We performed a comparison between Crowdstrike Falcon and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, SentinelOne seems to be a slightly superior solution. All other things being more or less equal, our reviewers found Crowdstrike Falcon to be expensive, and some reviewers also felt that its technical support could be improved.
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"Microsoft 365 Defender is simple to upgrade."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"Microsoft Defender XDR is scalable."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"We have seen a reduction to the performance hit to our operating systems."
"The most valuable feature is its threat analysis."
"The features I like the most are the response time and the dashboard are both excellent."
"The initial setup is very simple."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"I have been a Mac guy for twenty years, and the feature parity and the capabilities of a Macintosh agent are unparalleled in the industry. It is the first anti-malware and antivirus that does not make you feel that you bought the wrong processor. It is really good and lightweight."
"We are able to write some custom rules on SentinelOne."
"I really like deep visibility. Deep visibility is one of the coolest features of almost any tool that we use. The breadth of data that is collected there is valuable, and it gives us the ability to search back through literally tons of data going back a specific period of time."
"The threat detection and prevention capabilities are valuable, providing development programming support that enables us to perform fair investigations."
"The product can scale."
"The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory."
"The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use."
"We collect a lot of telemetry from Singularity Complete."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The logs could be better."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The data recovery and backup could be improved."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"Unfortunately, native applications are not supported."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"CrowdStrike should add support for ransomware protection."
"CrowdStrike Falcon needs to improve their host management system."
"The overall cost of CrowdStrike Falcon could be reduced."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"They should provide us with good visibility for everything."
"There is not much flexibility in terms of policy fine-tuning. We can turn it off or turn it on, but, there's nothing much else to do. Everything is predefined. It's good in a way, but you don't get much flexibility if you want to do something particular."
"We have had cases where Singularity Complete has caused applications to malfunction."
"Communication and documentation could be improved."
"It can be a little daunting at first. With the deep visibility feature, if I had more insights into how to troubleshoot things better, that would be helpful. Their documentation could be a lot better. It could be more in-depth."
"It's good on Linux, and Windows is pretty good except that the Windows agents sometimes ask for a lot of resources on the endpoints. That could be in the fine-tuning for scanning. In Mac, they are complaining about the same problems, that it's using a lot of resources, but that could also be that we have to configure what it is scanning and what it should not scan. Currently it scans everything."
"They should train their own people so that they can train us better. The theory is good."
"I am not a fan of the UI and feel it has room for improvement."
"The channel policy has room for improvement."
More SentinelOne Singularity Complete Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 104 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. CrowdStrike Falcon is rated 8.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, ThreatLocker Protect, Datto Endpoint Detection and Response (EDR) and Bitdefender GravityZone EDR. See our CrowdStrike Falcon vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I think both solutions are very good.
https://blog.ithq.pro/sentinel...
I leave you a comparison of this website made by users.
https://www.peerspot.com/produ...
Hi ViJay - Are they open to other solutions as well?