Likelihood to Recommend As a SIEM tool for investigations, Exabeam is the best in class. The AI assigns numeric values to observed logs them presents high scores to the analyst in a simple dashboard. We can see what is a real threat and ignore so many false positives. Exabeam is the best SIEM was used from an alert fatigue perspective. The simple interface allows other teams not just InfoSec to utilize the tool; helpdesk for asset diagnoses, HR for staffing questions, etc.
Read full review I'm not sure about pricing but I have heard from larger companies that it was not very accessible because of their size. We are a small company and we also utilize a SIEM which helped offset costs right off the bat. I think it makes 100% sense for IT departments that don't have enough staff to monitor their environment in depth.
Read full review Pros Fast search times, unlike other competing solutions. The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments. License is suitable for organisations with lots of logs to ingest. Hardware required for on premise deployments is well supported. Read full review SentinelOne provides excellent protection against known and unknown attacks to our endpoints. The recovery option provides a fast, first line of defense against ransomware and other system damaging attacks. SentinelOne requires minimal administrative support making it a very cost effective and efficient solution. Read full review Cons More and better drop-down menus, some items in threat hunter require you know subsets. Less dashboards, combine AA and DL without having separate logins. More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations. Quarterly health checkup diagnostics of systems sent out to users. Read full review Possibly for compatibility with legacy Windows OS's and non Windows OS's. Some settings are greyed out and unable to change but I believe this is to protect you from making a bad configuration change. Could do better with reporting at the base level subscription. Read full review Likelihood to Renew Reliable for simple installation and above all efficient
Read full review Usability Exabeam is very good at processing lots of logs without excessive licensing costs. It has a professional support team that's very quick to resolve any issues and provides custom parsers quickly and enables our analysts to search vast data sets without having to wait long for results to be returned. The product is getting more mature with new features every major release.
Read full review Compared to all the other major players, SentinelOne is truly hands off. One installed, the tool is able to manage all the major threats on my endpoints without intervention. The biggest thing the IT Dept has to do now is just clear the incidents after SentinelOne has dealt with them. Every other tool I have used requires significantly more effort to maintain.
Read full review Support Rating Exabeam Fusion has so many diffferent out reach meetings, webinars, community virtual coffees, and events that you can always stay abreast of what if happening and get new ideas for use cases. Their support actually answers their phones and can respond in chat instantly. With our cloud deployment Exabeam support teams can instantly see our systems and help us.
Read full review Their support is good and quick to respond. The one issue we faced was when a non-protection issue arose there was a lot of dancing around trying to figure things out. This was frustrating as it took significantly longer to figure out issues. Lots of repetitive log gathers, screen caps, uninstalls that never seemed to resolve issues. Eventually, the product would be updated and the issue seemed to be resolved, but seemed to be the only solution.
Read full review Alternatives Considered Webroot is a great product but did not provide the versatility that we really were desiring. It allowed to us to centrally manage, but required policy-based management, and not the endpoint detail we wanted. SentinelOne's central management provides a variety of options for us to deploy and manage.
Read full review Return on Investment Reduced time to triage alerts. Reduced number of alerts which need escalation to senior tiers. The ability for analysts to quickly run playbooks for additional information and enrichment. Ability to retain data for longer periods for forensics purposes. Improved search performance compared with other SIEM solutions. Read full review SentinelOne has already proved its value by stopping attacks that would have gone otherwise unnoticed until much later in their infection process. The Vigilance team has provided quick response to threats that were not easily contained via the automated response SentinelOne's agents provide. This has given us a significant piece of mind. Read full review ScreenShots SentinelOne Singularity Screenshots