Try our new research platform with insights from 80,000+ expert users

CrowdStrike Falcon vs SentinelOne comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
CrowdStrike Falcon improves ROI by cutting costs and increasing productivity through efficient threat management and strong security measures.
Sentiment score
7.5
SentinelOne Singularity Complete enhances efficiency by reducing costs, streamlining management, and consolidating tools, boosting security and savings.
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
We have not faced any attacks since we implemented it.
It has absolutely helped reduce our organizational risk.
 

Customer Service

Sentiment score
7.1
Customers generally praise CrowdStrike Falcon's responsive, knowledgeable support, despite occasional slow responses and limited expertise concerns.
Sentiment score
7.2
SentinelOne Singularity Complete's support is knowledgeable and quick, but users desire more transparency and interactive options like chat.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
 

Scalability Issues

Sentiment score
7.9
CrowdStrike Falcon excels in scalable, seamless deployment across various organizations, with flexible licensing and minimal disruption during expansion.
Sentiment score
8.1
SentinelOne Singularity Complete adapts and scales effortlessly, providing seamless protection and flexibility for businesses of all sizes.
It has adequate coverage and is easy to deploy.
When it comes to scalability, it is entirely based on premium models according to demand.
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
 

Stability Issues

Sentiment score
8.2
CrowdStrike Falcon offers stable, reliable performance with minor update issues and high user satisfaction ratings for protection.
Sentiment score
7.9
SentinelOne Singularity Complete offers stable, reliable performance with minimal downtime and effective updates, despite occasional legacy system issues.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
Initially, there were issues, particularly on the management side, but now the console is much more stable.
 

Room For Improvement

Users desire improved dashboard functionality, integration, machine learning, and interface enhancements with cost-effective options for better threat management.
SentinelOne Singularity Complete needs improvements in UI, reporting, integration, support, and resource management for enhanced user experience.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
 

Setup Cost

CrowdStrike Falcon is pricier than competitors but valued for strong security, flexible features, and excellent support.
SentinelOne Singularity Complete offers competitive pricing with robust features, favorable comparisons, and flexible licensing, justifying its enterprise value.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
If you want protection, you have to pay the price.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
It’s cheaper than other competitors.
 

Valuable Features

CrowdStrike Falcon excels with real-time threat detection, cloud-native flexibility, and seamless integration, enhancing endpoint security and management.
SentinelOne Singularity Complete excels in AI threat detection, seamless integration, and real-time protection with minimal false positives.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The machine learning behavior for anomaly detection is a valuable feature.
Real-time response (RTR) is a feature of EDR.
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
 

Categories and Ranking

CrowdStrike Falcon
Ranking in Endpoint Protection Platform (EPP)
2nd
Ranking in Endpoint Detection and Response (EDR)
1st
Ranking in Extended Detection and Response (XDR)
1st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
126
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Identity Management (IM) (6th), Threat Intelligence Platforms (2nd), Active Directory Management (2nd), Attack Surface Management (ASM) (1st), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Endpoint Detection and Response (EDR)
3rd
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
197
Ranking in other categories
Anti-Malware Tools (2nd)
 

Mindshare comparison

As of March 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CrowdStrike Falcon is 16.6%, up from 14.4% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 5.7%, down from 8.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Q&A Highlights

Vijay Mohan - PeerSpot reviewer
May 10, 2023
 

Featured Reviews

Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
842,388 professionals have used our research since 2012.
 

Answers from the Community

Vijay Mohan - PeerSpot reviewer
May 10, 2023
May 10, 2023
You should do a test with both solutions for your client. Technically both solutions should perform very well but no one can tell which platform is more "you". That said, the main difference is Overwatch where security staff from CrowdStrike does some threat hunting on your tenant (and that is pricey because there are actual persons doing something for you). S1 does that kind of work only in th...
2 out of 3 answers
May 8, 2023
Hi ViJay - Are they open to other solutions as well?
Iñaki Martinez Urricelqui - PeerSpot reviewer
May 9, 2023
I think both solutions are very good. https://blog.ithq.pro/sentinel... I leave you a comparison of this website made by users. https://www.peerspot.com/produ...
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
Computer Software Company
19%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
 

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
Sentinel Labs, SentinelOne Singularity
 

Overview

 

Sample Customers

Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about CrowdStrike Falcon vs. SentinelOne Singularity Complete and other solutions. Updated: March 2025.
842,388 professionals have used our research since 2012.