We performed a comparison between Palo Alto Networks Cortex XSOAR and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We have no complaints about the features or functionality."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"It is a scalable solution."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The most valuable features are simplicity and ease of integration."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"They have a portal where you can find any kind of integration that you need."
"Cortex XSOAR's most valuable features are the playbooks, custom integration, the machine-learning model, and the layout, classifier, and mapper."
"I have found the solution very useful, it integrates well with other platforms."
"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"The Microsoft integrations are most valuable right now."
"The most valuable feature is the automatic remediation."
"The most valuable feature is the quick response to attacks."
"We collect a lot of telemetry from Singularity Complete."
"The product is a lighter client. Our previous solution ran heavy on the workstation and caused performance issues."
"They provide a map, a process tree, and that is pretty good for analysis."
"The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive."
"I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The reporting could be more structured."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The on-prem log sources still require a lot of development."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"XSOAR could have more integration options."
"The dashboard performance could be improved."
"The tool’s multi-tenancy feature must be improved."
"It is been decommissioned by Palo Alto."
"Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations."
"The formats are not compatible, are readily not available, and are not readable."
"The solution is very expensive."
"I think they should increase their collaboration base."
"It's good on Linux, and Windows is pretty good except that the Windows agents sometimes ask for a lot of resources on the endpoints. That could be in the fine-tuning for scanning. In Mac, they are complaining about the same problems, that it's using a lot of resources, but that could also be that we have to configure what it is scanning and what it should not scan. Currently it scans everything."
"One of the things they could do is extend the product range to include Android and iPhone so that you could have the app on your phone as well. There is probably something going on there with that, but that's something that they're lacking at the moment. For instance, if I was to have to recommend a client to protect their phone, I'd have to recommend Norton or something else. I don't have an answer within the SentinelOne solution."
"Some of the reports that are exported through SentinelOne can be complicated for people who are not IT professionals. For example, we have some people within our leadership who would like to know why we are spending so much money on their product, and one of the ways that we are able to do that is through reports. Some of those reports are pretty easy to understand, and some of them are very complicated. Because they are not IT or security professionals, they may not have the same grasp. I wish their reporting feature was a little better."
"The learning curve was a little steep."
"In terms of improvement, the documentation could be better. I would also like to see SingularityOne compatibility with Huntress, and the tighter integration between them would bring more to the table."
"In the beginning, we had some issues with their product on some of the Windows 32-bit operating systems."
"Periodically we have an application that does not work correctly when SentinelOne is installed, yet performs as expected when SentinelOne is removed."
"The way Singularity Complete handles blocking external mass storage is annoying because it is so difficult to unblock single endpoints."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
More SentinelOne Singularity Complete Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 39 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 176 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Resilient, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR).
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.