Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs SentinelOne Singularity Complete comparison

Palo Alto Networks and SentinelOne are both solutions in the Endpoint Protection Platform (EPP) category. Palo Alto Networks is ranked #4 with an average rating of 8.7, while SentinelOne is ranked #3 with an average rating of 8.7. Palo Alto Networks holds a 4.0% mindshare in EPP, compared to SentinelOne’s 4.3% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 97% of SentinelOne users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 90 Cortex XDR by Palo Alto Networks reviews
  • 16,556 Views
  • 9,737 Comparison Views
95% willing to recommend
SentinelOne Singularity Com...
Read 197 SentinelOne Singularity Complete reviews
  • 21,273 Views
  • 11,346 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 30, 2025

SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks are key players in advanced endpoint security. SentinelOne gains a slight edge with its ease of deployment and rollback functionality, while Cortex XDR shines through strong integration with network security infrastructure.

Features: SentinelOne Singularity offers a standout rollback capability, AI-driven threat detection, and the ability to operate without cloud dependency which adds to its versatility. Cortex XDR provides robust extended threat detection, integrating smoothly with Palo Alto's network infrastructure, and delivers comprehensive analytics to track and mitigate threats effectively.

Room for Improvement: SentinelOne users highlight the need for better reporting, a more user-friendly management console, and improved alert management to cut down false positives. Cortex XDR could enhance its integration with non-Palo Alto products, improve its dashboard interface, and streamline its user operations to foster a smoother experience.

Ease of Deployment and Customer Service: SentinelOne is praised for seamless deployment in hybrid environments and reliable customer service, though quicker support responses are desirable. Known for its supportive infrastructure and integration ease in public clouds, Cortex XDR's complexity in support cases can be challenging, requiring further refinement for a smoother deployment process.

Pricing and ROI: SentinelOne is deemed cost-effective with a high ROI driven by quicker incident responses and labor savings; it is also viewed as more competitively priced against firms like CrowdStrike. Cortex XDR, although more expensive, offers a substantial ROI through reduced need for additional security tools, thus justifying its cost for those leveraging its comprehensive features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete Report (Updated: March 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
March 2025
Download the complete report
Helped 842,466 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.7
Organizations see reduced incidents, cost savings, and improved security with Cortex XDR, enhancing compliance and user satisfaction.
Sentiment score
7.5
SentinelOne Singularity Complete enhances efficiency by reducing costs, streamlining management, and consolidating tools, boosting security and savings.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
We have not faced any attacks since we implemented it.
It has absolutely helped reduce our organizational risk.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
DS
MM
reviewer2676195 - PeerSpot reviewer
 

Customer Service

Sentiment score
6.6
Cortex XDR's customer service is mixed, praised for efficiency but criticized for slow response and high costs in some areas.
Sentiment score
7.2
SentinelOne Singularity Complete's support is knowledgeable and quick, but users desire more transparency and interactive options like chat.
Every vendor has similar support; it depends on how the case is handled and raised.
Their support is efficient and responsive whenever I raise a ticket through my portal.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewerreviewer2591928 - PeerSpot reviewer
DS
MM
 

Scalability Issues

Sentiment score
7.6
Cortex XDR excels in scalability, supporting diverse organizations with seamless cloud management and efficient deployment across various environments.
Sentiment score
8.1
SentinelOne Singularity Complete adapts and scales effortlessly, providing seamless protection and flexibility for businesses of all sizes.
No quotes available
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
For more quotes and insights, download the SentinelOne Singularity Complete report
DB
reviewer2591928 - PeerSpot reviewer
JV
 

Stability Issues

Sentiment score
8.1
Cortex XDR is stable and reliable, with improved performance over time, despite occasional database challenges and false alerts.
Sentiment score
7.9
SentinelOne Singularity Complete offers stable, reliable performance with minimal downtime and effective updates, despite occasional legacy system issues.
Cortex XDR is stable, offering high quality and reliable performance.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
Initially, there were issues, particularly on the management side, but now the console is much more stable.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
reviewer2591928 - PeerSpot reviewer
JV
MM
 

Room For Improvement

Cortex XDR requires enhancements in customization, integration, efficiency, threat detection, pricing, and support to address enterprise challenges.
SentinelOne Singularity Complete needs improvements in UI, reporting, integration, support, and resource management for enhanced user experience.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
For more quotes and insights, download the SentinelOne Singularity Complete report
NiteshSharma - PeerSpot reviewer
EC
JV
DB
reviewer2591928 - PeerSpot reviewer
 

Setup Cost

Cortex XDR pricing is viewed as flexible by some, but others find it expensive, varying by usage and features.
SentinelOne Singularity Complete offers competitive pricing with robust features, favorable comparisons, and flexible licensing, justifying its enterprise value.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
If you want protection, you have to pay the price.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
It’s cheaper than other competitors.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewer
MM
reviewer2591928 - PeerSpot reviewerreviewer2593398 - PeerSpot reviewer
 

Valuable Features

Cortex XDR offers advanced endpoint security, integration, AI threat analytics, user-friendly interface, scalability, and low resource consumption.
SentinelOne Singularity Complete excels in AI threat detection, seamless integration, and real-time protection with minimal false positives.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewer
DB
DS
reviewer2593398 - PeerSpot reviewer
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (5th)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
197
Ranking in other categories
Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (3rd)
 

Mindshare comparison

As of March 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.0%, down from 5.2% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 4.3%, down from 6.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Read full review
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
842,466 professionals have used our research since 2012.
 

Answers from the Community

NC
Sep 27, 2021
Sep 27, 2021
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them....
2 out of 3 answers
reviewer1650858 - PeerSpot reviewer
Aug 22, 2021
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them. I don’t know that any other solution does that. Cortex XDR by Palo Alto has a nice console and is easy to use. One of my favorite things about it is that it will automatically connect and log various kinds of suspicious behavior - you don’t need to do it manually. Cortex XDR is very secure but it is missing some basic features. It doesn’t offer an on-prem solution and it doesn’t integrate so well with some third-party solutions. SentinelOne can be challenging to set up and there seem to be some applications that do not function properly when SentinelOne is installed. I would like to be able to make the reporting more specific to my needs. It would be a more attractive option if the cost was lower. Conclusions The find-and-fix option that SentinalOne provides was a huge win for us. We feel it provides a deeper and more thorough level of security.
Read full answer
ITSecuri7cfd - PeerSpot reviewer
Sep 27, 2021
Depends on the size, scope and needs of your environment.  XDR is an ok monitoring/alerting tool, especially if you have a Palo Alto firewall already and everything can integrate well together. However, S1 is a superior tool IMHO and can catch and fix things automatically if you so choose (magic quadrant agrees).  Cost-wise XDR is probably cheaper but I don't know specifics on-prem vs cloud. S1 is a cloud tool but is extremely fast and responsive compared to some other tools we POC'd and can support legacy devices w2k8 and below or Linux or VDI without having to special of workarounds. So again, it depends on your needs, environment and cost.
Read full answer
See all 3 answers
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Government
8%
Manufacturing Company
7%
Computer Software Company
20%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
See all answers
What do you like most about SentinelOne Singularity?
The Ranger feature is valuable.
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity?
It's a fixed price per endpoint arrangement.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 12% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete Logo
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete
Compared 7% of the time
Datto Endpoint Detection and Response (EDR) vs SentinelOne Singularity Complete Logo
Datto Endpoint Detection and Response (EDR) vs SentinelOne Singularity Complete
Compared 7% of the time
Darktrace vs SentinelOne Singularity Complete Logo
Darktrace vs SentinelOne Singularity Complete
Compared 7% of the time
CrowdStrike Falcon vs SentinelOne Singularity Complete Logo
CrowdStrike Falcon vs SentinelOne Singularity Complete
Compared 5% of the time
Fortinet FortiEDR vs SentinelOne Singularity Complete Logo
Fortinet FortiEDR vs SentinelOne Singularity Complete
Compared 3% of the time
More SentinelOne Singularity Complete Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
SentinelOne Singularity Complete
March 2025
SentinelOne Singularity Complete reportDownload SentinelOne Singularity Complete product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Sentinel Labs, SentinelOne Singularity
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

SentinelOne Singularity Complete provides AI-driven threat detection and response with features like ransomware protection and rollback, offering endpoint protection with minimal system impact and deep forensic analysis.

SentinelOne Singularity Complete combines machine learning and artificial intelligence to offer robust endpoint protection. It delivers real-time insights and advanced threat detection through seamless integration with third-party tools, allowing for efficient endpoint management. With an emphasis on user-friendliness, it ensures reduced false positives. Room for improvement includes better integration options, enhanced reporting, and more precise analytics to tackle false positives. Users seek improved interoperability with systems and comprehensive support for legacy systems.

What are the key features of SentinelOne Singularity Complete?
  • Rollback Feature: Enables restoration of affected systems to a healthy state after an attack.
  • Ransomware Protection: Advanced mechanisms to prevent and mitigate ransomware threats.
  • Machine Learning and AI: Utilizes cutting-edge technology for precise threat detection and response.
  • Seamless Integration: Works well with third-party tools for enhanced endpoint protection.
  • Real-Time Protection: Proactively defends against advanced threats with minimal delays.
What benefits and ROI should users consider?
  • Reduced False Positives: Accurate threat detection limits operational disruptions.
  • Efficient Endpoint Protection: Ensures security with low system impact.
  • User-Friendly Experience: Simplified management and ease of use aid productivity.
  • Deep Forensic Analysis: Assists in effective threat investigation and response.
  • Cost-Effective Security: Positions as a worthwhile alternative to traditional antivirus solutions.

Organizations from industries like finance, healthcare, and technology deploy SentinelOne Singularity Complete to safeguard endpoints such as PCs, servers, and virtual machines. Equipped with EDR, it effectively replaces traditional antivirus systems and integrates with cloud technology for real-time security insights.

SentinelOne
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
March 2025
Free Report: Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete and other solutions. Updated: March 2025.
DOWNLOAD NOW
842,466 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete report.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.