We performed a comparison between IBM Security QRadar and SentinelOne Singularity Complete based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements.
Comparison Results: Our users prefer IBM Security QRadar over SentinelOne Singularity Complete. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management. SentinelOne Singularity Complete users say it lacks some of QRadar's more advanced features and requires enhancements in automation, reporting functionality, user-friendliness, and stability.
"Microsoft 365 Defender is a good solution and easy to use."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"Microsoft 365 Defender is a stable solution."
"The most valuable feature is the DSM Editor. The custom parsing tool is very nice, outstanding."
"This solution has excellent security analytics."
"The solution is relatively easy to use."
"The visibility it gives you into your infrastructure has been great."
"We have the abilities to monitor each instance which originates on the process along with the performance of each department."
"IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through all the applications we use."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time."
"The best part of the agent is that users can't remove or disable it, so endpoints will be safe. I can control it from the portal. I can see when it's updated and I can push updates from the portal. The greatness of SentinelOne is that our end-users don't see anything to do with the agents. Some of them don't even know it's on their laptops. And that's a good thing."
"I appreciate the network control as well as the device control."
"SentinelOne gives us visibility into various high-level vulnerabilities on every gateway on the network. It helps us prevent vulnerable devices from being compromised. We primarily use Singularity for its EDR functions. We're happy with that."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"The deep visibility is really important for us. With it, we can really look deep into some of the incidents."
"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The data recovery and backup could be improved."
"The interface is very old. IBM should remake it into a more modern interface."
"There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different hardware to implement and to deploy. The resiliency connector because there's a considerable amount of data scanning, operates for these apps correctly."
"The reporting system could use some upgrading."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"I would like to see a better GUI."
"The solution lacks some maturity."
"I need a solution which will send alerts in the event of any behavior."
"The product can be a bit complex."
"It has all the features that other leading products in the market provide. They should keep enhancing it based on the challenges in the market. I am fine with its detection capability, but they can work more on deep inspection."
"I would appreciate seeing the browser extension react more effectively to events, going beyond mere detection."
"SentinelOne needs to provide more documentation for administrators and analytics."
"Email security should also integrate with it to get more visibility on it."
"The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
"I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible."
"The solution should include USB blocking for specific machines."
"Since SentinelOne Hologram was an Attivo Networks product acquired by Microsoft, I have to install a different agent on endpoints for that product. It would be better if the same SentinelOne agent could be used for both the EDR and deception technology."
More SentinelOne Singularity Complete Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. IBM Security QRadar is rated 8.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our IBM Security QRadar vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
