

Cortex XSIAM and SentinelOne Singularity AI SIEM are prominent in the cybersecurity field. Cortex XSIAM often has the advantage due to its pricing and return on investment.
Features: Cortex XSIAM includes enriched threat intelligence, automated incident management, and seamless data source integration. It provides comprehensive network visibility and automated threat remediation. SentinelOne features robust endpoint detection, real-time AI threat hunting, and innovative AI-driven threat analysis.
Room for Improvement: Cortex XSIAM could enhance its endpoint protection and refine its user interface for better accessibility. It might also expand its API functionalities for third-party integrations. SentinelOne could improve in providing more holistic network visibility, enhance automation processes, and offer more competitive pricing options.
Ease of Deployment and Customer Service: Cortex XSIAM provides flexible deployment options and comprehensive support, simplifying large-scale deployments. SentinelOne offers adaptable deployments with dedicated support for complex environments, excelling in personalized service for intricate setups.
Pricing and ROI: Cortex XSIAM offers competitive pricing with significant ROI, reducing operational costs through extensive automation. SentinelOne is premium-priced but valued for its specialized features and security expertise. Cortex XSIAM appeals with affordability while SentinelOne provides value through advanced security capabilities.
SentinelOne Singularity AI SIEM has reduced our response time to true positive alerts by approximately forty percent through automation.
At the moment, I feel the pricing is a little bit on the higher side, but the tool is positioned in a place where risk is very high, and we do not want to take chances, so we are prepared to pay the premium.
The effect of SentinelOne Singularity AI SIEM on our customers' SOC efficiency in investigating alerts and responding to incidents is significant.
With premium support, core Palo Alto technical experts handle issues directly.
It is ineffective in terms of responding to basic queries and addressing future requirements.
I had a dedicated person allocated for supporting, and even with them, it was very good.
SentinelOne Singularity AI SIEM has AI-based technical support available.
Based on my experience with the technical support of SentinelOne Singularity AI SIEM, I would rate them a ten.
In rating the technical support for SentinelOne, it depends on whether we are discussing EDR or SentinelOne Singularity AI SIEM.
Without proper integration, scaling up with more servers is meaningless.
The SOC team is responsible for fully managing Cortex XSIAM.
Cortex XSIAM is highly scalable.
With any AI adoption, the end goal should be more governance and data security and safety.
The performance depends on the configuration.
It is scalable, and we can increase the compute size. It can scale. There are no challenges.
The product was easy to install and set up and worked right.
With continuous integration that the colleagues probably are doing, it is becoming better and better.
Overall, Cortex XSIAM is stable.
When it comes to stability, I would give SentinelOne Singularity AI SIEM a nine.
In terms of performance stability, I have never had any crashes, downtimes, or performance issues.
Even the data lake feature they have, in terms of keeping all the logs intact, those log searches are extremely fast on SentinelOne Singularity AI SIEM, even though the data is very high.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
Cortex XSIAM is on the expensive side and requires substantial improvement in pricing.
The adoption rate will be less compared to other products, as this can be a time-taken process because all my data needs to be offloaded and the system needs to understand my existing alerts, logs, and other things.
The interface flickers frequently, and sometimes it does not load properly.
Whenever OT security comes into the picture, the customers do not allow us to integrate their OT devices on a cloud. It should be available on-premises because the OT SIEM market, in the India market for instance, is something around a four to eight billion dollar market.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
I find SentinelOne's pricing to be reasonable and competitive.
The advanced visualization capabilities of the product are important for understanding security trends in an organization.
To have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
We finally have visibility into things that were never visible before.
It employs a combination of AI and ML to check for viruses or any other malicious processes, including fileless attacks.
The AI-driven threat detection capabilities improve our overall security posture.
| Product | Mindshare (%) |
|---|---|
| Cortex XSIAM | 1.7% |
| SentinelOne Singularity AI SIEM | 1.4% |
| Other | 96.9% |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
| Company Size | Count |
|---|---|
| Small Business | 5 |
| Midsize Enterprise | 3 |
| Large Enterprise | 3 |
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.
What are Cortex XSIAM's key features?
What benefits are evident in Cortex XSIAM reviews?
Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.
SentinelOne Singularity AI SIEM offers comprehensive security information and incident management designed to enhance threat detection, response, and investigation capabilities within enterprise environments.
SentinelOne Singularity AI SIEM is known for its robust capabilities in the realm of cybersecurity, providing organizations with an advanced tool to combat modern threats. The platform integrates machine learning and artificial intelligence to automate threat identification and streamline incident response processes. Its intuitive interface allows teams to manage security events efficiently, ensuring rapid reaction to potential vulnerabilities. As a scalable tool, it adapts to evolving security demands, providing valuable insights to safeguard critical business operations.
What are the important features of SentinelOne Singularity AI SIEM?In industries such as finance and healthcare, implementation of SentinelOne Singularity AI SIEM often means tailored solutions to protect sensitive data, meeting regulatory compliance. These sectors appreciate its capability to provide detailed insights and reduce the risk of data breaches, thus preserving stakeholder trust.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.