• Home
  • NetWitness XDR vs. SentinelOne Singularity Complete

NetWitness XDR vs SentinelOne Singularity Complete comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender XDR

Read 76 Microsoft Defender XDR reviews
5,744 views|4,276 comparisons
98% willing to recommend
NetWitness Logo

NetWitness XDR

Read 15 NetWitness XDR reviews
960 views|675 comparisons
87% willing to recommend
SentinelOne Logo

SentinelOne Singularity Complete

Read 176 SentinelOne Singularity Complete reviews
44,445 views|22,691 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
NetWitness XDR vs. SentinelOne Singularity Complete
March 2024
Executive Summary
Updated on Jul 7, 2023

We performed a comparison between SentinelOne Singularity Complete and Netsurion based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: SentinelOne Singularity Complete is lauded for its dependable threat prevention and ability to reverse ransomware file encryption. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration. Netsurion delivers thorough and informative notifications and effectively identifies threats. Users praise its seamless incorporation of endpoint security measures. Netsurion should focus on enhancing weekly reporting, utilizing internet options for enhanced security, and strengthening threat detection and response.

  • Service and Support: Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency. Netsurion's customer service has received mixed reviews, with some users expressing concerns about technical planning and the installation process.

  • Ease of Deployment: Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team. Netsurion's initial setup was described as easy, with clear instructions and packages provided. Reviewers appreciated the support and assistance from Netsurion. Netsurion guided the setup discussion based on business needs, making it easier to understand and implement.

  • Pricing: Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives. Netsurion is considered a good value for the money and competitive. Users say the solution’s pricing is transparent.

  • ROI: SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements. Netsurion offers actionable intelligence and eliminates the requirement for specialized staff, saving time and costs. Its managed SOC component also delivered substantial benefits to organizations.

Comparison Results: Our users prefer SentinelOne Singularity Complete to NetWitness XDR. SentinelOne Singularity Complete is praised for its reliability and effective threat detection and mitigation, while NetWitness XDR has issues with slow performance and configuration. SentinelOne customer service earned positive feedback, while NetWitness XDR users expressed mixed opinions regarding response time. Users generally considered the initial setup for SentinelOne Singularity Complete to be straightforward, while some users said deploying NetWitness XDR is a chore.

To learn more, read our detailed NetWitness XDR vs. SentinelOne Singularity Complete Report (Updated: March 2024).
Download the complete report
768,740 professionals have used our research since 2012.
Featured Review
Vladimir Lopatin
The system of analysis and investigation is super convenient for our customers
Defender XDR provides more visibility into all the connected services, including the security stack and all the productivity software. They're all... Read more →
Anonymous User
Advanced threat detection undermined by issues with blocking
NetWitness Endpoint has enabled us to detect attacks that bypass the first stage of cybersecurity, like zero-day and advanced attacks.
Prateek Parashar.
Helps consolidate security solutions, reduce alerts, and free up staff time
SentinelOne Singularity Complete boasts good interoperability. It has helped consolidate some of our security solutions. While the number of... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end.""My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files.""I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR.""From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""The threat intelligence is excellent.""The incident threat response and its ability to facilitate effective remediation against threats are the standout features.""We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."

More Microsoft Defender XDR Pros →

"The log correlation is good.""The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.""Technical support is knowledgeable.""The most valuable feature is the way it captures the traffic, and it contains every detail of the communication.""It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in.""Ability to isolate the machine when there are malicious files.""It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

More NetWitness XDR Pros →

"The most valuable features are asset tracking, patching, endpoint tagging, and policy updates.""The best thing SentinelOne has done for us is that it gives us insight into the endpoints. We never had insight into lateral movement threats before. Once a threat known as Qbot gets on the network, it actually spreads throughout sub-networks quickly. SentinelOne has detected that and saved our bacon. We were able to get in there and stop the threat, lock it down, and prevent it from actually spreading through. It would have been 50 or 60 computers. It had spread through in a few minutes. We have a lot of HIPAA data and FERPA data that we need to keep protected.""It has the ability to rollback a ransomware infection instantly and with minimal disruption to the user & provides robust reporting.""I find the application inventory feature to be extremely useful.""The fact that SentinelOne is actively looking for threats and runs them against the hash on the Internet to determine if they are malicious or not, is what takes it to the next level compared to other antivirus products.""The product can scale.""We have had very few false positives or false negatives, which allows our analysts to focus on their work instead of dealing with noise.""Scalable endpoint protection solution that takes seconds to set up per device. It has a rollback feature and offers good technical support."

More SentinelOne Singularity Complete Pros →

Cons
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time.""A simple dashboard without having to use MS Sentinel would be a welcome improvement.""It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console.""Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly.""The design of the user interface could use some work. Sometimes it's hard to find the exact information you need.""Since all of our databases are updated and located in the cloud, I would like additional support for this.""At times, there may be delays in the execution of certain actions and their effects.""For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

More Microsoft Defender XDR Cons →

"I would like to see Security Orchestration and Response Automation (SOAR) integration.""RSA NetWitness Network could improve on integration with non-native application integration.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""The contamination feature could be improved.""The threat intelligence could improve in RSA NetWitness Endpoint.""The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge.""The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features.""The solution lacks a reporting engine."

More NetWitness XDR Cons →

"I would like to have firewall functionality within SentinelOne Singularity Complete.""The adware and pop-up blockers have room for improvement.""I've had some issues with the specific agents, however, we are moving off of that particular OS that we were having issues with. Other than that, it's been a pretty solid tool.""The channel policy has room for improvement.""The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load.""All they need to do to improve it is for it to grow further. The hackers don't sleep. If the hackers don't sleep, the solution continually needs to be updated. They need to keep ahead of the hackers.""There is not much focus on the on-premise solution as the license cap is so huge for small and medium-sized institutions.""It can be a little daunting at first. With the deep visibility feature, if I had more insights into how to troubleshoot things better, that would be helpful. Their documentation could be a lot better. It could be more in-depth."

More SentinelOne Singularity Complete Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

    • More NetWitness XDR Pricing and Cost Advice →

  • "The price is competitive, if you compare it with other solutions on the market."
  • "Spend money on the security for the endpoint."
  • "The price for it is very competitive compared to other Next Gen EPP."
  • "The per-seat cost is low, but you have to commit to a certain number of licenses for a year."
  • "The larger count you have, the deeper discount you will receive in your contract."
  • "Our licensing fees are about $5 USD per endpoint, per month."
  • "USD$6 per end point which decreases as end points increase."
  • "Pricing is a bit of a pain point. That's where we have not been able to convince all of our customers to use SentinelOne. The pricing is still on the higher side. It's almost double the price, if not more, of a normal antivirus, such as NOD32, Kaspersky, or Symantec."

    • More SentinelOne Singularity Complete Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
    See Recommendations
    768,740 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an… more »
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Defender XDR has good threat visibility, but it could be better in some areas, like when we are hunting for a specific… more »
    Read all 37 answers   →
    What do you like most about NetWitness XDR?
    Top Answer:Technical support is knowledgeable.
    Read all 15 answers   →
    What is your experience regarding pricing and costs for NetWitness XDR?
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Read all 10 answers   →
    What needs improvement with NetWitness XDR?
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Read all 14 answers   →
    Cortex XDR by Palo Alto vs. Sentinel One
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks.… more »
    Read all 3 answers   →
    Which is better - SentinelOne or Darktrace?
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Read all 7 answers   →
    What do you like most about SentinelOne?
    Top Answer:The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers… more »
    Read all 57 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    RSA ECAT, NetWitness Network
    Sentinel Labs, SentinelOne Singularity
    Learn More
    Microsoft
    NetWitness
    Video Not Available
    SentinelOne
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.

    SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels of security and varied payment options. SentinelOne works well with Linux, Windows, and MacOS, and can successfully support legacy infrastructures as well as the newer popular environments, including the latest operating systems. The single pane of glass management will save time and money by reducing manpower and ensuring comprehensive security protection of all your endpoints locally and worldwide.

    SentinelOne offers intensive training and support to meet every organization’s unique business needs.

    SentinelOne's levels of services and support include, but are not limited to:

    SentinelOne GO is a guided 90-day onboarding service to ensure successful deployment and success. It assists with the deployment planning and overview, initial user setup, and product overviews. It provides ongoing training and advisory meetings, ensuring that everything is set up correctly and that your team understands the appropriate protocols to ensure success.

    SentinelOne offers multi-tiered support based on your organizational needs from small business to enterprise, using their Designed Technical Account Management (TAM). They have support for every business level: Standard, Enterprise, and Enterprise Pro. SentinelOne is always available to ensure that you and your organization work together to minimize the risk of downtime and any threat exposure.

    Threat Hunting & Response Services

    Support for threat hunting and response include Watch Tower, Watch Tower Pro, Vigilance Respond, and Vigilance Respond Pro. Each of these services builds on the other, progressively adding features based on your organizational needs.

    Watch Tower: This is the entry-level plan and includes: Active campaign hunting and cyber crime alerts and course correction for potential threats, access to the Monthly Hunting & Intelligence Digest.

    Watch Tower Pro: Includes everything in WatchTower and customized threat hunting for all current & historical threats, unlimited access to Signal Hunting Library of Pre-Built Queries, Incident-Based Triage and Hunting, continuous customer service, followup and reporting, a Security Assessment, and quarterly Cadence meetings.

    Vigilance Respond: Includes all of the features of Watch Tower in addition to a security assessment and Cadence meetings, which are on-demand. Provides the features of Watch Tower Pro in addition to 24x7x365 monitoring, triage, and response.

    Vigilance Respond Pro: Includes all of the features of the above options, including a security assessment and quarterly cadence meeting as well as a complete digital forensic investigation and malware analysis.

    Reviews from Real Users

    Jeff D. who is an Operations Manager at Proton Dealership IT, tells us that "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

    "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring." relates Rae J., Director IR and MDR at a tech services company.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    ADP, Ameritas, Partners Healthcare
    Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Manufacturing Company16%
    Computer Software Company10%
    Financial Services Firm9%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Manufacturing Company6%
    Comms Service Provider6%
    Government6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise67%
    REVIEWERS
    Small Business40%
    Midsize Enterprise23%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    NetWitness XDR vs. SentinelOne Singularity Complete
    March 2024
    Free Report: NetWitness XDR vs. SentinelOne Singularity Complete
    Find out what your peers are saying about NetWitness XDR vs. SentinelOne Singularity Complete and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,740 professionals have used our research since 2012.

    NetWitness XDR is ranked 40th in Endpoint Protection Platform (EPP) with 15 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. NetWitness XDR is rated 8.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and Vectra AI, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our NetWitness XDR vs. SentinelOne Singularity Complete report.

    See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.

    We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.