We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its most significant advantage lies in its affordability."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"It has great stability."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"The summarization of emails is a valuable feature."
"The integration with other Microsoft solutions is the most valuable feature."
"We've found the initial setup to be quite straightforward."
"It's simple and easy to use."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"Enables monitoring of application performance and the ability to predict behaviors."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"ELK documentation is very good, so never needed to contact technical support."
"SentinelOne is very simple to install and very simple to manage. It's very aggressive, so it does protection well, and it seems to be stopping attacks that other solutions cannot."
"The reporting part is awesome."
"It has a one-click button that we can use to reverse all those dodgy changes made by the virus program and bring the system quickly back to what it was. That's one of the most important features."
"The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use."
"I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud."
"We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access."
"I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
"The most valuable aspects of SentinelOne Singularity Complete are the ease of deployment with the Sentinel Agent and the enhanced visibility with Skylight, which provides correlation of logs and all endpoint data in a centralized location."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Sometimes, configurations take much longer than expected."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The solution does not offer a unified response and standard data."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The support could be more knowledgable to improve their offering."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"The solution could offer better reporting features."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"It would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations."
"We have had one or two occasions when we had to roll back off our Windows machine. Then, we had an issue with SentinelOne where we couldn't let the client make contact with the cloud service anymore. Therefore, the integration with the Windows Service Recovery could be improved in the future."
"The solution can improve by adding more granular firewall capabilities."
"We have had cases where Singularity Complete has caused applications to malfunction."
"With respect to product patches, it should have the ability to patch directly from SentinelOne, rather than be presented with a list and have to do it separately."
"The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."
"The ease of use can be better in Deep Visibility. It is not always the easiest. If I have not been in there in the Deep Visibility module for a long time, I do not always find it that easy to use. I tend to go and have to consult the help quite often if I have not been in there a long time."
"The solution does not have an application security and control module."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security doesn't meet the minimum requirements to be ranked in Extended Detection and Response (XDR) with 58 reviews while SentinelOne Singularity Complete is ranked 1st in Extended Detection and Response (XDR) with 174 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and syslog-ng, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.