
What do you dislike about the product?
I don't have any particular dislikes, though I do think certain areas could definitely be improved.
What problems is the product solving and how is that benefiting you?
The product has done an excellent job of securing all our endpoints, delivering impressive results.
Autonomous AI Response and Ransomware Rollback Are Game-Changers
What do you like best about the product?
Autonomous ai response , ransomeare rollback storyline
What do you dislike about the product?
There’s really nothing to dislike about this product, although I do find the pricing to be a bit on the higher side.
What problems is the product solving and how is that benefiting you?
This platform offers a single dashboard to manage all endpoints and servers, making it easy to monitor everything in one place. Its storyline analysis feature is helpful, and I haven't experienced any system lag. The tool also consolidates various functions and includes ransomware rollback, which adds an extra layer of security.
Has improved threat response time and reduced staffing needs through automation and visibility
What is our primary use case?
What is most valuable?
SentinelOne Singularity Complete has allowed me to perform multiple functions. It enables asset ingestion, and I have been able to identify other machines that don't have the endpoint agent installed. We've caught some malware. SentinelOne has internal reporting features and Ranger features that search the subnets where SentinelOne agents are located for other devices that may not be protected with the agent. The platform itself allows me to visualize my entire environment.
The ransomware rollback feature is the best aspect of SentinelOne Singularity Complete that stands out the most. We haven't had to use it yet, but it allowed me to demonstrate to our insurance providers that I had a recovery mechanism for the rollback.
SentinelOne Singularity Complete has positively impacted my organization by helping with trust amongst the organization. There is no longer any doubt that we are protecting the endpoints. Also, with USB exclusions and other features, it has helped with data loss prevention. I am now able to measure DLP attacks.
My impression of SentinelOne Singularity Complete's ability to ingest and correlate across my security solutions is phenomenal. It's great to have that central location. With SentinelOne Singularity Complete, I have been able to remove three additional products from the environment.
I use SentinelOne Singularity Complete's Ranger functionality, and it's one of the most important things I have.
What needs improvement?
There really aren't any areas for improvement in SentinelOne Singularity Complete. I'm excited to watch the continuous improvement to the storyline.
What do I think about the stability of the solution?
SentinelOne Singularity Complete is stable in my experience.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete's scalability is extremely easy to achieve as new endpoints and new detection points come on board.
How are customer service and support?
The customer support for SentinelOne Singularity Complete is phenomenal.
I would rate the customer support a ten on a scale of one to ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were a new company, and we picked SentinelOne Singularity Complete first without using a different solution before.
What was our ROI?
SentinelOne Singularity Complete has helped free up my staff for other projects and tasks by saving us multiple hours a day because we can now get the visibility and the automation.
SentinelOne Singularity Complete has helped reduce my organization's mean time to detect by fifty percent.
SentinelOne Singularity Complete has helped reduce my organization's mean time to respond by eighty percent.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for SentinelOne Singularity Complete was flawless while working with my account manager. For the first time in a long time, I enjoyed the process.
Which other solutions did I evaluate?
I did not evaluate other options before choosing SentinelOne Singularity Complete.
What other advice do I have?
The advice I would give to others looking into using SentinelOne Singularity Complete is to have your inventory counts available, document your ingestion points, and proceed with the implementation. I think it's a great product. I would rate this review a ten on a scale of one to ten.
Effortless Deployment and Outstanding Support
What do you like best about the product?
Easy to deploy and use. Very responsive to config changes. Support team is amazing.
What do you dislike about the product?
I have not found anything I don’t like. The platform is very user friendly.
What problems is the product solving and how is that benefiting you?
EDR and single pane of glass view of our environment.
Has improved threat detection and streamlined integrations through strong XDR and forensic capabilities
What is our primary use case?
I'm only dealing with Google SecOps right now, not other Google Cloud products. On a limited scale, I think we use Microsoft Defender for one particular customer; for the others, we are using SentinelOne Singularity Complete and Palo Alto Cortex.
What is most valuable?
I've seen a lot of improvements and simplifications, and Google SecOps has recently moved into Gartner's as the highest one for visionaries. The AI, agentic AI, integration with SOARs, and simplified SKUs and pricing are noteworthy. Most customers who have various platforms for cybersecurity do not choose Azure Defender unless they are on a Microsoft stack right now. SentinelOne Singularity Complete is the most capable in terms of detection and response, and I use it quite extensively for forensic capabilities.
SentinelOne Singularity Complete can be quite intrusive, but it has strong detection capabilities. The Ranger functionality of SentinelOne Singularity Complete for the EDR is extensively used for customers. Microsoft Defender has recently upgraded to XDR capabilities.
What needs improvement?
For Azure Sentinel, the main issue that needs improvement is the pricing; it's quite unpredictable right now in terms of cost. The use of many components within Azure itself is confusing, especially with the recent move in terms of the console from Azure Sentinel to the Defenders. The highlight is more into the pricing; it is too expensive and unpredictable right now.
For Google SecOps, the only improvement I suggest is in terms of the reporting, especially for out-of-the-box reporting that seems very lacking right now. There aren't too many useful reports coming from out-of-the-box; we have to develop them ourselves right now.
SentinelOne Singularity Complete needs to work more on increasing true positive detections to make it closer to 10. A weakness seen with one large customer was that the detections were too intrusive, blocking many applications that should have been working, which led to many false positives.
How are customer service and support?
I think technical support is quite good; we have been in contact quite occasionally, and they provide expected answers.
How would you rate customer service and support?
Positive
How was the initial setup?
I find the initial setup quite straightforward for SentinelOne Singularity Complete.
Which other solutions did I evaluate?
SentinelOne Singularity Complete can be quite intrusive; that's one of the drawbacks. It's also the first thing that we recommend right now. We prefer to use other EDR platforms such as SentinelOne Singularity Complete and Palo Alto Cortex right now.
What other advice do I have?
I'm using Google SecOps. If you want, I can leave my opinion on Google SecOps.
While the others will be on the cyber threat intelligence, the primary is Google SecOps, and I think the other one is Azure Sentinel.
There is room for improvement for these solutions. It's mostly SIEM and MDR for SentinelOne Singularity Complete. I haven't used Vigilance MDR; I only know the name.
We mainly focus on SentinelOne Singularity Complete and Cortex, while the other EDRs that we have managed are less significant. It's almost similar since both SentinelOne Singularity Complete and Cortex have EDR and XDR capabilities.
In terms of non-locked XDR platforms, the best one is SentinelOne Singularity Complete right now for their XDR capabilities. Other ones such as Palo Alto Cortex or even CrowdStrike are locked into their own ecosystem right now since they have many products within that ecosystem. In terms of integration, even though it looks quite open, some are tightly coupled into their own ecosystem, especially for Palo Alto Cortex.
We haven't had that in-depth experience in terms of ingesting and correlating for SentinelOne Singularity Complete; we mainly use it right now for their EDR capabilities. Since we provide the MDR services, we mainly integrate those with Google SecOps right now for the overall SOC services. I think they are the most capable in terms of detection and response.
We only tried Purple AI but haven't used it quite extensively. I find the pricing very reasonable, especially right now compared to other top-tier EDR platforms at the same level. I usually recommend the product for both smaller and bigger organizations. My overall rating for this review is 9.
Automation has simplified threat detection and enabled seamless hybrid deployments
What is our primary use case?
The main use cases for SentinelOne Singularity Complete include EDR, XDR, and NGSIEM.
SentinelOne Singulality Complete has the ability to ingest and correlate across security solutions extensively.
SentinelOne Singularity Complete seamlessly ingests logs from various other technologies besides the SentinelOne EDR platform. We have integrated with several firewalls, different firewalls. We have integrated with cloud ingestion, such as AWS and GCP, which is seamless. There are other solutions that can be integrated with SentinelOne Singularity Complete, incorporating security log ingestion.
The XDR platform helps to consolidate different security solutions.
Regarding Ranger functionality, it provides network and asset visibility and can ingest logs from network sources, capturing any threat metrics, including IOCs.
I cannot confirm if SentinelOne Singularity Complete reduces alerts as I have not worked heavily on that aspect. The system captures different telemetry from network devices.
Customers mainly use SentinelOne Singularity Complete on both public and hybrid cloud. This is advantageous, as we can use a relay agent to commit updates for computers that do not have internet access. Those telemetry can also be received, which is a clear value differentiator.
What is most valuable?
The rollback feature is the most useful feature of SentinelOne Singularity Complete. When a machine is infected, we have the option to roll back to the earliest date, providing ransomware protection. The second biggest differentiator is the hybrid implementation, which means unlike other EDRs, all machines need not be connected to the internet. We can have a local relay agent that can perform updates and upgrades to machines that are not connected to the internet directly, which is very helpful for updating air-gapped implementations.
The installation of SentinelOne Singularity Complete is very seamless. We are able to implement fresh rollouts of thousands of machines in a matter of one or two days, provided the machines are available. We are immediately able to see the telemetry and ingestions of the log taking place.
The biggest benefit for my customers is that it is autonomous, where mostly everything is automated, and the threat detection, as well as auto-remediation rules, are set up. Hence, minimum intervention is required from our side in case of known threats. I consider the automation and autonomous decision-making as the cornerstone.
What needs improvement?
Sometimes, SentinelOne Singularity Complete takes time to reflect on some machines, which could be due to poor network connectivity. However, I don't see any major problems.
It takes time for updates to reflect on the central console when putting in a new machine.
Regarding recommendations, they have acquired a company called Prompt Security, which is working on AI gateway and AI security posture management. I want to see how it gets integrated with the SentinelOne platform, and I am looking forward to what they will do with Prompt Security.
My customers have not calculated a return on investment because most purchases happen as a mandate. It is imperative for organizations to move from antivirus to EDR and XDR platforms. The decision is mostly for corporate security rather than based on a return on investment.
For how long have I used the solution?
I have been working with SentinelOne Singularity Complete for three years.
What do I think about the stability of the solution?
I have not come across big disruptions or breaches with SentinelOne Singularity Complete. Whatever known viruses exist are automatically eliminated, similar to a usual antivirus. I have not used threat hunting situations and have not been exposed to that currently.
There are not many stability issues regarding upgrades. Everything is managed automatically, so there is no user interference needed for upgrades.
What do I think about the scalability of the solution?
SentinelOne Singularity Complete is very scalable. I have seen customers scaling up to 25,000 users very easily without challenges.
How are customer service and support?
I have contacted SentinelOne support via TAC lines for understanding suspicious behavior, and they help drill down further. We get support directly from the TAC line for any false positives or to understand whether it is a true positive or false positive alert.
I would rate the support from SentinelOne Singularity Complete as an eight out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of SentinelOne Singularity Complete is straightforward and very easy. All we need to do is set up a tenant, create the package file, and once we install it, it automatically connects. We can set up the entire system in a matter of one hour for a large customer.
What's my experience with pricing, setup cost, and licensing?
SentinelOne Singularity Complete is not expensive; they are very aggressive when it comes to price points.
Compared to Microsoft and other competing solutions, SentinelOne Singularity Complete is very aggressive price-wise.
The cost depends on a per-device basis.
The full-fledged platform should be around $7 to $10 per device per month.
What other advice do I have?
I have had limited experience with Purple AI, which gives copilot-features wherein I can use a pull-down menu to identify based on any IOCs present. The retrieval time is very fast. I can ask certain copilot questions, frame certain queries on the drop-down menu, and immediately see whether those telemetry match in my systems.
Predominantly, my customers buy SentinelOne Singularity Complete from us. Small customers may purchase from the AWS marketplace, but enterprise customers mostly buy through partners.
I recommend SentinelOne Singularity Complete as a good investment where you can rely on the technical support. There is always a human voice available if we get stuck somewhere, and I am very happy about the solutions and interactions we have. You are bound to have clarity when alerts come in, and you need a vendor who can answer and troubleshoot those situations and clarify what the alert is all about. If you are looking for more TAC line support for incidents, go ahead with SentinelOne Singularity Complete.
I rate SentinelOne Singularity Complete eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Inheritly powerful,and a feeling of being protected.
What do you like best about the product?
That when necessary, I don't require to be attentive to the platform. But when I need to be on it or want to learn more, the possibilities are endless. I can go as far as I want. The platform is feature-rich. The use of Purple AI and the real language searching, you can go in depth with the threats.
What do you dislike about the product?
In the beginning, there was a bit of a learning curve.
What problems is the product solving and how is that benefiting you?
It is just one step in the layered defense in depth. Granted, it is a big part. Antiviruses based solely on signatures are a thing of the past.
Great security
What do you like best about the product?
easy to use and setup the agents in your environment
What do you dislike about the product?
a little expensive, the DFIR team hasn't been useful so far
What problems is the product solving and how is that benefiting you?
keeping my environment safe
Has improved threat hunting through query suggestions and contextual incident storylines
What is our primary use case?
I have used SentinelOne Singularity Complete in a SOC environment where most customers were utilizing it.
How has it helped my organization?
The solution has been helpful especially for the infrastructure security team. They can focus their energy on other business projects and priorities while having peace of mind knowing that even without real-time operation, SentinelOne Singularity Complete can detect vulnerabilities and contain threats until they intervene. This allows them to work on other projects, develop security policies, and strengthen their defense. The team can address other security loopholes while SentinelOne Singularity Complete manages their infrastructure.
What is most valuable?
One of the features I particularly appreciate is the hunting capability, specifically being able to use deep visibility for threat hunting.
It's quite elaborate. It allows you to create and manage queries easily. Even if you're not very proficient in the language being used, it suggests the correct syntax when you type in plain text. If there's an error, it points out where you're wrong, enabling you to adjust the syntax. This feature is particularly beneficial for threat hunting using the deep visibility feature of SentinelOne Singularity Complete.
Additionally, the platform allows for compartmentalization, which is great because we use it for about 13 customers. It enables us to manage different environments from a single console and download relevant data for each customer.
What stands out is that this solution is not just about detection; it's also about response and containment. When it addresses an incident, it explains what occurred and suggests actions to take before further investigation.
Another excellent feature is its ability to filter events from the same company, helping to reduce noise. For instance, if a single user performs various actions that would typically trigger hundreds of alerts, this system consolidates those activities under that one user. This approach allows for tracking related events together rather than generating multiple alerts. As a result, you can analyze an incident from a holistic perspective rather than just viewing individual alerts in isolation. Overall, these capabilities enhance the effectiveness of threat management and incident response. That's my take on it!
It's capable of integrating with SIEM and other solutions. It offers enhanced interoperability.
What needs improvement?
The main area for improvement relates to Linux compatibility. When deploying on a Linux system, the process isn't as seamless compared to other operating systems. They could enhance this by providing an easier way to implement or deploy on Linux OS systems.
For how long have I used the solution?
I have used SentinelOne Singularity Complete for four years.
What do I think about the stability of the solution?
There have been no stability issues at the moment.
What do I think about the scalability of the solution?
It's scalable.
How are customer service and support?
Their support is very good. When we encounter an issue, we quickly raise support tickets, and the response time is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
It's not complex. It's straightforward, and the support is very good.
What was our ROI?
SentinelOne Singularity Complete has shown a return on investment with its ability to detect threats at approximately 99% efficiency.
What's my experience with pricing, setup cost, and licensing?
It's affordable. The pricing is competitive.
SentinelOne Singularity Complete has proven beneficial in a specific case. In one instance, a customer had Microsoft licenses that were very expensive at the enterprise level. By implementing SentinelOne Singularity Complete, they were able to reduce their license plans and focus on this solution because it offered more robust features than their previous solution.
What other advice do I have?
I would rate SentinelOne Singularity Complete a ten out of ten. It's a good solution.
showing 1 - 10