Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs SentinelOne Singularity Complete comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 3, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.2
Users report positive ROI from Microsoft Defender for Endpoint, citing cost savings, improved security, and effective system integration.
Sentiment score
7.6
SentinelOne Singularity Complete enhances efficiency and security, reducing response time, costs, and incidents while increasing productivity and savings.
The return on investment is primarily in time savings and better observability of what's happening.
 

Customer Service

Sentiment score
6.6
Microsoft Defender for Endpoint's support is generally reliable, with mixed reviews on response time and resolution quality.
Sentiment score
7.3
SentinelOne's support is praised for efficiency, expertise, and responsiveness, despite occasional slow responses and non-interactive communication.
Due to our size, we don't have access to direct technical support, but the knowledge base, Microsoft Learn, and the articles available are really good.
I rate Microsoft support 10 out of 10.
The level-one support seems disconnected from subject matter experts.
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
SentinelOne's policy required the MSP to contact their company and schedule the deactivation at least 24 hours before.
 

Scalability Issues

Sentiment score
7.6
Microsoft Defender for Endpoint offers scalable integration and cloud-based management, but customization may need extra tools in complex settings.
Sentiment score
8.1
SentinelOne Singularity Complete enables seamless scalability and integration, supporting global enterprises with effective endpoint protection and management.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
It's pretty easy to scale with Microsoft, as they make it easy if you look into the documentation.
Defender's scalability is phenomenal, and it's going to be one of the keys to resolving issues for the SOC.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
 

Stability Issues

Sentiment score
7.9
Microsoft Defender for Endpoint is stable, integrates well with Windows, but occasionally has configuration and memory issues.
Sentiment score
7.9
SentinelOne Singularity Complete is praised for stability, effective performance, and reliable updates, with occasional third-party software conflicts.
Defender for Endpoint is extremely stable.
I haven't seen any outages with Microsoft.
I rate Defender 10 out of 10 for stability.
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
 

Room For Improvement

Users criticize Microsoft Defender for Endpoint's complex interface, limited integration, and request enhancements in analytics, protection, and support.
SentinelOne Singularity Complete needs console improvements, better integration, clear documentation, efficient updates, and enhanced automated threat responses.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
We have multiple endpoints, and we want to look for signals across tenants.
An additional feature that could be included in the next release is free Copilot.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
 

Setup Cost

Microsoft Defender for Endpoint offers flexible, cost-effective pricing, especially in E5 bundles, adapting to various enterprise licensing needs.
SentinelOne Singularity Complete balances higher costs with robust endpoint protection, justifying prices of $5-$8 per endpoint monthly.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
The pricing, setup, and licensing were very easy and simple.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
I did not notice a significant increase in cost after adding SentinelOne.
 

Valuable Features

Microsoft Defender for Endpoint provides comprehensive cybersecurity with seamless integration, robust threat analytics, and efficient management across platforms without performance impact.
SentinelOne Singularity Complete offers robust security, automation, and integration, excelling in threat prevention and minimal disruption across platforms.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Attack surface reduction and limiting attack surface vectors are valuable features.
Web filtering is the most valuable feature of Microsoft Defender for Endpoint because it effectively maintains security for website access.
Their support team walked us through configuring the agent to handle other third-party tools properly.
The security aspect is the most valuable feature for me.
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Anti-Malware Tools
1st
Ranking in Endpoint Detection and Response (EDR)
2nd
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
190
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Microsoft Security Suite (6th)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
2nd
Ranking in Anti-Malware Tools
2nd
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
192
Ranking in other categories
Extended Detection and Response (XDR) (2nd)
 

Mindshare comparison

As of December 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender for Endpoint is 12.5%, down from 17.4% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 6.5%, down from 10.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Sudhen Swami - PeerSpot reviewer
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.
Prince Joseph - PeerSpot reviewer
Reduces organizational risk, low on machine load, and helps prevent ransomware
The most important aspect of the solution is that the load on the machine is not very high. It doesn't take up battery resources. The solution prevents ransomware and other threats. So far, it is working brilliantly. The dashboards and UI are user friendly, as is the ability to configure as needed. It seems to have a lot more capabilities. The XDR capabilities, in particular, look very strong. We're currently looking into that. If we want to do integrations with third parties, we don't have very many challenges around that. The ability to ingest and correlate across our security solutions is very useful. It's impressive. The AI engine it has is excellent. It helps us consolidate our security solutions. While it does not allow us to reduce alerts per se, it does a good job of correlating. The way it's integrated into the SIM, it's working to the expectations we have. The solution helps free up people so that they can work on other tasks. We don't have to grow our team too much now. My security team is actually quite small - about five people. We all get more time to handle other tasks. We've noted that it does help reduce mean time to respond. We can identify events easier and those that are most critical are brought to the forefront. Previously, we were in the dark. Now we have so much more visibility. It's been a huge improvement. It's effectively helped to reduce organizational risk.
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
824,052 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
27%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Computer Software Company
19%
Manufacturing Company
7%
Financial Services Firm
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about SentinelOne?
The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
Sentinel Labs, SentinelOne Singularity
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete and other solutions. Updated: November 2024.
824,052 professionals have used our research since 2012.