Compare Cortex XDR by Palo Alto Networks vs. SentinelOne

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. SentinelOne and other solutions. Updated: September 2020.
441,478 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Its most valuable features are its scalability and advanced threat protection for customers.""I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help.""For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.""The most valuable features of this solution are the IPS and the integration with ISE.""The simplicity of use is its most valuable feature. You can very clearly see things.""The stability of the solution is perfect. I believe it's the most stable solution on the market right now.""I am really satisfied with the technical support.""It is a very stable program."

More Cisco AMP for Endpoints Pros »

"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place.""We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for.""The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past.""The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind.""If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies.""After deploying Traps, we saw the performance of the network improve by 65 to 70 percent.""Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about.""The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."

More Cortex XDR by Palo Alto Networks Pros »

"In the past, we were not able to identify a few viruses, but now we are able to identify them because of the machine learning feature.""I have found the activity timeline and threat analysis to be particularly useful.""All of the features are valuable. The way that it integrates into management with fault correction capabilities over is especially valuable. Any of the full gamut of the features that it provides are useful to us.""The most valuable feature of this solution is the user-friendly interface.""We have a preference for their receptor. It's good at finding many EFC files. EFC files could have a virus.""The solution offers very rich details surrounding threats or attacks.""It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting.""We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access."

More SentinelOne Pros »

Cons
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released.""I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails.""The solution needs more in-depth analytics.""In the next version of this solution, I would like to see the addition of local authentication.""The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device.""In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened.""The reporting and analytics areas of the solution need to be improved.""I would like more seamless integration."

More Cisco AMP for Endpoints Cons »

"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration.""They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else.""Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis.""Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere.""There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results.""There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly.""Managing the product should be easier.""Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."

More Cortex XDR by Palo Alto Networks Cons »

"The reporting needs improvement and I would like to see a more granular level of administrative privileges.""I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage.""In terms of improvement, I would like to see better alerting to let us know if there is anything wrong with SentinelOne working on the endpoint of the computer.""This solution would be more attractive to customers if the price were lower.""It's fine. It's correcting all the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated.""The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily.""Set up is very labor-intensive.""It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible."

More SentinelOne Cons »

Pricing and Cost Advice
"The costs of 50 licenses of AMP for three years is around $9,360.""The price is very good.""The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost.""Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc.""In our case, it is a straightforward annual payment through our Enterprise Agreement.""Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection.""There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization.""The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."

More Cisco AMP for Endpoints Pricing and Cost Advice »

"I feel it is fairly priced.""The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic.""We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice.""It is "expensive" and flexible.""Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance.""I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require.""It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses.""The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."

More Cortex XDR by Palo Alto Networks Pricing and Cost Advice »

"The per-seat cost is low, but you have to commit to a certain number of licenses for a year.""The larger count you have, the deeper discount you will receive in your contract.""Our licensing fees are about $5 USD per endpoint, per month.""USD$6 per end point which decreases as end points increase.""Pricing is a bit of a pain point. That's where we have not been able to convince all of our customers to use SentinelOne. The pricing is still on the higher side. It's almost double the price, if not more, of a normal antivirus, such as NOD32, Kaspersky, or Symantec.""The solution's price/performance ratio is reasonable."

More SentinelOne Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Endpoint Protection (EPP) for Business solutions are best for your needs.
441,478 professionals have used our research since 2012.
Questions from the Community
Top Answer: The solution's integration capabilities are excellent. It's one of the best features.
Top Answer: Nice to have URL management, password protection of the app, more details of the machine & user running the app.
Top Answer: The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as… more »
Top Answer: WildFire AI is the best option for this product.
Top Answer: The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go… more »
Top Answer: A short answer: Perhaps the biggest IMO is SentinelOne is the only one of these 3 that does not have to go to the cloud… more »
Top Answer: The strength of SentinelOne is that it has an automated, active EDR. It does that first level of what a SOC analyst… more »
Top Answer: If you're looking for low count (even one) SentinelOne agents without an annual subscription commitment - Contact me at… more »
Popular Comparisons
Compared 12% of the time.
Compared 9% of the time.
Compared 3% of the time.
Also Known As
Cyvera, Cortex XDR, Palo Alto Networks TrapsSentinel Labs
Learn
Cisco
Palo Alto Networks
SentinelOne
Overview

Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.

Cortex XDR by Palo Alto Networks is the world's first detection and response app that natively integrates network, endpoint and cloud data to stop sophisticated attacks. Cortex XDR by Palo Alto Networks accurately detects threats with behavioral analytics and reveals the root cause to speed up investigations.

SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects, responds, and hunts attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real-time for both on-premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook.

Offer
Learn more about Cisco AMP for Endpoints
Learn more about Cortex XDR by Palo Alto Networks
Learn more about SentinelOne
Sample Customers
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial BankCBI Health Group, University Honda, VakifBankHavas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Top Industries
REVIEWERS
Healthcare Company21%
Government14%
University7%
Comms Service Provider7%
VISITORS READING REVIEWS
Computer Software Company26%
Comms Service Provider25%
Government6%
Construction Company4%
REVIEWERS
Healthcare Company15%
Mining And Metals Company15%
Manufacturing Company8%
Energy/Utilities Company8%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider16%
Media Company6%
Construction Company5%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider12%
Construction Company7%
Retailer6%
Company Size
REVIEWERS
Small Business35%
Midsize Enterprise17%
Large Enterprise48%
VISITORS READING REVIEWS
Small Business22%
Midsize Enterprise26%
Large Enterprise53%
REVIEWERS
Small Business30%
Midsize Enterprise25%
Large Enterprise45%
VISITORS READING REVIEWS
Small Business33%
Midsize Enterprise28%
Large Enterprise39%
REVIEWERS
Small Business40%
Midsize Enterprise7%
Large Enterprise53%
VISITORS READING REVIEWS
Small Business18%
Midsize Enterprise36%
Large Enterprise45%
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. SentinelOne and other solutions. Updated: September 2020.
441,478 professionals have used our research since 2012.
Cortex XDR by Palo Alto Networks is ranked 7th in Endpoint Protection (EPP) for Business with 18 reviews while SentinelOne is ranked 5th in Endpoint Protection (EPP) for Business with 15 reviews. Cortex XDR by Palo Alto Networks is rated 8.2, while SentinelOne is rated 9.2. The top reviewer of Cortex XDR by Palo Alto Networks writes "Its multi-layer approach helps my organization with anti-malware, exploit protection, and restrictions". On the other hand, the top reviewer of SentinelOne writes "Does what a first-level SOC analyst would do, notifying us of, and remediating, issues at that level". Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Symantec End-user Endpoint Security, Microsoft Windows Defender, Carbon Black CB Defense and Trend Micro Apex One, whereas SentinelOne is most compared with Carbon Black CB Defense, CrowdStrike Falcon, CylancePROTECT, Microsoft Windows Defender and Darktrace. See our Cortex XDR by Palo Alto Networks vs. SentinelOne report.

See our list of best Endpoint Protection (EPP) for Business vendors.

We monitor all Endpoint Protection (EPP) for Business reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.