We just raised a $30M Series A: Read our story

SentinelOne Competitors and Alternatives

Get our free report covering CrowdStrike, Microsoft, VMware, and other competitors of SentinelOne. Updated: November 2021.
553,954 professionals have used our research since 2012.

Read reviews of SentinelOne competitors and alternatives

Norman Kromberg
VP of Info Security at SouthernCarlson, Inc.
Real User
Top 20
Does a good job of reporting when it detects anomalous behavior

Pros and Cons

  • "Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
  • "Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

What is our primary use case?

We purchased Morphisec to protect our endpoints from anomalous behavior. The biggest use case would be to prevent ransomware, but also to detect other unnecessary programs running on devices. So, the use case has been endpoint protection, both for servers and endpoints, e.g., laptops and desktops.

We do a multi-layered defense in-depth. They are our primary prevention at the endpoints for anomalous behavior. I would classify it as a preventative tool, since Morphisec blocks and prevents execution. So, I would put it at the preventative layer.

We have agents on all of our endpoints and servers pointing to their cloud instance.

How has it helped my organization?

Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure.

What is most valuable?

The biggest feature is its ability to prevent. Here is the interesting thing with a tool like Morphisec. You implement it almost as an insurance policy. If it works, nothing happens. If it fails, you have bad things occurring. So far, nothing terrible has happened. It does a good job of reporting when it detects anomalous behavior so we can research it. However, the key is that we can research in a much calmer fashion, since we do not need to uninstall because it blocks the activity.

What needs improvement?

Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity.

For how long have I used the solution?

My company has been using Morphisec since mid-December of 2020.

I have been aware of Morphisec since I worked for Optiv and met one of the key sales people back in 2015 or 2016. When I was at that company, I was a consultant helping companies with their roadmaps. So, we connected there and got Morphisec introduced to Optiv, the company I was working with then, who is also a VAR. Therefore, it was getting the product in via another sales route or sales channel.

What do I think about the stability of the solution?

It takes less than one person to deploy and maintain the solution. So far, we have not had to do maintenance. The biggest thing that we are working with Morphisec right now on is the multi-factor interface enhancement.

What do I think about the scalability of the solution?

We have had no issues with scalability. It's worked fine.

We have probably 10 people between our help desk, Tier 2, and executives accessing the system and using the dashboards, which has been pretty straightforward and easy to do.

In the system, our IT people research alerts. We get a daily report of all the events from the prior day. If there was a critical alert, the help desk will go out and research to see if they need to do anything with the endpoint. They have to go into the system to monitor and look at it. If we are running into an issue on a particular server and endpoint, we may go out there to see if there was any indication of an issue or if the actual agent is causing a problem. We have yet to find that the agent is causing a problem, but that is why they potentially would go out there.

It is on every endpoint, e.g., laptops, desktops, and servers, which is pretty extensive. We may expand into their incident response process and a number of other things that we can use them for, but that will be evaluated as we go into our budget cycle at the end of the year.

How are customer service and technical support?

I would rate Morphisec technical support as eight out of 10. They have just been very responsive. They are very strong at follow-up. They won't close tickets until we tell them to. They are very much a customer service focused group. They have been very good at tech support, providing knowledge, information, etc.

Which solution did I use previously and why did I switch?

Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. We didn't have a protection layer prior to Morphisec, so we added it. The key is the amount of work by the team is minimal. So, it did not increase our workload. We did not have to add staff. It has been a positive benefit that way.

This solution was an additive layer that we didn't have before. So far, it has been successful in the sense that it has not caused us to add resources. So, we have been able to get layer protection without additional expense, in terms of staff. That is a good thing.

How was the initial setup?

The initial setup was very straightforward. It was simple to install the agent. They provided good support. It was just a push, then it just took minutes to get the process rolling. We could monitor how well it rolled out, and they were there to support us. This was one of the easiest that we have ever done.

The deployment took a day or two in total actual work time, so we could confirm it reporting in on the dashboard. 

It probably took us a week or two to get it rolled out to all the devices because of our change control windows. 

We put it in the most conservative setting that we could for prevention. We did roll through certain applications for the logic of what not to include, but they had a pretty good baseline for what we should reference. We then just pushed the agents with some logic on the change windows. So, we did all the desktops and laptops first, then the servers. It was a pretty straightforward implementation.

What was our ROI?

Morphisec helps us save money on our security stack. We probably would have spent $100,000 more on a different solution. So, it did save us on that expense.

What's my experience with pricing, setup cost, and licensing?

It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year.

Which other solutions did I evaluate?

We also evaluated CrowdStrike, Cylance, and SentinelOne. CrowdStrike and Cylance were way too expensive. You could also throw in Sophos and Symantec in there. All those were too expensive and burdensome. SentinelOne was interesting. We were able to get better pricing and better access to the top people at Morphisec, and that is why we went with Morphisec.

We do not use Morphisec for antivirus at this time. We are using another tool for antivirus, but we will look at Morphisec Guard when that license is up.

What other advice do I have?

Don't overthink it. Just do it. Follow the directions of Morphisec and go for it, but make sure you understand what your application stack is before you go full bore, so you don't create false positives. However, they are easy to work with in those terms.

The reality is nobody ever gets to a single pane of glass or a single dashboard. Those claims are made by vendors, even Morphisec will make it. The problem is you have so many layers in your security stack that you will never get to a single pane of glass. So, I never have that as a requirement because I know it is not attainable.

We do not have Microsoft Defender in place, but so far it is providing visibility for what it is installed on.

While I have known of the company since 2016, they are still a startup. They are still equity-backed. I don't know where they are going to end up, but right now I am confident that they have good backing and financial resources. They got a new round of funding just after the first of the year. That is always a good sign.

Biggest lesson is the amount of discipline required in our company to stay current. Morphisec highlights breakdowns that we have in process and procedure, which is a good thing, but it's highlighted to us that we need to be a little bit more disciplined.

I would rate Morphisec as nine out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
CO
Director, Information Technology at a tech services company with 11-50 employees
Real User
Top 5
Frequent updates, plenty of features, and effective threat avoidance

Pros and Cons

  • "What I have found to be valuable is after every new release of the solution there are more features. At the time that we bought Bitdefender GravityZone, it was their top solution. We went from their Enterprise version to Elite, Elite HD, Ultra, and now there is an Ultra Plus available."
  • "I have not had used the EDR portion of the solution to do any custom scripting to allow further advanced operations on the endpoints. From what I understand from reading the comments on reviews is that it is not particularly flexible in this regard."

What is our primary use case?

We use this solution for advanced protection against threats for our endpoints.

What is most valuable?

What I have found to be valuable is after every new release of the solution there are more features. At the time that we bought Bitdefender GravityZone, it was their top solution. We went from their Enterprise version to Elite, Elite HD, Ultra, and now there is an Ultra Plus available. 

Overall the solution is working well, it can be a little intense and thorough at times, but I would rather have it be a little bit more thorough than not detect what it is supposed to. We have been running the solution for a long time through various versions and we have not had any viruses or malware breaches.

When comparing this solution to others it performs just as well as the majority of the top-level alternatives.

What needs improvement?

The whole suite is unlike most AV consoles, which will inform you when there is an infection or threat, for some inexplicable reason Bitdefender does not do that. The most you will receive is an hourly update or possibly if there is an outbreak that affects 30% of your machines, an email. There is no real-time alerting to inform the user there was a potential attack that recently happened on their system. They could improve by having real-time reporting which is important.

I have not had used the EDR portion of the solution to do any custom scripting to allow further advanced operations on the endpoints. From what I understand from reading the comments on reviews is that it is not particularly flexible in this regard.

Sandbox Analyzer is a feature that comes as part of the Bitdefender GravityZone Ultra Suite. It will start automatically unless you want to manually submit something which I have rarely done. When the feature is in use I do not get a reading back from the analyzer right away, it lacks real-time functionality. For example, if I was executing an admin tool and it was blocked because the Sandbox Analyzer wants to look at it on my local machine, it might take 10 minutes before I can successfully then launch that application to use it. The time it takes to analyze the software is too long. We are busy people and we end up just turning off the detection to allow the use of the program.

For how long have I used the solution?

I have been using the solution for approximately five years.

What do I think about the stability of the solution?

Bitdefender has been stable and reliable, there are a few key areas I always look for in an endpoint security platform. A few of them are, how much burden does it put on the endpoint, does it uses more than 10% of the system resources in order to function. If it does not then it is a pretty well-balanced client, it allows the systems to continue to perform at the appropriate level. If it catches a very high percentage of threats, it is doing what you bought it to do, and it does not give off a lot of false positives. However, in the EDR portion, you will receive more false positives, but outside of the EDR component with the client itself, if it has few false positives for viruses and malware detection that is good.

What do I think about the scalability of the solution?

They have done a decent job with scalability. The way they have their policies constructed and the ability to manage them. 

I think that the biggest challenge for Bitdefender is simply to move out of the SMB space and really become an enterprise platform.

How are customer service and technical support?

I have been in contact with technical support a few times. They are not the worst or the best. They provide an average quality level of support.

I rate Bitdefender GravityZone Ultra technical support a seven out of ten.

Which solution did I use previously and why did I switch?

We previously used Sophos and I recall, Sophos released an update for the AV software that destroyed the AV software on every endpoint that ingested it. It was a huge debacle and it took a long time to resolve because it left the solution in a state where you could not repair it, remove it, or update it. 

How was the initial setup?

The installation is straightforward, simple to understand and manage. 

What's my experience with pricing, setup cost, and licensing?

Bitdefender GravityZone Ultra is less expensive than other solutions, such as CrowdStrike. We had a really good deal because it was their year-end and they were trying to do a lot of sales that week. We bought a three-year contract from them and the cost was approximately $17 per endpoint, per year. It is was a very good price. I have spoken to other people who have purchased CrowdStrike at approximately $60 per endpoint, per year. I have no complaints about the price of this solution.

Which other solutions did I evaluate?

I put a lot of weight on third-party benchmark reviews and Bitdefender always reviews well overall on the spectrum. They review better even when compared to NSS Labs, MITRE, AV-Comparatives, and others. Bitdefender and Kaspersky both typically are the two solutions that are at the top month after month. There are the new technology solutions that are raved about often, such as SentinelOne, Cylance, and CrowdStrike, but they seldom review as well when it comes to defined tests where they test X amount of malware or types of attacks. It has been much harder to get independent confirmation of the efficacy of the new next-generation endpoint solutions than it has been to get the efficacy of the old generation products.

I am currently evaluating CrowdStrike and we considering moving to it once our Bitdefender contract is done.

What other advice do I have?

For those wanting to implement this solution, I would advise them it is worth it and to test it out.

I rate Bitdefender GravityZone Ultra a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
SK
Technical Analyst - Desktop at a manufacturing company with 501-1,000 employees
Real User
Top 20
Managing multiple machines is a pain, but support is top notch

Pros and Cons

  • "It prevents our users from circumventing security. Everything is password protected so they can't get into it. They can't uninstall it. They can't do anything."
  • "It needs improvements in its EDR and its ability to manage all the nodes. I'd like better communication between the console and the nodes, so I don't have to remote into each individual machine that's having an issue with the protection."

What is our primary use case?

We use it for our endpoint security solution for 1,000 machines worldwide. We're one of the largest machine shops in the world. In just one building, I've got over 500 machines in there. Some of them are old and come from the World War II era. Some of my machines, like my laser hole poppers, are still running Windows 3.1. I've got a lot of older lathes and mills that are running Windows 95 and Windows 98.

How has it helped my organization?

It hasn't improved our company in any way. Panda is the most painful endpoint solution I've ever had to work with except SentinelOne. With Panda, if the protection is turned off or there is a problem on a machine, you have to access that machine remotely to fix it. You can't fix it via the console. I'm the network admin and security admin at my company I don't have the bandwidth to babysit an endpoint solution. 

What is most valuable?

It prevents our users from circumventing security. Everything is password protected so they can't get into it. They can't uninstall it. They can't do anything. 

What needs improvement?

It needs improvements in its EDR and its ability to manage all the nodes. I'd like better communication between the console and the nodes, so I don't have to remote into each individual machine that's having an issue with the protection. The console's intended purpose is to manage and I've got half the management capabilities in their console. I've got almost 1,000 machines worldwide. As one person, I don't have the capacity to take care of this.

For how long have I used the solution?

We adopted this one about three years ago.

What do I think about the scalability of the solution?

It's good for all platforms— iOS, Windows, Android, Linux—so its scalability is there.

How are customer service and technical support?

Technical support has always been top-notch when you can get through. Sometimes you're on hold for up to an hour, but their technical support has always been able to address the issue and get it resolved within 48 hours.

Which solution did I use previously and why did I switch?

Prior to Panda, we had SentinelOne. Panda is a lot less work than SentinelOne in our environment. We still use a lot of Excel macros. We've got applications that we created ourselves and are unsigned. We work with machines with extremely old operating systems, and these things run off of applications that we have built in-house. SentinelOne wanted to shut down the applications so that the machines couldn't connect. It was costing us money. I can't give SentinelOne a bad review just because of our environment. Our environment is very unique, so it's not fair to SentinelOne. But at the same time, we just weren't made for each other. 

How was the initial setup?

The setup is pretty easy. Deployment takes less than an hour. It's typically connected to the console, so it has already downloaded the latest and greatest updates or file hashes. Creating groups and policies for those groups can be a little complex but once you've got all that figured out, then you're good. The console needs a lot of help. Even downloading the installer for a new deployment on a PC is not very straightforward. 

What about the implementation team?

I have an in-house team. I've got two help desk guys that I've had to train to use the Panda tenant. I don't even know if they're doing it anymore — touching every machine that has a problem with the protection.

What's my experience with pricing, setup cost, and licensing?

I don't think Panda's license is too expensive, but they're charging more than it's worth. It's a yearly license. For 1,000 endpoints, it's around $18,000. 

Which other solutions did I evaluate?

We're considering switching to something else. Right now we're looking at ESET Endpoint Security and Trend Micro Apex One. Panda's EDR is rudimentary, so we're looking to upgrade because our insurance policy is asking us to find something better. Right now, we're leaning toward Trend because they're telling me that I can do everything from the console with their solution. That was the biggest pain with Panda.  

What other advice do I have?

I'd rate Panda five out of 10. I give it that high just because it does work to some extent and it's cost-effective. My attitude toward Panda is 50/50. I get probably 10 or 15 emails a day complaining that machines lack protection. But if the console can detect the machine and knows that it's lacking protection, then my logic says, "Update it." But for whatever reason, I have to manually do it again. It's painful. It shouldn't be as expensive as it is. And I think it's going to be a lot more expensive now that WatchGuard owns it. Hopefully, they make a lot of good changes, but I've had enough with Panda.

Another thing to note about Panda is that I haven't seen anything in the documentation about compliance with GDPR regulations. I've got 11 locations in Europe, and we're going to have a GDPR tenant for the most stringent country or area. So even being in the US, I'll have to abide by European GDPR here in the US for all the locations to share one tenant. Otherwise, we'd have to have multiple tenants, which will cost us more money and be more of a hassle to manage. 

Before you install it, do a 90-day proof of concept. Thirty days is too short. You need to see the failing endpoints and what you have to do to fix it.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
AS
Cyber Security Engineer at a tech services company with 11-50 employees
Reseller
Top 20
This product does not provide what it needs to or what it says it does for proper Endpoint Detection and Response

Pros and Cons

  • "The dashboard actually is good and it is simple."
  • "The product has major problems in almost every facet of setup and use including setup, configuration, lack of functionality, lack of stability, false positives, questionable reporting, inability to protect from randsomeware and poor technical support and development."

What is our primary use case?

My job position is Cybersecurity Engineer. We use the solution as an EDR or endpoint detection response. As EDR is, it is not the primary endpoint protection as it can not control the risk. This product is working as behavior monitoring for the end users. These monitoring products are not controlling the endpoint. For controlling the endpoint, you can use EPP (Endpoint Protection) products like Symantec Endpoint Protection, Trend Micro Endpoint Protection, one that was called OfficeScan — now the updated one is called Apex One — or other strong endpoint protection solutions like Sophos Intercept X and so on. But Malwarebytes is just EDR. EDR is mainly for detecting usage behaviors. It is evaluation and it is not technically protection for the user environment.  

What is most valuable?

The interface is not so bad. The dashboard actually is good. It is simple. But it is not able to produce simulated attacks.  

What needs improvement?

I know of more than ten critical cases with clients which affect their use of the product adversely. We work with the Malwarebytes company a lot and have discussed the existing problems with the manager of Research and Development. He would not just say "You are right." But even though he knows that there are issues, there have been no changes in the results and improvements with the product even up until now.  

I want to help secure the environments of the clients I work for. I want to benefit a lot of people, a lot of clients and a lot of users. I have specific things, technical details for each feature and each use case that I have worked on. But the company is not making the broader changes they need to in the product to make it an effective solution.  

The most obvious problem is that basically the product comes up with a lot of false positives. This needs to be resolved.  

There are other particular pain points with the current solution which have to do with the reporting and the problems with difficulty of installation. But these are still not the biggest problems for people using the product.   

An additional feature I would like to see is a randsomeware roll back for 72 hours and for 100 GB of files. It is supposed to be a feature in the EDR to defend against randsomeware. But we cannot stop ransomware with EDR. We are supposed to be able to roll back the encrypted files. But it is a fact that, in production, we can not effectively roll back the ransomwares and encrypted files after this kind of attack. The company fails to say we can not go back. It is an important feature in these products and to the clients. But it is not effective.  

For how long have I used the solution?

I have been implementing this solution as a technical consultant in IT and I have implemented this solution more and more over time starting one year ago.  

What do I think about the stability of the solution?

The product is not stable. It is not broken all the time but the stability of this solution needs to be improved.  

How are customer service and technical support?

They have not been receptive to our suggestions about the product and have not resolved the issues that we have reported in great detail.  

Which solution did I use previously and why did I switch?

We are currently looking for a new solution because I am not satisfied with the product or the effort of the vendor to meet the needs of users. I have gone through the trouble of making a table for competition analysis between various vendors to see how they compare and that includes several vendors of EDR solutions including Malwarebyte, enSilo, CrowdStrike, Carbon Black and SentinelOne. I think we will end up working with Carbon Black or CloudStrike. But the current solution with malwarebytes does not perform well enough to properly protect our clients.   

How was the initial setup?

I find that the setup and configuration are complex and difficult.  

What about the implementation team?

We are the ones who do the installations and implementation.  

What other advice do I have?

I have a lot of baggage with this product because of problems I have with the customers, the implementation, the configuration, the settings — it is very, very troublesome. There are various players on the course now. Some solutions may perform better.  

I have had a bad experience with Malwarebyte in general. There are a lot of issues I have caught. I wrote these issues down to compile them and then I sent the information to Malwarebyte. Over some time, there was no improvement from the research and development or technical support from this vendor. I have only a few words about this product: It is not good yet. But they have also show almost no interest in improving it.  

The proxy setting is a very nice feature. But, with that, you can not remove the proxy settings for the clients who are going out of the office for travel. You have to go to each laptop and write a manual cmd (command line) script to remove the proxy settings. It should not be done this way. It is just another example. 

On a scale from one to ten with one being the worst and ten being the best, I would rate this product as a one-and-a-half. It is one of the worst products which I have ever used. If I have to choose a whole number it does not round up, it will round down to a one.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Boris Rapoport
System Administrator at a manufacturing company with 1,001-5,000 employees
Real User
The management is really good, you can see everything on the dashboard

Pros and Cons

  • "The management console is pretty good. We have a dashboard that shows us what stuff to log, different malicious links that people are trying to access and also if somebody was trying to connect something to the computer, to a USB port or something like that, and if this person is on the under control management. It shows that he tried and he got blocked."
  • "We're not sure if we're going to continue with those products or their products or we're going to switch to something else. That's why we stopped the immigration process. If we were going to replace another product, it's not really efficient to waste time on it moving patients and other clients."

What is most valuable?

The management console is pretty good. We have a dashboard that shows us what stuff to log, different malicious links that people are trying to access and also if somebody was trying to connect something to the computer, to a USB port or something like that, and if this person is on the under control management. It shows that he tried and he got blocked. Also, the virus and malware attempts that were trying to attack the computer storage and stuff like that so the console is pretty intuitive, it's pretty user friendly. 

Managing the clients themselves, if, for example, I want to have different sites and laws. It's pretty easy to manage the clients and also to move them to different containers. The migration process itself is really easy from office scanning G to Apex One. It's just a few clicks to migrate the clients so the management is pretty good.

What needs improvement?

It works okay. The management console itself looks pretty much like the regular Office Mechanics. 

We are looking into different solutions, like SentinelOne and Sophos. We might continue with Apex One, it also depends on budget and pricing.

For how long have I used the solution?

We enabled it a few months ago, but we only moved five to six clients from the office scan from the regular and point protection to Apex One. So far, it has actually resolved as one of the bugs that we had because the regular office scan, a client agent was causing some Windows problems. A lot of Windows systems were crashing, having blue screens. We didn't know what the message share or message said. We tried to analyze it and stuff like that. Eventually, we found out that it was actually because of the OfficeScan agent, the regular agent, and after moving them to Apex One, the blue screens had stopped. This was a good improvement.

We're not sure if we're going to continue with those products or their products or we're going to switch to something else. That's why we stopped the immigration process. If we were going to replace another product, it's not really efficient to waste time on it moving patients and other clients.

What do I think about the stability of the solution?

It's stable.

What do I think about the scalability of the solution?

We're actually a very small team, currently, we're down to three. IT and infrastructure people deal with all of the network issues and all of the management of the systems for our IT systems and products. One guy does help desk and another person and I were managing the systems. It's actually down to two people to manage all of the other stuff like that.

We use it on a daily basis, Monitoring is part of our daily monitoring and schedule. We're going from our different systems, more critical stuff in the morning, for a few hours and then we get to our later tasks and stuff like that.

How are customer service and technical support?

We offer support to the vendor directly. They were at our site two times already during the negotiation with the management. 

Based on the latest experience with technical support which was moving from migrating from the IMSDA to the DDI, it was actually pretty good. There was one support guy that worked with over the phone and everything is remote of course and after about two or three hours, all of it was running in production with the new system.

Which solution did I use previously and why did I switch?

We previously used Symantec. I was mainly dealing with the end point, installing, and uninstalling it and solving different issues that were involved or problems that were involved due to the Symantec endpoint client, but besides that, I wasn't managing the system.

The main difference between the two is the heaviness that was edited with Symantec on the endpoint client itself and into the client. The agent is pretty heavy on the resources sometimes, the memory specialists and we feel that with Trend, the product is more light on the station, and doesn't consume a lot of resources. That's I think the main issue.

How was the initial setup?

The initial setup was straightforward. We did the migration ourselves.

What other advice do I have?

As a current user of Trend Micro, I would recommend it, it does the job. It works fine and usually stops different virus attempts. The management is really good, you can see everything on the dashboard. If someone downloads some kind of infected file or some malicious file, we can see it and it usually gets blocked automatically.

I would rate Apex One an eight out of ten. 

In the next release, I would like to have the ability that if something happens, then we have a record of what exactly has occurred on the station, how it started and how it evolved and eventually, in case something bad happened, something malicious gets through and it wasn't recognized in the signatures and the station got infected so that we can later come and analyze and investigate it and see what exactly happened and learn from it actually for the next time.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering CrowdStrike, Microsoft, VMware, and other competitors of SentinelOne. Updated: November 2021.
553,954 professionals have used our research since 2012.