Cortex XSIAM vs SentinelOne Singularity Identity comparison

Palo Alto Networks and SentinelOne are both solutions in the Identity Threat Detection and Response (ITDR) category. Palo Alto Networks is ranked #6 with an average rating of 9.0, while SentinelOne is ranked #4 with an average rating of 8.9. Palo Alto Networks holds a 5.2% mindshare in ITDR, compared to SentinelOne’s 3.2% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 95% of SentinelOne users who would recommend it.

Cortex XSIAM

Read 9 Cortex XSIAM reviews

500 Views
364 Comparison Views

100% willing to recommend

SentinelOne Singularity Ide...

Read 21 SentinelOne Singularity Identity reviews

397 Views
276 Comparison Views

95% willing to recommend

Cortex XSIAM

SentinelOne Singularity Ide...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 5, 2024

SentinelOne Singularity Identity and Cortex XSIAM compete in the cybersecurity software category. SentinelOne appears to have the upper hand due to its efficiency in direct endpoint management and its strong AI capabilities.

Features: SentinelOne Singularity Identity excels in behavior-based threat detection, offers lightweight agents that don't burden system resources, and provides excellent threat visibility via its AI capabilities. Cortex XSIAM is noted for its unified solution approach, leveraging machine learning for threat detection, and solid integration capabilities across complex environments.

Room for Improvement: SentinelOne could enhance endpoint management, improve web filtering capabilities, and increase customer support responsiveness, with more precise policies for individual endpoints management. Cortex XSIAM requires better performance optimization, broader integration support to top its complex environments, and an improved developer-friendly approach compared to its competitors.

Ease of Deployment and Customer Service: SentinelOne is available both on-premises and in the public cloud, offering 24/7 support with a customer-centric approach. Cortex XSIAM receives positive ratings for support, though enhancements in first-level support are needed.

Pricing and ROI: SentinelOne Singularity Identity provides competitive pricing, considered cost-effective compared to CrowdStrike, despite concerns over yearly price hikes. Its ROI is viewed positively due to its comprehensive protection. Cortex XSIAM, while perceived as expensive, meets budget expectations and offers good value, with ROI depending heavily on the services and features selected.

To learn more, read our detailed Cortex XSIAM vs. SentinelOne Singularity Identity Report (Updated: January 2025).

Buyer's Guide

Cortex XSIAM vs. SentinelOne Singularity Identity

January 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.4

Cortex XSIAM enhances ROI by automating over 50% of tasks, reducing SOC staffing needs, and providing significant value.

Sentiment score

7.5

SentinelOne Singularity Identity offered high return on investment with enhanced protection, efficiency, and time savings, justifying higher costs.

No quotes available

For more quotes and insights, download the Cortex XSIAM report

No quotes available

For more quotes and insights, download the SentinelOne Singularity Identity report

Customer Service

Sentiment score

6.3

Cortex XSIAM's customer service is mixed, with some users praising effectiveness and others experiencing delays and escalation needs.

Sentiment score

7.8

SentinelOne Singularity Identity provides responsive customer service with higher tiers offering 24/7 support and prioritizing user success.

It is ineffective in terms of responding to basic queries and addressing future requirements.

reviewer2666148

Associate Director at a financial services firm with 10,001+ employees

For more quotes and insights, download the Cortex XSIAM report

They have been responsive to our needs as integrators and those of the client.

Marc Mould

Senior Consultant at CGI

For more quotes and insights, download the SentinelOne Singularity Identity report

Scalability Issues

Sentiment score

7.2

Cortex XSIAM is highly scalable in the cloud, supporting enterprises efficiently and earning high user ratings for scalability.

Sentiment score

8.3

SentinelOne Singularity Identity is praised for scalability, despite occasional integration and deployment challenges, often rated nine or ten.

Without proper integration, scaling up with more servers is meaningless.

reviewer2666148

Associate Director at a financial services firm with 10,001+ employees

For more quotes and insights, download the Cortex XSIAM report

No quotes available

For more quotes and insights, download the SentinelOne Singularity Identity report

Stability Issues

Sentiment score

8.9

Cortex XSIAM is highly stable and reliable, with minimal downtime, swift issue resolution, and easy installation.

Sentiment score

8.5

SentinelOne Singularity Identity is highly stable with minimal CPU usage, excellent performance, and effective support for installation issues.

The product was easy to install and set up and worked right.

reviewer2590284

Owner at a retailer with 51-200 employees

For more quotes and insights, download the Cortex XSIAM report

No quotes available

For more quotes and insights, download the SentinelOne Singularity Identity report

Room For Improvement

Cortex XSIAM needs better integration, performance, developer-friendliness, and AI-enhanced security solutions despite satisfactory current features.

SentinelOne Singularity Identity needs better management, enhanced features, user-friendly policies, improved support, and competitive pricing.

In terms of incident response automation, it is quite poor due to the lack of integration with all security tools, making manual intervention necessary.

reviewer2666148

Associate Director at a financial services firm with 10,001+ employees

Cortex could improve the detection and online resolution of security vulnerabilities.

reviewer2590284

Owner at a retailer with 51-200 employees

For more quotes and insights, download the Cortex XSIAM report

There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies.

Marc Mould

Senior Consultant at CGI

For more quotes and insights, download the SentinelOne Singularity Identity report

Setup Cost

Cortex XSIAM pricing is competitive, considered reasonable yet costly with add-ons, offering value but varies on affordability.

SentinelOne Singularity Identity offers competitive pricing, valued integration, and customizable licensing, though pricing transparency is key for executive approval.

The first impression is that XSIAM would be more expensive than others we tried.

reviewer2590284

Owner at a retailer with 51-200 employees

The product is very expensive.

reviewer2666148

Associate Director at a financial services firm with 10,001+ employees

For more quotes and insights, download the Cortex XSIAM report

No quotes available

For more quotes and insights, download the SentinelOne Singularity Identity report

Valuable Features

Cortex XSIAM provides advanced threat detection, integration, and user-friendly features, enhancing security management for Palo Alto users.

SentinelOne Singularity Identity offers AI-driven threat detection, rapid response, and efficient security management with minimal system impact.

One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.

reviewer2590284

Owner at a retailer with 51-200 employees

The flexibility for creating manual workflows stands out.

reviewer2666148

Associate Director at a financial services firm with 10,001+ employees

For more quotes and insights, download the Cortex XSIAM report

SentinelOne has definitely reduced their mean time to respond.

Marc Mould

Senior Consultant at CGI

For more quotes and insights, download the SentinelOne Singularity Identity report

Categories and Ranking

Cortex XSIAM

Ranking in Identity Threat Detection and Response (ITDR)

6th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (14th), AI-Powered Cybersecurity Platforms (8th)

SentinelOne Singularity Ide...

Ranking in Identity Threat Detection and Response (ITDR)

4th

Average Rating

9.0

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Vulnerability Management (12th), Advanced Threat Protection (ATP) (9th), Threat Deception Platforms (3rd)

Mindshare comparison

As of February 2025, in the Identity Threat Detection and Response (ITDR) category, the mindshare of Cortex XSIAM is 5.2%, up from 1.0% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 3.2%, up from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Identity Threat Detection and Response (ITDR)

Featured Reviews

Forrest Stevens

Senior Manager - Security Operations at First Advantage Corporation

A robust security operation that ensures achieving automation, stability, and scalability

There is room for improvement in some areas, and I would highlight three key aspects. Firstly, the Attack Surface Management (ASM) module could benefit from more contextual depth. Currently, it tends to provide a broad overview without enriched context, and there's room for enhancement in this regard. Secondly, further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous. This would enhance its versatility and interoperability within a broader ecosystem. Regarding performance, there's potential for optimization. When multiple tabs are open in Cortex XSIAM, it can experience slowdowns, leading to longer load times for web pages. It's worth noting that this isn't a severe issue, and it doesn't entail waiting for extended periods, but there is room for improvement in terms of performance optimization.

Read full review

Roftiel Constantine

Global Chief Information Security Officer at Barry-Wehmiller

Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities

During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Identity Threat Detection and Response (ITDR) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Manufacturing Company

10%

Financial Services Firm

10%

Government

Computer Software Company

17%

Financial Services Firm

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cortex XSIAM?

It is an effective solution in terms of performance and functionalities.

See all answers

What is your experience regarding pricing and costs for Cortex XSIAM?

The first impression is that XSIAM would be more expensive than others we tried.

See all answers

What needs improvement with Cortex XSIAM?

Cortex could improve the detection and online resolution of security vulnerabilities. We hope that the artificial intelligence in Cortex will assist in optimizing responses to vulnerabilities.

See all answers

Does SentinelOne have a Virtual Patching functionality?

Yes -- SentinelOne has a Virtual Patching functionality called Virtual Patching and Exploit Shield. This preventive security solution uses behavioral AI to identify and block zero-day attacks and v...

See all answers

What do you like most about SentinelOne Singularity Identity?

The XDR capabilities are very good.

See all answers

What is your experience regarding pricing and costs for SentinelOne Singularity Identity?

I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.

See all answers

Comparisons

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM

Compared 39% of the time

Microsoft Sentinel vs Cortex XSIAM

Compared 16% of the time

Splunk SOAR vs Cortex XSIAM

Compared 12% of the time

IBM Security QRadar vs Cortex XSIAM

Compared 10% of the time

CrowdStrike Falcon vs Cortex XSIAM

Compared 6% of the time

More Cortex XSIAM Competitors

Microsoft Defender for Identity vs SentinelOne Singularity Identity

Compared 18% of the time

Tenable Vulnerability Management vs SentinelOne Singularity Identity

Compared 12% of the time

SailPoint Identity Security Cloud vs SentinelOne Singularity Identity

Compared 9% of the time

Qualys VMDR vs SentinelOne Singularity Identity

Compared 9% of the time

CyberArk Privileged Access Manager vs SentinelOne Singularity Identity

Compared 4% of the time

More SentinelOne Singularity Identity Competitors

Product Reports

Buyer's Guide

Security Information and Event Management (SIEM)

January 2025

Download Cortex XSIAM product report

Buyer's Guide

SentinelOne Singularity Identity

February 2025

Download SentinelOne Singularity Identity product report

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

Security Orchestration: Streamlines processes across security operations.
Automation and Response: Efficient incident response management.
Detection Enrichment: Enhances identification of threats.
Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

Cost-Effectiveness: Provides economical options compared to other market players.
Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
Reduced Management Effort: Simplifies the administration of security operations.
Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne

Buyer's Guide

Cortex XSIAM vs. SentinelOne Singularity Identity

January 2025

Free Report: Cortex XSIAM vs. SentinelOne Singularity Identity

Find out what your peers are saying about Cortex XSIAM vs. SentinelOne Singularity Identity and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our Cortex XSIAM vs. SentinelOne Singularity Identity report.

See our list of best Identity Threat Detection and Response (ITDR) vendors.

We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.