SentinelOne is endpoint security software, from the company of the same name with offices in North America and Israel, presenting a combined antivirus and EDR solution.
$4
per agent, per month
Trellix Helix
Score 7.0 out of 10
Enterprise companies (1,001+ employees)
Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.
Only reason for choosing SentinelOne Singularity over crowdstrike was the cost because SentinelOne Singularity was much cheaper at that time as compared to the crowdstrike. Also, SentinelOne Singularity rating in gartner was higher than the crowdstrike which also gave it an …
It works extremely well for investigating the root cause analysis of events because you can see so much detail into what was happening before, after, and around the detective incident. A weak point would be when the AI gets a little over-aggressive or doesn’t quite understand the use case for specific tools. Our RMM tool was detected as a pup.
The UI displays wells the deviations and anomalies using advanced threat intelligence so you have full control of your security ecosystem. We've used it for two years to secure our servers and we easily customize threat detections to reduce the stressful false positives. We fill the XDR AI with data and it correlates with incident data to deliver unmatched frontline security intelligence.
There are some minor issues with the platform that can be mildly frustrating, but the overall performance, peace of mind, and ROI make it worth using. The management console is intuitive and easy to learn, the endpoint clients are simple but give IT professionals enough data to make management easy and simple
Their support is good and quick to respond. The one issue we faced was when a non-protection issue arose there was a lot of dancing around trying to figure things out. This was frustrating as it took significantly longer to figure out issues. Lots of repetitive log gathers, screen caps, uninstalls that never seemed to resolve issues. Eventually, the product would be updated and the issue seemed to be resolved, but seemed to be the only solution.
SentinelOne had all of the major features that we were looking for. The other products either required too much administrative attention or were lacking key features. For example, one could be uninstalled by the end user. We required that the installation be password protected to protect against end user disabling or uninstalling. One product required manual intervention for all remediation which put to high a burden on limited staff. All products are always being revised so these may no longer be issues but they had a significant impact on our decision.
I find Helix to be super-efficient and able to cut through the noise. Previous installations of LogRhythm and Splunk resulting in an overwhelming amount of noise (out of the gate), and we had to constantly tune out false positives. Helix is different. Out of the gate, Helix provided higher fidelity hits, and our teams don't spend half their day turning out the noise.
SentinelOne has already proved its value by stopping attacks that would have gone otherwise unnoticed until much later in their infection process.
The Vigilance team has provided quick response to threats that were not easily contained via the automated response SentinelOne's agents provide. This has given us a significant piece of mind.
