Try our new research platform with insights from 80,000+ expert users

ExtraHop Reveal(x) 360 vs SentinelOne Singularity Complete comparison

ExtraHop Networks and SentinelOne are both solutions in the Extended Detection and Response (XDR) category. ExtraHop Networks is ranked #39, while SentinelOne is ranked #2 with an average rating of 9.0. ExtraHop Networks holds a 0.9% mindshare in XDR, compared to SentinelOne’s 5.8% mindshare. Additionally, 100% of ExtraHop Networks users are willing to recommend the solution, compared to 98% of SentinelOne users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 6,006 Comparison Views
96% willing to recommend
ExtraHop Reveal(x) 360
Read 3 ExtraHop Reveal(x) 360 reviews
  • 1,550 Views
  • 698 Comparison Views
100% willing to recommend
SentinelOne Singularity Com...
Read 214 SentinelOne Singularity Complete reviews
  • 22,393 Views
  • 7,166 Comparison Views
98% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

SentinelOne Singularity Complete and ExtraHop Reveal(x) 360 are leading solutions in cybersecurity. SentinelOne seems to have the upper hand in customer satisfaction, simplicity in pricing, and rapid support, while ExtraHop's compelling feature set is ideal for those prioritizing advanced capabilities.

Features: SentinelOne's strengths lie in its autonomous threat response, efficient endpoint protection, and rapid threat mitigation. ExtraHop provides real-time network threat detection, comprehensive visibility, and detailed analytics.

Room for Improvement: SentinelOne users look for enhanced integration options, more detailed reporting tools, and improved UI performance. ExtraHop users desire a more streamlined setup, better detection algorithms, and quicker system updates.

Ease of Deployment and Customer Service: SentinelOne is known for straightforward deployment and responsive customer service. ExtraHop might need more effort during setup, but its customer service is proficient and reliable.

Pricing and ROI: SentinelOne users enjoy transparent pricing and a quick ROI, emphasizing its value for money. ExtraHop's pricing is seen as high, but users find it justified by its comprehensive features, recognizing a substantial ROI over time.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete Report (Updated: February 2026).
Buyer's Guide
ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete
February 2026
Download the complete report
Helped 884,976 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Endpoint Detection and Response (EDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
ExtraHop Reveal(x) 360
Ranking in Extended Detection and Response (XDR)
39th
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
3
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (24th), Container Security (49th), Network Traffic Analysis (NTA) (13th)
SentinelOne Singularity Com...
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
214
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd), AI Observability (4th)
 

Mindshare comparison

As of March 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.9%, down from 5.6% compared to the previous year. The mindshare of ExtraHop Reveal(x) 360 is 0.9%, up from 0.3% compared to the previous year. The mindshare of SentinelOne Singularity Complete is 5.8%, up from 5.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Complete5.8%
Cortex XDR by Palo Alto Networks4.9%
ExtraHop Reveal(x) 3600.9%
Other88.4%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Maksym Toporkov - PeerSpot reviewer
Maksym Toporkov
Head of Research And Development at Quipu GmbH
A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives
The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights, there's a limitation in investigating payloads directly. ExtraHop provides an option for an additional server to save payloads, but its temporary storage has constraints. Unlike some competitors, it lacks an automatic payload-saving feature for each detection, presenting an improvement opportunity. Suggested enhancement involves the main sensor prompting payload storage for specific detections, streamlining the investigation process, and contributing to a more efficient workflow. A drawback includes packet storage limitations for payload data, necessitating timely extraction for thorough investigations.
Read full review
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Vaibhav Mahendra Kolhe
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"The stability of this product is very good."
"I generally believe that Cortex XDR by Palo Alto Networks is probably the best in the market right now."
"The most valuable for us is the correlation feature."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"Has great threat detection capabilities."
"The tool is easy to use."
"The solution's stability is generally good."
More Cortex XDR by Palo Alto Networks pros
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"It is scalable."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"Their technical support is more effective and of better quality than other competitors."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"SentinelOne's auto-rollback feature is the most valuable."
"Scalable endpoint protection solution that takes seconds to set up per device. It has a rollback feature and offers good technical support."
"At the moment, we have a lot of trust in SentinelOne."
"The external drive scanning is great."
"I have been a Mac guy for twenty years, and the feature parity and the capabilities of a Macintosh agent are unparalleled in the industry. It is the first anti-malware and antivirus that does not make you feel that you bought the wrong processor. It is really good and lightweight."
"The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive."
More SentinelOne Singularity Complete pros
 

Cons

"However, if you do not have Palo Alto in your environment, you are paying these additional services just for Cortex XDR by Palo Alto Networks, so it is not a cost-effective solution."
"Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"There are a large number of false positives."
"The solution eats memory of the computer, unlike anything I've ever seen."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
More Cortex XDR by Palo Alto Networks cons
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
"Their professional service can be improved."
"There needs to be more support."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete."
"They could add “right click>scan” where most users were trained to do so in handling flash drives."
"They have tiers of support like most companies do... We are now one tier down from that. The SLA for us is no longer within an hour or two. It's within half a day or something like that."
"Some reports could be better."
"An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."
"SentinelOne can continue to make the presentation of relevant and timely data to the analysts as succinct and clear as possible. It will allow analysts to execute remediation or resolution with the least amount of clicks."
"We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs."
"The solution can improve by adding more granular firewall capabilities."
More SentinelOne Singularity Complete cons
 

Pricing and Cost Advice

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"Cortex XDR’s pricing is very reasonable."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"This is an expensive solution."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
"The price is fair for what we are getting."
"SentinelOne is significantly less expensive than CrowdStrike. I recently did a price comparison between CrowdStrike and SentinelOne to determine where we are going for the next three years. CrowdStrike is 200% to 300% the cost."
"SentinelOne is more affordable than some competing products, and it's not overly expensive for what you're getting."
"Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender. Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one."
"The license is per user."
"This solution is less expensive than its competitors."
"We have not been beaten in the market by pricing, so we have been feeling good about that. The discussions we have had over the years keep us at a very low price per unit. It can always get better, but we also know there is a cost to the backend."
"I don't deal with the cost side of things, but the licensing, as far as endpoints go, is a pretty straightforward and simple process."
More SentinelOne Singularity Complete pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
884,976 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
Financial Services Firm
10%
Comms Service Provider
9%
Government
9%
Computer Software Company
9%
Computer Software Company
12%
Manufacturing Company
9%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business94
Midsize Enterprise48
Large Enterprise78
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
Ask a question
Earn 20 points
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
See all answers
What do you like most about SentinelOne Singularity?
The Ranger feature is valuable.
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Vectra AI vs ExtraHop Reveal(x) 360 Logo
Vectra AI vs ExtraHop Reveal(x) 360
Compared 11% of the time
Fortinet FortiGate vs ExtraHop Reveal(x) 360 Logo
Fortinet FortiGate vs ExtraHop Reveal(x) 360
Compared 8% of the time
ExtraHop Reveal(x) vs ExtraHop Reveal(x) 360 Logo
ExtraHop Reveal(x) vs ExtraHop Reveal(x) 360
Compared 8% of the time
NetWitness NDR vs ExtraHop Reveal(x) 360 Logo
NetWitness NDR vs ExtraHop Reveal(x) 360
Compared 7% of the time
CrowdStrike Falcon vs ExtraHop Reveal(x) 360 Logo
CrowdStrike Falcon vs ExtraHop Reveal(x) 360
Compared 4% of the time
More ExtraHop Reveal(x) 360 Competitors
Fortinet FortiEDR vs SentinelOne Singularity Complete Logo
Fortinet FortiEDR vs SentinelOne Singularity Complete
Compared 5% of the time
CrowdStrike Falcon vs SentinelOne Singularity Complete Logo
CrowdStrike Falcon vs SentinelOne Singularity Complete
Compared 5% of the time
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete Logo
Microsoft Defender for Endpoint vs SentinelOne Singularity Complete
Compared 3% of the time
Huntress Managed EDR vs SentinelOne Singularity Complete Logo
Huntress Managed EDR vs SentinelOne Singularity Complete
Compared 3% of the time
Trellix Endpoint Security Platform vs SentinelOne Singularity Complete Logo
Trellix Endpoint Security Platform vs SentinelOne Singularity Complete
Compared 2% of the time
More SentinelOne Singularity Complete Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
February 2026
ExtraHop Reveal(x) 360 reportDownload ExtraHop Reveal(x) 360 product report
Buyer's Guide
SentinelOne Singularity Complete
February 2026
SentinelOne Singularity Complete reportDownload SentinelOne Singularity Complete product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
Sentinel Labs, SentinelOne Singularity
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

ExtraHop Networks

SentinelOne Singularity Complete delivers advanced endpoint protection leveraging AI-driven threat detection and behavior analysis for efficient malware and ransomware response. Its standout features enhance security insights and ensure comprehensive endpoint management.

SentinelOne Singularity Complete provides robust ransomware recovery through unique rollback capabilities and seamless integration with various security solutions. Its machine learning enhances endpoint protection, minimizing false positives and automating responses. While praised for real-time threat monitoring, incident management, and asset management, it faces challenges in managing the console, customizing UI, and maintaining policy flexibility. Some users report difficulties with deployment and integration with existing systems, and enhanced reporting, alert management, and documentation are desired. Its appeal extends to deploying across multiple operating systems, offering comprehensive security coverage and facilitating cybersecurity compliance.

What standout features does SentinelOne Singularity Complete offer?
  • Rollback Capability: Provides effective ransomware recovery.
  • AI-Driven Threat Detection: Enhances threat identification and response.
  • Behavior Analysis: Automates and refines security processes.
  • Seamless Integration: Works well with other security solutions.
  • Machine Learning: Minimizes false positives and improves threat response.
What benefits should users consider in reviews?
  • Enhanced Security Insights: Improves overall threat management.
  • Reduced Detection Time: Lowers incident response time significantly.
  • User-Friendly Interface: Simplifies process for deployment and management.
  • Comprehensive Endpoint Protection: Ensures broad defense against threats.

Industries implement SentinelOne Singularity Complete for its AI capabilities in advanced endpoint protection, particularly against malware and ransomware. It's utilized across diverse operating systems, aiding in real-time threat monitoring and facilitating compliance. Organizations use it for vulnerability assessments and asset management, ensuring optimal protection in complex IT environments.

SentinelOne
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Wizards of the Coast
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Buyer's Guide
ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete
February 2026
Free Report: ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete
Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete and other solutions. Updated: February 2026.
DOWNLOAD NOW
884,976 professionals have used our research since 2012.
See our ExtraHop Reveal(x) 360 vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.