App comparison
Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.
GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links.
Our commitment
Independent research methodology
Our researchers use a mix of verified reviews, independent research, and objective methodologies to bring you selection and ranking information you can trust. While we may earn a referral fee when you visit a provider through our links or speak to an advisor, this has no influence on our research or methodology.
How GetApp verifies reviews
GetApp carefully verified over 2 million reviews to bring you authentic software experiences from real users. Our human moderators verify that reviewers are real people and that reviews are authentic. They use leading tech to analyze text quality and to detect plagiarism and generative AI.
How GetApp ensures transparency
GetApp lists all providers across its website—not just those that pay us—so that users can make informed purchase decisions. GetApp is free for users. Software providers pay us for sponsored profiles to receive web traffic and sales opportunities. Sponsored profiles include a link-out icon that takes users to the provider’s website.
Add to Compare
Compare similar apps
ESET Endpoint Security
Intercept X Endpoint
Oyster
Falcon
Hack The Box
Carbon Black Endpoint
Good recommendations?
DataSet is a next-generation, autonomous endpoint/server protection platform that protects organizations against attacks...
Malwarebytes for Teams is a behavior-based antivirus platform that provides advanced threat detection and prevention capabilities...
Starting from
45
Per year
Starting from
49.99
/user
Per year
Pros
Pros
Cons
Cons
Explore similar apps
User reviews that mention these apps
Arthur A.
Financial Services, 51-200 employees
Used daily for 2+ years
Review source
Share this review:
Easy to setup and S1 automatically puts the device that is suspects is infected in network quarantine. Also like the rollback feature.
Would like for it to have more days/months in history for threat hunting
Jon S.
Plastics, 201-500 employees
Used daily for 6-12 months
Review source
Share this review:
It’s been great!
I love how it is behavior based and doesn’t rely on signatures
There are multiple email alerts for each incident
Litzi V.
Financial Services, 51-200 employees
Used daily for 2+ years
Review source
Share this review:
I'm able to easily manage and customize our dashboard, pull reports and view analytics.
I wish we could create team dashboards for other users.
Ryan H.
Business Supplies and Equipment, 201-500 employees
Used daily for 1-2 years
Review source
Share this review:
Overall happy with our choice to go with S1
The responsiveness of the product to threats and ease of setup.
Abnormal deployment for a particular server was an issue and support was lacking.
Daniel E.
Information Technology and Services, 201-500 employees
Used daily for 1-2 years
Review source
Share this review:
Overall, I would totally recommend SentinelOne as a product. there are a few things I would love for them to fix. but overall I believe they are one of the best.
I am generally more technical. so, using SentinelOne's visibility feature you are able to hunt down events on your endpoints. and create alerts based off custom queries. this was very flexible, and I was able to find multiple issues on endpoints just experimenting with their query language.
Helpdesk support sometimes was hard to deal with. alerting for custom rules was not very good.
Jonathan P.
Government Administration, 201-500 employees
Used daily for 6-12 months
Review source
Share this review:
We absolutely love the solution. From planning to implementation, the software and support staff have been really responsive and great.
I really like the ease of use with the software and how accurate it all is. It makes our daily IT lives a lot easier.
The cost of the product is a bit much for the upper tiers, but overall justifiable to some.
Matt S.
Computer Software, 51-200 employees
Used daily for 2+ years
Review source
Share this review:
Positive.
Very intuitive to use, not a big learning curve when configuring or rolling out new features. SentinelOne is always making product enhancements and overall just happy with the product.
There were some initial limitations with the firewall and blacklisting, but the enhancements have made up for this.
Chris H.
Information Technology and Services, 51-200 employees
Used weekly for 2+ years
Review source
Share this review:
I like the detection response and the way it behaves. It doesn't just scan for malicious files, it looks for malicious behavior. It has protected clients/users from actual attacks.
Sometimes it does it's job too well, such as if you are just clearing out shadow copy data. But...things like that can be done in a malicious attack, so it's worth having to temporarily disable it from time to time. The updates fail sometimes and require a complete reinstall of SentinelOne and it can get a little difficult, sometimes requiring to use the cleaner tool and get into safe mode.
Hugh L.
Information Technology and Services, 1-10 employees
Used daily for 6-12 months
Review source
Share this review:
Has allowed for multi-customer wide antivirus monitoring.
Quick and easy to use dashboard that is always clear about the required information.
Integrations can sometimes not always work as expected.
Michael L.
Computer Software, 11-50 employees
Used daily for 2+ years
Review source
Share this review:
We use it for all of our clients . A must have for our clients where time is of the essence when a potential attack could be imminent.
The ability to see what machines are protected over a period and their infection during said period is great.
Sometimes making changes and resolutions regarding infections is cumbersome and not always obvious. Also self-resolving could be easier to review and implement.
Jake M.
Financial Services, 201-500 employees
Used daily for 2+ years
Review source
Share this review:
Simple to use, great detection rates, feature parity client for macOS and Windows.
Can be a bit resource intensive on the endpoints.
Randall T.
Restaurants, 11-50 employees
Used daily for less than 6 months
Review source
Share this review:
The software is very powerful and provides protection even for things you werent aware of.
Onboarding can be confusing as the repos and documentation do not always line up
Lucas B.
Information Technology and Services, 1-10 employees
Used monthly for 6-12 months
Review source
Share this review:
We use S1 in tandem with Huntress and the response we get via monitor is second to none. Sometimes S1 will grab and stop things prior to Huntress and vice versa, however S1 gives a great deal of information as to why, how and when it finds something. Support is great, dashboard is great, although it contains alot of information and if you are familiar with how it provides the info or what the info is you can get overwhelmed very quickly.
We like everything about S1. Its a solid product with a big feature set and also with the ability to have active threat hunting and also managed detection and response added.
Its not the cheapest product in the world once you add all the features on, however thats the price you pay for good security.
Mishan W.
Telecommunications, 201-500 employees
Used daily for less than 6 months
Review source
Share this review:
Easy to setup and relatively easy to deploy using MDM
The product is very easy to setup, and in most cases, it auto-remediates and is a setup-and-forget-it system. however, does have a lot of kinks
It has false positives often, does not have a full rollback feature for mac. The worst part is the detecting engine has a lot of false positives
Jorge Mario B.
Financial Services, 201-500 employees
Used daily for 2+ years
Review source
Share this review:
The product is great for detecting new threats because of its behavioral model. Signatures are still supported for known threats so its the best of both worlds. Management is easy and several groups can be created to apply different sets of policies to endpoints.
- Easy to implement- Policies are easily customizable- Host Firewall is a great feature- Remote shells allows to quickly investigate incidents.
- Host Firewall should be improved to control web traffic.
Simone C.
Information Technology and Services, 11-50 employees
Used daily for 2+ years
Review source
Share this review:
We've tested this solution a lot and we've assumed it is the best for us and for our customer. The agent that you install on servers or endpoints is lightweight and does not use so many resources that it slows down the system unlink other competitors. Moreover this solution doesn't produce so many false positive but all events ("incidents") are real events to investigate. In addition to this, the solution natively integrates with other products (not only for this brand) and offers an extensive API that you can use for integrating with custom applications (eg. Security Operation Center frameworks).
Lightweight agent. Low false-positive rate. API and integrations.
Not yet integrated mobile platform into the XDR platform.
Charles L.
Information Technology and Services, 51-200 employees
Used daily for 2+ years
Review source
Share this review:
Highly effective, detects zero-day vulnerabilities, flexible configuration. Whitelisting catalog helps with common applications getting set up appropriately for customers.
As with other AI / Machine learning based solutions, there are false positives, and sometimes this can be tricky to get the proper exclusion in place.
Abdulquadri S.
Computer & Network Security, 1-10 employees
Used daily for 6-12 months
Review source
Share this review:
The SentinelOne Deep Visibility is the most impactful feature of the software. It makes for an excellent threat-hunting exercise.
SentinelOne requires users to encrypt a threat file with a complex password before it can be downloaded. The complex password introduces a minor problem when assessing the malicious file locally. For instance, one might be tempted to use a browser-generated password to meet the password criteria, but this is difficult to remember and would always require one to check their saved passwords to enter correctly before one can commence an analysis of the threat file in a lab environment. It will be much easier if threat files are encrypted with a standard password of "infected" or at least allow users to use passwords like this instead of a complex one.
Chris M.
Civil Engineering, 201-500 employees
Used daily for 1-2 years
Review source
Share this review:
Presales was great. No pressure purchase. Answered all our questions. Gave several demos. Support has been great. No major issues during deployment. Updates have gone relatively smooth. Regular communication about updates and new features.
Easy to deploy. Agent is lightweight. Locked down our environment - internal pen-testers have trouble bypassing it. Has saved us a few times as users will be users and click on anything and everything. Has been rock solid for the past year. Happy with the purchase.
Sometimes it blocks things and it's tough to tell unless you really dig into it. Sometimes causes legit software to stop working until you whitelist. No automatic update for agents.
Mike J.
Information Technology and Services, 11-50 employees
Used daily for less than 6 months
Review source
Share this review:
We wanted a better layer of protection for endpoints, something doing more than AV. SentinelOne fits this request as they are watching for more than malware, but also watching and monitoring behavior. We have this deployed on several thousand endpoints now and it works just the way we wanted it to.
I like the way you can customize exclusions and alerts. I like the web console for endpoint management and the many options you have from there including taking an endpoint offline.
Navigating the web console is slow when you have many agents installed. Typically an endpoint reboot is required when you make any changes like a new exclusion, enable/disable the agent. This is not convenient of practical. Identifying the actual file or process that is the source of an alert can at times be challenging.
Patrick E.
Hospital & Health Care, 501-1,000 employees
Used daily for 2+ years
Review source
Share this review:
Very easy to deploy and figure out. Has a lot of good features and detail if you want to explore it. Reduced the false positive alerts from our old solution.
I love how easyer it is to use and the automated rediation, roll back and isolation features to do the work for me.
I wish that they had an auto update feature for agent versions. It does update the current version with needed things, but it does not update the installed agent to a new version. Have to push it out manually via the console.
Timothy F.
Mining & Metals, 201-500 employees
Used daily for 6-12 months
Review source
Share this review:
It is easy to use, rates extremely highly in The MITRE ATT&CK, and has been very effective for out business as an EDR security solution.
It labeled a lot of in house non-signed programs as suspicious, but with some exception mapping that was handled very easily.
Curtis S.
Government Administration, 201-500 employees
Used daily for 2+ years
Review source
Share this review:
Over all I am impressed with SentinelOne. They are continually looking at what they do and asking "Is there more that we can do with this data?" Not all of the ideas were ones we use, but they keep looking at ways to be more useful. In that process they have not lost view of the core objectives to find the bad software, its bad behavior, and kill it. If something is questionable it can track what it doe so that you can reverse it all later.
The AI and behavior based monitoring as well as the normal fingerprint. Visibility give you the ability to look at process story lines and see how a process was triggered.
There are some additional functions (like rogue devices) that sounded really neat, but they are not as useful to us as we thought they would be. We get too many notifications for them to be effective.
Verified reviewer
Information Technology and Services, 11-50 employees
Used daily for 2+ years
Review source
Share this review:
It has been really positive with SenitnelOne becoming the go to EDR product that we recommend for our clients to meet the EDR requirements.
Autonomous response to threats regardless of being online of offline in connectivity to the management console. Ease of deployment and configuration. The simple UI with the access to the detailed product documentation, which provides comprehensive details needed for operations as well as troubleshooting. The support service, which responds rapidly and sorts out the issues within few mail correspondences.
They would require few feature additions in vulnerability management to compete with other leading vendors.
Megan M.
Facilities Services, 51-200 employees
Used daily for 1-2 years
Review source
Share this review:
The deployment was incredibly easy on each machine and we really like the USB device monitoring to control external devices. The Daily reports are helpful for documentation/record-keeping purposes.
The activity dashboard can be a little complicated if you aren't a technical person. Same with the threat hunting rules. The layout isn't super friendly and has a learning curve of where everything is.