Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs SentinelOne Singularity Complete comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 30, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.7
Organizations see reduced incidents, cost savings, and improved security with Cortex XDR, enhancing compliance and user satisfaction.
Sentiment score
7.5
SentinelOne Singularity Complete enhances efficiency by reducing costs, streamlining management, and consolidating tools, boosting security and savings.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
We have not faced any attacks since we implemented it.
It has absolutely helped reduce our organizational risk.
 

Customer Service

Sentiment score
6.6
Cortex XDR's customer service is mixed, praised for efficiency but criticized for slow response and high costs in some areas.
Sentiment score
7.2
SentinelOne Singularity Complete's support is knowledgeable and quick, but users desire more transparency and interactive options like chat.
Every vendor has similar support; it depends on how the case is handled and raised.
Their support is efficient and responsive whenever I raise a ticket through my portal.
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
 

Scalability Issues

Sentiment score
7.6
Cortex XDR excels in scalability, supporting diverse organizations with seamless cloud management and efficient deployment across various environments.
Sentiment score
8.1
SentinelOne Singularity Complete adapts and scales effortlessly, providing seamless protection and flexibility for businesses of all sizes.
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
 

Stability Issues

Sentiment score
8.1
Cortex XDR is stable and reliable, with improved performance over time, despite occasional database challenges and false alerts.
Sentiment score
7.9
SentinelOne Singularity Complete offers stable, reliable performance with minimal downtime and effective updates, despite occasional legacy system issues.
Cortex XDR is stable, offering high quality and reliable performance.
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
Initially, there were issues, particularly on the management side, but now the console is much more stable.
 

Room For Improvement

Cortex XDR requires enhancements in customization, integration, efficiency, threat detection, pricing, and support to address enterprise challenges.
SentinelOne Singularity Complete needs improvements in UI, reporting, integration, support, and resource management for enhanced user experience.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
 

Setup Cost

Cortex XDR pricing is viewed as flexible by some, but others find it expensive, varying by usage and features.
SentinelOne Singularity Complete offers competitive pricing with robust features, favorable comparisons, and flexible licensing, justifying its enterprise value.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
If you want protection, you have to pay the price.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
It’s cheaper than other competitors.
 

Valuable Features

Cortex XDR offers advanced endpoint security, integration, AI threat analytics, user-friendly interface, scalability, and low resource consumption.
SentinelOne Singularity Complete excels in AI threat detection, seamless integration, and real-time protection with minimal false positives.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (5th)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
197
Ranking in other categories
Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (3rd)
 

Mindshare comparison

As of March 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.0%, down from 5.2% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 4.3%, down from 6.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
842,466 professionals have used our research since 2012.
 

Answers from the Community

NC
Sep 27, 2021
Sep 27, 2021
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them....
2 out of 3 answers
Aug 22, 2021
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them. I don’t know that any other solution does that. Cortex XDR by Palo Alto has a nice console and is easy to use. One of my favorite things about it is that it will automatically connect and log various kinds of suspicious behavior - you don’t need to do it manually. Cortex XDR is very secure but it is missing some basic features. It doesn’t offer an on-prem solution and it doesn’t integrate so well with some third-party solutions. SentinelOne can be challenging to set up and there seem to be some applications that do not function properly when SentinelOne is installed. I would like to be able to make the reporting more specific to my needs. It would be a more attractive option if the cost was lower. Conclusions The find-and-fix option that SentinalOne provides was a huge win for us. We feel it provides a deeper and more thorough level of security.
ITSecuri7cfd - PeerSpot reviewer
Sep 27, 2021
Depends on the size, scope and needs of your environment.  XDR is an ok monitoring/alerting tool, especially if you have a Palo Alto firewall already and everything can integrate well together. However, S1 is a superior tool IMHO and can catch and fix things automatically if you so choose (magic quadrant agrees).  Cost-wise XDR is probably cheaper but I don't know specifics on-prem vs cloud. S1 is a cloud tool but is extremely fast and responsive compared to some other tools we POC'd and can support legacy devices w2k8 and below or Linux or VDI without having to special of workarounds. So again, it depends on your needs, environment and cost.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Government
8%
Manufacturing Company
7%
Computer Software Company
20%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Sentinel Labs, SentinelOne Singularity
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete and other solutions. Updated: March 2025.
842,466 professionals have used our research since 2012.