We performed a comparison between IBM Security QRadar and SentinelOne Singularity Complete based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements.
Comparison Results: Our users prefer IBM Security QRadar over SentinelOne Singularity Complete. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management. SentinelOne Singularity Complete users say it lacks some of QRadar's more advanced features and requires enhancements in automation, reporting functionality, user-friendliness, and stability.
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"Microsoft 365 Defender is simple to upgrade."
"I think it's a very stable product that provides much more visibility than the other product."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"Senses, tracks, and links significant incidents and threats."
"The most valuable feature is the searching capability and real-time operational use."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"We are using the platform version, which I like."
"Overall a great solution."
"IBM QRadar Advisor with Watson is a stable solution."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"I like Singularity's rollback features, threat-hunting, and Ranger Insights. The Ranger feature scans the network and provides visibility into all the unsecured assets."
"The deep visibility feature is valuable. It is helping enrich our IR team in their investigations."
"The most valuable feature is the ability to drill down into individual sequences of processes."
"In terms of the engines that SentinelOne uses, it has stopped various scripts from running and it's highlighted lateral movement that we weren't expecting."
"The most valuable feature is that it just unintrusively works in the background to carry out the protection."
"The best thing SentinelOne has done for us is that it gives us insight into the endpoints. We never had insight into lateral movement threats before. Once a threat known as Qbot gets on the network, it actually spreads throughout sub-networks quickly. SentinelOne has detected that and saved our bacon. We were able to get in there and stop the threat, lock it down, and prevent it from actually spreading through. It would have been 50 or 60 computers. It had spread through in a few minutes. We have a lot of HIPAA data and FERPA data that we need to keep protected."
"The solution's in-place upgrades have been very helpful."
"The licensing is a nightmare and has room for improvement."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The logs could be better."
"The web filtering solution needs to be improved because currently, it is very simple."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"Before we didn't have any security issues but recently a few of the user emails were hacked. We had to actually recreate their emails for them."
"We would like to see better instrumentation for debugging changes in the log flow."
"Its architecture is very complicated."
"This solution is on-premise and many customers are moving to the cloud base solution."
"GUI needs to be improved."
"I think that the search speed of this solution could be improved."
"The process of uninstalling and reinstalling older agent updates needs improvement."
"In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear."
"There are features that I would like them to add. They have little to do with endpoint protection, but if they could add encryption and DLP on, it would make it even better."
"Maybe they can develop some firewall aspects for it to better protect us."
"The training for SentinelOne Singularity should be free. The solution has a lot of features but we do not know how to use them all. The moment someone purchases the solution they should contact them and provide them with a feature session on how to use the features."
"Everything is now offered as a service, so the console and the licensing model can be improved to make things easier, especially when updating new versions of the software."
"They can improve the administrative interface. They can make it more user-friendly."
"Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions."
More SentinelOne Singularity Complete Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. IBM Security QRadar is rated 8.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our IBM Security QRadar vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.