Microsoft Defender for Endpoint vs SentinelOne Singularity Complete comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on May 3, 2022

We performed a comparison between Microsoft Defender for Endpoint and SentinelOne based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Microsoft Defender for Endpoint users tell us deployment depends on the overall system configuration and can take from a few hours to days or weeks. Users feel that the solution is not complicated, but neither would they consider it easy to deploy.

    SentinelOne users tell us deployment is simple, easy to complete, and very straightforward.
  • Features: Microsoft Defender for Endpoint users value the Attack Surface Reduction Controls, the Exploit Prevention Controls, and the Automated Investigation and Response, which do an excellent job and greatly reduce the SOC workloads. Microsoft Defender for Endpoint has a robust ransomware solution built into it, which is a very unique option. Users feel a more refined console and an improved GUI would be most beneficial. Reporting could also be more detailed and the onboarding process a bit faster.

    SentinelOne users appreciate that it provides very detailed specifics with regard to risks and attacks. The ability to reverse damage caused by ransomware with minimal interruptions to the environment is especially valuable. SentinelOne works inconspicuously in the background, continually providing complete protection. It has an automated active EDR that will not only find issues but can also fix them. Some users feel there seem to be some applications that do not function properly when SentinelOne is installed, yet when SentinelOne is removed they work as expected. Users would like to be able to make the reporting process more customizable.
  • Pricing: Microsoft Defender for Endpoint is included in Windows 10 and many other Windows/Microsoft products. Microsoft does also have many other tiered pricing options to choose from, making it a desirable solution price-wise. SentinelOne users tell us the solution is appropriately priced for the amount of coverage it provides and they are happy with the pricing/licensing options available.
  • Service and Support: Microsoft Defender for Endpoint users mostly feel service needs to be improved, rating it from poor to adequate. SentinelOne users feel the service they receive is excellent. They say the service is fast, professional, and extremely knowledgeable.

Comparison Results: Based on our users’ reviews, we would conclude that SentinelOne is a stronger, more secure solution than Microsoft Defender for Endpoint. Reviewers say that SentinelOne offers a deeper and more thorough level of security. Additionally, SentinelOne provides equal protection across Windows, Linux, and macOS. It can also support legacy infrastructure as well as many newer environments. The single-pane feature helps protect numerous endpoints with a very lean team, saving time and money, thereby improving TCO and ROI.

To learn more, read our detailed Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete Report (Updated: September 2023).
735,432 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product detects and blocks threats and is more proactive than firewalls.""The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors""Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great.""The solution was relatively easy to deploy.""Fortinet has helped free up around 20 percent of our staff's time to help us out.""It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward.""The console is easy to read. I also like the scanning part and the ability to move assets from one to the other.""Fortinet is very user-friendly for customers."

More Fortinet FortiEDR Pros →

"Technical support has been great.""The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint.""The integration of Defender, Security Center, and the Microsoft compliance score, is the feature we use most to share the results with our clients and to create a roadmap together.""I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids.""The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system.""Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions.""The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good.""I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."

More Microsoft Defender for Endpoint Pros →

"The rollback feature is the most valuable aspect of the solution.""The reporting part is awesome.""The GUI is really easy to use.""SentinelOne has improved the overall security posture of the firm without creating a lot of hassle for our end users. Everything is a bit more secure. We think Singularity Complete has helped us reduce our organizational risks.""The solution offers excellent detection and integration capabilities.""SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control.""SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones.""The overall product quality is good."

More SentinelOne Singularity Complete Pros →

Cons
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR.""Cannot be used on mobile devices with a secure connection.""We'd like to see more one-to-one product presentations for the distribution channels.""The solution is not stable.""The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices.""FortiEDR can be improved by providing more detailed reporting.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.""ZTNA can improve latency."

More Fortinet FortiEDR Cons →

"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get.""We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory.""The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate.""There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint.""Microsoft Defender for Endpoint can improve by providing more and different types of reports.""Our team's knowledge of the solution needs to be improved, and Microsoft could do a better job conveying the necessary information to users. We could proactively use the tool more and explore capabilities we are not yet utilizing.""We would like more customization.""A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."

More Microsoft Defender for Endpoint Cons →

"It would be good to see some small tools to test files or hashes that are a potential threat, I know there are already products offering this.""Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly.""Their documentation could afford to be a little bit better communicated. A lot of times we have to look at things in the knowledge base, and much of that could be communicated better, but that would probably be the only thing that needs to be improved.""The solution can use up a lot of resources when scanning. It would be ideal if it was lighter.""DLP support would be a good addition.""We'd like to have a network map or scan to cover network security.""SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature.""The solution should include USB blocking for specific machines."

More SentinelOne Singularity Complete Cons →

Pricing and Cost Advice
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."
  • "Fortinet FortiEDR has a yearly subscription."
  • "It's not cheap, but it's not expensive either."
  • More Fortinet FortiEDR Pricing and Cost Advice →

  • "I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure."
  • "The solution comes free with Microsoft Windows 10."
  • "When customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch."
  • "I do not have to purchase antivirus solutions anymore because Microsoft Defender for Endpoint is integrated into Windows and comes free."
  • "It came with Windows."
  • "We pay a yearly license for Microsoft Defender. We also have a support contract with them."
  • "The solution is free with Windows."
  • "You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
  • More Microsoft Defender for Endpoint Pricing and Cost Advice →

  • "The pricing is very reasonable."
  • "Its price can be lower because I'm seeing competition from another vendor who beats it on commercials."
  • "The pricing of the solution seems reasonable, we got a discount but it still seems reasonable. The licensing cost is $3 to $4 per endpoint and can be paid monthly or yearly, with the price changing according to commitment."
  • "Just buy the Capture Client and buy the installer itself in a license of 100,000, or whatever is needed. You don't need to invest in any management tools because they are already installed, and maintenance from the client will keep everything up and running."
  • "Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender. Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one."
  • "SentinelOne can cost approximately $70 per device."
  • "Its cost is yearly. It is not much costlier than other leading products available in the market. I would rate it a four out of five in terms of pricing."
  • "It's around $8 per client per month."
  • More SentinelOne Singularity Complete Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    735,432 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    Top Answer:Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close… more »
    Top Answer:The price is on the higher side. It's in the upper quadrant. The hardware costs about €100,000 and about €20,000… more »
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface… more »
    Top Answer:We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks.… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Top Answer:SentinelOne is hands down my recommended solution. SentinelOne has not been breached and offers upto $1,000,000… more »
    Comparisons
    Also Known As
    enSilo, FortiEDR
    Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
    Sentinel Labs, SentinelOne Singularity
    Learn More
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

    With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

    Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft 365 Defender, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

    Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

    SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.

    SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels of security and varied payment options. SentinelOne works well with Linux, Windows, and MacOS, and can successfully support legacy infrastructures as well as the newer popular environments, including the latest operating systems. The single pane of glass management will save time and money by reducing manpower and ensuring comprehensive security protection of all your endpoints locally and worldwide.

    SentinelOne offers intensive training and support to meet every organization’s unique business needs.

    SentinelOne's levels of services and support include, but are not limited to:

    SentinelOne GO is a guided 90-day onboarding service to ensure successful deployment and success. It assists with the deployment planning and overview, initial user setup, and product overviews. It provides ongoing training and advisory meetings, ensuring that everything is set up correctly and that your team understands the appropriate protocols to ensure success.

    SentinelOne offers multi-tiered support based on your organizational needs from small business to enterprise, using their Designed Technical Account Management (TAM). They have support for every business level: Standard, Enterprise, and Enterprise Pro. SentinelOne is always available to ensure that you and your organization work together to minimize the risk of downtime and any threat exposure.

    Threat Hunting & Response Services

    Support for threat hunting and response include Watch Tower, Watch Tower Pro, Vigilance Respond, and Vigilance Respond Pro. Each of these services builds on the other, progressively adding features based on your organizational needs.

    Watch Tower: This is the entry-level plan and includes: Active campaign hunting and cyber crime alerts and course correction for potential threats, access to the Monthly Hunting & Intelligence Digest.

    Watch Tower Pro: Includes everything in WatchTower and customized threat hunting for all current & historical threats, unlimited access to Signal Hunting Library of Pre-Built Queries, Incident-Based Triage and Hunting, continuous customer service, followup and reporting, a Security Assessment, and quarterly Cadence meetings.

    Vigilance Respond: Includes all of the features of Watch Tower in addition to a security assessment and Cadence meetings, which are on-demand. Provides the features of Watch Tower Pro in addition to 24x7x365 monitoring, triage, and response.

    Vigilance Respond Pro: Includes all of the features of the above options, including a security assessment and quarterly cadence meeting as well as a complete digital forensic investigation and malware analysis.

    Reviews from Real Users

    Jeff D. who is an Operations Manager at Proton Dealership IT, tells us that "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

    "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring." relates Rae J., Director IR and MDR at a tech services company.

    Offer
    Learn more about Fortinet FortiEDR
    Learn more about Microsoft Defender for Endpoint
    Learn more about SentinelOne Singularity Complete
    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Petrofrac, Metro CSG, Christus Health
    Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
    Top Industries
    REVIEWERS
    Financial Services Firm24%
    Comms Service Provider12%
    Energy/Utilities Company6%
    Educational Organization6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Government8%
    Manufacturing Company7%
    Financial Services Firm7%
    REVIEWERS
    Financial Services Firm20%
    Computer Software Company16%
    Comms Service Provider8%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company13%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Manufacturing Company13%
    Financial Services Firm10%
    Computer Software Company8%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider6%
    Government6%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise22%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise31%
    Large Enterprise47%
    REVIEWERS
    Small Business39%
    Midsize Enterprise24%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise18%
    Large Enterprise47%
    Buyer's Guide
    Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete
    September 2023
    Find out what your peers are saying about Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete and other solutions. Updated: September 2023.
    735,432 professionals have used our research since 2012.

    Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 96 reviews while SentinelOne Singularity Complete is ranked 2nd in EPP (Endpoint Protection for Business) with 96 reviews. Microsoft Defender for Endpoint is rated 8.2, while SentinelOne Singularity Complete is rated 8.6. The top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Worth the money, supports legacy endpoints, and blocks anything even remotely malicious". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon and Cortex XDR by Palo Alto Networks, whereas SentinelOne Singularity Complete is most compared with CrowdStrike Falcon, Darktrace, Intercept X Endpoint, ESET Endpoint Protection Platform and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Endpoint vs. SentinelOne Singularity Complete report.

    See our list of best EPP (Endpoint Protection for Business) vendors, best Anti-Malware Tools vendors, and best EDR (Endpoint Detection and Response) vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.