We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Advanced hunting is good. I like that. We can drill down to lots of details."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Microsoft 365 Defender is a stable solution."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The most valuable feature is the ability to collect authentication information from service providers."
"The visualization is very good."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"Enables monitoring of application performance and the ability to predict behaviors."
"ELK documentation is very good, so never needed to contact technical support."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Offers good protection against ransomware."
"The setup is very straightforward."
"It has a one-click button that we can use to reverse all those dodgy changes made by the virus program and bring the system quickly back to what it was. That's one of the most important features."
"We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer."
"I was extremely happy with their technical staff. The solution's tech support is top-notch. They have some really good engineers on their team."
"The customer support for this solution is good."
"SentinelOne is the next-generation EDR solution."
"The most valuable features include the agent installation and update processes."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Advanced attacks could use an improvement."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it."
"It's fine. It's correcting all the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated."
"The MDM functionality and maturity still need improvement."
"It would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations."
"There should be more integration models with different security operations tools or soft tools."
"The learning curve was a little steep."
"The endpoint firewall capability is fairly primitive and basic."
"I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Fortinet FortiAnalyzer, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
