We performed a comparison between Palo Alto Networks Cortex XSOAR and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."
"It has basic out-of-the-box integrations with multiple log sources."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Log aggregation and data connectors are the most valuable features."
"Sentinel pricing is good"
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"It is a scalable solution."
"The most valuable feature is automation."
"Many different playbooks are available and can be customized."
"It is quite scalable. I would rate it a ten out of ten."
"The pricing is very good."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"The product is quite easy to use."
"It identifies what applications are vulnerable. If I go to the applications, such as Adobe Photoshop or Adobe Reader, I can see our current list of vulnerabilities: How many are vulnerable and how many need to be updated with patching. One of the most valuable aspects is the ease of finding specific vulnerabilities."
"SentinelOne gives us visibility into various high-level vulnerabilities on every gateway on the network. It helps us prevent vulnerable devices from being compromised. We primarily use Singularity for its EDR functions. We're happy with that."
"The XDR capability is quite good."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"Our clients have been able to survive a ransomware attack without even knowing that they had had files encrypted and automatically rolled back - even their Point of Sale (POS) system did not miss a beat and the business continued as normal without interruption."
"The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise."
"The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not."
"Most of the features are valuable. As a system integrator, agent deployment is valuable. It also fits the requirements of most of the clients."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"We'd like also a better ticketing system, which is older."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The solution could improve the playbooks."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"There is room for improvement in terms of the pricing model."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The solution requires DV but does not support open-source DV elastic searches."
"Palo Alto needs to develop more AI-centric products."
"The overall integration functionality for this solution could be improved."
"I would like to improve the reports because they are not so customizable and we would like more info from them."
"Improvements for SentinelOne's Singularity Complete could include adjusting pricing for specific markets, ensuring affordability, and better alignment with customer expectations in those regions."
"SentinelOne Singularity Complete takes up a lot of memory in Google Chrome, which sometimes causes it to lag, so this is an area for improvement. The solution could be improved by increasing its efficiency within the web browser."
"I rate Singularity Complete a seven out of ten for affordability. It's more expensive than our previous solution, but it does its job well. At the same time, there is some room for improvement. Cheaper is always better."
"I would have liked the dashboard to be more user-friendly."
"The filtering features of the application management console could be improved."
"I encountered issues running Singularity Complete alongside other machine-learning tools."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
More SentinelOne Singularity Complete Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR).
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.