Darktrace vs SentinelOne Singularity Complete comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Apr 4, 2022

We performed a comparison between Darktrace and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both of these solutions tell us the deployment is straightforward and very simple.
  • Features: Users like Darktrace’s Antigena feature: it very quickly learns what “normal” looks like in an environment and will block anything that doesn’t belong. Darktrace can detect problematic IPs from the outside and stop attacks on the inside. Users like the Dynamic Threat Dashboard, which lists all threats and rates them, giving a clear perspective on which threats need immediate attention. Darktrace has an app that allows for mobile monitoring and viewing of information live in real time. However, many users feel endpoint protection is somewhat lacking from Darktrace. It does not react to triggers or outcomes on the device, which is problematic for businesses with large teams working remotely. The dashboards and reporting can be complicated to understand for a non-technical person and reviewers feel it should be more customizable so that recipients only see information pertinent to their role in the business.

    Users of SentinelOne appreciate that it offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is note-worthy. Sentinel One works inconspicuously in the background, continually providing protection. It has an automated active EDR that will not only find issues but can fix them. Some users feel there seem to be some applications that do not function properly when SentinelOne is installed, yet when SentinelOne is removed they work as expected. Users would like to be able to make the reporting more customizable.
  • Pricing: Users consistently feel that both solutions are costly.
  • Service and Support: Users for both of these solutions feel the service they receive is excellent. They say that both solutions provide service that is fast, professional, and extremely knowledgeable.

Comparison Results: Based on our users’ reviews, we would conclude that SentinelOne is a stronger, more secure solution than Darktrace. Reviewers say that SentinelOne offers a deeper and more thorough level of security. Additionally, SentinelOne provides equal protection across Windows, Linux, and macOS. It can also support legacy infrastructure as well as newer environments. The single-pane feature helps protect numerous endpoints with a very lean team, saving time and money.

To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: March 2023).
685,707 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The models, triggers, and alerts are customizable.""The most valuable feature is that it works autonomously.""I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.""I like the Antigena feature in Darktrace, as it offers immediate response and is helpful.""I find the complete portfolio to be excellent.""One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself.""The most valuable feature is that it gives us visibility of rogue traffic that is on the network.""The initial setup is simple."

More Darktrace Pros →

"We find the solution to be scalable.""I like that SentinelOne doesn't use a lot of system resources or make the system slow. It also performs a full scan quickly—within two hours. It has an easy-to-use end-user GUI.""It has saved us from a couple of ransomware attacks already.""SentinelOne is the next-generation EDR solution.""I was extremely happy with their technical staff. The solution's tech support is top-notch. They have some really good engineers on their team.""The most valuable features of SentinelOne are the endpoint detection of threats, and it does not only rely on signatures for detection.""SentinelOne is preferred because of its great features and nominal cost.""The solution is extremely stable."

More SentinelOne Singularity Complete Pros →

Cons
"The solution could be easier to use.""The cost is a bit on the higher side.""I would like to see some additional enhancements.""Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking.""I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools.""This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious.""There is a high ratio of false positive information.""Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."

More Darktrace Cons →

"SentinelOne's performance and the accuracy of its incident filtering could be improved.""An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation.""SentinelOne's phishing feature could be improved.""We need to analyze the threats and make decisions based on that, so the analytics could be better at analyzing exactly where the threats are coming from.""The solution should include USB blocking for specific machines.""All is good for now, but we cannot rest, and continuous development - in particular with regard to the areas of automation, machine learning, and artificial intelligence - is required to keep ahead of the cybercriminals.""I would like to see the reports from SentinelOne more customizable, as there are very few options.""The delay in updating inventory is ten minutes. If it can be improved, it will help a lot."

More SentinelOne Singularity Complete Cons →

Pricing and Cost Advice
  • "The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
  • "It was $3,600 a month or $2,000 plus or so. I am not sure. Its licensing is pretty simple."
  • "It's an expensive solution."
  • "It is pretty expensive, but it is worth it. Its licensing is yearly."
  • "The cost of the solution is expensive for smaller businesses. They will not be able to afford it or might not need this type of security solution."
  • "If you consider the features and the cost of market leaders, we are satisfied with the pricing."
  • "All of the other modules, such as the licensing modules, are on par. It's one for one."
  • "The pricing is expensive. It costs over $100,000 a year."
  • More Darktrace Pricing and Cost Advice →

  • "The licensing is comparable to other solutions in the market. The pricing is competitive."
  • "The pricing is very reasonable."
  • "Its price can be lower because I'm seeing competition from another vendor who beats it on commercials."
  • "The pricing of the solution seems reasonable, we got a discount but it still seems reasonable. The licensing cost is $3 to $4 per endpoint and can be paid monthly or yearly, with the price changing according to commitment."
  • "Just buy the Capture Client and buy the installer itself in a license of 100,000, or whatever is needed. You don't need to invest in any management tools because they are already installed, and maintenance from the client will keep everything up and running."
  • "Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender. Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one."
  • "SentinelOne can cost approximately $70 per device."
  • "Its cost is yearly. It is not much costlier than other leading products available in the market. I would rate it a four out of five in terms of pricing."
  • More SentinelOne Singularity Complete Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
    685,707 professionals have used our research since 2012.
    Answers from the Community
    Netanya Carmi
    William Munroe - PeerSpot reviewerWilliam Munroe
    Vendor

    You should not compare SentinelOne to Darktrace - they solve completely different problems. These types of questions show the ongoing challenges in cybersecurity. As written below, SentinelOne is an Endpoint Detection and Response tool. It is to protect a laptop or workstation from an attack. EDR is a core requirement for cyber defense.


    Darktrace is a network detection and response tool. NDR tools detect attacks occurring against the network. NDR is also a core requirement for cyber defense.


    Regardless of the quality of either tool, you need to cover both your endpoint and your network. So if you decide one is better and choose it, you remain vulnerable to attack. 


    Cover your endpoint only, and I am going to hit you with an attack on your network. Cover your network only, and I will get you via an endpoint.


    EDR tools - SentinelOne, Cybereason, CrowdStrike, Carbon Black to name a few.


    NDR tools - Darktrace, Vectra, ExtraHop, Cyglass to name a few.


    Comparisons of these tools by category would be more valuable.

    ITSecuri7cfd - PeerSpot reviewerITSecuri7cfd (IT Security Coordinator at a healthcare company with 10,001+ employees)
    Real User

    An easy answer for me - pretty much exactly what @Janet Staver described. 


    DT was a good east-west network traffic tool that could tell you all about communications between systems (think NDR) but limited capacity, expensive boxes, that we outgrew. 


    S1 is an endpoint tool with deep inspection, a central console, and is cost-effective.

    reviewer1815327 - PeerSpot reviewerreviewer1815327 (User)
    User

    I have done a POC with Darktrace three different times at different orgs.  


    They are actually a borderline scam company. On each POC, I set up tests that even a free install of Suricata could detect. DT failed to detect anything in each case.  


    The other thing is that they call their alerts breaches. This is a BAD idea and they would not listen to reason on this. They will send out young, good-looking salespeople, but by the time you are done with your POC, they will be gone and replaced by someone else.  


    Their sales engineers are too young to have any experience with a security issue you may be dealing with. And I suspect after a few POCs they see that this does not work, at all, and leave!  Stay away from Darktrace!

    reviewer1364232 - PeerSpot reviewerreviewer1364232 (IT Manager at a construction company with 201-500 employees)
    Real User

    You can't compare these two solutions - they are different. 


    SentinelOne is an EDR similar to known EDRs (Sophos, Sandblast, CrowdStrike, Palo Alto XDR, etc.). 


    You need an agent to install to the endpoint to manage. You can integrate via API if you want to integrate to existing networks like Clearpass and micro-segmentation software like Guardicore. 


    Darktrace is an AI-based tool to analyze traffic for known cyber threats from the network level without any agent. Either mirror the port or redirect traffic from VLAN to the Darktrace sensor. The sensor notifies you if any devices are newly discovered to the network, or new users access the particular device. You can block that traffic or device to mobile devices or web UI. In addition, Darktrace also has a module to integrate to SaS like the Office365 email.

    Nicholas Arraje - PeerSpot reviewerNicholas Arraje
    Vendor

    Both @Janet Staver ​and @ITSecuri7cfd are spot on.  


    As a security vendor, like ITSecuri7cfd points out, one tool is for the endpoint and one tool is for the network side.  


    If you looking for an EDR tool, you should look to compare solutions from Carbon Black, Crowdstrike, etc.  


    As for Darktrace, they are classified as an NDR tool. Within the NDR market, there are essentially 2 types of solutions; tools for smaller organizations that have limited resources and tools that are designed for organizations that have SOC teams that need better visibility and data. 


    If you want to learn more about NDR solutions in general we have written an ebook called "What to look for in an NDR platform": https://bricata.com/wp-content...

    Questions from the Community
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for… more »
    Top Answer:I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to… more »
    Top Answer:SentinelOne is hands down my recommended solution. SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack. Please contact me at… more »
    Top Answer:The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.
    Ranking
    Views
    49,506
    Comparisons
    31,006
    Reviews
    31
    Average Words per Review
    428
    Rating
    8.5
    2nd
    out of 57 in Anti-Malware Tools
    Views
    69,465
    Comparisons
    40,835
    Reviews
    53
    Average Words per Review
    605
    Rating
    8.6
    Comparisons
    Also Known As
    Sentinel Labs, SentinelOne Singularity
    Learn More
    Overview

    Darktrace is a world leader in Autonomous Cyber AI and offers several different desirable tools available to provide a wide array of outstanding support and superior threat security. Darktrace works with many different popular solutions, such as Microsoft 365, Azure, AWS, and many more.

    Darktrace offers many different products to keep every type of business enterprise safe.

    Darktrace’s Enterprise Immune System is uniquely designed to learn the status quo of your operating system and is thereby quickly able to discover any anomalies, abusive behavior, and potential cyber threats and stop them immediately before there is any threat to your organization. With Darktrace’s Enterprise Immune System, you have complete transparency across your entire operational system. Darktrace utilizes intuitive self-learning to discover potential new known attacks externally and also locate any internal threats. Darktrace is intuitively self-adapting and will quickly learn the best way to keep your critical systems safe at all times, even as your business changes and grows.

    Darktrace offers an Industrial Immune System, which is specifically designed to understand the unique technologies of industrial systems and aggressively protect the integrity and durability of those ecosystems. You will get full transparency of OT, IT, and industrial IoT.

    Darktrace Antigena combines the best of the Autonomous Response technology to keep your enterprise ecosystems safe at all times. Darktrace Antigena has the decision-making ability to easily identify suspicious behavior and can stop in-progress threats such as cyber-attacks, ransomware, and threats to your cloud or proprietary infrastructure. Darktrace Antigena will provide protection to keep your systems safe and avoid any downtime or negative impact on your organization's productivity.

    Darktrace Cyber AI Analyst works as an investigative solution that instantly rates, interprets, and reports on the entire range of potential security threats. Darktrace Cyber AI Analyst uses an intuitive analysis process to investigate 100% of all potential threats. Each and every threat is rated and a response plan is created to direct your teams on the best possible course of action needed to immediately resolve the issue. Darktrace AI Analyst also handles Zero-day malware and ransomware. The automated threat investigation can work faster to develop a plan, follow issues, and investigate than any human component. Darktrace AI will save time and money by adding an additional supplemental layer of security to your organization.

    Darktrace provides outstanding enterprise-wide cyber defense to more than 5,500 organizations worldwide that rely on Darktrace daily to keep their business ecosystems running at maximum efficiency and productivity without any unplanned downtime within the overall business operation. Darktrace has a super-fast, machine-speed defense supported by the unique Autonomous Response that can take some of the pressure off of your security team and at the same time mount an aggressive fightback continuing to develop a safer defense every day.

    Reviews from Real Users

    Imad A., Group IT Manager at a manufacturing company, says, “"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."

    A Security Engineer at a real estate/law firm states, "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."







    SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.

    SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels of security and varied payment options. SentinelOne works well with Linux, Windows, and MacOS, and can successfully support legacy infrastructures as well as the newer popular environments, including the latest operating systems. The single pane of glass management will save time and money by reducing manpower and ensuring comprehensive security protection of all your endpoints locally and worldwide.

    SentinelOne offers intensive training and support to meet every organization’s unique business needs.

    SentinelOne's levels of services and support include, but are not limited to:

    SentinelOne GO is a guided 90-day onboarding service to ensure successful deployment and success. It assists with the deployment planning and overview, initial user setup, and product overviews. It provides ongoing training and advisory meetings, ensuring that everything is set up correctly and that your team understands the appropriate protocols to ensure success.

    SentinelOne offers multi-tiered support based on your organizational needs from small business to enterprise, using their Designed Technical Account Management (TAM). They have support for every business level: Standard, Enterprise, and Enterprise Pro. SentinelOne is always available to ensure that you and your organization work together to minimize the risk of downtime and any threat exposure.

    Threat Hunting & Response Services

    Support for threat hunting and response include Watch Tower, Watch Tower Pro, Vigilance Respond, and Vigilance Respond Pro. Each of these services builds on the other, progressively adding features based on your organizational needs.

    Watch Tower: This is the entry-level plan and includes: Active campaign hunting and cyber crime alerts and course correction for potential threats, access to the Monthly Hunting & Intelligence Digest.

    Watch Tower Pro: Includes everything in WatchTower and customized threat hunting for all current & historical threats, unlimited access to Signal Hunting Library of Pre-Built Queries, Incident-Based Triage and Hunting, continuous customer service, followup and reporting, a Security Assessment, and quarterly Cadence meetings.

    Vigilance Respond: Includes all of the features of Watch Tower in addition to a security assessment and Cadence meetings, which are on-demand. Provides the features of Watch Tower Pro in addition to 24x7x365 monitoring, triage, and response.

    Vigilance Respond Pro: Includes all of the features of the above options, including a security assessment and quarterly cadence meeting as well as a complete digital forensic investigation and malware analysis.

    Reviews from Real Users

    Jeff D. who is an Operations Manager at Proton Dealership IT, tells us that "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

    "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring." relates Rae J., Director IR and MDR at a tech services company.

    Offer
    Learn more about Darktrace
    Learn more about SentinelOne Singularity Complete
    Sample Customers
    Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol
    Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
    Top Industries
    REVIEWERS
    Financial Services Firm17%
    Computer Software Company15%
    Healthcare Company7%
    Government5%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider11%
    Government7%
    Financial Services Firm7%
    REVIEWERS
    Computer Software Company13%
    Manufacturing Company11%
    Healthcare Company11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider10%
    Government6%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise22%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    REVIEWERS
    Small Business41%
    Midsize Enterprise26%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business34%
    Midsize Enterprise19%
    Large Enterprise47%
    Buyer's Guide
    Intrusion Detection and Prevention Software (IDPS)
    March 2023
    Find out what your peers are saying about Darktrace, Check Point, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: March 2023.
    685,707 professionals have used our research since 2012.

    Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 34 reviews while SentinelOne Singularity Complete is ranked 2nd in Anti-Malware Tools with 55 reviews. Darktrace is rated 8.4, while SentinelOne Singularity Complete is rated 8.6. The top reviewer of Darktrace writes "Advanced Cybersecurity Artificial Intelligence, plenty of features, and impressive threat detection". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides deep visibility, helpful and intuitive interface, effectively prevents ransomware attacks ". Darktrace is most compared with CrowdStrike Falcon, Cisco Secure Network Analytics, Vectra AI, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas SentinelOne Singularity Complete is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Sophos Intercept X, Bitdefender GravityZone Ultra and Cortex XDR by Palo Alto Networks.

    We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.