My use cases include protecting my cloud security and endpoint security workloads with SentinelOne Singularity Complete.

The biggest benefit I get from SentinelOne Singularity Complete is that it protects my cloud security workloads and my on-premises server workloads against ransomware attacks and zero-day attacks.

SentinelOne Singularity Complete has a legacy API integration to connect my existing log management tool and my endpoint protection tool to interconnect my SOAR and SIEM platforms. This ability to ingest and correlate across my security solutions has been valuable.

SentinelOne Singularity Complete helps with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.

SentinelOne Singularity Complete definitely helps reduce alerts in my case because it has AI functionality that investigates and detects threats. This detect and investigate capability from AI has helped us reduce alerts by almost twenty-five to thirty percent.

SentinelOne Singularity Complete helps reduce mean time to detection as it has an important feature called auto-remediation, which is a one-click rollback that allows us to restore identified files. This feature also helps on the false positive front.

SentinelOne Singularity Complete reduces my mean time to respond and protects my environment, thereby reducing the workload of my engineers and security analysts by at least thirty-five percent.

SentinelOne Singularity Complete helps free up my staff for other projects and tasks because it is easily scalable and managed with a single platform, allowing us to concentrate more on DevSecOps and providing visibility across endpoint, cloud workload protection, and my server environment in one platform.

Purple AI in SentinelOne Singularity Complete is important for data privacy and security as it provides granular level information on where I need to go and fix issues, which helps accelerate my operations for better performance.

The contextual intelligence feature of Purple AI in SentinelOne Singularity Complete helps me get the threat intelligence platform across my environment and allows me to share the advisories with my other platforms as well.

Purple AI amplifies team knowledge as I can use it in the manner of a managed detection and response service, allowing me to create a use case with my existing security analyst in response to alerts or triggering information. This provides me complete visibility across my security landscape.

Purple AI impacts SecOps workflows by providing complete end-to-end visibility across my channels and reducing manpower. The agentic workflows created by AI allow my analysts to have an easier job.

I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need to depend on one more module to get alert visibility. The alerting mechanism shows alerts on a single page, but I have to navigate to another page to get detailed visibility, which could be improved in the user interface.

I have been using SentinelOne Singularity Complete for two years.

I have never seen any issues such as glitches, downtime, or latency with SentinelOne Singularity Complete.

I do not face any scalability issues with SentinelOne Singularity Complete since it is a SaaS platform.

The technical support for SentinelOne is good. I would give them eight points for support on a scale from zero to ten. To reach ten points, they could improve on threat intelligence and provide faster responses.

SentinelOne Singularity Complete has helped with the consolidation of security solutions. Previously, we used multiple products such as Trend Micro and McAfee, and we have consolidated into a single platform with SentinelOne Singularity Complete.

I find the installation and deployment of SentinelOne Singularity Complete very easy.

The deployment of SentinelOne Singularity Complete was done with a partner.

In terms of return on investment for SentinelOne Singularity Complete, I find it better since I am using the AI platform to reduce manpower costs, which helps with the return on investment.

SentinelOne Singularity Complete is less costly compared to CrowdStrike. From a technical side, I do not see much difference between SentinelOne Singularity Complete and other vendors.

We bought the product for endpoint protection and platform use, where we have two environments: one is the endpoint with laptops, desktops, and VDI environment, and the other is our server environment. We are using CrowdStrike for the server environment, while for the desktops and VDI environment, we are using SentinelOne, Singularity Platform.

The benefits from the product include that Singularity Platform provides complete end-to-end visibility on our malware protection and our ransomware protection across our desktops, endpoints, and thin clients and VDI environments, allowing us to control zero-day protection across our environment. There is no need to do any signature patch or anything; we only updated the sensor and fine-tuned the policy here and there during the implementation. We focus on prevention and detection instead of only detection, and we do quarantining as well, leading to complete end-to-end protection across our desktops, laptops, and thin clients and VDI environments.

The real-time personalization feature provides protection against zero-day attacks. Real-time monitoring is very much available in Singularity Platform because once the agent is up to date, it protects critical assets across our network against malicious attacks. Malicious attacks pose a big challenge as if someone downloads malicious files, we face risks. Once an EXE file with vulnerabilities is detected during installation, it will be quarantined, indicating how effective real-time functions are in those scenarios.

From an operational perspective, the customizable dashboards are easy to use, but I face concerns with the alerts from the email ticketing system. We receive alerts for every event, such as USB access attempts, which can create unnecessary noise. We fine-tuned the alert mechanism after implementing the solution to reduce this noise.

The alerting mechanism could be improved in Singularity Platform as I want to fine-tune the alerts based on the specific environment. Each environment has different requirements, such as IoT or manufacturing, and we must adapt our policies accordingly.

I have been using the product for the past two years.

I see no particular areas of improvement for the product because, having used both SentinelOne and CrowdStrike, I find SentinelOne to be good as it performs its functions without requiring much manpower after deployment. The automation helps a lot, and once implemented, we face no further issues regarding stability or scalability; everything works absolutely fine.

Singularity Platform is scalable and stable, with no issues on that part.

The tech support from SentinelOne is great.

The installation process is quite easy, with no significant issues encountered.

We can achieve ROI in about nine months rather than one year. We save approximately 20%.

Singularity Platform is very affordable compared to other options.

I would say both SentinelOne and CrowdStrike are equally good, at a 50/50 assessment between them.

The impact of Singularity Platform on our supply chain processes is significant, as supply chain processes are a real headache for the complete organization. Whenever we face any supply chain challenges, we ensure that all end-user and end patch management are updated. We must ensure that particular patches do not have zero-day vulnerabilities or critical vulnerabilities. Ensuring proper IT hygiene is a challenge as well, as some users may not be using the latest patches or may have to stick to legacy applications that prevent upgrades. Protecting our networks and systems is crucial, especially when considering that older operating system versions may not be supported. The challenge in supply chain management is significant.

We use the fraud detection feature for financial services, where we provide financial applications and solutions to our customers. It helps with risk management as it comes with a complete structured approach whenever we implement Singularity Platform. We must ensure that the systems or agents are properly implemented in a tested environment. We first identify risks and then respond. Sometimes we only detect malware files, and depending on the use case, we do our risk assessment and develop a risk methodology to put policies in place based on whether we are using Windows, Linux, or legacy systems.

Regarding the implementation issue, moving from traditional signature-based antivirus solutions to an EDR solution means the new solution must do complete scanning on the initial implementation. However, EDR functions only when incidents occur, which is a change from the previous method used by typical antivirus solutions that scan all files. It is a challenge to explain this shift in expectations, but EDR only reacts when necessary, unlike traditional tools.

I believe Singularity Platform is perfectly fine overall. Some issues with report functionalities and latency are present in other solutions, but not here. The moment we implemented it, everything was clear. It is an excellent, robust tool for protecting our endpoints.

One small example of a challenge I faced is related to connecting my log management part, specifically SIEM. I encountered some issues with parsing when connecting SentinelOne to QRadar for log management.

I would rate this review a 9.

For the major use cases for the client, I would mention EDR.

I have worked and implemented Purple AI. While we were in India, it is more about data privacy as a protection law which has been implemented. Purple AI is collecting all the information which needs to be evaluated and correlate this entire data and segregate and disseminate into different roles and privileges. We have utilized that. These are the mechanisms which are very new into the Indian market and customers and their team members created it and accepted it as well. That is one of the major reasons to sell SentinelOne Singularity Complete.

However, we have not implemented the SecOps feature in major installation as of now.

SentinelOne Singularity Complete helps to reduce alerts by almost fifteen to twenty percent. The false alert activation is much more effective in SentinelOne Singularity Complete in competition with all the comparative tools.

It helps to free up my people and staff for other projects. It depends on a project-to-project and team-to-team basis, but it really helps. I would estimate between thirty to fifty percent.

SentinelOne Singularity Complete helps to reduce MTTD by about twenty to thirty percent.

For MTTR, it is almost another way for between fifteen to twenty percent.

As a reseller and user, I would say that SentinelOne Singularity Complete is better than its competition. I have evaluated Palo Alto, Trellix, and CrowdStrike as well. SentinelOne EDR is much better than all of them. The capability and technical capabilities are superior. It is efficient and faster detection.

For ingestion and correlation across security solutions, the agent is quite heavier when compared to other competition. The agent has to be light-weighted. That is one of the drawbacks for the competition. They have to work quite a lot.

I have been selling the product for three and a half years.

As for stability, there are no issues. It is stable.

As for scalability, it is acceptable. The scalability depends entirely on how much security is required for it. It is easy to scale that.

I would say technical support from SentinelOne is excellent. Everyone in SentinelOne is known to us for the last many years.

I would rate support eight point five out of ten. One point five has been removed just because many times it has been delayed or the support has not been available due to vacation. That should be a challenge. Ten out of ten would not even be given to AWS.

SentinelOne stands out and is the best product among those, especially in India. There was a recent strike incident with Microsoft, and SentinelOne's approach is much better and much more effective.

It is easy to deploy. The deployment model depends on the type of organization. If it is government, then it has to be on-premises. If it is more like an enterprise and BFSI, that can be over the cloud. In India, it has to be done with the intent. It can be into the SentinelOne cloud with an instance in India, or whether it has to be AWS or Azure, they are acceptable in any format.

There is a chance to buy this product through AWS Marketplace, the CPPO. I did that previously.

It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the pricing.

I do sell SentinelOne Singularity Complete.

I am a Chief Security Officer for Technocentric.

I have been selling this product for the last three and a half years.

I have been involved in this domain for twenty-five years.

I would give SentinelOne Singularity Complete a rating of nine out of ten.

I have worked with Singularity Platform, and I'm well-versed with Cloud Security, but I have not worked with the AI CM. Singularity Platform comprises three things: Identity Security, Endpoint Security, and Cloud Security. The platform has multiple products including Singularity Identity, Singularity Complete, and the AI-powered Singularity XDR. I have experience with Singularity Identity, Singularity Endpoint, and Singularity Complete products, and we will continue to work because we have more opportunities on this.

Purple AI provides features and functionalities that have been asked for by customers, and we have given those functionalities to them using Singularity Platform.

When we manage Identity Security and Endpoint Security, it's from a single console. We get data and visibility on everything happening in our environment and how it is related. We can integrate many other solutions such as Fortinet firewalls and Palo Alto firewalls. Singularity Platform provides a marketplace with many kinds of integrations with mail security solutions and firewall solutions that are very helpful for customers from the XDR point of view. We haven't used the SIM as of now, and we have not given the AI SIM to customers, but we have evaluated the product. To my knowledge, I think it's good, but when it comes to use cases, we will be able to tell how it exactly addresses the client's requirements, how it gives alerts, and how it stores data on correlation time. We need to implement it in the client's environment in order to get proper feedback.

These were the features and functionalities which have been asked for by customers, and we have provided those functionalities to them using Singularity Platform.

For the past three years, after Corona, we have started using Singularity Platform.

During the time of attacks, if there is any data loss, we were able to easily roll back those attacks and retrieve that data for the client with a single click. That's how Singularity Platform works for endpoint security. When it comes to Identity Detection and Response, it also gives much more visibility on what identities are weak. It scans all usernames and passwords in the Active Directory or Azure Directory. If you have Azure Directory, integrating with the Identity Security or Posture Management solution allows us to find out what users are in a vulnerable state and all the users to which they might have received five to ten attempts. If those kinds of attempts are received, that particular user account will be locked. We were able to write these kinds of rules from Singularity Identity itself. When it comes to threat intelligence, Singularity Platform holds its own threat intelligence data lake, and they have introduced Purple AI, which is very useful for us when dealing with attacks.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

Singularity Platform has an easy-to-use console. When it comes to customization, it has some options, but I wouldn't say it is very customizable. If you are asking if this is fully customizable, I would say it is partially customizable, not fully customizable. In some places, I can understand from a security background that they have kept those features considering security. However, it lacks customization and could enable much more than that.

Even though Singularity Platform has multiple integrations with multiple solutions, it still needs more because competitive vendors such as CrowdStrike and Trend Micro provide more integrations than SentinelOne.

The first thing I would say about the negative side of Singularity Platform is that it lacks some customization and integrations compared to competitors. We can integrate Fortinet and Palo Alto, which are big players, but there are many other small companies. Even Zoho is a significant player in our market, but there are no integrations for Zoho.

For the past three years, after Corona, we have started using Singularity Platform.

In SentinelOne, we have not received reports regarding outages. Until now, we have not experienced any issues regarding stability. The product is pretty stable, and even if the agent is offline, it will handle the threats. This is pretty solid and stable.

Singularity Platform has flexible licenses, and it is also easily scalable.

The technical support from SentinelOne is very good.

One of our customers had an attack and they were using CrowdStrike. We proposed the SentinelOne alternative solution, and we were able to manage to get some details about the attack and present it to the customer.

This is a straightforward approach. Singularity Platform provides pretty much everything that is easy to configure, even by a fresher. If a fresher has basic experience in configuring endpoint security, they would be able to handle SentinelOne. The console and the configuration part are that easy, but for an endpoint security specialist, an understanding of how threat vectors evolve and how they are attacked is necessary. The console view and everything, even writing queries in the XDR, are pretty simple.

Singularity Platform is hybrid and has both on-prem deployment as well as SaaS deployment. However, when it comes to the implementation or deployment part, they recommend cloud. We have done only cloud because even from the SentinelOne team, they tell us that they do not recommend on-prem. I will say that the cloud version is better since we haven't done any on-prem deployments, and I don't believe they recommend that for customers.

For many of our customers who got attacked after installing SentinelOne, they were not impacted on a larger scale. The impact of a ransomware attack typically encrypts all critical data and stops production. If one day of production is stopped, it sums up to, for an enterprise customer, a minimal margin of two to three crores. With this rollback functionality, we were able to address that and revert that particular endpoint to the previous good configuration state.

It's average. It's not cheap, but not expensive—average cost and quite affordable.

Singularity Platform does help with risk management. It refers to the MITRE ATT&CK framework and analyzes what the vulnerable points are in an endpoint. When it comes to cloud security through Singularity Platform's cloud capabilities, workload security or native security can scan accounts and find misconfigurations in the cloud. If there are containers, workloads, or instances, it scans everything and pinpoints any IAM roles that need to be configured, letting us know which things have not been configured for those workloads. This makes it easy for us to spot loopholes before they are exploited.

My remarks are purely based on feedback from my clients.

The key unique selling points for SentinelOne are its patented rollback option and offline protection. Even when an agent is offline, we are still able to protect it. There are some protection events happening even when the agent is offline, which is not available with most vendors that expect the agents to be online. That's a good thing about SentinelOne. Additionally, we have not received any complaints regarding performance issues. I rate this solution an 8 out of 10.

As a company, we are using Singularity Platform to manage the data on the platform.

We use Singularity Platform as a unified view where we can see all the data from our applications in one place. It manages everything into one place and we have automations, so we can perform certain actions and we have rules in there where if we want to perform these actions, they can happen automatically via the Playbook functionality.

The impact of Singularity Platform on our supply chain processes streamlines it quite well. It helps in the processes. It is basically integrated into our pipeline and it helps us to push product more quickly and more securely.

Singularity Platform's real-time personalization feature has helped our customer experience strategies by allowing us to have different workspaces where we have custom views, and depending on the use case because we have many products that use Singularity Platform, they interact with the UI in different ways, producing different elements and giving us tailored views for different products.

Customizable dashboards have helped optimize operational efficiency for us because we have different products and different UIs for different products, allowing us to focus on the things that matter for different occasions. Since we are working with multiple data sources and multiple products, we needed customized solutions to really pay attention to the things that matter. These customized dashboards make it faster to work with certain products. It is easier to identify what is wrong with the product or where we need more resources.

Since starting to work with Singularity Platform, I have seen really good integration and control from the platform itself. You can perform many actions remotely through the agent, which helps with the administrative work of checking the versions of the software on the computer and what software and services are running. This really helps us collect this information on an organization-wide level.

I think the ability to automate actions and workflows is the best solution out of Singularity Platform. Other solutions are quite static in this case. You cannot really set up steps and gather information, certain pieces of information, filter them out, and based on that data, perform actions. However, Singularity Platform makes it very simple.

Singularity Platform's real-time monitoring capability has indeed helped me in decision making, as it is one of the best features of the platform. It is working really well, and while the software could seem a little bit invasive because it is working on a kernel level, it really detects a lot of things, perhaps too many things. Sometimes, these customized solutions our developers develop also get flagged in real time, and the processes get stopped and are blocked, and we have to whitelist the processes. However, for enhanced security, we definitely want this.

I think some parts of Singularity Platform could be improved or enhanced, as you most likely need to know the platform quite well to write queries and search for information. There are a few too many similar fields, such as the storyline ID and the storyline, which sometimes gets confusing. Perhaps the distinguishing could be better, but correlation in general is done very well with the storyline because it is the platform's own field for correlating data.

We have been using the solution for two and a half years.

I have noticed only a few occasions where the features, particularly the search feature, are not working with Singularity Platform. The automations, however, are working. I did not notice that they announced maintenance in advance, so it was more that I was not prepared and did not read about planned maintenance. Other than that, everything else is good and stable, apart from short windows of four to eight hours of maintenance they do every month.

If I have to rate the stability level of Singularity Platform from one to ten, I would say it would be a strong nine.

I have not run into any issues regarding how scalable Singularity Platform is, so I do not see any limitations for scalability. It is probably doing very well in that regard.

It is important to have the scalability that we have with Singularity Platform because we are always expanding and onboarding new computers. Definitely, new employees come in, and it takes a small amount of time, probably twenty minutes to set up new workers.

My experience with the technical support of Singularity Platform is that they write us back semi-quickly. If I were to rate it out of ten, I would say they are quite helpful, perhaps an eight.

Before using Singularity Platform, I was not aware of any different solution for the same use cases. When I came to the company, we moved relatively recently to Singularity Platform. We were basically fully migrated from SentinelOne.

The process of onboarding new data points to Singularity Platform is quite easy to ingest. It is really simple to add new computers to the network; you just have one command to install the agent on the computer, and it automatically appears on the platform with data coming in. It is quite easy in terms of integration and expanding the existing network. Setting up the automation rules is not so easy initially, but once you know how to set up one rule, it becomes much easier to set up more advanced actions and automatic removals of certain software or scanning.

Before choosing Singularity Platform, we were evaluating other options, and we were using Microsoft side by side. Microsoft Sentinel was quite all right, but SentinelOne had more searching capabilities and threat hunting and more automation built in.

Regarding Singularity Platform, I would go for the platform. I am most familiar with that one.

I do not currently know what version of Singularity Platform I am using. I will have to check. Probably I am using the latest version because we have automatic updates.

We are not using the fraud detection feature in financial services, as we are not doing any financial services.

Regarding Singularity Platform's real-time personalization feature, we are using it.

Overall, if I had to rate Singularity Platform from one to ten, I think an eight would be appropriate. It is quite up to our standards. I would rate this review an eight overall.

SentinelOne Singularity Complete can be quite intrusive, but it has strong detection capabilities. The Ranger functionality of SentinelOne Singularity Complete for the EDR is extensively used for customers. Microsoft Defender has recently upgraded to XDR capabilities.

For Google SecOps, the only improvement I suggest is in terms of the reporting, especially for out-of-the-box reporting that seems very lacking right now. There aren't too many useful reports coming from out-of-the-box; we have to develop them ourselves right now.

SentinelOne Singularity Complete needs to work more on increasing true positive detections to make it closer to 10. A weakness seen with one large customer was that the detections were too intrusive, blocking many applications that should have been working, which led to many false positives.

While the others will be on the cyber threat intelligence, the primary is Google SecOps, and I think the other one is Azure Sentinel.

There is room for improvement for these solutions. It's mostly SIEM and MDR for SentinelOne Singularity Complete. I haven't used Vigilance MDR; I only know the name.

We mainly focus on SentinelOne Singularity Complete and Cortex, while the other EDRs that we have managed are less significant. It's almost similar since both SentinelOne Singularity Complete and Cortex have EDR and XDR capabilities.

In terms of non-locked XDR platforms, the best one is SentinelOne Singularity Complete right now for their XDR capabilities. Other ones such as Palo Alto Cortex or even CrowdStrike are locked into their own ecosystem right now since they have many products within that ecosystem. In terms of integration, even though it looks quite open, some are tightly coupled into their own ecosystem, especially for Palo Alto Cortex.

We haven't had that in-depth experience in terms of ingesting and correlating for SentinelOne Singularity Complete; we mainly use it right now for their EDR capabilities. Since we provide the MDR services, we mainly integrate those with Google SecOps right now for the overall SOC services. I think they are the most capable in terms of detection and response.

We only tried Purple AI but haven't used it quite extensively. I find the pricing very reasonable, especially right now compared to other top-tier EDR platforms at the same level. I usually recommend the product for both smaller and bigger organizations. My overall rating for this review is 9.

We protect our endpoints and servers, workstations, and we use Singularity Platform to ingest third-party data for alerts or detections.

We work in the cybersecurity industry, so we use Singularity Platform and implement it for our customers.

Singularity Platform basically keeps us protected. We utilize it across various sectors, including financial services, insurance, retail, and manufacturing. It has significantly reduced some of the risks associated with the current threats we face, both at the endpoint level and in terms of identity protection.

Singularity Platform allows us to have one single view of potential threats and the health of our environment, helping us optimize operational efficiency.

Singularity Platform is allowing us to detect threats early on and make sure that they don't proliferate in our environment if there are any.

The best features of this product include its ability to detect malicious software and malware, and the functionality itself is exceptional. The console is easy to navigate.

The dashboards can be improved, and their dashboarding functionality needs to be better. The way the dashboards look is not really impactful or meaningful.

I have three years of experience with SentinelOne.

Singularity Platform is stable; so far, so good.

It works. It's not designed for scalability, it's designed to protect the enterprise.

I would evaluate their customer service and technical support as very good, five stars.

Before, we were using Kaspersky, but then the Russians came in, and we had to stop using it. It's a Russian product, and with everything happening with that, we stopped using it.

The initial setup of Singularity Platform was straightforward. We have a team member here who handles it.

One person, a really good techie, handled the deployment.

I don't really see a return on investment; it's a necessary requirement today to protect the enterprise.

The pricing for Singularity Platform is good, and the setup cost is very minimal.

We evaluated CrowdStrike, Microsoft Defender, and Trend Micro before choosing Singularity Platform. The main differences between Singularity Platform and some of these others include threat detection ability, lower cost, and that was the key factor in our decision-making.

I would rate Singularity Platform a nine out of ten.