We performed a comparison between Crowdstrike Falcon and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, SentinelOne seems to be a slightly superior solution. All other things being more or less equal, our reviewers found Crowdstrike Falcon to be expensive, and some reviewers also felt that its technical support could be improved.
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The threat intelligence is excellent."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"The solution can scale easily."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"The initial setup is a very fast process."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"It's very easy to set up."
"The most valuable features are asset tracking, patching, endpoint tagging, and policy updates."
"The most valuable features include the agent installation and update processes."
"Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well."
"The most valuable feature is the automatic remediation."
"I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time."
"The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported."
"The ability to get queries by pressing the "tab" button is a plus for SentinelOne."
"I find the application inventory feature to be extremely useful."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The web filtering solution needs to be improved because currently, it is very simple."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The management and automation of the cloud apps have room for improvement."
"Stability could be improved by avoiding frequent changes to the interface."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"It does take more time to scan than other solutions."
"This solution could be improved with greater scope for admins to make changes to the solution."
"The pricing structure should allow for some flexibility."
"I have worked with their technical support on several problems that were never fully resolved."
"The management of log aggregation is in need of improvement."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"The price is too high."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"It would help if they could get all the relevant threat information, the related events, in one place. Currently, we need to go to a number of places and do research. If they could have it all in one place, that would help investigations."
"The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."
"They need to improve how we install the software."
"They can improve the administrative interface. They can make it more user-friendly."
"The false positive rate has room for improvement."
"In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it. They already worked on this and they promised that in the next release that they will show me their solution for it. But this year I have had complaints about agents' updates, that they aren't clear."
"In the beginning, we had some issues with their product on some of the Windows 32-bit operating systems."
"I would like to have a remote desktop feature added so we can remotely access our endpoints."
More SentinelOne Singularity Complete Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. CrowdStrike Falcon is rated 8.8, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, ThreatLocker Protect, Datto Endpoint Detection and Response (EDR) and Bitdefender GravityZone EDR. See our CrowdStrike Falcon vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I think both solutions are very good.
https://blog.ithq.pro/sentinel...
I leave you a comparison of this website made by users.
https://www.peerspot.com/produ...
Hi ViJay - Are they open to other solutions as well?