Try our new research platform with insights from 80,000+ expert users

Deep Instinct Prevention Platform vs SentinelOne Singularity Complete comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Deep Instinct Prevention Pl...
Ranking in Endpoint Protection Platform (EPP)
41st
Ranking in Anti-Malware Tools
16th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
18
Ranking in other categories
No ranking in other categories
SentinelOne Singularity Com...
Ranking in Endpoint Protection Platform (EPP)
3rd
Ranking in Anti-Malware Tools
2nd
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
198
Ranking in other categories
Endpoint Detection and Response (EDR) (2nd), Extended Detection and Response (XDR) (2nd)
 

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Deep Instinct Prevention Platform is 0.7%, down from 0.8% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 4.4%, down from 5.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Elena Yau - PeerSpot reviewer
Prevention, in advance, saves us remediation time
We have a PHI (protected health information) committee, and some of the things that we review on a weekly basis are incidents. For example, if there was malware or adware or some kind of phishing attempt, or even ransomware, we would have to investigate and see if there was any PHI impact. We've seen small things because some kind of adware made its way through the browser from some malicious link, and it's really hard to prevent those. We're putting more levels of filtering around that. There are some product development ideas that we have been working on alongside the DI team, and they've been super helpful. There are definitely a lot more little areas of improvement for the interface. Also, we have talked with the DI team about adding the forensic piece, which is what we do a lot. That would be added value and they've just recently provided more individuals to think about the roadmap. That's part of their strategy and one of the good features that they want to bring on. Hopefully, they can bring that to fruition and that will ease our workflow a little bit more. The additional predictive and prevention capabilities in the 3.0 version, that don't require special rules and configuration, help our organization. The only caveat is that when things get done automatically, I would appreciate more logging of what's happening in the background, if it is doing some kind of intervention. If we need to do some forensics, we should be able to backtrack from the log that gets uploaded to our cloud instance and see, forensically, what the root cause was. We should be able to see what instigated that trigger by DI and what exactly was done. That's a missing piece. It does a good job of preventing, but then we don't know what were the symptoms of the prevention. Let's say that there was like a PowerShell block. We'll see an indicator on the dashboard and we'll look at the logs and investigate. Sometimes we find that the logs that are captured locally on the endpoint itself are not very thorough. We were coached through our training with DI that, when troubleshooting, the DI team would always ask for the logs from the endpoint. We know what we need to do to look at something. But the logging for DI doesn't capture everything. There are some things that are missing. When it comes to root-cause analysis, or kill-chain analysis, and figuring out exactly what happened, it's very hard to do that right now on the product. I have used Carbon Black before and they're pretty good with the forensic analysis. That does save some efforts of my one engineer and myself when we have to go through the PHI committee. Right now, with Di, that feels like a blind spot. Another area for development is making the license clean-up a little bit easier. We always have to manually uninstall agents. If there were some way to remove the licensing and do better license management on the platform, that would help my team as well.
Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Deep Instinct was a strategic complement to our Open XDR platform."
"It has the lowest false-positive ratio that I have come across. I have only had one which was a legitimate file that I had to whitelist. It was for one of the applications I was trying to install and integrate. But the false positive ratio is very low."
"When we were looking at Carbon Black and Sophos, the prevention pieces weren't as strong when compared to DI, which is why we decided to go with DI... I would rather have a product that does the prevention up front and saves me the effort of having to wipe someone's workstation."
"The CPU consumption is low compared to what I have been using in my current environment, which is Sophos. The footprint is a lot smaller, about a quarter of Sophos. It is very small."
"Deep Instinct complements the solutions we already have. You don't need to rip and replace any antivirus or endpoint that you have. It's easy to use and it's easy to have it side-by-side with other solutions. That makes it really easy to have an additional level of protection, rather than to hassle with doing solution migration."
"Its false positives are very low, because the behavior analysis engine double checks them."
"Instead of having features like rollback and after-event actionable stuff, the whole premise and the context of the solution is to actually prevent these malicious attacks from happening to begin with.... The ability to prevent threats is the most appealing aspect. It absolutely, 100 percent helps with real-time prevention of unknown malware. That's the strength of the product."
"I like the dashboard. It looks very simple."
"SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment."
"We love the API. We use it to generate robust reporting, and we also developed tools to perform agent actions remotely without needing to provide all IT staff with console access."
"SentinelOne gives us visibility into various high-level vulnerabilities on every gateway on the network. It helps us prevent vulnerable devices from being compromised. We primarily use Singularity for its EDR functions. We're happy with that."
"It gives you good visibility of any threats or vulnerabilities that you might have on your network."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"The tool's most valuable feature is EDR."
"The best thing SentinelOne has done for us is that it gives us insight into the endpoints. We never had insight into lateral movement threats before. Once a threat known as Qbot gets on the network, it actually spreads throughout sub-networks quickly. SentinelOne has detected that and saved our bacon. We were able to get in there and stop the threat, lock it down, and prevent it from actually spreading through. It would have been 50 or 60 computers. It had spread through in a few minutes. We have a lot of HIPAA data and FERPA data that we need to keep protected."
"Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even what we are not talking from a security standpoint."
 

Cons

"I think it's probably the administration, especially the administration platform, which could be improved in the solution. It's clunky and hard to navigate, especially for inexperienced technicians."
"I am looking forward to them adding Linux in Q1 or Q2 of 2019, as this is often requested by my partners and customers. Currently, Deep Instinct only has Windows, Mac, Android, and iOS."
"If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things, it would be an improvement"
"I would like a little more training for the admins."
"I would love to see a really exceptional, outstanding level of reporting. I know that's like asking for a unicorn to leap out of the sky with any of these products... When everything works, clients began to wonder: "Everything's fine. Why do we need you?" That's where the reporting capabilities would allow us to really demonstrate: "Hey, here's what's actually going on, Mr. Customer.""
"Reporting on incidents needs improvement."
"There's an issue in the installation process where you can't install it unless you disable the built-in Windows Bitdefender antivirus. So, you have to manually disable Microsoft Bitdefender in order to install Deep Instinct. So, that makes it impossible to do a network rollout unless you manually visit each computer, which is ridiculous."
"Some features are too resource intensive."
"The basic functionalities should be up and running even during maintenance windows. I understand that it is a software-as-a-service model, but it becomes a problem if I cannot do anything when issues occur during maintenance."
"There are things that they can do to improve the console or improve the product, and they are making strides in it."
"The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network."
"The compatibility with new legacy systems should be enhanced as other EDR products support these systems, which Singularity does not."
"When SentinelOne Singularity Complete is used as the central hub for viewing alerts from all integrated security solutions, it is challenging to identify the specific solution that triggered each alert."
"SentinelOne needs to improve its endpoint deployment process."
"I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities."
"SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM."
 

Pricing and Cost Advice

"Their pricing is very competitive. It is good, fair, and a lot cheaper than what we were doing with Cylance."
"One thing about their licensing program that I like is that just one covers the server as well as on the endpoint as well as mobile devices. There is no complexity in calculating how many SKUs I need for mobile, for laptop, for desktop, and for servers. It's very simple and that makes it much easier to budget."
"If I include the false positive rate and the detection rate in the comparison, Deep Instinct is worth its price."
"We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive."
"There is a need for customers of the product to pay towards the licensing costs of the tool."
"Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey."
"Pricing and licensing are very straightforward. It's two SKUs, one is for the console and the other is for the client."
"In comparison to the other products out there, it's exceptionally competitively priced. When you consider the lower administrative overhead that it facilitates, it's an absolute value."
"Their pricing was extremely competitive. That is why we stayed with them so long. We are renewing at the end of next month. We have already put in the approval. It is all set to go. We are renewing for another year or so year over year. It has been a very effective product, and it has been priced very competitively."
"It is comparatively cheap in the market and provides a good price point."
"The larger count you have, the deeper discount you will receive in your contract."
"Its pricing is competitive."
"I find the licensing cost for SentinelOne Singularity Complete fair."
"When it came to the price compared to other solutions we tested, SentinelOne Singularity gave us the price of our expectations whereas CrowdStrike could not."
"Its cost is similar to Trend Micro, but the protection is much better."
"The solution is a bit cheaper than CrowdStrike Falcon Pro and more expensive than smaller solutions. Still, it has a pretty reasonable price point, as I appreciate the flexibility SentinelOne Singularity Complete offers."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
849,686 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
22%
Financial Services Firm
11%
Healthcare Company
7%
Manufacturing Company
5%
Computer Software Company
20%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Deep Instinct?
The product offers integration capabilities and is also easy to use.
What is your experience regarding pricing and costs for Deep Instinct?
There is a need for customers of the product to pay towards the licensing costs of the tool.
What needs improvement with Deep Instinct?
The solution's stability is good. If the tool was able to provide fine-tuning capabilities from the product's end depending on the environment of its user, then it would be a good improvement in th...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
 

Also Known As

No data available
Sentinel Labs, SentinelOne Singularity
 

Overview

 

Sample Customers

Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about Deep Instinct Prevention Platform vs. SentinelOne Singularity Complete and other solutions. Updated: April 2025.
849,686 professionals have used our research since 2012.