We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The integration, visibility, vulnerability management, and device identification are valuable."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"The visualization is very good."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"Stability-wise, I rate the solution a ten out of ten."
"SentinelOne is the next-generation EDR solution."
"The most valuable features include the agent installation and update processes."
"The process visualization, automated response, and snapshotting are valuable. The integration and automation possibilities are also valuable."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"The tool deletes the problem-causing process and prevents issues."
"The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products."
"SentinelOne is very lightweight. It doesn’t consume much memory of endpoints. Endpoints don't hang, and machine performance doesn’t get impacted. Their technical support is also very nice."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The price should be adjustable by region."
"The support could be more knowledgable to improve their offering."
"Their visuals and graphs need to be better."
"The tool should improve its scalability."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"The solution could offer better reporting features."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"The biggest challenge has been related to the implementation."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"I would appreciate seeing the browser extension react more effectively to events, going beyond mere detection."
"The SentinelOne portal is not user-friendly, which is one of its drawbacks."
"We'd like to have a network map or scan to cover network security."
"In terms of areas for improvement in SentinelOne Singularity Complete, it needs to give more straightforward directions or communication about detection or what has been detected."
"This solution would be more attractive to customers if the price were lower."
"SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful."
"The overall integration functionality for this solution could be improved."
"SentinelOne is causing a problem with the data service that causes one of our applications to crash randomly. We're still looking for a permanent fix, but we have implemented a temporary workaround that excludes that application from the scan."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Fortinet FortiAnalyzer, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.