We performed a comparison between SentinelOne Singularity Complete and Microsoft 365 Defender based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration. Microsoft 365 Defender offers effortless integration with other Microsoft solutions. Users praised its flexibility and comprehensive protection against multiple threat types. Microsoft 365 Defender could upgrade its machine learning and AI capabilities. Some users suggested adopting zero-trust features.
Service and Support: Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency. Some of our reviewers were satisfied with Microsoft's support, but others complained about slow responses and lackluster problem-solving capabilities.
Ease of Deployment: Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team. Setting up Microsoft 365 Defender is potentially complex and may involve integrating with existing policies. Some users reported longer deployment times.
Pricing: Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives. Some users say that Microsoft 365 Defender is good value, but other users perceive it as more expensive than similar competing products.
ROI: SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransom attacks. Other users noted its valuable dashboard data and low CapEx requirements. Microsoft 365 Defender offers savings, attack prevention, consolidation of security measures, and proactive threat detection.
Comparison Results: SentinelOne Singularity Complete is preferred over Microsoft 365 Defender. Users like its automatic threat mitigation and superb event data analysis. SentinelOne is highly regarded for its simple setup, reliability, and effectiveness in identifying and resolving threats. Our reviewers raised issues with Microsoft 365 Defender's pricing and support quality.
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The product's initial setup phase is very easy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet is very user-friendly for customers."
"The solution was relatively easy to deploy."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"Its most significant advantage lies in its affordability."
"The most valuable aspect is undoubtedly the exploration capability"
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The product integrates security into one tool instead of having third-party security tools."
"The deep visibility is really important for us. With it, we can really look deep into some of the incidents."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"The deep visibility is a valuable feature. I can use it during threats or alert signals that we get. I can also use it when we have alert signals from other security tools that we have."
"It is a good endpoint solution. That's the reason we chose it. We looked at other solutions, such as CrowdStrike, and based on the cost and the services it delivers, it was the better choice."
"The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"The best thing SentinelOne has done for us is that it gives us insight into the endpoints. We never had insight into lateral movement threats before. Once a threat known as Qbot gets on the network, it actually spreads throughout sub-networks quickly. SentinelOne has detected that and saved our bacon. We were able to get in there and stop the threat, lock it down, and prevent it from actually spreading through. It would have been 50 or 60 computers. It had spread through in a few minutes. We have a lot of HIPAA data and FERPA data that we need to keep protected."
"I work in vulnerability management, and for me, at the moment, its automation is most valuable. For the SOC team, incident visibility would be most valuable, but for me, it is automation."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"The SIEM could be improved."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The only minor concern is occasional interference with desired programs."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Stability could be improved by avoiding frequent changes to the interface."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"I really haven't done enough to really see any improvements."
"I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities."
"We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs."
"SentinelOne can improve by having better integration with Active Directory."
"An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."
"Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved."
"The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
"The anti-ransomware technology takes up a lot of disc space."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 78 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Microsoft Defender XDR is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Entra ID, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh. See our Microsoft Defender XDR vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.