Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs SentinelOne Singularity Complete comparison

Palo Alto Networks and SentinelOne are both solutions in the Endpoint Protection Platform (EPP) category. Palo Alto Networks is ranked #4 with an average rating of 8.6, while SentinelOne is ranked #3 with an average rating of 8.6. Palo Alto Networks holds a 3.7% mindshare in EPP, compared to SentinelOne’s 4.5% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 97% of SentinelOne users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 91 Cortex XDR by Palo Alto Networks reviews
  • 17,842 Views
  • 11,776 Comparison Views
95% willing to recommend
SentinelOne Singularity Com...
Read 198 SentinelOne Singularity Complete reviews
  • 25,921 Views
  • 15,034 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on May 4, 2025

SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks both compete in the cybersecurity sector, with distinct strengths. SentinelOne holds an advantage with its effective rollback feature for immediate ransomware remediation.

Features: SentinelOne offers AI-driven endpoint protection with features like threat hunting and deep visibility, making it effective against ransomware. Its rollback capability is particularly valuable for quick recovery. Cortex XDR excels in behavioral analysis and seamless integration within the Palo Alto ecosystem, bringing together endpoint and network data for comprehensive protection.

Room for Improvement: SentinelOne could improve its user interface, expand platform integrations, and refine its role-based access and reporting features. Enhancing technical support response times is also recommended. Cortex XDR needs to focus on reducing memory consumption, enhancing its reporting dashboard for real-time analysis, and improving integration with third-party tools for better operational efficiency.

Ease of Deployment and Customer Service: SentinelOne supports flexible deployment across Private, Public, and Hybrid Cloud environments, offering quick technical support and fast issue resolutions, with high customer satisfaction. Cortex XDR also supports diverse deployment environments and benefits from knowledgeable technical support teams, although complex problems sometimes lead to slower resolutions.

Pricing and ROI: SentinelOne offers competitive pricing with features like rollback and deep visibility, boasting operational flexibility and significant ROI by reducing incident response times. Cortex XDR, while somewhat costlier, justifies the higher costs with comprehensive protection and integration capabilities within the Palo Alto product suite, offering strong ROI through threat prevention and seamless enterprise security features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete Report (Updated: June 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
June 2025
Download the complete report
Helped 860,745 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.7
Cortex XDR enhances threat prevention, compliance, and cost efficiency, providing rapid ROI and improved security and user satisfaction.
Sentiment score
7.5
SentinelOne Singularity Complete reduced incident response time and costs, improving ROI with advanced features and central management.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
We have not faced any attacks since we implemented it.
It has absolutely helped reduce our organizational risk.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
PK
DS
MM
reviewer2676195 - PeerSpot reviewer
 

Customer Service

Sentiment score
6.6
Palo Alto Networks' customer service receives mixed reviews due to language barriers, response times, and inconsistent technical support quality.
Sentiment score
7.3
SentinelOne Singularity Complete is praised for effective, fast support, though some desire more phone and interactive assistance.
Every vendor has similar support; it depends on how the case is handled and raised.
Their support is efficient and responsive whenever I raise a ticket through my portal.
I would rate technical support from Palo Alto on a scale from one to ten as an eight, as I find it good.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewer
PK
reviewer2591928 - PeerSpot reviewer
DS
MM
 

Scalability Issues

Sentiment score
7.6
Cortex XDR excels in scalability and adaptability across environments, supporting diverse systems with seamless deployment and reliable expansion.
Sentiment score
8.1
SentinelOne Singularity Complete is versatile, seamlessly expanding across platforms, integrating easily, but faces issues when scaling down.
No quotes available
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
For more quotes and insights, download the SentinelOne Singularity Complete report
DB
reviewer2591928 - PeerSpot reviewer
JV
 

Stability Issues

Sentiment score
8.0
Cortex XDR by Palo Alto Networks is stable and reliable, with quick bug fixes and consistent performance across platforms.
Sentiment score
7.9
SentinelOne Singularity Complete is stable, reliable, with minor connectivity issues during updates; users appreciate its performance and stability.
Cortex XDR is stable, offering high quality and reliable performance.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
Initially, there were issues, particularly on the management side, but now the console is much more stable.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
PK
reviewer2591928 - PeerSpot reviewer
JV
MM
 

Room For Improvement

Users find Cortex XDR challenging due to integration issues, high memory usage, limited features, and a need for improvements.
SentinelOne Singularity Complete needs UI refinement, better automation, flexible policies, reduced resource use, and improved pricing and support.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
For more quotes and insights, download the SentinelOne Singularity Complete report
NiteshSharma - PeerSpot reviewer
PK
EC
JV
DB
reviewer2591928 - PeerSpot reviewer
 

Setup Cost

Cortex XDR offers flexible licensing, valued for complex security needs, but perceived as costly and variable in international markets.
SentinelOne Singularity Complete is seen as cost-effective by some but pricey compared to traditional antivirus solutions, yet feature-rich.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
If you want protection, you have to pay the price.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
It’s cheaper than other competitors.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewer
MM
reviewer2591928 - PeerSpot reviewer
MA
 

Valuable Features

Cortex XDR ensures comprehensive protection with AI-driven analytics, multi-layered threat detection, and seamless integration, enhancing security management.
SentinelOne Singularity Complete offers robust, AI-driven security and seamless integration, enhancing performance and protection for enterprises.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
For more quotes and insights, download the SentinelOne Singularity Complete report
EC
NiteshSharma - PeerSpot reviewer
PK
DB
DS
MA
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
91
Ranking in other categories
Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
198
Ranking in other categories
Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.9% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 4.5%, down from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

NiteshSharma - PeerSpot reviewer
Automated threat response and behavioral control improve security measures
I recommend adding a data loss prevention (DLP ( /categories/data-loss-prevention-dlp )) solution to Cortex XDR ( /categories/extended-detection-and-response-xdr ) by Palo Alto Networks. The inclusion of this feature would allow the application of DLP ( /categories/data-loss-prevention-dlp ) policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products. Additionally, multi-tenancy and multi-cloud features are not available and should be considered for inclusion.
Read full review
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
860,745 professionals have used our research since 2012.
 

Answers from the Community

NC
Sep 27, 2021
Sep 27, 2021
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them....
2 out of 3 answers
reviewer1650858 - PeerSpot reviewer
Aug 22, 2021
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them. I don’t know that any other solution does that. Cortex XDR by Palo Alto has a nice console and is easy to use. One of my favorite things about it is that it will automatically connect and log various kinds of suspicious behavior - you don’t need to do it manually. Cortex XDR is very secure but it is missing some basic features. It doesn’t offer an on-prem solution and it doesn’t integrate so well with some third-party solutions. SentinelOne can be challenging to set up and there seem to be some applications that do not function properly when SentinelOne is installed. I would like to be able to make the reporting more specific to my needs. It would be a more attractive option if the cost was lower. Conclusions The find-and-fix option that SentinalOne provides was a huge win for us. We feel it provides a deeper and more thorough level of security.
Read full answer
ITSecuri7cfd - PeerSpot reviewer
Sep 27, 2021
Depends on the size, scope and needs of your environment.  XDR is an ok monitoring/alerting tool, especially if you have a Palo Alto firewall already and everything can integrate well together. However, S1 is a superior tool IMHO and can catch and fix things automatically if you so choose (magic quadrant agrees).  Cost-wise XDR is probably cheaper but I don't know specifics on-prem vs cloud. S1 is a cloud tool but is extremely fast and responsive compared to some other tools we POC'd and can support legacy devices w2k8 and below or Linux or VDI without having to special of workarounds. So again, it depends on your needs, environment and cost.
Read full answer
See all 3 answers
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
19%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
See all answers
What do you like most about SentinelOne Singularity?
The Ranger feature is valuable.
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity?
I don't know about the licensing model. It seems easy, but it's not my area of expertise. I don't have information on how it compares to its competitors, but the pricing is per device.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 10% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete Logo
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete
Compared 5% of the time
CrowdStrike Falcon vs SentinelOne Singularity Complete Logo
CrowdStrike Falcon vs SentinelOne Singularity Complete
Compared 5% of the time
Datto Endpoint Detection and Response (EDR) vs SentinelOne Singularity Complete Logo
Datto Endpoint Detection and Response (EDR) vs SentinelOne Singularity Complete
Compared 5% of the time
Darktrace vs SentinelOne Singularity Complete Logo
Darktrace vs SentinelOne Singularity Complete
Compared 5% of the time
Fortinet FortiEDR vs SentinelOne Singularity Complete Logo
Fortinet FortiEDR vs SentinelOne Singularity Complete
Compared 2% of the time
More SentinelOne Singularity Complete Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
July 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
SentinelOne Singularity Complete
June 2025
SentinelOne Singularity Complete reportDownload SentinelOne Singularity Complete product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Sentinel Labs, SentinelOne Singularity
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

SentinelOne Singularity Complete provides AI-driven threat detection and response with features like ransomware protection and rollback, offering endpoint protection with minimal system impact and deep forensic analysis.

SentinelOne Singularity Complete combines machine learning and artificial intelligence to offer robust endpoint protection. It delivers real-time insights and advanced threat detection through seamless integration with third-party tools, allowing for efficient endpoint management. With an emphasis on user-friendliness, it ensures reduced false positives. Room for improvement includes better integration options, enhanced reporting, and more precise analytics to tackle false positives. Users seek improved interoperability with systems and comprehensive support for legacy systems.

What are the key features of SentinelOne Singularity Complete?
  • Rollback Feature: Enables restoration of affected systems to a healthy state after an attack.
  • Ransomware Protection: Advanced mechanisms to prevent and mitigate ransomware threats.
  • Machine Learning and AI: Utilizes cutting-edge technology for precise threat detection and response.
  • Seamless Integration: Works well with third-party tools for enhanced endpoint protection.
  • Real-Time Protection: Proactively defends against advanced threats with minimal delays.
What benefits and ROI should users consider?
  • Reduced False Positives: Accurate threat detection limits operational disruptions.
  • Efficient Endpoint Protection: Ensures security with low system impact.
  • User-Friendly Experience: Simplified management and ease of use aid productivity.
  • Deep Forensic Analysis: Assists in effective threat investigation and response.
  • Cost-Effective Security: Positions as a worthwhile alternative to traditional antivirus solutions.

Organizations from industries like finance, healthcare, and technology deploy SentinelOne Singularity Complete to safeguard endpoints such as PCs, servers, and virtual machines. Equipped with EDR, it effectively replaces traditional antivirus systems and integrates with cloud technology for real-time security insights.

SentinelOne
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
June 2025
Free Report: Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete and other solutions. Updated: June 2025.
DOWNLOAD NOW
860,745 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. SentinelOne Singularity Complete report.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.