I am a product director at a tech services company with 501-1,000 employees.
I am currently researching Carbon Black CB Defense, CrowdStrike, and SentinelOne. What are the biggest differences between the three? Which would you recommend?
Thanks! I appreciate the help.
A short answer:
Perhaps the biggest IMO is SentinelOne is the only one of these 3 that does not have to go to the cloud for any behavior protection. It allows for full execution and blocks specific patterns rather than go to the cloud sandbox. Crowdstrike has a lite version of blocking without a sandbox. Additionally, Active EDR and intuitive storyline indicating patient zero is a plus with SentinelOne (this without any consulting or threat analyst).
Crowdstrike USPs compared to CB and SentinelOne:
1. Very powerful Machine Learning AV
2. Device Control
3. Vulanrablity Assessment ( Sentinel One have the partial capability )
4. AWS Partner Competency
5. Leaders and having a high rating in all major Analyst reviews
6. Automated Threat Intelligence
7. Customer satisfaction and retention
Do evaluate www.cynet.com and you will find that Cynet is way ahead in the way it does Continuous Breach protection and monitoring.
IMO, it depends on whether you have abilities to validate and/or correlate telemetries - these guys brings out quite a lot of telemetry alerts for you to work on...
Are you researching to buy or to resell?
SentinelOne has not been breached
SentinelOne is hands down my recommended solution.
SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.
Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.
Your reputation and your company's cyber security is in your hands - make an informed decision
They address slighty differing customer profiles, Crowdstrike has deep integrations to Okta, Sailpoint and others, where as SentinelOne has AI automation that outstrips the general use case associated to most threat detection elements.