We performed a comparison between Crowdstrike Falcon and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, SentinelOne seems to be a slightly superior solution. All other things being more or less equal, our reviewers found Crowdstrike Falcon to be expensive, and some reviewers also felt that its technical support could be improved.
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"We haven't had any infections or down time."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"Scalability is good. We have had no issues with it."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"It is a good endpoint solution. That's the reason we chose it. We looked at other solutions, such as CrowdStrike, and based on the cost and the services it delivers, it was the better choice."
"It has a one-click button that we can use to reverse all those dodgy changes made by the virus program and bring the system quickly back to what it was. That's one of the most important features."
"SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control."
"The solution has helped reduce our alerts."
"The anti-ransomware capability to analyze the threats and user-friendliness are the most valuable features."
"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
"I work in vulnerability management, and for me, at the moment, its automation is most valuable. For the SOC team, incident visibility would be most valuable, but for me, it is automation."
"I have found the activity timeline and threat analysis to be particularly useful."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The solution does not offer a unified response and standard data."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"We should be able to use the product on devices like Apple, Linux, etc."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"There are some areas where some customers would prefer a different service."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"We sometimes get false positives."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"The product could be more accurate in terms of performance."
"SentinelOne's performance and the accuracy of its incident filtering could be improved."
"Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly."
"The grouping feature needs improvement."
"Everything is now offered as a service, so the console and the licensing model can be improved to make things easier, especially when updating new versions of the software."
"I would like to have firewall functionality within SentinelOne Singularity Complete."
"Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful."
"Singularity Complete's process stream has room for improvement."
"The solution’s distributed intelligence at the endpoint is pretty effective, but from time to time I see that the agent is not getting the full execution history or command-line parameters. I would estimate the visibility into an endpoint is around 80 percent. There is 20 percent you don't see because, for some reason, the agents don't get all of the information."
More SentinelOne Singularity Complete Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. CrowdStrike Falcon is rated 8.8, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, ThreatLocker Protect, Datto Endpoint Detection and Response (EDR) and Bitdefender GravityZone EDR. See our CrowdStrike Falcon vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Endpoint Protection Platform (EPP) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I think both solutions are very good.
https://blog.ithq.pro/sentinel...
I leave you a comparison of this website made by users.
https://www.peerspot.com/produ...
Hi ViJay - Are they open to other solutions as well?