Try our new research platform with insights from 80,000+ expert users

Cortex XSIAM vs SentinelOne Singularity Identity comparison

Palo Alto Networks and SentinelOne are both solutions in the Identity Threat Detection and Response (ITDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.3, while SentinelOne is ranked #4 with an average rating of 8.9. Palo Alto Networks holds a 5.4% mindshare in ITDR, compared to SentinelOne’s 3.3% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 95% of SentinelOne users who would recommend it.
Cortex XSIAM
Read 11 Cortex XSIAM reviews
  • 534 Views
  • 394 Comparison Views
100% willing to recommend
SentinelOne Singularity Ide...
Read 21 SentinelOne Singularity Identity reviews
  • 432 Views
  • 300 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 5, 2024

SentinelOne Singularity Identity and Cortex XSIAM compete in the cybersecurity software category. SentinelOne appears to have the upper hand due to its efficiency in direct endpoint management and its strong AI capabilities.

Features: SentinelOne Singularity Identity excels in behavior-based threat detection, offers lightweight agents that don't burden system resources, and provides excellent threat visibility via its AI capabilities. Cortex XSIAM is noted for its unified solution approach, leveraging machine learning for threat detection, and solid integration capabilities across complex environments.

Room for Improvement: SentinelOne could enhance endpoint management, improve web filtering capabilities, and increase customer support responsiveness, with more precise policies for individual endpoints management. Cortex XSIAM requires better performance optimization, broader integration support to top its complex environments, and an improved developer-friendly approach compared to its competitors.

Ease of Deployment and Customer Service: SentinelOne is available both on-premises and in the public cloud, offering 24/7 support with a customer-centric approach. Cortex XSIAM receives positive ratings for support, though enhancements in first-level support are needed.

Pricing and ROI: SentinelOne Singularity Identity provides competitive pricing, considered cost-effective compared to CrowdStrike, despite concerns over yearly price hikes. Its ROI is viewed positively due to its comprehensive protection. Cortex XSIAM, while perceived as expensive, meets budget expectations and offers good value, with ROI depending heavily on the services and features selected.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XSIAM vs. SentinelOne Singularity Identity Report (Updated: March 2025).
Buyer's Guide
Cortex XSIAM vs. SentinelOne Singularity Identity
March 2025
Download the complete report
Helped 842,672 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.4
Automation increased ROI by over $500,000, reduced analyst needs, and improved incident handling, though some are still evaluating.
Sentiment score
7.5
SentinelOne Singularity Identity offered high return on investment with enhanced protection, efficiency, and time savings, justifying higher costs.
 

Customer Service

Sentiment score
6.9
Cortex XSIAM support varies widely, with mixed reviews; premium support receives better feedback due to experienced staff.
Sentiment score
7.8
SentinelOne Singularity Identity provides responsive customer service with higher tiers offering 24/7 support and prioritizing user success.
It is ineffective in terms of responding to basic queries and addressing future requirements.
For more quotes and insights, download the Cortex XSIAM report
They have been responsive to our needs as integrators and those of the client.
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Scalability Issues

Sentiment score
7.2
Cortex XSIAM is mostly seen as highly scalable, adaptable, and integrates seamlessly across various enterprises and IT departments.
Sentiment score
8.3
SentinelOne Singularity Identity is praised for scalability, despite occasional integration and deployment challenges, often rated nine or ten.
Without proper integration, scaling up with more servers is meaningless.
For more quotes and insights, download the Cortex XSIAM report
No quotes available
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Stability Issues

Sentiment score
8.5
Cortex XSIAM is highly stable and reliable, often scoring 10/10, with rapid resolution of occasional update-related issues.
Sentiment score
8.5
SentinelOne Singularity Identity is highly stable with minimal CPU usage, excellent performance, and effective support for installation issues.
The product was easy to install and set up and worked right.
For more quotes and insights, download the Cortex XSIAM report
No quotes available
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Room For Improvement

Cortex XSIAM should enhance context, integration, flexibility, and support while streamlining its pricing and improving incident response automation.
SentinelOne Singularity Identity needs better management, enhanced features, user-friendly policies, improved support, and competitive pricing.
In terms of incident response automation, it is quite poor due to the lack of integration with all security tools, making manual intervention necessary.
Improvements could be made to the dashboard and GUI, making it easier to deploy.
Cortex could improve the detection and online resolution of security vulnerabilities.
For more quotes and insights, download the Cortex XSIAM report
There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies.
For more quotes and insights, download the SentinelOne Singularity Identity report
reviewer2666148 - PeerSpot reviewerJitendra_Singh - PeerSpot reviewerreviewer2590284 - PeerSpot reviewer
MM
 

Setup Cost

Enterprise users find Cortex XSIAM costly, but competitive pricing; extra features and licensing complexity increase expenses.
SentinelOne Singularity Identity offers competitive pricing, valued integration, and customizable licensing, though pricing transparency is key for executive approval.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
For more quotes and insights, download the Cortex XSIAM report
No quotes available
For more quotes and insights, download the SentinelOne Singularity Identity report
RJ
reviewer2590284 - PeerSpot reviewerreviewer2666148 - PeerSpot reviewer
 

Valuable Features

Cortex XSIAM offers strong security orchestration, AI threat mitigation, and competitive pricing, with seamless third-party integration and user-friendly setup.
SentinelOne Singularity Identity offers AI-driven threat detection, rapid response, and efficient security management with minimal system impact.
The flexibility for creating manual workflows stands out.
Its signature-less subscriptions and robust detection power stand out in improving threat detection.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
For more quotes and insights, download the Cortex XSIAM report
With visibility into endpoint telemetry, SentinelOne does provide useful information to find threat actors and empowers those who are in the business of threat hunting.
For more quotes and insights, download the SentinelOne Singularity Identity report
reviewer2666148 - PeerSpot reviewerJitendra_Singh - PeerSpot reviewerreviewer2590284 - PeerSpot reviewer
MM
 

Categories and Ranking

Cortex XSIAM
Ranking in Identity Threat Detection and Response (ITDR)
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
11
Ranking in other categories
Security Information and Event Management (SIEM) (18th), AI-Powered Cybersecurity Platforms (8th)
SentinelOne Singularity Ide...
Ranking in Identity Threat Detection and Response (ITDR)
4th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
21
Ranking in other categories
Vulnerability Management (13th), Advanced Threat Protection (ATP) (8th), Threat Deception Platforms (3rd)
 

Mindshare comparison

As of March 2025, in the Identity Threat Detection and Response (ITDR) category, the mindshare of Cortex XSIAM is 5.4%, up from 1.1% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 3.3%, up from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Identity Threat Detection and Response (ITDR)
 

Featured Reviews

Forrest Stevens - PeerSpot reviewer
A robust security operation that ensures achieving automation, stability, and scalability
There is room for improvement in some areas, and I would highlight three key aspects. Firstly, the Attack Surface Management (ASM) module could benefit from more contextual depth. Currently, it tends to provide a broad overview without enriched context, and there's room for enhancement in this regard. Secondly, further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous. This would enhance its versatility and interoperability within a broader ecosystem. Regarding performance, there's potential for optimization. When multiple tabs are open in Cortex XSIAM, it can experience slowdowns, leading to longer load times for web pages. It's worth noting that this isn't a severe issue, and it doesn't entail waiting for extended periods, but there is room for improvement in terms of performance optimization.
Read full review
Roftiel Constantine - PeerSpot reviewer
Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities
During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Identity Threat Detection and Response (ITDR) solutions are best for your needs.
See recommendations
842,672 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
10%
Manufacturing Company
10%
Government
7%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cortex XSIAM?
It is an effective solution in terms of performance and functionalities.
See all answers
What is your experience regarding pricing and costs for Cortex XSIAM?
The product is very expensive. Additional integration and support are not provided by Cortex and must be purchased from partners. This adds to the cost and delays projects due to resource dependency.
See all answers
What needs improvement with Cortex XSIAM?
The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which i...
See all answers
Does SentinelOne have a Virtual Patching functionality?
Yes -- SentinelOne has a Virtual Patching functionality called Virtual Patching and Exploit Shield. This preventive security solution uses behavioral AI to identify and block zero-day attacks and v...
See all answers
What do you like most about SentinelOne Singularity Identity?
The XDR capabilities are very good.
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity Identity?
I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM Logo
Palo Alto Networks Cortex XSOAR vs Cortex XSIAM
Compared 39% of the time
Microsoft Sentinel vs Cortex XSIAM Logo
Microsoft Sentinel vs Cortex XSIAM
Compared 15% of the time
Splunk SOAR vs Cortex XSIAM Logo
Splunk SOAR vs Cortex XSIAM
Compared 11% of the time
IBM Security QRadar vs Cortex XSIAM Logo
IBM Security QRadar vs Cortex XSIAM
Compared 10% of the time
CrowdStrike Falcon vs Cortex XSIAM Logo
CrowdStrike Falcon vs Cortex XSIAM
Compared 6% of the time
More Cortex XSIAM Competitors
Microsoft Defender for Identity vs SentinelOne Singularity Identity Logo
Microsoft Defender for Identity vs SentinelOne Singularity Identity
Compared 16% of the time
Tenable Vulnerability Management vs SentinelOne Singularity Identity Logo
Tenable Vulnerability Management vs SentinelOne Singularity Identity
Compared 13% of the time
SailPoint Identity Security Cloud vs SentinelOne Singularity Identity Logo
SailPoint Identity Security Cloud vs SentinelOne Singularity Identity
Compared 9% of the time
Microsoft Entra ID Protection vs SentinelOne Singularity Identity Logo
Microsoft Entra ID Protection vs SentinelOne Singularity Identity
Compared 8% of the time
Semperis Directory Services Protector vs SentinelOne Singularity Identity Logo
Semperis Directory Services Protector vs SentinelOne Singularity Identity
Compared 4% of the time
More SentinelOne Singularity Identity Competitors
 

Product Reports

Buyer's Guide
Security Information and Event Management (SIEM)
March 2025
Cortex XSIAM reportDownload Cortex XSIAM product report
Buyer's Guide
SentinelOne Singularity Identity
March 2025
SentinelOne Singularity Identity reportDownload SentinelOne Singularity Identity product report
 

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

  • Security Orchestration: Streamlines processes across security operations.
  • Automation and Response: Efficient incident response management.
  • Detection Enrichment: Enhances identification of threats.
  • Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
  • Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

  • Cost-Effectiveness: Provides economical options compared to other market players.
  • Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
  • Reduced Management Effort: Simplifies the administration of security operations.
  • Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne
Buyer's Guide
Cortex XSIAM vs. SentinelOne Singularity Identity
March 2025
Free Report: Cortex XSIAM vs. SentinelOne Singularity Identity
Find out what your peers are saying about Cortex XSIAM vs. SentinelOne Singularity Identity and other solutions. Updated: March 2025.
DOWNLOAD NOW
842,672 professionals have used our research since 2012.
See our Cortex XSIAM vs. SentinelOne Singularity Identity report.
See our list of best Identity Threat Detection and Response (ITDR) vendors.

We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.