Try our new research platform with insights from 80,000+ expert users

CrowdStrike Falcon vs SentinelOne comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 1, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
CrowdStrike Falcon enhances efficiency, reduces costs, and boosts productivity with improved security, providing a valuable return on investment.
Sentiment score
7.5
SentinelOne Singularity Complete enhances efficiency and security, reducing response time, costs, and incidents while increasing productivity and savings.
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
There isn't significant cost saving as such, but it has protected me from numerous virus or malware infections.
 

Customer Service

Sentiment score
7.1
CrowdStrike Falcon offers responsive support, though improvements in response time and personalization are noted; premium support is highly praised.
Sentiment score
7.2
SentinelOne's support is praised for efficiency, expertise, and responsiveness, despite occasional slow responses and non-interactive communication.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
I think they were responsive, but there was a delay in reaching out to my team on one incident report.
 

Scalability Issues

Sentiment score
7.9
CrowdStrike Falcon is highly scalable, supporting thousands of endpoints with easy deployment, catering to diverse business environments effectively.
Sentiment score
8.1
SentinelOne Singularity Complete enables seamless scalability and integration, supporting global enterprises with effective endpoint protection and management.
When it comes to scalability, it is entirely based on premium models according to demand.
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
 

Stability Issues

Sentiment score
8.2
Users praise CrowdStrike Falcon's stability, performance, and reliability, noting minimal issues and high stability ratings despite occasional integration hiccups.
Sentiment score
7.9
SentinelOne Singularity Complete is praised for stability, effective performance, and reliable updates, with occasional third-party software conflicts.
I have never seen instability in the CrowdStrike tool.
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
 

Room For Improvement

CrowdStrike Falcon needs system integration, UI, reporting improvements, and enhanced compatibility, addressing false positives, support, and pricing concerns.
SentinelOne Singularity Complete needs console improvements, better integration, clear documentation, efficient updates, and enhanced automated threat responses.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Threat prevention should be their first priority.
It would be helpful if there were cost-cutting measures.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
 

Setup Cost

CrowdStrike Falcon's pricing, typically $50,000 to $100,000 annually, is competitive with customizable options and offers free trials.
SentinelOne Singularity Complete balances higher costs with robust endpoint protection, justifying prices of $5-$8 per endpoint monthly.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
I did not notice a significant increase in cost after adding SentinelOne.
 

Valuable Features

CrowdStrike Falcon offers robust threat detection and prevention with user-friendly interface, AI-driven analysis, and excellent integration features.
SentinelOne Singularity Complete offers robust security, automation, and integration, excelling in threat prevention and minimal disruption across platforms.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
Real-time response (RTR) is a feature of EDR.
CrowdStrike has improved our incident response capabilities.
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
The setup process is smooth.
 

Categories and Ranking

CrowdStrike Falcon
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Endpoint Detection and Response (EDR)
1st
Ranking in Extended Detection and Response (XDR)
1st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
125
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Identity Management (IM) (6th), Threat Intelligence Platforms (2nd), Active Directory Management (2nd), Attack Surface Management (ASM) (1st), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
2nd
Ranking in Endpoint Detection and Response (EDR)
3rd
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
194
Ranking in other categories
Anti-Malware Tools (2nd)
 

Mindshare comparison

As of February 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CrowdStrike Falcon is 16.8%, up from 13.9% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 5.8%, down from 9.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Q&A Highlights

Vijay Mohan - PeerSpot reviewer
May 10, 2023
 

Featured Reviews

Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
838,640 professionals have used our research since 2012.
 

Answers from the Community

Vijay Mohan - PeerSpot reviewer
May 10, 2023
May 10, 2023
You should do a test with both solutions for your client. Technically both solutions should perform very well but no one can tell which platform is more "you". That said, the main difference is Overwatch where security staff from CrowdStrike does some threat hunting on your tenant (and that is pricey because there are actual persons doing something for you). S1 does that kind of work only in th...
2 out of 3 answers
May 8, 2023
Hi ViJay - Are they open to other solutions as well?
Iñaki Martinez Urricelqui - PeerSpot reviewer
May 9, 2023
I think both solutions are very good. https://blog.ithq.pro/sentinel... I leave you a comparison of this website made by users. https://www.peerspot.com/produ...
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
Computer Software Company
19%
Manufacturing Company
7%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
 

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
Sentinel Labs, SentinelOne Singularity
 

Overview

 

Sample Customers

Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about CrowdStrike Falcon vs. SentinelOne Singularity Complete and other solutions. Updated: February 2025.
838,640 professionals have used our research since 2012.