Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs SentinelOne Singularity Complete comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 10, 2024
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Anti-Malware Tools
1st
Ranking in Endpoint Detection and Response (EDR)
2nd
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
186
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Microsoft Security Suite (6th)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
2nd
Ranking in Anti-Malware Tools
2nd
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
190
Ranking in other categories
Extended Detection and Response (XDR) (2nd)
 

Mindshare comparison

As of November 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender for Endpoint is 13.1%, down from 18.5% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 6.9%, down from 10.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Sudhen Swami - PeerSpot reviewer
Jun 26, 2024
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.
Prince Joseph - PeerSpot reviewer
Jun 26, 2024
Reduces organizational risk, low on machine load, and helps prevent ransomware
The most important aspect of the solution is that the load on the machine is not very high. It doesn't take up battery resources. The solution prevents ransomware and other threats. So far, it is working brilliantly. The dashboards and UI are user friendly, as is the ability to configure as needed. It seems to have a lot more capabilities. The XDR capabilities, in particular, look very strong. We're currently looking into that. If we want to do integrations with third parties, we don't have very many challenges around that. The ability to ingest and correlate across our security solutions is very useful. It's impressive. The AI engine it has is excellent. It helps us consolidate our security solutions. While it does not allow us to reduce alerts per se, it does a good job of correlating. The way it's integrated into the SIM, it's working to the expectations we have. The solution helps free up people so that they can work on other tasks. We don't have to grow our team too much now. My security team is actually quite small - about five people. We all get more time to handle other tasks. We've noted that it does help reduce mean time to respond. We can identify events easier and those that are most critical are brought to the forefront. Previously, we were in the dark. Now we have so much more visibility. It's been a huge improvement. It's effectively helped to reduce organizational risk.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."
"We found that because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development"
"The threat hunting service is very useful for a security professional."
"We use Microsoft Defender for the antivirus."
"It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. It doesn't use too many resources, so you don't have to install different things."
"It's effective against most types of infection, and the firewall is perfect for protection."
"Defender for Endpoint has one dashboard with security-related information, vulnerability-related information, and basic recommendations from Microsoft, all in different tabs. That's helpful because if we want to fix only the recommended ones, we can go fix all of them..."
"Defender is a part of Windows; you just need to enable it. There is no need to install anything."
"The overview is valuable. There are a lot of instances out there, but Singularity Complete cuts the noise down by giving us graphics and color-coding information instead of massive tech dumps. It helps us concentrate on what is actually needed versus just the noise."
"The most valuable aspect, in any scenario, was the rollback feature."
"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
"The strength of SentinelOne is that it has an automated, active EDR. It does that first level of what a SOC analyst would do, automatically, using artificial intelligence, so we can focus on other things. Active EDR not only notifies you, but it actually fixes that first level. That is unheard of. Very few, if any, companies do that."
"The protection and management provided by SentinelOne is good."
"It has saved us from a couple of ransomware attacks already."
"It uses AI technology so it can find known and unknown threats. It is stable and provides one of the best technical support."
"SentinelOne’s Rollback is its best feature."
 

Cons

"Sometimes, there are different skews. In a basic skew, they should have basic log analysis without the need to integrate with any third-party or SIEM solutions, like Sentinel. This would make it so much easier for users who don't have log collection or log analysis."
"The user interface could use some improvement."
"Where we stand right now, compared to other products that are there in the market, they still have to work on their threat intelligence and the overall maturity of detecting the malware."
"It would be helpful if they included XDR features, on top of the EDR functionality."
"There's a lot of manual effort involved to configure what we need."
"It's not easy to create special allowances for certain groups of users. It can be a little heavy-handed in some areas where Microsoft has decided to lock a feature out, meaning they make it hard to make an exception... One company we work with needed to use about 20 different thumb drives for about 20 users. To make that exception for them was very difficult. In fact, you can't really make an exception. But what you can do is allow them to use it and, while it will still alert, you can actually suppress those alerts."
"The documentation could be better. When they update their manuals, sometimes they refer to products by their old names, so it is a little confusing. For example, the documentation might still say "Advanced Threat Protection" instead of Defender for Endpoint."
"The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified."
"The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network."
"I would like to see a better control panel for the managed service side of it."
"The way Singularity Complete handles blocking external mass storage is annoying because it is so difficult to unblock single endpoints."
"The ability to integrate this product with an antivirus solution would be welcome. Even consolidation with more security products, like Umbrella networking abilities etc. to provide more on this platform, that would be great."
"The role-based access is in dire need of improvement. We actually discussed this on a roadmap call and were informed that it was coming, but then it was delayed. It limits the roles that you can have in the platform, and we require several custom roles. We work with a lot of third-parties whom we rely on for some of our IT services. Part of those are an external SOC function where they are over-provisioned in the solution because there isn't anything relevant for the level of work that they do."
"SentinelOne's performance and the accuracy of its incident filtering could be improved."
"I would like to see category-based web filtering."
"It is complicated to do certain tasks."
 

Pricing and Cost Advice

"You need a license to use this solution."
"This is an expensive product and licensing for all Microsoft products is a big issue."
"The license cost is around $35 per machine, which is not expensive compared to other products."
"AV solutions are pretty expensive because they are necessary, not just for protection, but many businesses need them to comply with regulatory bodies and receive accreditation. We recently purchased an E5 license, which gives us access to the entire Microsoft suite. I would say the pricing is competitive; most tools of this kind are similarly priced. There are minor differences between the competitors, but they aren't spectacularly different. Defender for Endpoint makes sense because all our solutions are in the same place, paid for with a single license. The subscription price is around £50 per user per month, though it may have increased slightly."
"Most people don't realize M365/E5 licenses are an amazing deal. They think "Oh, it's expensive," and I'll ask, "Compared to what?" If you don't have it you will have to buy licenses for multiple products to fill the same security space that you would have gotten with the Microsoft product. Go figure out how much it costs you per product, per user, and then come back and tell me how things add up financially."
"They are now doing it on an endpoint basis. It is based on the number of endpoints, which is good."
"The solution comes as a part of Windows 10 and it is covered under its license."
"When compared with other vendors, the pricing is very high."
"SentinelOne Singularity Complete can be expensive for the SMB market but is suitable for enterprise-level organizations."
"It is comparatively cheap in the market and provides a good price point."
"I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process."
"It's around $8 per client per month."
"The licensing is comparable to other solutions in the market. The pricing is competitive."
"I find the licensing cost for SentinelOne Singularity Complete fair."
"The one I use is $6 a month per device. Some are $4 and there are some that are more than that."
"SentinelOne Singularity Complete is expensive compared to Microsoft but not Sophos."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Computer Software Company
19%
Manufacturing Company
7%
Financial Services Firm
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about SentinelOne?
The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
Sentinel Labs, SentinelOne Singularity
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.