We performed a comparison between IBM Security QRadar and SentinelOne Singularity Complete based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements.
Comparison Results: Our users prefer IBM Security QRadar over SentinelOne Singularity Complete. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management. SentinelOne Singularity Complete users say it lacks some of QRadar's more advanced features and requires enhancements in automation, reporting functionality, user-friendliness, and stability.
"I have found the ability to delete unwanted threats beneficial."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"Integration is very easy and the reporting is good."
"It has improved my efficiency."
"The most valuable feature is the DSM Editor. The custom parsing tool is very nice, outstanding."
"Due to the skills shortage, we are able to use it from the standpoint of bringing in a lower level employee or a person who may not have security knowledge."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"The UBA feature is the most valuable because you can see everything about users' activities."
"The setup is very straightforward."
"I like that SentinelOne doesn't use a lot of system resources or make the system slow. It also performs a full scan quickly—within two hours. It has an easy-to-use end-user GUI."
"The remediation and rollback features are pretty impressive."
"It has good visibility features and it's straightforward."
"The product can scale."
"The tool's most valuable feature is Vigilance Respond Pro monitoring. You don't have to have a dedicated SOC and worry about staffing."
"I really like the storyline feature."
"It is a good endpoint solution. That's the reason we chose it. We looked at other solutions, such as CrowdStrike, and based on the cost and the services it delivers, it was the better choice."
"The data recovery and backup could be improved."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"I would suggest QRadar release any documentation or give an online demo, like videos on YouTube. It would increase publicity and public appeal."
"Needs better visualization options beyond the time series charts and a few other options that they have."
"The AQL queries could be better."
"The API integration for AD is a problem when it comes to vulnerability management. If you want to incorporate multiple factor authentication it becomes a problem with the AD. It doesn't integrate well. That needs to be improved."
"We need more features in order to create rules to detect or to meet some requirements for other areas, for example, catching the event from other authentication tools."
"GUI needs to be improved."
"There is a shortage of skilled individuals with knowledge about the solution. There is training required."
"If they can extend their product further on the DLP side of it so that I don't have to have another agent run exclusively for DLP production, that would be ideal."
"SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful."
"I am not a fan of the UI and feel it has room for improvement."
"The solution’s distributed intelligence at the endpoint is pretty effective, but from time to time I see that the agent is not getting the full execution history or command-line parameters. I would estimate the visibility into an endpoint is around 80 percent. There is 20 percent you don't see because, for some reason, the agents don't get all of the information."
"The MDM functionality and maturity still need improvement."
"The learning curve was a little steep."
"SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature."
"SentinelOne could improve by reducing the price."
More SentinelOne Singularity Complete Pricing and Cost Advice →
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while SentinelOne Singularity Complete is ranked 2nd in Extended Detection and Response (XDR) with 176 reviews. IBM Security QRadar is rated 8.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our IBM Security QRadar vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.