Adlumin is a security operations command center that simplifies complexity and keeps organizations of all sizes secure. Its technology and integrations create a platform that obtains security telemetry from across an organization to provide greater insights into security alerts and streamline workflows.
N/A
SentinelOne Singularity
Score 9.0 out of 10
N/A
SentinelOne is endpoint security software, from the company of the same name with offices in North America and Israel, presenting a combined antivirus and EDR solution.
I do not have another MDR solution to reference, as this is the company's first MDR product. However, I have worked with plenty of security solutions and vendors and have not gotten as much issue/noise as I have with this product. I believe with a lot of work, it can be a …
If you don't already have a system in place for anomoly detection, log monitoring, and alerting, you're doing your company a disservice. Whether Adlumin is the best choice for you depends on your budget and technology stack, but overall, Adlumin has been one of the best security purchases made by our company in the last few years, and has paid for itself by automatically preventing and protecting against specific attacks that were non-attacks due to Adlumin stopping them before they could start.
It works extremely well for investigating the root cause analysis of events because you can see so much detail into what was happening before, after, and around the detective incident. A weak point would be when the AI gets a little over-aggressive or doesn’t quite understand the use case for specific tools. Our RMM tool was detected as a pup.
After an alert has been "Cleared" by internal IT, there should be no further action taken by the SOC team or the AI agent.
When there is an active internal incident or problem with Adlumin, there should be a notice in the incident or on the platform's active issues board about issues that may affect Adlumin agents. This would save people who have to respond a lot of time.
Have not been able to get one forwarder to function properly, despite documentation from a technician and the platform documentation. This is frustrating when a Windows collector option is available but doesn't work at all.
I have noticed some SentinelOne detections do not warrant responses or actions from the Adlumin team. These are usually repeated flags that do not require action, but some do, and some do not. I can't figure out what we reference specifically to determine a response from SOC or AI.
A number of integrations were simple to set up and well documented, but a few things were difficult or undocumented yet. Some sections feel over-complicated and others feel way too vague during the setup process. Once the onboarding is finished though, the product is very simple, but there is a learning curve at the beginning.
There are some minor issues with the platform that can be mildly frustrating, but the overall performance, peace of mind, and ROI make it worth using. The management console is intuitive and easy to learn, the endpoint clients are simple but give IT professionals enough data to make management easy and simple
Their support is good and quick to respond. The one issue we faced was when a non-protection issue arose there was a lot of dancing around trying to figure things out. This was frustrating as it took significantly longer to figure out issues. Lots of repetitive log gathers, screen caps, uninstalls that never seemed to resolve issues. Eventually, the product would be updated and the issue seemed to be resolved, but seemed to be the only solution.
ArcticWolf has been a great product that we have used, but the ability that Adlumin has is extremely comparable for a fraction of the price. There are no hardware requirements with Adlumin, but it still has all of the abilities as ArcticWolf without the overheard. Again, the SOAR actions are a game changer when it comes to automation and immediate action.
SentinelOne had all of the major features that we were looking for. The other products either required too much administrative attention or were lacking key features. For example, one could be uninstalled by the end user. We required that the installation be password protected to protect against end user disabling or uninstalling. One product required manual intervention for all remediation which put to high a burden on limited staff. All products are always being revised so these may no longer be issues but they had a significant impact on our decision.
We used to be with an MSP before I was hired, and the company spent over 20K per year for that service. With N-Able, we have reduced the cost by over half.
I spend minimal time now patching computers because this is all automated. I sometimes have to patch a couple of machines because I missed a patch, but it has saved me a great deal of time.
I save a great deal of time with Board Reports because they are automatically generated for me each month.
SentinelOne has already proved its value by stopping attacks that would have gone otherwise unnoticed until much later in their infection process.
The Vigilance team has provided quick response to threats that were not easily contained via the automated response SentinelOne's agents provide. This has given us a significant piece of mind.
