SentinelOne Singularity XDR Reviews & Product Details

What I like most about SentinelOne Singularity XDR is the way it brings together AI-powered threat detection and automated response to provide truly autonomous security across the entire environment. The platform ingests and correlates data from endpoints, cloud workloads, and identities into a single, unified context, which makes it much easier to understand the full scope of an attack and respond quickly.

A standout capability for me is its automatic threat remediation paired with behavior-based AI, which can identify, hunt down, and neutralize threats such as ransomware in real time, often without requiring human intervention. I also appreciate the storyline-based alerting, which groups related activity into clear, actionable incident narratives instead of flooding teams with isolated, disconnected alerts.

On top of that, the platform’s third-party integrations and strong visibility into overall security posture make it easier to manage large, complex environments from a single pane of glass. Altogether, these capabilities reduce manual effort, speed up incident response, and increase confidence that threats are being detected and handled effectively. Review collected by and hosted on G2.com.

While SentinelOne Singularity XDR is strong in threat detection and automated response, a few recurring drawbacks come up in user reviews. One common concern is that the pricing can be on the higher side, which may be a hurdle for smaller teams or organizations working with tight budgets.

Reviewers also mention that the initial setup and ongoing tuning can be complex, particularly in larger or more diverse environments where policies and integrations need careful configuration. On top of that, the learning curve for advanced features and dashboards can feel steep without dedicated training.

Some users note that false positives do happen, which can add administrative overhead as teams spend time fine-tuning policies and cutting down on unnecessary alerts.

Overall, the platform is clearly capable, but getting the most value from its advanced automation and detection features may require thoughtful configuration and a meaningful investment of time and resources. Review collected by and hosted on G2.com.

SentinelOne Singularity XDR is widely appreciated for its strong ability to automatically detect and respond to threats using AI and behavior-based analytics. Security teams value how it quickly isolates compromised devices and even rolls systems back to a safe state, reducing damage and downtime. The platform unifies data from endpoints, cloud workloads, and identities, providing a single view of threats across the environment. This consolidation helps cut down alert noise and makes investigations faster and more efficient. Users also praise the platform’s deep visibility and clear attack storylines, which simplify root cause analysis. Overall, it delivers powerful protection while easing the workload on busy security teams. Review collected by and hosted on G2.com.

Many users find that SentinelOne Singularity XDR can be complex to set up and tune, especially in larger or diverse environments where integrations and policies require careful configuration. The cost can be higher than some other endpoint or detection tools, which may be a barrier for smaller teams or organizations with tight budgets. Some customers also feel that the learning curve for the console and advanced features is steep without dedicated training. While automation is powerful, over-automation without proper tuning can lead to missed context or unnecessary actions if not closely managed. Finally, a few users mention that customer support responsiveness and documentation clarity can vary depending on the issue. Review collected by and hosted on G2.com.

The integration with our NinjaOne RMM software works very well. We also appreciate the ability to manage thousands of computers through a single pane of glass and to take action directly from the portal. Fortunately, we haven't needed to use it yet, but knowing we have the option to roll back any changes caused by a virus or malware gives us great peace of mind. This rollback feature is truly impressive. If we get a false positive, we are able to write exclusions and train the system for what we need. Single Sign On is nice to have as well. Review collected by and hosted on G2.com.

We do get a few false positives, but that also gives us peace of mind that the software is working as well. Review collected by and hosted on G2.com.

The big win is how it automatically hunts down and kills threats (ransomware, etc.) without needing a human to step in. The story-based alerts are a game-changer—instead of a million confusing warnings, you get one clear "story" of the entire attack, which makes fixing it super fast. Review collected by and hosted on G2.com.

SentinelOne is a premium product with a premium price tag. Review collected by and hosted on G2.com.

Good Threat detection, Purple AI is useful. Lots of administrative controls from console. Hyper automation is really useful. Multitenancy architecture is good to have. Review collected by and hosted on G2.com.

IOC addition requires API integration, cannot be added directly to console. IPS and integrity module should be included. Review collected by and hosted on G2.com.

It's incredibly effective in protecting assets in our infrastructure from attacks. It's total autonomous coverage of security and exelent customer support. It's easy to implement and integrates well with a multitude of other third party tools. Ease of use is needless to say. The management console iUX is robust and appealing to the eye. Review collected by and hosted on G2.com.

There isn't anything that I don't like about SentinelOne Review collected by and hosted on G2.com.