External reviews are not included in the AWS star rating for the product.
My use case for this solution is that we are an MSP. We take care of clients for small to medium-scale businesses. I think our current install base is around 7,000, maybe around there. Beyond that, we also are in the project business, so for larger customers, we handle it on a project basis.
My clients are small to medium businesses for the most part.
The best features I and my clients like the most about Singularity Platform are that, first of all, it's easy to handle. It doesn't take a lot of time to get into. There's no real obscurity. It's really easy to handle, takes a load of work from the team, and in most cases, you can literally just configure it once and leave it running until something comes up, and it will just work. There won't really be an issue in between then.
Singularity Platform saves me over 50% of my time or resources. If I have an incident I want to investigate, for example, I can just go in. I don't have to learn a complex query language. I can just ask the inbuilt Purple AI and ask about this situation. If I want to dive in deeper, I can, and it's really easy to do. I can very easily see the context, see what has happened, where it has happened, how it has happened, as opposed to other tools or even doing it manually. The time saved is almost immeasurable because it's just so much.
My thoughts on the real-time monitoring capabilities are that they are great. There's not really anything negative to say there; I like them.
When assessing the impact on supply chain processes, keeping it simple, it would basically be good. In use cases where customers are in a supply chain, the people who are concerned about them being in their supply chain usually have their concerns alleviated by SentinelOne being present.
My thoughts on the maintenance are that it is pretty easy. It is pretty much the way I would like it. If it works, you're not bothered by it. If it doesn't work, it's very easy and quick to figure out what is going wrong. The nice part about that as well is you can go the proper way and fix it as intended, or if that doesn't work, the wooden mallet is always an option to just fix it quick and dirty. Those work without issue.
The areas that have room for improvement in Singularity Platform include the fact that I am really not happy with the vulnerability management. I may or may not have a bit of a personal vendetta against vulnerability management as a whole. I feel that concept is a bit out of date in my opinion. But combine that with what I believe is absolutely subpar performance in the vulnerability management space. I just opened our console and am faced by a wall of red. We conduct regular internal pen tests on ourselves and our clients. I know those aren't able to be exploited, and seeing, even if I dive into the vulnerabilities, a good percentage of them isn't even real. Sometimes they may just be artifacts left over that are still being found and then identified. Last year, SentinelOne was awarded for best vulnerability scanner, and that was a bit amusing to me. But that's really the main part I would say could be improved. Other than that, there are a couple of minor features which I know are on the roadmap and I would like to see sooner.
I've been using Singularity Platform since 2020.
When rating the stability, let me preface this by saying that thanks to the architecture of SentinelOne being not really cloud-dependent, it won't report to the cloud if the cloud is down. Thanks to that, I don't really care about occasional downtime on the console too much. That being said, I know there have been a couple of issues in the recent months, but those are getting a lot better. I would rate stability a nine.
I rate the scalability of Singularity Platform a 10.
From one to ten, I would rate the technical support an eight.
Positive
I don't have any personal experience with CrowdStrike, sadly, but when comparing Singularity Platform to other solutions, one of the main parts is that performance is just so much better. Not just in threat detection and mitigation but also in regards to endpoint performance. If it works, nobody's going to complain, but the moment that performance is impacted just a tiny bit, it will come up. Even in those rare cases when that isn't optimal, it can very quickly be improved and worked around again. Looking at reports from MITRE ATT&CK, you can see that it works. That's what I enjoy so much about it; it's one of those things that let me sleep easy at night.
Five specialists work with Singularity Platform in my organization.
My thoughts on the customizable dashboards are somewhat detached on a general basis. I see the use for the dashboards; however, we have a bit of a unique issue because, as I mentioned, we are an MSP. We don't just have one console, but I think at this point we have 10, 13 or something consoles, all across different URLs. So I personally can't really use the dashboard customization for a lot of things. We are using it to some degree to monitor the full-service clients, but I generally recommend larger companies we onboard on a project business to utilize the customizable dashboards, especially for data ingestion. That's a real plus point to quickly visualize how much data and what types of data you ingest and where necessary, trim down on unnecessary data.
The minor features I would like to see sooner include, for example, the exclusions. When they trigger, I would like to know in retrospect and be able to see how often a certain exclusion has triggered in the past, let's say, year. So I could say that this hasn't triggered at all and I can just remove it. Also, for the upgrade policies, I would like to just be able to set that I want to upgrade agents on maybe one version behind, one major, one minor version behind, always update service packs, update with a delay of X weeks, and just do that automatically rather than having to adjust the target version manually all the time. But those are very, very minor gripes. That's pretty much all I would have as feedback.
I would rate Singularity Platform overall a 9 out of 10, as there are still some minor things that I think could be a tiny bit better.
The advice I would give others looking into Singularity Platform is that I would definitely recommend it. First off, it is easy to use. You can integrate it with everything, and you can integrate everything with SentinelOne. That isn't even an exaggeration. If you have anything that produces data, you can integrate it. That is what I love so much about it; it's just awesome. My advice would be to definitely do a proof of concept. Figure out the three to four main use cases or main causes of concern for your company, do a classic proof of concept, proof of value, figure out the key areas that you want to protect, and see if the agent plays nice with it and come to the conclusion that it does.
I create policies based on the regarding policy, which means I created custom rules regarding the use case and customer use case.
Most of my use cases are related to the event ID and the process event, so it is easy to use.
My impressions of SentinelOne Singularity Complete's ability to ingest data and correlate across the security solutions is that it is better for blocking the hash value and generating the rules manually. It is easy to use.
Overall, SentinelOne Singularity Complete helps me consolidate my security solutions, being the best in endpoint, cloud, and identity.
The best features in SentinelOne Singularity Complete are in the SIEM solution, including the block list in hash value block list and anti-tampering mode.
The best part of the Ranger functionality is that it helps find known and unknown devices, locate IoT devices, and determine how many agents have not been installed in SentinelOne, making it easy to count how many machines are not installed and find IoT devices.
SentinelOne Singularity Complete has helped reduce alerts for me, with the best part being the exclusion, as it has already marked most of the alerts in the cloud as false positives.
SentinelOne Singularity Complete has helped free up my staff for other projects and tasks.
In the SIEM solution, I would like to see improvements in the data injection process, as it is very fast, and the log collector option is very nice. However, there are issues in blocking the hash, which is complicated due to different segregation for Windows, Linux, and macOS, so I ask for an improvement in this hash blocking function and the manual generation of how many VSS snapshots.
I have been working with SentinelOne Singularity Complete for the last two years.
The performance issue with SentinelOne Singularity Complete is very good, but the hash blocking remains complicated and generating many snapshots manually is a recurring challenge.
I work with the Ranger functionality in SentinelOne Singularity Complete, which is used to identify known and unknown devices both in and out of networks.
I evaluate the customer support team of SentinelOne Singularity Complete highly, stating that they provide good support with 24/7 availability.
I decided to switch to SentinelOne Singularity Complete because it offers a single solution for the endpoint SIEM and singularity purpose, and the console is very easy to handle.
There were challenges during the setup, particularly with the custom rule as the customer asked for application-level blocking that I did not fully understand.
The project time is not the means full completely solution but it saves up to 40 days.
Apart from the escalation matrix, I have seen improvement in the mean time to respond, with critical alerts raised below up to 15 minutes and false positive alerts raised in up to one hour.
I mostly use the custom rule and small things for the event type, event query, and searching in event query, focusing on endpoint based solutions in SentinelOne Singularity Complete and the SIEM solution.
I would rate the technical support of SentinelOne Singularity Complete a nine.
I have no recommendations for improvement regarding SentinelOne Singularity Complete as a product or solution.
I rate this review a nine overall.
My use case for the solution is scientific research involving legacy software on older OS versions for complex overflows.
The best features of Singularity Platform are AI-powered autonomous threat detection and extended detection and response, along with cloud workload protection.
Regarding the real-time personalization features, I find that it helps me in detection. It assists me to find detections and furthermore evaluate the detections. It helps me a lot because it is completely beneficial, showing fewer alerts than competitors. In other competitors, alerts are excessive, but here the alerts are fewer rather than too many. It is much more useful for me compared to other products.
The real-time monitoring capabilities are much faster. I would say that it is significantly faster in decision making. In my previous experience with other log analysis tools, whether paid or free, the processing time was excessive, but here the processing time is very minimal and I get what I need very quickly.
Regarding areas for improvement in Singularity Platform, I would say the data security posture and control over sensitive information could be enhanced. If the control were more robust, then it would be better. For instance, when I analyze a log using Singularity Platform, the logs I see are clear, but if they were more descriptive, it would be much better. For example, when I find a log suspicious, if it automatically points out that a particular point in the log at a specific timing or frame is looking malicious, it would be easier for me. I would not have to go through many logs to find this information.
I have been using Singularity Platform, which refers to SentinelOne, for a few months, approximately five to six months.
Regarding stability, I have not encountered any downtime. Depending on my system where I use it, I have seen that even with less RAM, it does not lag. In other SIEM tools, they give lags and glitches, but I have not found any bugs. It is working well.
For stability, I would rate it a nine out of ten.
Singularity Platform is scalable. On scalability, I would rate it between eight and 8.5.
For technical support, I have not needed any technical support until now, so I cannot answer clearly. However, I hope it will be nice because if the application is working so well, why would I need technical support? I think if I need technical support, it will be good.
Negative
I have tested Splunk Enterprise edition and the paid editions, and I have also tested Wazuh. I have tried some paid tools, but I have found that Singularity Platform is far better than others. As a log analyst and SOC analyst, I find it better than others.
The deployment is easier. When I compare it with other SIEM tools, it is much easier. There are not too many settings I have to adjust. For example, with Splunk, it takes too many settings to set up on AWS, but here it does not require too many settings and it does its work well.
Initially, we used two people, and then we expanded to three people using it.
If I estimate how much time it has saved me, I would say it has saved almost 30 to 40 percent of time compared to other tools.
In terms of pricing, I will say that it is worth it for me. Living in India, it is natural for us to prefer things a little cheaper, but whatever the price is, it is worth it. However, as a SIEM tool, if it were priced less, many more people could explore it.
Regarding the fraud detection feature, I did not use it until now, but I have explored the features of fraud detection.
In fraud detection, the logs which are generated and captured are much clearer, meaning clarity is very good in respect to other platforms. I found that the clarity is very good. It also minimizes false positives, which is critical in some situations. Furthermore, the method is top-performing with a wide range of data sets and evaluation matrices.
Maintenance is necessary with Singularity Platform, as artificial intelligence is implemented, so it is 100 percent needed. It depends on the user and the application totally, but the maintenance is needed.
My feedback is that I will surely recommend it. I have already recommended it to many of my colleagues and I will continue to do so in the future. If it is giving us benefits, then why would I not recommend it? I would give a rating of 10 out of 10 for recommendation.
My use case working with Singularity Platform was to implement clients from the insurance business onto the platform.
Singularity Platform's best features are its scheduled reports and its automated end-of-day business capabilities, which allow any activities that occur projected or expected to come in overnight without manual intervention.
Concerning Singularity Platform's real-time monitoring capabilities, they are not truly real-time, as they were always a day behind, meaning they look at results from the prior T+1 business day. They are getting as much real-time information as they can, and depending on what the insurance team decides to do in terms of logistically buying and selling on a certain day, they can see their impacts on their current cash balances. This allows executives to determine if they have to liquefy any of their assets at a certain point in time, providing a great view in terms of risk management and current available cash balances while also considering the strategic direction in the next year or two where they plan on going with their cash balances.
I believe there is room for improvement in Singularity Platform regarding its product. First of all, with all automated systems, they need to have the capabilities to expand rather quickly. When I was there, I do not believe they had the ability to do that. In addition, they are very concentrated on certain clients which they have contractual obligations to meet.
As for other areas that could be improved in Singularity Platform, I believe there are a bunch of customer-facing uploads that need improvement. The communication between clients and the teams working internally with that client also needs enhancement. The automation itself has to be increased in terms of bandwidth or capability of the system. For example, there were times when there were severe lag problems on the system due to capacity issues. They may not have had enough servers. There was a lack of response time at times.
My experience with Singularity Platform is over three years.
I would rate the stability of Singularity Platform as a nine. Of course, you will sometimes have outages across certain regions; it just happens. However, during the amount of time I worked on it, I did not have any instances of an outage, although I cannot say everything is perfect.
Regarding scalability, I believe it deserves a seven out of ten, or a seven and a half. I believe that the system is scalable but it all goes back to personnel behind the scenes and the availability of those people, plus the knowledge they hold in terms of being able to bring larger clients onboard. I am not saying they are awful; they just need to ensure that they have the right personnel.
I would rate the technical support of Singularity Platform as a six.
The reason I rate it a six out of ten is because they have a lack of IT resources to be responsive in real-time, and they are very siloed in terms of knowledge. A lot of people have to reach out to one sole person who has basically developed the system, creating a bottleneck for responses and making it hard to know when you will get a reply or where it stands in terms of priority.
I believe that CAM and Clearwater are superior to Singularity Platform.
Overall, I believe that in any cloud-based platform there are challenges. However, in terms of implementation for Singularity Platform, the average implementation is about 90 days, which is pretty reasonable given the circumstances. I do not believe there is any advantage or disadvantage in moving from Singularity Platform to any other platform.
In terms of pricing for Singularity Platform, I believe they are competitive with the market. I do not believe they are cheap or expensive; I believe they try to be within a few basis points of other offerings. My philosophy is you pay for what you get, so if you decide to cheapen out on the cost of your platform, you are not going to get what you want.
If Singularity Platform is reasonably cheaper than Clearwater, then you could use it as it will still do what you want, though it may not be as comprehensive as Clearwater.
Regarding Singularity Platform's real-time personalization feature, it does help with my customer experience strategies because, in my personal experience, I have taken a role as Treasury Manager and I am dealing with investment accounts every day. To do all that work manually compared to any type of platform work is pretty painful, so I would say anything in an automated space for any investment, any company with a bunch of investments in a portfolio, Singularity Platform is an option.
Singularity Platform does help with fraud detection in the financial services as it has rules involved for risk management. If there was a purchase done, the way Singularity Platform works is it is fed in the custodian feeds as well as the bank feeds. There is no current trading platform associated with it, but there may be things in the works that will include a trading platform. I would say that there is a compliance module within Singularity Platform that helps clients determine if they want to remix their portfolio balances to stay compliant with whatever loan agreements they may have.
Regarding Singularity Platform's customizable dashboards, I believe they help optimize operational efficiency. Since my role was really behind the scenes, not as a developer but on the QA implementation side of things, I believe any platform that can customize for any client will actually help them in the long run. I believe that having reports that are unique to each individual client helps them in their own way, so whatever reduces the manual workload for the client, especially customizing UI, is a good idea.
I would absolutely recommend Singularity Platform to other users, but it depends on what their expectations are for the investment accounting software they plan to implement. For a smaller size insurance company, I believe that is fine. However, there are things that Singularity Platform cannot do that Clearwater does, and I am sure there are things that Clearwater does not do that Singularity Platform does. Therefore, it is hard to say definitively; it really depends on the client's needs. For a full-blown investment accounting and reporting system, I would still recommend Clearwater over SS&C. In terms of asset management and banking solutions, I cannot really respond because I believe SS&C and Clearwater probably have the same application capabilities.
I would rate this solution a seven out of ten overall.
Our customers are primarily seeking an XDR platform with Singularity Platform, which combines their EDR, next-gen antivirus, vulnerability management, and integration with their existing security portfolio. Singularity Platform is used for XDR requirements, extended detection and response, for their EDR, next-gen antivirus, vulnerability management, and the requirement to integrate with their existing security solutions like their firewalls and proxies from an XDR perspective.
From an overall security perspective, it is not related to supply chain processes as specific to the supply chain process. When customers have interactions or business relationships with their vendors or the third parties that they use as part of their business, Singularity Platform can be used to scan the internet traffic or through their XDR functionalities to determine what kind of data they are sending, if any vulnerabilities exist in their systems, and whether those vulnerabilities are exploitable or not. Those kinds of features can be mapped to a supply chain from Singularity Platform's perspective.
Singularity Platform's functionality for ransomware rollback is quite useful because if you have a ransomware attack, most EDR solutions do not have the feature to do a rollback and bring the system to its earlier state, but that is one of the unique features that Singularity Platform has which can be a game changer for customers.
Singularity Platform's customization feature is also strong; we were able to customize the dashboards and reports based on the different compliances that the customer has. We have customers in BFSI, manufacturing, and pharma, so based on their requirements, because every customer or every business has a different set of requirements, the customization of dashboard and reporting perspective is good in Singularity Platform. From an analyst level to a C-level executive, we can have different sets of dashboards with a specific set of purposes aligned with what roles they play.
The real-time monitoring capabilities in Singularity Platform are good. Some enhancements that could be made are to make it more readable or understandable to the person who is monitoring those dashboards, because sometimes what happens is it becomes too verbose or too much data is displayed from the monitoring perspective, especially from the EDR perspective. Analysts have to make sense of what logs or what alerts they are monitoring; they have to go through a lot of data before they can take any decision on whether it's a false positive or an actual threat that they should look at. If they make it easier and more understandable for the analyst, they can make an informed decision quickly. Currently, what Singularity Platform has is a bit clunky, verbose, and has too much data that might be useful or might not be useful based on the analyst, so if they simplify it, it will be more effective.
From the end user perspective regarding Singularity Platform, the deployment is very easy, which makes life easy for the administrator. Implementation doesn't require a reboot or these kinds of things after installing the agent, which is one more advantage. Additionally, it doesn't use many system resources and doesn't make the system heavy, but still works in a good way, so you're not using much of the CPU or RAM. The detection ratio is good, and we haven't seen many false positives or many attacks at our customers where Singularity Platform has been deployed. This is one added advantage because you need to spend less time on alerts or incidents, allowing your administrators to focus on different jobs rather than spending time analyzing on Singularity Platform. The deployment and installation are easy, which saves time and money from bandwidth and network perspectives and from the time that an analyst or administrator spends on deploying or installing the agent.
I do not recall a real-time personalization kind of feature in Singularity Platform.
If ranking is applied, I would rank CrowdStrike as one, Singularity Platform as two, and Palo Alto's Cortex as three. The issues mentioned in Singularity Platform are well taken care of in CrowdStrike, and CrowdStrike now has a bigger portfolio in terms of data security, identity security, and AI security. The new-age integrations are better in CrowdStrike, and I'm sure Singularity Platform will catch up, but as of now, CrowdStrike has an added advantage.
From an XDR perspective, if Singularity Platform could expand their existing set of supported log sources, that would be better. As of now, they have a limited set of security solutions that can be integrated as part of their XDR platform, and if they increase that, it would be better because not all customers will have the set of supported log sources that they have. Additionally, they don't have a scheduled scan feature; you have to do it through a different mechanism. If they can bring it as part of the platform, the scheduled scan feature would improve usability. Apart from that, from an operations or overall security perspective, we haven't found any such issues with the platform.
I have been working with Singularity Platform for three plus years.
I would rate stability for Singularity Platform as an eight from a better perspective.
Scalability is not an issue for Singularity Platform because it is delivered as a SaaS service, so scalability is taken care of by SentinelOne. I would rate it as a nine.
Technical support from SentinelOne is somewhat dependent on the engineer you are assigned. Some TAC cases are solved in a good time, but some cases faced challenges because the engineer was not competent or was not able to understand the issue or take it to its logical conclusion. I would rate it around six.
From the end user perspective regarding Singularity Platform, the deployment is very easy, which makes life easy for the administrator. Implementation doesn't require a reboot or these kinds of things after installing the agent, which is one more advantage. Additionally, it doesn't use many system resources and doesn't make the system heavy, but still works in a good way, so you're not using much of the CPU or RAM. That is one more benefit; additionally, the detection ratio is good, and we haven't seen many false positives or many attacks at our customers where Singularity Platform has been deployed. This is one added advantage because you need to spend less time on alerts or incidents, allowing your administrators to focus on different jobs rather than spending time analyzing on Singularity Platform. The deployment and installation are easy, which save time and money from bandwidth and network perspectives and from the time that an analyst or administrator spends on deploying or installing the agent. That is where I see more of the benefits.
From an XDR perspective, if Singularity Platform could expand their existing set of supported log sources, that would be better. As of now, they have a limited set of security solutions that can be integrated as part of their XDR platform, and if they increase that, it would be better because not all customers will have the set of supported log sources that they have. Additionally, they don't have a scheduled scan feature; you have to do it through a different mechanism. If they can bring it as part of the platform, the scheduled scan feature would improve usability. Apart from that, from an operations or overall security perspective, we haven't found any such issues with the platform.
It's a shadow process; they require our help during the initial implementation stage for Singularity Platform, but since it's quite easy to configure, it's a plug-and-play kind of thing. You just have to enable or disable the toggle buttons, and then you are good to go. From the deployment perspective or from the help perspective, at the initial level, they require our assistance. Once the training and handover process are done, they can easily manage it on their own.
I would compare Singularity Platform with CrowdStrike and Palo Alto's Cortex XDR.
My use cases include protecting my cloud security and endpoint security workloads with SentinelOne Singularity Complete.
The biggest benefit I get from SentinelOne Singularity Complete is that it protects my cloud security workloads and my on-premises server workloads against ransomware attacks and zero-day attacks.
SentinelOne Singularity Complete has a legacy API integration to connect my existing log management tool and my endpoint protection tool to interconnect my SOAR and SIEM platforms. This ability to ingest and correlate across my security solutions has been valuable.
SentinelOne Singularity Complete helps with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
SentinelOne Singularity Complete definitely helps reduce alerts in my case because it has AI functionality that investigates and detects threats. This detect and investigate capability from AI has helped us reduce alerts by almost twenty-five to thirty percent.
SentinelOne Singularity Complete helps reduce mean time to detection as it has an important feature called auto-remediation, which is a one-click rollback that allows us to restore identified files. This feature also helps on the false positive front.
SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent.
SentinelOne Singularity Complete helps free up my staff for other projects and tasks because it is easily scalable and managed with a single platform, allowing us to concentrate more on DevSecOps and providing visibility across endpoint, cloud workload protection, and my server environment in one platform.
Purple AI in SentinelOne Singularity Complete is important for data privacy and security as it provides granular level information on where I need to go and fix issues, which helps accelerate my operations for better performance.
The contextual intelligence feature of Purple AI in SentinelOne Singularity Complete helps me get the threat intelligence platform across my environment and allows me to share the advisories with my other platforms as well.
Purple AI amplifies team knowledge as I can use it in the manner of a managed detection and response service, allowing me to create a use case with my existing security analyst in response to alerts or triggering information. This provides me complete visibility across my security landscape.
Purple AI impacts SecOps workflows by providing complete end-to-end visibility across my channels and reducing manpower. The agentic workflows created by AI allow my analysts to have an easier job.
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need to depend on one more module to get alert visibility. The alerting mechanism shows alerts on a single page, but I have to navigate to another page to get detailed visibility, which could be improved in the user interface.
I have been using SentinelOne Singularity Complete for two years.
I have never seen any issues such as glitches, downtime, or latency with SentinelOne Singularity Complete.
I do not face any scalability issues with SentinelOne Singularity Complete since it is a SaaS platform.
The technical support for SentinelOne is good. I would give them eight points for support on a scale from zero to ten. To reach ten points, they could improve on threat intelligence and provide faster responses.
SentinelOne Singularity Complete has helped with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.
I find the installation and deployment of SentinelOne Singularity Complete very easy.
The deployment of SentinelOne Singularity Complete was done with a partner.
In terms of return on investment for SentinelOne Singularity Complete, I find it better since I am using the AI platform to reduce manpower costs, which helps with the return on investment.
SentinelOne Singularity Complete is less costly compared to CrowdStrike. From a technical side, I do not see much difference between SentinelOne Singularity Complete and other vendors.
We bought the product for endpoint protection and platform use, where we have two environments: one is the endpoint with laptops, desktops, and VDI environment, and the other is our server environment. We are using CrowdStrike for the server environment, while for the desktops and VDI environment, we are using SentinelOne, Singularity Platform.
The benefits from the product include that Singularity Platform provides complete end-to-end visibility on our malware protection and our ransomware protection across our desktops, endpoints, and thin clients and VDI environments, allowing us to control zero-day protection across our environment. There is no need to do any signature patch or anything; we only updated the sensor and fine-tuned the policy here and there during the implementation. We focus on prevention and detection instead of only detection, and we do quarantining as well, leading to complete end-to-end protection across our desktops, laptops, and thin clients and VDI environments.
The real-time personalization feature provides protection against zero-day attacks. Real-time monitoring is very much available in Singularity Platform because once the agent is up to date, it protects critical assets across our network against malicious attacks. Malicious attacks pose a big challenge as if someone downloads malicious files, we face risks. Once an EXE file with vulnerabilities is detected during installation, it will be quarantined, indicating how effective real-time functions are in those scenarios.
From an operational perspective, the customizable dashboards are easy to use, but I face concerns with the alerts from the email ticketing system. We receive alerts for every event, such as USB access attempts, which can create unnecessary noise. We fine-tuned the alert mechanism after implementing the solution to reduce this noise.
The alerting mechanism could be improved in Singularity Platform as I want to fine-tune the alerts based on the specific environment. Each environment has different requirements, such as IoT or manufacturing, and we must adapt our policies accordingly.
I have been using the product for the past two years.
I see no particular areas of improvement for the product because, having used both SentinelOne and CrowdStrike, I find SentinelOne to be good as it performs its functions without requiring much manpower after deployment. The automation helps a lot, and once implemented, we face no further issues regarding stability or scalability; everything works absolutely fine.
Singularity Platform is scalable and stable, with no issues on that part.
The tech support from SentinelOne is great.
The installation process is quite easy, with no significant issues encountered.
We can achieve ROI in about nine months rather than one year. We save approximately 20%.
Singularity Platform is very affordable compared to other options.
I would say both SentinelOne and CrowdStrike are equally good, at a 50/50 assessment between them.
The impact of Singularity Platform on our supply chain processes is significant, as supply chain processes are a real headache for the complete organization. Whenever we face any supply chain challenges, we ensure that all end-user and end patch management are updated. We must ensure that particular patches do not have zero-day vulnerabilities or critical vulnerabilities. Ensuring proper IT hygiene is a challenge as well, as some users may not be using the latest patches or may have to stick to legacy applications that prevent upgrades. Protecting our networks and systems is crucial, especially when considering that older operating system versions may not be supported. The challenge in supply chain management is significant.
We use the fraud detection feature for financial services, where we provide financial applications and solutions to our customers. It helps with risk management as it comes with a complete structured approach whenever we implement Singularity Platform. We must ensure that the systems or agents are properly implemented in a tested environment. We first identify risks and then respond. Sometimes we only detect malware files, and depending on the use case, we do our risk assessment and develop a risk methodology to put policies in place based on whether we are using Windows, Linux, or legacy systems.
Regarding the implementation issue, moving from traditional signature-based antivirus solutions to an EDR solution means the new solution must do complete scanning on the initial implementation. However, EDR functions only when incidents occur, which is a change from the previous method used by typical antivirus solutions that scan all files. It is a challenge to explain this shift in expectations, but EDR only reacts when necessary, unlike traditional tools.
I believe Singularity Platform is perfectly fine overall. Some issues with report functionalities and latency are present in other solutions, but not here. The moment we implemented it, everything was clear. It is an excellent, robust tool for protecting our endpoints.
One small example of a challenge I faced is related to connecting my log management part, specifically SIEM. I encountered some issues with parsing when connecting SentinelOne to QRadar for log management.
I would rate this review a 9.
I used SentinelOne Singularity Complete in the past and applied it to many customers in the Caribbean region. The use case was to implement SentinelOne Singularity Complete as a tool to replace the old antivirus systems that customers had. When we presented SentinelOne Singularity Complete, most customers appreciated it because the price was very competitive. They decided to provide this as a managed security service, which was very beneficial for them.
I appreciated the centralized dashboard that we used to manage the solution and the straightforward deployment process. We could deploy using Group Policy Objects to install the clients, which made the process very easy.
I loved the way that we could collect information and trigger actions when we identified a malicious file or a threat. Ranger was excellent for identifying other assets in the network that did not have the solution deployed, allowing us to create a map of the network. It was very important for us to identify workstations and servers that were not protected.
SentinelOne Singularity Complete reliably identifies real threats, which is a significant advantage as we could detect threats that other tools missed. The alerts are excellent for receiving notifications, and we could integrate with SIEM tools. This made it easy for us to create dashboards and see whenever we had an issue, and we could also create automations that could disconnect the device from the network or take other preventive measures to stop the spread of a virus.
I think dashboards could be improved with a dashboard creator feature that would allow us to select the information we want to extract and generate customized dashboards.
I worked with SentinelOne Singularity Complete for approximately three years.
SentinelOne Singularity Complete is very easy to deploy and implement.
SentinelOne Singularity Complete is very scalable for our needs.
Support was very good. When we needed assistance, we received it in a timely manner and the issues were resolved.
I worked with Defender and other tools including CrowdStrike, with particular experience managing CrowdStrike.
We implemented the complete solution in customer environments to integrate with their existing infrastructure.
SentinelOne Singularity Complete offers a very competitive price. When we implemented it, we could reduce costs with the total cost of ownership compared to other solutions.
When we presented SentinelOne Singularity Complete, most customers appreciated it because the price was very good. They decided to provide this as a managed security service, which was very beneficial for them.
When we implement SentinelOne Singularity Complete, we always create automations so that detection is very efficient in terms of timing. When we identified a threat, we could create rules to block the machine and put it in quarantine. This made it easy to investigate and we could have a broad overview of when the issue started, allowing us to manage issues in a shorter timeframe.
The mean time to respond was reduced in our security operations center. We used it to handle alerts and could act as soon as we received them. When we managed other vendors, it was time-consuming, but with SentinelOne Singularity Complete, it is much better.
Having a centralized tool like SentinelOne Singularity Complete allowed us to manage not only Windows desktops but also servers, MacBooks, and an entire environment. The integration with other SIEM tools is excellent, allowing us to create dashboards, analyze results, and receive alerts as soon as they are triggered.
At this point, SentinelOne Singularity Complete delivers everything it promises to do. We have deployed it from AWS and also created a tenant directly from the portal. SentinelOne Singularity Complete is easy to use, and the dashboards and portal are very user-friendly, which is why I prefer it. I would recommend that others try SentinelOne Singularity Complete because once they do, I believe they will love it. I would rate this review a 9 out of 10.