We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender is a good solution and easy to use."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The integration between all the Defender products is the most valuable feature."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The most valuable feature for me is Discover."
"The feature that we have found the most valuable is scalability."
"The most valuable feature is the machine learning capability."
"It's simple and easy to use."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The scalability is good. It can be scaled easily in the production environment."
"The visibility component is the most valuable feature."
"The 365 management and analytics from the cloud is another great feature."
"The remediation and rollback features are pretty impressive."
"In terms of the engines that SentinelOne uses, it has stopped various scripts from running and it's highlighted lateral movement that we weren't expecting."
"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
"What I like best about SentinelOne Singularity Complete is its web-based admin interface, which allows me to go into the platform, look at the entire organization, particularly all of the sentinels or endpoints, and manage everything from there."
"The most valuable feature is the automatic remediation."
"I like Singularity's rollback features, threat-hunting, and Ranger Insights. The Ranger feature scans the network and provides visibility into all the unsecured assets."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"At times, there may be delays in the execution of certain actions and their effects."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The solution's query building is not that intuitive compared to other solutions."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The solution could offer better reporting features."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"There is an area of improvement is agent health monitoring, which would give us the ability to cap and manage resources used by the SentinelOne agent. We had issues with this in our environment. We reached out to SentinelOne about it, and they were very prompt in adding it into their roadmap."
"I'd like to see more documentation."
"It is complicated to do certain tasks."
"There is not much focus on the on-premise solution as the license cap is so huge for small and medium-sized institutions."
"I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible."
"I would like to have a remote desktop feature added so we can remotely access our endpoints."
"SentinelOne can improve by having better integration with Active Directory."
"Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and syslog-ng, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.