We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The integration, visibility, vulnerability management, and device identification are valuable."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Microsoft 365 Defender is a good solution and easy to use."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"It's very customizable, which is quite helpful."
"The product has huge integration varieties available."
"Stability-wise, I rate the solution a ten out of ten."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The performance is good and it is faster than IBM QRadar."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The Ranger feature is valuable."
"In the past, we were not able to identify a few viruses, but now we are able to identify them because of the machine learning feature."
"We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer."
"The most valuable features are threat hunting, the ability to disconnect or disable a machine's network connection in real time, and the ability to restore the connection once the issue is resolved quickly."
"The most valuable feature of SentinelOne is the EDR functionality. We are protected against threats, such as ransomware."
"The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs."
"When there is an incident, the solution's Storyline feature gives you a timeline, the whole story, what it began with, what it opened, et cetera. You have the whole picture in one minute. You don't need someone to analyze the system, to go into the logs. You get the entire picture in the dashboard. The Storyline feature has made our response time very fast because we don't need to rely on outside help."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"There isn't really a very good user experience. You need a lot of training."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"We'd like to see some more artificial intelligence capabilities."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"As a cloud-based product, there is a minimum number of licenses that need to be purchased, which is unfortunate."
"It is an expensive product."
"One of the areas which would benefit from being improved is the policies. There are still software programs where we need to manually program in the policies to tell the system, "This program is legitimate." Some level of AI-based automation in creating those policies would go a long way in improving the amount of time it takes to deploy the system."
"Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly."
"I'd like to see more documentation."
"One thing I don't like is the exportable report. They're they're not as useful as I'd hoped they would be."
"I would like to see category-based web filtering."
"The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while SentinelOne Singularity Complete is ranked 1st in Extended Detection and Response (XDR) with 176 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and syslog-ng, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.