Try our new research platform with insights from 80,000+ expert users

Darktrace vs SentinelOne Singularity Complete comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 4, 2022
 

Categories and Ranking

Darktrace
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
8.2
Number of Reviews
70
Ranking in other categories
Email Security (11th), Intrusion Detection and Prevention Software (IDPS) (1st), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), AI-Powered Chatbots (3rd), Cloud Security Posture Management (CSPM) (14th), Cloud-Native Application Protection Platforms (CNAPP) (11th), Attack Surface Management (ASM) (2nd)
SentinelOne Singularity Com...
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.8
Number of Reviews
184
Ranking in other categories
Endpoint Protection Platform (EPP) (2nd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (3rd)
 

Featured Reviews

ADITYA KAUSHIK - PeerSpot reviewer
Aug 22, 2024
Provides extensive information on data exfiltration but lacks notification capabilities
Darktrace needs significant improvement in its notification capabilities. While it does notify administrators, the old approach of having admins directly police users is outdated. Users now prefer automated, impersonal responses rather than being confronted by IT staff, which can lead to concerns about privacy violations. We've requested Darktrace to develop a feature that notifies users directly when it detects potential data exfiltration. Darktrace doesn't differentiate between personal and work data uploaded to Google Drive or OneDrive. It flags it as exfiltration and expects the IT team to investigate further. Human policing is a thing of the past; what’s needed now are automated responses, user awareness, and behavior warnings, areas where Darktrace falls short. In contrast, Egress, an email security solution, excels in this regard. It intuitively detects potential risks, even flagging first-time email recipients and integrating data classification. We’ve encouraged Darktrace to adopt this level of functionality, transforming it from just identifying exfiltration to a more comprehensive data leak prevention tool. However, as of now, Darktrace is still limited to identifying when a node is transferring data without distinguishing the nature of that data. Darktrace could improve by enabling user heat maps or risk profiles, a feature that many other EDR and cybersecurity products already effectively provide. It would be beneficial for us if they could offer this functionality without requiring the purchase of an additional email security solution. On the plus side, Darktrace integrates with CrowdStrike, allowing it to monitor CrowdStrike agent actions. This integration helps us achieve a unified view of our security landscape since we route Darktrace, CrowdStrike, FortiGate, and other tools through SecureWorks, our centrally managed security platform.
Asim Naeem - PeerSpot reviewer
Aug 9, 2024
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The platform has many modules, and each module examines a different situation in the behavior."
"We liked their approach to identifying intrusions or network anomalies using AI."
"Technical support is helpful and responsive."
"I find the complete portfolio to be excellent."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"The product can scale."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"The product can scale as needed."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"We have had very few false positives or false negatives, which allows our analysts to focus on their work instead of dealing with noise."
"It's effectively helped to reduce organizational risk."
"Another valuable feature is that if a machine is infected, one that may infect other computers within the network, we have the capability of segregating that machine in the network so that it remains connected to the internet but is cut off from the other machines in the network. That helps prevent spreading of the infection. That's a very unique feature, one I have not seen in the last 10 to 15 years from any other antivirus program. That's amazing."
"We are able to write some custom rules on SentinelOne."
"The most valuable features of SentinelOne are the endpoint detection of threats, and it does not only rely on signatures for detection."
 

Cons

"The solution would benefit from automation. Currently, you have to know what you are searching for."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"The initial setup is more complex and time-consuming than some solutions."
"Darktrace does not have any capabilities to configure."
"Darktrace needs significant improvement in its notification capabilities."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"Needs to improve its collaboration with local partners."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."
"When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools."
"The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."
"One of the areas which would benefit from being improved is the policies. There are still software programs where we need to manually program in the policies to tell the system, "This program is legitimate." Some level of AI-based automation in creating those policies would go a long way in improving the amount of time it takes to deploy the system."
"SentinelOne Singularity Complete offers competitive pricing, but there's always potential for even better value."
"Some of the reports that are exported through SentinelOne can be complicated for people who are not IT professionals. For example, we have some people within our leadership who would like to know why we are spending so much money on their product, and one of the ways that we are able to do that is through reports. Some of those reports are pretty easy to understand, and some of them are very complicated. Because they are not IT or security professionals, they may not have the same grasp. I wish their reporting feature was a little better."
"My biggest complaint is that when you're logged into the console there is the Help section where you can review all the documentation. But when you log in to the support portal, there is documentation there as well. They need to sync those two into one place so that I don't have to search in two different locations for an answer."
"The improvement could be in terms of reducing more noise and continuing to cut that down. AI seems to be the big thing with Purple. We are excited to get our hands on that."
 

Pricing and Cost Advice

"The pricing is expensive. It costs over $100,000 a year."
"Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year."
"The tool's pricing is costly."
"In the ballpark, we're talking about $30K, $50K, and up. It can even be as much as $50K or $100K."
"The cost of the solution is expensive for smaller businesses. They will not be able to afford it or might not need this type of security solution."
"When it comes to large installations, it can be expensive, but for small accounts it's fine."
"It is expensive. I don't have the price for other competitors."
"We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once. Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution."
"I believe the retail pricing, or MSRP, is a bit high."
"I find the licensing cost for SentinelOne Singularity Complete fair."
"There are cheaper options out there that I know are not as effective. I have administered several of them, not for this organization but for others. The thing I like about SentinelOne is that I know that if it raises an alert, it is worth looking at, so we are not dealing with a lot of false positives. It is rare."
"The pricing for SentinelOne Singularity Complete is competitive."
"When we were checking out different platforms, we did get a price from Microsoft, and it was unreasonable. SentinelOne was definitely reasonable and worth the money."
"It is very competitive with other solutions that are on the market. At least the last time we renewed, it was very competitive."
"SentinelOne Singularity Complete is reasonably priced."
"The pricing is comparable with other vendors but some customers find it a bit costly."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
800,905 professionals have used our research since 2012.
 

Answers from the Community

NC
Mar 23, 2022
Mar 23, 2022
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organizations who have limited security resources but still need deep insights into threats and network intrusions. Darktrace also has an invaluable feature that produces weekly reports. A unique feature ...
2 out of 7 answers
Janet Staver - PeerSpot reviewer
Oct 28, 2021
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organizations who have limited security resources but still need deep insights into threats and network intrusions. Darktrace also has an invaluable feature that produces weekly reports. A unique feature Darktrace has to its name is its use of artificial intelligence for cybersecurity and machine learning capabilities. Darktrace is able to successfully detect threats over networks before it's even possible for them to spread. In addition, it notifies you with all the threat details. Although Darktrace is geared toward smaller-sized organizations, it does come with a hefty cost. The cost increases as the number of products that need to be monitored increases. SentinelOne is a great product and effective for mitigating threats. It allows you to have granular control over your environments and your endpoints. SentinelOne has a central management console. It also provides insight into lateral movement threats, by gathering data from anything that happens to be related to the security of an endpoint. Another SentinelOne feature that’s fantastic is their one-click automation remediation, along with rollback for restoring an endpoint, which can often be very helpful. SentinelOne is also known for its ability to decrease incident response time and has deep visibility that comes in handy quite often. However, the dashboard design isn’t wonderful. In contrast to Darktrace though, SentinelOne is efficient because minimal administrative support is required, and it offers a lot for a solution that is cost-effective. Conclusion While both SentinelOne and Darktrace boast many beneficial features, one outweighs the other when it comes to price. If Darktrace is within your budget, I would recommend it. But if not, SentinelOne is a great solution that makes a lot of sense.
BH
Nov 5, 2021
An easy answer for me - pretty much exactly what @Janet Staver described.  DT was a good east-west network traffic tool that could tell you all about communications between systems (think NDR) but limited capacity, expensive boxes, that we outgrew.  S1 is an endpoint tool with deep inspection, a central console, and is cost-effective.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
7%
Government
7%
Computer Software Company
19%
Manufacturing Company
7%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
What do you like most about SentinelOne?
The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.
What is your experience regarding pricing and costs for SentinelOne?
We do not encounter a lot of issues with the pricing of SentinelOne. The pricing is reasonable. The solution offers a standard licensing fee.
 

Also Known As

No data available
Sentinel Labs, SentinelOne Singularity
 

Overview

 

Sample Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Darktrace vs. SentinelOne Singularity Complete and other solutions. Updated: July 2024.
800,905 professionals have used our research since 2012.