We performed a comparison between Crowdstrike Falcon and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, SentinelOne seems to be a slightly superior solution. All other things being more or less equal, our reviewers found Crowdstrike Falcon to be expensive, and some reviewers also felt that its technical support could be improved.
"The integration between all the Defender products is the most valuable feature."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The threat intelligence is excellent."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"I like the overall reports of this solution. They are crisp, and to the point."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"There's almost no maintenance required. It's very low if there's any at all."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"The product can scale as needed."
"It's a plug-and-play solution that works well with other out of box integrations that we have."
"We have had very few false positives or false negatives, which allows our analysts to focus on their work instead of dealing with noise."
"The 365 management and analytics from the cloud is another great feature."
"The tool deletes the problem-causing process and prevents issues."
"Our clients have been able to survive a ransomware attack without even knowing that they had had files encrypted and automatically rolled back - even their Point of Sale (POS) system did not miss a beat and the business continued as normal without interruption."
"The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
"SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"This solution is relatively expensive."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"The product could be more accurate in terms of performance."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"The installation process for this software needs to be simplified."
"I don't like switching the way you switch from legacy to XDR."
"There is an area of improvement is agent health monitoring, which would give us the ability to cap and manage resources used by the SentinelOne agent. We had issues with this in our environment. We reached out to SentinelOne about it, and they were very prompt in adding it into their roadmap."
"Periodically we have an application that does not work correctly when SentinelOne is installed, yet performs as expected when SentinelOne is removed."
"The reporting needs improvement and I would like to see a more granular level of administrative privileges."
"One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves."
"Security could always be better."
"The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
"It is difficult to manage users in SentinelOne."
More SentinelOne Singularity Complete Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 106 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 177 reviews. CrowdStrike Falcon is rated 8.8, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, ThreatLocker Protect, Datto Endpoint Detection and Response (EDR) and Bitdefender GravityZone EDR. See our CrowdStrike Falcon vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I think both solutions are very good.
https://blog.ithq.pro/sentinel...
I leave you a comparison of this website made by users.
https://www.peerspot.com/produ...
Hi ViJay - Are they open to other solutions as well?