CrowdStrike Falcon vs SentinelOne Singularity Complete comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Mar 17, 2022

Categories and Ranking

Microsoft Defender XDR
Ranking in Endpoint Detection and Response (EDR)
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Microsoft Security Suite (1st)
CrowdStrike Falcon
Ranking in Endpoint Detection and Response (EDR)
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd)
SentinelOne Singularity Com...
Ranking in Endpoint Detection and Response (EDR)
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (2nd), Anti-Malware Tools (2nd)

Mindshare comparison

As of June 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender XDR is 8.4%, up from 0.9% compared to the previous year. The mindshare of CrowdStrike Falcon is 17.4%, up from 14.6% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 7.5%, down from 12.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
Unique Categories:
Extended Detection and Response (XDR)
Microsoft Security Suite
Endpoint Protection Platform (EPP)
Anti-Malware Tools

Q&A Highlights

Vijay Mohan - PeerSpot reviewer
May 10, 2023

Featured Reviews

Brian Mulambuzi - PeerSpot reviewer
May 14, 2024
Helps improve our visibility, our security posture, and defends against advanced threats
Microsoft Defender XDR provides a unified identity and access management platform. It does a good job with identity protection. Including identity and access management within Defender XDR is valuable because it streamlines our organization's security by consolidating multiple tools into one. This eliminates the need to manage and pay for separate solutions and licenses, simplifying our security posture. Microsoft Defender XDR has improved our visibility, making us more efficient by providing threat details and remediation steps as well as improving our security posture. It safeguards our organization by preventing advanced threats like ransomware and business email compromise, along with stopping lateral movement within our network that could enable attackers to spread and gain wider access. It includes the ability to stop attacks and adapt to evolving threats. This is an important feature for us. We have been enabled to discontinue using Microsoft Sentinel. Microsoft Defender XDR helps save costs through the licensing for businesses which is around $20 each and helps save time for our security team.
Chintan-Vyas - PeerSpot reviewer
May 29, 2022
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.
Maxwell Essuman. - PeerSpot reviewer
Jan 17, 2024
Is user-friendly, easy to integrate, and extremely stable
The interoperability of SentinelOne Singularity Complete is one of the key features. I integrated SentinelOne Singularity Complete with another solution for a customer and it was seamless. SentinelOne Singularity Complete integrates well with my existing security solutions and provides effective data correlation. While our company has a smaller security stack, the larger customers who've incorporated Singularity across their entire security infrastructure have experienced seamless integration. It streamlines our security posture by consolidating disparate solutions into a unified platform. This eliminates the need to navigate siloed interfaces for attack visibility, while automated response capabilities minimize the manual effort required for mitigation. I sold the Ranger functionality to a customer who is an ISP and needed more network visibility. Customers appreciate the ease of use of SentinelOne Singularity Complete's Ranger functionality, as it doesn't require installing new agents, or hardware, or making network changes. SentinelOne Singularity Complete provides us with the confidence of knowing we're protected when connecting to external networks. Its user-friendly interface and seamless integration enable us to easily add more security features as our needs evolve, without incurring significant costs. The number of alerts has been reduced. We used to get a lot of false positives and the solution has reduced our alerts by over 60 percent. By quietly resolving most issues in the background, SentinelOne Singularity Complete frees up our time for other projects and tasks. This way we don't have to call our support team and we don't lose any productivity. We can save around four hours a day when an issue is detected. Our MTTD has been drastically reduced by SentinelOne Singularity Complete to less than 30 seconds. Our MTTR has been reduced thanks to the automated AI response from SentinelOne Singularity Complete. What we do after that is use the insights provided by the endpoints and the management console to help guide the client on what steps should be taken moving forward. Switching to SentinelOne Singularity Complete significantly reduced our security costs. Previously, our solution was both expensive and insufficient for our needs. By moving to SentinelOne, we achieved a 40 percent cost saving. Additionally, we benefitted from time savings and increased productivity, further contributing to our overall cost reduction. SentinelOne Singularity Complete has helped to reduce our organizational risk by over 70 percent.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"I like Defender XDR's reports and alerts. They give you updates about the latest hotfixes and zero-day vulnerabilities, which gives me all the information I need to maintain my servers."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The integration between all the Defender products is the most valuable feature."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The initial setup is a very fast process."
"I like the Overwatch feature the most."
"The UI is simple and self-explanatory. Everything is easy to understand."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"We haven't had any infections or down time."
"The detection is very reliable. Also, OverWatch is a great feature."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday."
"The most valuable feature of this solution is the user-friendly interface."
"It is easy to collect and retain logs with SentinelOne."
"It provides network and asset visibility for us."
"It has helped to reduce our organizational risks."
"The user interface, ease of maintenance, and the efficient way to identify the root cause of an incident to see all the factors that contributed to it are the most valuable features."
"Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked."
"I like that SentinelOne doesn't use a lot of system resources or make the system slow. It also performs a full scan quickly—within two hours. It has an easy-to-use end-user GUI."


"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The support team is not competent or responsive."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The web filtering solution needs to be improved because currently, it is very simple."
"There could be a way to proactively monitor unusual activity ."
"CrowdStrike should add support for ransomware protection."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time."
"They don't really have anything when it comes to scanning attachments."
"The product could be more accurate in terms of performance."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"This solution could be improved with greater scope for admins to make changes to the solution."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"The ease of use can be better in Deep Visibility. It is not always the easiest. If I have not been in there in the Deep Visibility module for a long time, I do not always find it that easy to use. I tend to go and have to consult the help quite often if I have not been in there a long time."
"I would like SentinelOne to add a threat-hunting report and more UEBA features. They could add more SIEM functionality. It would be nice to have the ability to easily drag all the logs from the agents, so there's no need for multiple agents installed on the endpoint."
"One thing I don't like is the exportable report. They're they're not as useful as I'd hoped they would be."
"SentinelOne should include Ranger Pro out of the box with Singularity Complete."
"This solution would be more attractive to customers if the price were lower."
"We'd like SentinelOne to upgrade automatically. It doesn't automatically update the agent if some system has an older version of the SentinelOne. It has to be triggered from the console."
"The only problem I have is they don't manually review the threat files. That's the only thing I'm concerned about."
"SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance."

Pricing and Cost Advice

"Microsoft Defender falls within a mid-tier price range compared to other security solutions."
"While the standalone price of Defender XDR might seem high, its value becomes clear when considering the ease of implementation and smooth integration with our existing Microsoft infrastructure, especially when bundled with other Microsoft products."
"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."
"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
"Its licensing and pricing are handled by someone else. My role is limited to incidents or issues with the portal, but you get what you pay for. It is worth the cost."
"The price of the solution is high compared to others and we have lost some customers because of it."
"The solutions price is fair for what they offer."
"CrowdStrike Falcon's price is good."
"CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team."
"There are approximately a hundred different modules you have to purchase, depending on what you want to do. I have most of the modules. How it works is you buy the portfolio, you have to decide all the components you want in it, and then they price out a bundle for you. I have almost all of the package features in my bundle. You only need to pay for the modules you want."
"The pricing on CrowdStrike is per license. It was about $42 per seat yearly."
"Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business."
"This solution has a very competitive price."
"I am not aware of the price, but I believe that it is among the most expensive XDRs out there. Of course, this is dependent on the features you choose. Depending on the features, the price might increase."
"The solution isn't very costly; it's affordable."
"Its pricing is competitive."
"The pricing level for this service and application was very interesting for us. I don't know exactly what the price was, but apparently it was a big surprise that the SOC was also included in our pricing model."
"I rate Singularity Complete four out of 10 for affordability. SentinelOne costs more than traditional antivirus solutions, but we get more out of it. It hasn't saved us any money, but it's an EDR solution, so we get a lot of value from it."
"The tool's price is reasonable."
"The cost of Singularity Complete is similar to our previous solution but it comes with additional options such as Kubernetes integration."
"It is very affordable and easy to license, and it allows us to onboard new analysts quickly, with a turnaround time of one day at most."
"The pricing was very similar in terms of its competitors, but I believe SentinelOne's capability and willingness to attract new business allowed us to save some extra money."
"It is very competitive with other solutions that are on the market. At least the last time we renewed, it was very competitive."
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
789,728 professionals have used our research since 2012.

Answers from the Community

Vijay Mohan - PeerSpot reviewer
May 10, 2023
May 10, 2023
You should do a test with both solutions for your client. Technically both solutions should perform very well but no one can tell which platform is more "you". That said, the main difference is Overwatch where security staff from CrowdStrike does some threat hunting on your tenant (and that is pricey because there are actual persons doing something for you). S1 does that kind of work only in th...
2 out of 3 answers
May 8, 2023
Hi ViJay - Are they open to other solutions as well?
Iñaki Martinez Urricelqui - PeerSpot reviewer
May 9, 2023
I think both solutions are very good. I leave you a comparison of this website made by users.

Top Industries

By visitors reading reviews
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Manufacturing Company
Financial Services Firm

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...
What needs improvement with Microsoft 365 Defender?
Just like in any solution, the price can always be cheaper.
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What do you like most about SentinelOne?
The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers m...

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
CrowdStrike Falcon, CrowdStrike Falcon XDR
Sentinel Labs, SentinelOne Singularity



Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about CrowdStrike Falcon vs. SentinelOne Singularity Complete and other solutions. Updated: June 2024.
789,728 professionals have used our research since 2012.