No more typing reviews! Try our Samantha, our new voice AI agent.

Graylog Security vs SentinelOne Singularity Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Graylog Security
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
Security Information and Event Management (SIEM) (60th)
SentinelOne Singularity End...
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
260
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd), Extended Detection and Response (XDR) (2nd), AI-Powered Cybersecurity Platforms (3rd), AI Observability (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Graylog Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 0.6%, up 0.5% compared to last year.
SentinelOne Singularity Endpoint, on the other hand, focuses on Endpoint Detection and Response (EDR), holds 5.3% mindshare, down 5.6% since last year.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Graylog Security0.6%
Splunk Enterprise Security7.3%
IBM Security QRadar5.3%
Other86.8%
Security Information and Event Management (SIEM)
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Endpoint5.3%
CrowdStrike Falcon7.4%
Microsoft Defender for Endpoint5.7%
Other81.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

Tony Zafiropoulos - PeerSpot reviewer
Owner/ Chief Engineer at Fixvirus.com
Aggregates logs in one place and helps to review data points
We tried Graylog Security, starting with their inexpensive open-source version. We tested it out and continued using it for a while. As for the main differences between Graylog Security and other vendors, some users might prefer cloud-based platforms over on-premises solutions. It isn't inherently cloud-native, but that might not matter much for some.
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool aggregates logs. We can see the logs in one place."
"We use the solution to collect logs."
"When we first looked at SentinelOne, we had a very distributed legacy antivirus environment. Through SentinelOne's platform, we were able to consolidate about eight different antiviruses globally, thus saving money and time."
"SentinelOne Singularity Endpoint helps reduce the number of alerts, generates precise alerts with very few false positives if any, and has actually reduced the load on our SOC analysts so much that I support approximately 18,000 to 20,000 endpoints with only two EDR engineers."
"Having the capability to gain insights across our network, observe all our machines, and have a centralized view of what's protected and where things are is incredibly advantageous."
"It's effectively helped to reduce organizational risk."
"We went from 30% ransom ware infections to zero."
"Now that we have SentinelOne, we cannot go without it."
"The solution is extremely stable."
"Our clients have been able to survive a ransomware attack without even knowing that they had had files encrypted and automatically rolled back - even their Point of Sale (POS) system did not miss a beat and the business continued as normal without interruption."
 

Cons

"Graylog Security needs to incorporate security scorecards."
"The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR."
"I would like to see a better control panel for the managed service side of it."
"They need to improve their UI and the way they show that the scanning is running on the endpoint."
"Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful."
"All is good for now, but we cannot rest, and continuous development - in particular with regard to the areas of automation, machine learning, and artificial intelligence - is required to keep ahead of the cybercriminals."
"Sometimes, SentinelOne Singularity Complete takes time to reflect on some machines, which could be due to poor network connectivity."
"I would like to see improvements in the hashes function, particularly in the hashes tab, as multiple hashes are difficult to add in the correct format in SentinelOne Singularity Complete for Windows, Linux, and Mac."
"In terms of improvement, the documentation could be better. I would also like to see SingularityOne compatibility with Huntress, and the tighter integration between them would bring more to the table."
 

Pricing and Cost Advice

"I rate the tool's pricing a one out of ten."
"The pricing for SentinelOne Singularity Complete is competitive."
"The price is fair for what we are getting."
"SentinelOne Singularity Complete's pricing is affordable."
"We buy the licensing in bulk. From a pricing standpoint, because we buy in bulk, we get very good pricing. Based on its functionality and capabilities, it is well worth the price. I do not think it is at all expensive based on what you get in the solution. We use the complete up to the core. Our pricing is probably a little bit more than somebody who is on the core. In general, it is well worth what you get for the price you pay."
"We pay $30,000 a year for 275 endpoints. We're growing, so I plan to buy another 75 endpoints. There is still a year and a half left in my three-year subscription, so I'm going to increase my endpoint count by 30 percent."
"Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender. Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one."
"I found the pricing for SentinelOne Singularity Complete reasonable."
"The tool's price is reasonable."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
903,118 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
14%
Comms Service Provider
10%
Construction Company
7%
Manufacturing Company
7%
Computer Software Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business120
Midsize Enterprise69
Large Enterprise88
 

Questions from the Community

Ask a question
Earn 20 points
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the pricing.
 

Also Known As

No data available
Sentinel Labs, SentinelOne Singularity, Singularity Platform
 

Overview

 

Sample Customers

Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Splunk, IBM, Wazuh and others in Security Information and Event Management (SIEM). Updated: June 2026.
903,118 professionals have used our research since 2012.