We changed our name from IT Central Station: Here's why
Get our free report covering Microsoft, SentinelOne, Broadcom, and other competitors of ESET Endpoint Security. Updated: January 2022.
564,143 professionals have used our research since 2012.

Read reviews of ESET Endpoint Security alternatives and competitors

Sr. Information Security Manager at a computer software company with 1,001-5,000 employees
Real User
Top 20
Shortened our incident response process because all of the information we need is already there
Pros and Cons
  • "Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
  • "In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear."

What is our primary use case?

SentinelOne has completely replaced the antivirus solution that we used before. It's also an EDR solution. In the case of any suspicious malware, we can control the system with this agent.

How has it helped my organization?

Previously, we had some processes related to incident response which required more steps.  We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future.

Behavioral AI does recognize novel and fileless attacks but we hope not to experience an attack like this. These days, there is no life without the internet. I don't think it is really a plausible scenario because we all use Microsoft services, 365, etc. If you don't have an internet connection, then you don't have anything. The guys from SentinelOne showed me an example where they can actually work without an internet connection and it worked just fine, like a common antivirus solution. But it wasn't important to us that it can do this because we know that in the real world, there are not many scenarios that wouldn't involve the internet.

We do use the storyline feature because it's SentinelOne's main feature that they are proud of. We don't see a lot of viruses in our environment and from what we have seen, it doesn't really help because a user will download a virus, the antivirus blocks it, and that's the end of the story. So there isn't much of a storyline behind it. But the SentinelOne guys showed us how it works and in the case of a difficult attack, it should work fine. 

We work with the storyline feature when we are suspicious of something and we need to check. But we didn't have an exact case where something highly critical was in our systems.

What is most valuable?

I find all of the features to be valuable. It's a cool and very informative tool. The management console analyzes, stops, and prevents the spread of malware. You only need to work with the console. There is nothing to do on the agent side. The user does not need to be involved in this process. 

The level of information it provides is enormous. You have all you need in case something happens. If we need to have an incident response with third-party external companies, we can give them the data that they can analyze further. The information about what's happened on the computer is absolutely amazing.

It's very comprehensive. It offers a lot of data but you can see only what you need or you can go further. If you need to investigate a little further, you can do that in any process. It's a SOC-analyst style.

If you are not an analyst, you can still do a lot with it. It's very convenient. We have workers who are not in the office, who are working from home. This is a good solution for them because it's Cloud-based. I can control everything from one console and even for users who are not in the office. We work with lots of vendors and not many of them have this solution. Traditional antivirus software doesn't have these features.

In terms of its impact on the endpoint, when you have a house computer working on antivirus, it doesn't make a huge impact on the system resources and even more, it can be installed parallel to antivirus. We have had scenarios where we have traditional antivirus and SentinelOne installed in parallel. It's two antiviruses on the computer and users won't know about it. They know about it when they start to download bad stuff and the antivirus starts yelling. 

According to what I see in the console, I do think that SentinelOne covers a wide variety of operating systems. It's even more than it needs to. In the traditional way, it's like antivirus but it does even more because it's also like an EDR solution. It covers all processes, what it does, where it goes, et cetera. There's a lot of stuff under the hood. I'm surprised it doesn't use a lot of resources because I thought it would be more aggressive for CPU memory.

What needs improvement?

In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear.

They have a lot of updates on their management console. They have a lot of features. There is not enough time to read about it all. It's really a lot. The features that they apply are great and I would love to use them, but it's lots of things to know. And if you're not only working with antivirus on SentinelOne like me, there isn't much time to learn about it. 

For how long have I used the solution?

I have been using SentinelOne for almost a year. 

What do I think about the stability of the solution?

I'm very excited to work with SentinelOne but they have a problem with agent updates. We lose connectivity when we update agents. When users are working from home it's not good to lose connection because you don't have options to connect or have meetings. 

I think they started working very closely on this problem. This solution will be better but so far, that's been my experience. 

What do I think about the scalability of the solution?

We use the Cloud. It's completely scalable. They use a management console for lots of companies. It's tremendously scalable, it can be used with hundreds of thousands of computers.

Right now, we protect only 100 endpoints, it's for highly critical systems. Before the COVID crisis, we had plans to increase usage. We need to renew at the end of the year. We will for sure renew for 100 endpoints. I'm not sure about expanding though.

We don't need to do anything related to updating service backend sites. For agents, we only need to click "select all" and "run update," that's it. It only requires one person for maintenance, to see events and analyst information, technology, etc. It has access for three people who are security engineers and our CSO.

How are customer service and technical support?

They have excellent support. There are security vendors who take up to 48 hours to just answer back a "Hello," without an explanation to my problem. The SentinelOne guys answer within the hour with a solution to any concerns expressed in an email. Support is very awesome. They also connect me with engineers who can help me. I can share a screen with them to show them the exact problem. This is important because a lot of vendors don't do this.

How was the initial setup?

The initial setup is very easy and straightforward. We don't use the on-premise solution, we are Cloud-based. It's important because we have a lot of resources on our side who work fast. We can deploy in minutes. The initial deployment took one hour. 

What about the implementation team?

We did the deployment ourselves. It's really easy. We have a Wiki page where end-users can see what they can install themselves. They just need to click on it, type, tell us where they want us to put a computer, and that's it. The users can do it themselves.

We installed it for a pilot group of 10 users and then deployed for others.

What was our ROI?

Our analysts spend less time doing his job because he has everything he needs in one management console. He can programmatically do everything and only react to real incidents. It reduced the costs of analysts' work. Their work costs a lot of time and money and having SentinelOne enables us to save on these costs. 

What's my experience with pricing, setup cost, and licensing?

There are actually three versions of this product: the user version, professional, and professional plus. If analysts need to see something, like what the users are doing, what processes are running, we can go to the console and see. The traditional version only shows when incidents happen. I think the next time we renew, we'd go with the lesser version because it shows enough information. 

There aren't additional costs to the standard licensing.

Which other solutions did I evaluate?

We have the option to choose different vendors. We briefly looked at other vendors. We looked at Carbon Black, Kaspersky, and ESET EDR.

We evaluated them one year ago. These vendors are comparable to traditional antivirus while SentinelOne is and all in one solution. It has everything you need. SOC analysts is straightforward and they gave us a straightforward proposal. 

It takes the same amount of time for SentinelOne to catch malware as it does other solutions. There's not much of a difference. In our case, we don't see a lot of viruses because we have a lot of levels of security that prevent them. 

What other advice do I have?

We can see the difference between traditional antivirus and what we can do with SentinelOne. Even if the price is a little bit more, we can see what we can do with it. We can use EDR, stop network activity, do whatever we need on the endpoint, from the security engineer side. We can see that it's at a completely different level. We have a traditional antivirus but we're going to rid of them at the end of the licensing period.

My advice would be to go with the Cloud version, not on-prem. 

I would rate SentinelOne a ten out of ten. It's a ten out of ten in terms of the EDR. It's also a 10 of 10 for the product and company. The solution does a lot. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
IT Support Specialist at a construction company with 11-50 employees
Real User
Top 20
I can access it from anywhere and remediate quickly from the cloud console, but there should be a little more detail around detections and events and better pricing
Pros and Cons
  • "Being able to cloud manage it from just a cloud login is valuable. We can get to it from anywhere, which is really helpful. The fact that we can remediate from the cloud console is one of our favorite features."
  • "I would like to see a little more detail in the log. So, when an event occurs, I'd like to know not just when it happened and on what device, but what activity was taking place on the machine at the time so that we can drill down. If we get a false positive, we have to do a lot of research and go back and forth with our end-users to know why it was a false positive. So, having a little more detail around detections and events would probably be my most asked feature."

What is our primary use case?

It is for endpoint detection and protection. We primarily use it to protect our Windows machines. We've got endpoints that are out in the field. We're a construction company, so we've got mobile endpoints using Windows out in the field and in our two offices.

It is 100% on the cloud. In terms of the provider, we use Malwarebytes themselves.

How has it helped my organization?

We're only working with 30 or 40 endpoints at most, so we don't have a huge fleet. We have a small IT team, and being able to manage even a small fleet of devices that are out in the field and being able to respond and remediate really quickly from the cloud-based console has been really helpful for us. It saved us some time, for sure.

What is most valuable?

Being able to cloud manage it from just a cloud login is valuable. We can get to it from anywhere, which is really helpful. The fact that we can remediate from the cloud console is one of our favorite features.

What needs improvement?

I would like to see a little more detail in the log. So, when an event occurs, I'd like to know not just when it happened and on what device, but what activity was taking place on the machine at the time so that we can drill down. If we get a false positive, we have to do a lot of research and go back and forth with our end-users to know why it was a false positive. So, having a little more detail around detections and events would probably be my most asked feature.

Its price can also be improved. It is really expensive.

For how long have I used the solution?

We've been using Malwarebytes for about two and a half years.

What do I think about the stability of the solution?

It's really stable. It uses a lot of system resources, but it's really stable.

What do I think about the scalability of the solution?

For our purposes, we would never really run out of scale for it. These types of solutions are run to do thousands and thousands of systems. We're probably never going to hit even hundreds.

Currently, we've got at most 40 endpoints, and that's our entire organization. Its users range from owners to vice presidents to IT to final end-users.

We do not have plans to increase its usage. In fact, if anything, we have plans to either decrease usage or probably move away from it entirely based on the cost.

How are customer service and support?

I have only been here for about six to nine months. We didn't need to contact them during this time. In fact, I am fairly certain that the most amount of contact that we've had to do with them was just during the initial setup. After that, we've been able to handle everything ourselves.

Which solution did I use previously and why did I switch?

There was no solution used previously.

How was the initial setup?

Its initial setup was pretty easy. They gave us a login. We generated an application download and a few keys, and we were off and running.

Its deployment probably took about a week or two. We could have gotten it done a lot faster, but we were having to schedule one-on-one sessions with our end-users to make sure that we could remote into the system and download the appropriate software and get it set up. Realistically, we could have done a full implementation in two or three days, but just due to schedules and other things, it was lengthened out to about two weeks. The implementation, however, was pretty simple.

For its deployment and maintenance, one person is required.

What about the implementation team?

We used a reseller. I can't recall who at the moment, but our experience with them was pretty good. We had some initial questions right out the gate in terms of capabilities and launch and how we were going to launch it. They were pretty good about getting back to us. They were a little bit weird on offering prices though. As I recall, we really had to hound them for getting solid price information out of them.

What was our ROI?

ROI on the product at our scale is going to be how much management does it take, which is what we want low. We want a low amount of interaction with the product as possible and a really high and effective detection rate. It definitely has a really high detection rate. In fact, sometimes that rate is so high that we're getting annoyed by false positives, but we'd like to have the system self-remediate as much as possible because our IT department is basically one person.

What's my experience with pricing, setup cost, and licensing?

It is really expensive. We've got between 30 and 40 licenses every year, and for the number of licenses that we have, we're finding that Malwarebytes on average costs between $900 and $1,000 more per year than comparable options. We're paying about $3,300 per year for these licenses.

There are no additional costs beyond the standard licensing fee.

Which other solutions did I evaluate?

I believe that there were some other options evaluated at the time. I think Kaspersky and ESET were evaluated, but their implementation was going to be a little difficult from my understanding.

What other advice do I have?

Based on a lot of the research that we've done, especially for small to medium businesses, it seems like there are a lot of other solutions out there that have as good or slightly more features and are a lot cheaper.

I'd give it a solid seven out of 10. It is a very effective solution for us, and it meets a lot of our needs. It doesn't meet all of them, but it does meet a lot of our needs. Based on the ROI on cost and seeing other things out there that are a lot cheaper but equivalent or possibly a little better in terms of features, we most likely will be moving away from the product.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Technical Analyst - Desktop at a manufacturing company with 501-1,000 employees
Real User
Top 20
Managing multiple machines is a pain, but support is top notch
Pros and Cons
  • "It prevents our users from circumventing security. Everything is password protected so they can't get into it. They can't uninstall it. They can't do anything."
  • "It needs improvements in its EDR and its ability to manage all the nodes. I'd like better communication between the console and the nodes, so I don't have to remote into each individual machine that's having an issue with the protection."

What is our primary use case?

We use it for our endpoint security solution for 1,000 machines worldwide. We're one of the largest machine shops in the world. In just one building, I've got over 500 machines in there. Some of them are old and come from the World War II era. Some of my machines, like my laser hole poppers, are still running Windows 3.1. I've got a lot of older lathes and mills that are running Windows 95 and Windows 98.

How has it helped my organization?

It hasn't improved our company in any way. Panda is the most painful endpoint solution I've ever had to work with except SentinelOne. With Panda, if the protection is turned off or there is a problem on a machine, you have to access that machine remotely to fix it. You can't fix it via the console. I'm the network admin and security admin at my company I don't have the bandwidth to babysit an endpoint solution. 

What is most valuable?

It prevents our users from circumventing security. Everything is password protected so they can't get into it. They can't uninstall it. They can't do anything. 

What needs improvement?

It needs improvements in its EDR and its ability to manage all the nodes. I'd like better communication between the console and the nodes, so I don't have to remote into each individual machine that's having an issue with the protection. The console's intended purpose is to manage and I've got half the management capabilities in their console. I've got almost 1,000 machines worldwide. As one person, I don't have the capacity to take care of this.

For how long have I used the solution?

We adopted this one about three years ago.

What do I think about the scalability of the solution?

It's good for all platforms— iOS, Windows, Android, Linux—so its scalability is there.

How are customer service and technical support?

Technical support has always been top-notch when you can get through. Sometimes you're on hold for up to an hour, but their technical support has always been able to address the issue and get it resolved within 48 hours.

Which solution did I use previously and why did I switch?

Prior to Panda, we had SentinelOne. Panda is a lot less work than SentinelOne in our environment. We still use a lot of Excel macros. We've got applications that we created ourselves and are unsigned. We work with machines with extremely old operating systems, and these things run off of applications that we have built in-house. SentinelOne wanted to shut down the applications so that the machines couldn't connect. It was costing us money. I can't give SentinelOne a bad review just because of our environment. Our environment is very unique, so it's not fair to SentinelOne. But at the same time, we just weren't made for each other. 

How was the initial setup?

The setup is pretty easy. Deployment takes less than an hour. It's typically connected to the console, so it has already downloaded the latest and greatest updates or file hashes. Creating groups and policies for those groups can be a little complex but once you've got all that figured out, then you're good. The console needs a lot of help. Even downloading the installer for a new deployment on a PC is not very straightforward. 

What about the implementation team?

I have an in-house team. I've got two help desk guys that I've had to train to use the Panda tenant. I don't even know if they're doing it anymore — touching every machine that has a problem with the protection.

What's my experience with pricing, setup cost, and licensing?

I don't think Panda's license is too expensive, but they're charging more than it's worth. It's a yearly license. For 1,000 endpoints, it's around $18,000. 

Which other solutions did I evaluate?

We're considering switching to something else. Right now we're looking at ESET Endpoint Security and Trend Micro Apex One. Panda's EDR is rudimentary, so we're looking to upgrade because our insurance policy is asking us to find something better. Right now, we're leaning toward Trend because they're telling me that I can do everything from the console with their solution. That was the biggest pain with Panda.  

What other advice do I have?

I'd rate Panda five out of 10. I give it that high just because it does work to some extent and it's cost-effective. My attitude toward Panda is 50/50. I get probably 10 or 15 emails a day complaining that machines lack protection. But if the console can detect the machine and knows that it's lacking protection, then my logic says, "Update it." But for whatever reason, I have to manually do it again. It's painful. It shouldn't be as expensive as it is. And I think it's going to be a lot more expensive now that WatchGuard owns it. Hopefully, they make a lot of good changes, but I've had enough with Panda.

Another thing to note about Panda is that I haven't seen anything in the documentation about compliance with GDPR regulations. I've got 11 locations in Europe, and we're going to have a GDPR tenant for the most stringent country or area. So even being in the US, I'll have to abide by European GDPR here in the US for all the locations to share one tenant. Otherwise, we'd have to have multiple tenants, which will cost us more money and be more of a hassle to manage. 

Before you install it, do a 90-day proof of concept. Thirty days is too short. You need to see the failing endpoints and what you have to do to fix it.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Sergey Apostolov
Network Security Engineer at S&T Bulgaria
Real User
Good technical support with a great complexity and the capability to scale
Pros and Cons
  • "We've found the technical support to be very helpful overall."
  • "The solution should adjust its pricing for the smaller market we are in."

What is our primary use case?

Next month, we will implement the solution as our own primary endpoint solution. Currently, we have clients that are using it for the same purpose.

What is most valuable?

We've just started the distribution of Trend Micro Products. We're at the start of the process. However, it's my understanding that it is a very complete solution.

With the DLP addition, it's quite a good product.

The complexity of the product is very good. It has a lot of features. It covers many items and different parts of intrusions.

The solution can scale quite well.

We've found the technical support to be very helpful overall.

What needs improvement?

We're still in the early stages of using the solution. We need more time to do some installations and work with the product to really be able to evaluate it completely. 

We had some challenges with the initial setup.

The solution should adjust its pricing for the smaller market we are in.

For how long have I used the solution?

We've only been using the solution for about six months - or half a year. We haven't used the solution for that long just yet.

What do I think about the scalability of the solution?

The solution is very easy to scale and quite flexible. If a company needs to scale, it can do so with ease.

How are customer service and technical support?

We have our own global distributor, a local provider, and they have some technical personnel that covers the lower level of support queries. For a big issue, we contact the Trend Micro team directly. 

It's very easy to contact both. They are very quick and responsive, They are quite knowledgeable and helpful. We're very satisfied with the level of service we are provided with.

How was the initial setup?

The initial setup can be difficult. We had some issues, however, we worked with a local provider here in Bulgaria, and successfully performed this type of installation previously.

What about the implementation team?

We had the assistance of a local provider that was well trained in implementation. They sorted out any problems we had and helped us set everything up. We were very satisfied with the results.

What's my experience with pricing, setup cost, and licensing?

We have a small market in Bulgaria and the price is always the leading issue and the leading decision point. Trend Micro is a big vendor, one of the best vendors, in my opinion. For a couple of years they've been in the top three and top five as an antivirus solution. Therefore, the quality comes at a price. I try to explain to our customers and our clients that they are paying for quality. That said, due to the fact that Bulgaria is such a small market, the pricing doesn't match the expectations. 

Which other solutions did I evaluate?

I am currently comparing this solution with ESET.

What other advice do I have?

We are both a distributor of this product as well as a customer.

I'd recommend the solution to other companies. We don't just offer it to clients. We use it ourselves. We believe in the solution. We see the value in it.

I'd rate the solution at a nine out of ten. Although there are some improvements to be made, it's a very complete product with good flexibility and a good level of flexibility.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Husam Kabaha
CTO at Mechkar
Real User
Top 5
Reliable, straightforward to set up and has high detection rates
Pros and Cons
  • "The initial setup was extremely straightforward and very easy."
  • "The UI, user interface, could be improved."

What is our primary use case?

The solution is used for our enterprise. We primarily use the solution for security. We use it for detection purposes. 

What is most valuable?

The solution offers very high, effective, detection rates.

The solution offers a very good performance overall. It's reliable. 

The initial setup was extremely straightforward and very easy.

The stability is good.

What needs improvement?

We would always like to see even more security features. It's something the solution should continue to improve upon.

The UI, user interface, could be improved. They should update it.

For how long have I used the solution?

I've been using the solution for a while. It's been about three years at this point.

What do I think about the stability of the solution?

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable. The performance has been excellent over the years. 

What do I think about the scalability of the solution?

We protect around 2,000 endpoints with this product.

We do have plans to continue to use the solution. I cannot speak to if expansion is in the works. 

How are customer service and technical support?

I've never dealt with technical support directly. I can't comment on their level of service or responsiveness, having never dealt with them directly myself.

How was the initial setup?

The initial setup was not complex or difficult for us. It was very simple and very straightforward. A company shouldn't have any issues with the solution's setup.

The deployment was quick. It only took us about three or so days.

What about the implementation team?

We handled the implementation ourselves. We did it in-house. We did not need an integrator or consultant to assist us.

Which other solutions did I evaluate?

In the past, we've looked at ESET Endpoint Security.

What other advice do I have?

We are a customer and an end-user. We don't have a business relationship with Kaspersky.

We are using the latest version of the solution at this time. I cannot speak to the exact version number.

I'd rate the solution at an eight out of ten. We've been mostly quite happy with the product and how it has performed for us.

I'd recommend the solution to other users. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering Microsoft, SentinelOne, Broadcom, and other competitors of ESET Endpoint Security. Updated: January 2022.
564,143 professionals have used our research since 2012.