No more typing reviews! Try our Samantha, our new voice AI agent.

FortiXDR vs SentinelOne Singularity Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
FortiXDR
Ranking in Extended Detection and Response (XDR)
32nd
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
4
Ranking in other categories
No ranking in other categories
SentinelOne Singularity End...
Ranking in Extended Detection and Response (XDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
263
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd), AI-Powered Cybersecurity Platforms (3rd), AI Observability (2nd)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of FortiXDR is 1.3%, up from 0.7% compared to the previous year. The mindshare of SentinelOne Singularity Endpoint is 5.9%, up from 5.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Endpoint5.9%
Cortex XDR by Palo Alto Networks4.6%
FortiXDR1.3%
Other88.2%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
LL
Integration capabilities enhance compatibility across various cloud environments
I have extensive experience using Fortinet solutions, especially FortiXDR. I have implemented perimeter security in Azure, utilizing features such as web application firewall, application control, and security management.  I specialize in security for data centers, using various Fortinet solutions…
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Has great threat detection capabilities."
"The stability is pretty good except for one or two cases, and based on the performance, it's been okay with pretty high performance, no bugs or glitches, and it doesn't crash or freeze."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"The solution's most valuable feature is the user interface."
"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"The interface is easy to use and it is more up to date than our previous solution."
"It is easy to use."
"What I like about Cortex XDR by Palo Alto Networks is that it is a comprehensive solution that contains everything the organization may need when using endpoints."
"The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall, FortiMail, FortiSandbox, Forti Fabric, switches, and access points. Whatever the flow of the traffic comes in or goes out, the entire traffic can be managed and monitored properly."
"Our customers are satisfied with FortiXDR."
"The most valuable feature of FortiXDR is its ability to block clients, providing comprehensive endpoint protection."
"The product is stable enough."
"FortiXDR is valuable for its integration capabilities with one hundred percent compatibility with other vendors in cloud environments like Google, Oracle, and Microsoft."
"We can manage multiple tools including next-gen SIEM, identity security, cloud security, EDR, and XDR in a single platform with a single agent, so we do not need to manage multiple products."
"It provides network and asset visibility for us."
"We went from 30% ransom ware infections to zero."
"The user interface, ease of maintenance, and the efficient way to identify the root cause of an incident to see all the factors that contributed to it are the most valuable features."
"SentinelOne technical support is awesome."
"I like Singularity's rollback features, threat-hunting, and Ranger Insights. The Ranger feature scans the network and provides visibility into all the unsecured assets."
"The best feature of SentinelOne Singularity Complete is that you don't need to configure a lot with it because it provides an unmatched layer of protection out of the box."
"The main benefits of using SentinelOne Singularity Endpoint are its capability to secure our clients' infrastructure effectively, providing better reliability compared to other tools like CrowdStrike, with a focus mainly on security."
 

Cons

"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response."
"The downside to the solution is that there are a large number of false positives."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"The solution could improve by providing better integration with their own products and others."
"A little bit more automation would be nice."
"It is an enterprise-level solution. Its price could be less expensive."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For example, if there is any zero data threat found, a new threat that the customer is not able to recognize, fix, or understand what needs to be done this feature has to be added in FortiXDR so that the customer feels comfortable."
"They could change their licensing costs to make it more affordable for smaller businesses."
"The pricing of FortiXDR should be improved. It's a point of concern for us."
"Improvement is needed in the intuitiveness and integration measures of FortiXDR, especially in terms of compatibility."
"The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network."
"However, for complex cases—especially agent-related problems—we sometimes need remote assistance, and that level of support is not included in the basic subscription."
"A weakness seen with one large customer was that the detections were too intrusive, blocking many applications that should have been working, which led to many false positives."
"SentinelOne Singularity Complete needs to improve the integration capabilities with SIEM."
"The training for SentinelOne Singularity should be free."
"One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them."
"The product must provide the ability to update applications from the SentinelOne Management Console."
"The primary issue is the console's random automatic logouts, requiring users to repeatedly re-enter their username and password."
 

Pricing and Cost Advice

"I don't have any issues with the pricing. We are satisfied with the price."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"I don't like that they have different types of licenses."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The cost depends on your chosen license type, like Pro or other licenses."
"The pricing is a little bit on the expensive side."
"The pricing is a little high. It is per user per year."
"This is an expensive solution compared to other vendors, such as Check Point."
"SentinelOne is more affordable than some competing products, and it's not overly expensive for what you're getting."
"The price of SentinelOne is on the higher side compared to other solutions, such as Symantec."
"This solution is less expensive than its competitors."
"SentinelOne Singularity Complete's price point is excessive compared to the functionality it provides."
"The price is costly compared to what we were previously paying with Microsoft Defender and McAfee."
"The price for it is very competitive compared to other Next Gen EPP."
"The license is paid annually and is competitive."
"SentinelOne Singularity Complete can be expensive for the SMB market but is suitable for enterprise-level organizations."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Comms Service Provider
16%
Manufacturing Company
9%
Outsourcing Company
7%
Financial Services Firm
7%
Computer Software Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business125
Midsize Enterprise69
Large Enterprise90
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for FortiXDR?
Comparing to the enterprise level, the pricing is reasonable. However, for some companies, it might be a little high.
What needs improvement with FortiXDR?
They could change their licensing costs to make it more affordable for smaller businesses.
What is your primary use case for FortiXDR?
We are a system integrator and cloud service provider. Although I am in sales and not technical, I am involved with t...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...
What needs improvement with SentinelOne Singularity?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need t...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Sentinel Labs, SentinelOne Singularity, Singularity Platform
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about FortiXDR vs. SentinelOne Singularity Endpoint and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.