• Home
  • Microsoft Defender for Identity vs. SentinelOne Singularity Identity

Microsoft Defender for Identity vs SentinelOne Singularity Identity comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Defender for Identity vs. SentinelOne Singularity Identity
March 2024
Executive Summary

We performed a comparison between Microsoft Defender for Identity and SentinelOne Singularity Identity based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Identity vs. SentinelOne Singularity Identity Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Emeka Ndulu
Integration with other Microsoft products is simple, providing a holistic security solution
It helps identify insider leaks. If any of your users want to use their permissions to implement leaks or perform malicious actions, it alerts you.... Read more →
DavidPerry
Researched Microsoft Defender for Identity but chose SentinelOne Singularity Identity: Provides a unified console and proactive threat detection
SentinelOne Singularity Identity has enabled us to safeguard all of our endpoints, as opposed to our previous solution, which only protected a... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up.""The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors.""Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.""The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident.""All the integration it has with different Microsoft packages, like Teams and Office, is good.""It automates routine testing and helps automate the finding of high-value alerts.""The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs.""Defender for Identity has not affected the end-user experience."

More Microsoft Defender for Identity Pros →

"The biggest value for us is getting a much better picture of what our risks are.""The AI-based detection, scanning, prevention and mitigation features are the most valuable features.""The XDR capabilities are very good.""All the features within the XDR are valuable as a whole for our organization.""The protection provided by SentinelOne Singularity Identity is the most valuable feature.""I like the detection and protection features. We don't need to do anything, and it will alert us when the mitigation is not successful. We only need to target those endpoints. Otherwise, we don't have to do anything about that.""The threat detection capability is the most valuable feature.""The most valuable feature of SentinelOne Singularity Identity is its ability to detect based on behavior rather than just static signatures."

More SentinelOne Singularity Identity Pros →

Cons
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further.""The solution could be better at using group-managed access and they could replace it with broad-based access controls.""One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents.""When the data leaves the cloud, there are security issues.""I would like to be able to do remediation from the platform because it is just a scanner right now. If you onboard a device, it shows you what is happening, but you can't use it to fix things. You need to go into the system to fix it instead.""The tracking instance needs to be configured appropriately.""Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies.""And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."

More Microsoft Defender for Identity Cons →

"Sometimes I get kicked out of the console. I don't know why.""The root cause of automation could be better.""A lot of those features came from an acquisition of a different company.""SentinelOne Singularity Identity could be more user-friendly.""We haven't received the expected support whenever we've had questions.""The primary reason for this discontent is that we frequently encounter performance issues with our servers.""The UI can be more user-friendly.""Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one."

More SentinelOne Singularity Identity Cons →

Pricing and Cost Advice
  • "You won't be able to change your tenants from where you deploy them. For example, if you select Canada, they will charge you based on Canadian pricing. If you are also in London, when you deploy in Canada, the pound is higher than Canadian dollars, but your platform resources are billable in Canadian dollars. Using your pounds to pay for any of these things will be cheaper. Or, if you deploy in London, they will charge you based on your local currency."
  • "Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly."
  • "The product is costly, and we had multiple discussions with accounting to receive a discounted rate. However, on the open market, the tool is expensive."
  • "It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees."

    • More Microsoft Defender for Identity Pricing and Cost Advice →

  • "The price is affordable."
  • "SentinelOne seemed to offer more while being priced lower than its competitors."
  • "The cost of SentinelOne Singularity Identity is better than CrowdStrike."
  • "The price of SentinelOne Singularity Identity is relatively high, but it offers numerous features and capabilities that make it well worth the investment."
  • "Ideally, I would like SentinelOne to lower their prices a little bit."
  • "The pricing is a bit high."
  • "Its price is a little bit high. It is a nice product, but it comes at a cost. Compared to other products, it is not cheap, but you sometimes have to pay for the value you get. It is not cheap, but it is worth it."
  • "SentinelOne Singularity Identity's pricing is cheaper than CrowdStrike and is really good."

    • More SentinelOne Singularity Identity Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Defender for Identity?
    Top Answer:Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.
    Read all 7 answers   →
    What needs improvement with Microsoft Defender for Identity?
    Top Answer:One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents. Currently, it is mandatory to install the agent on the on-premises… more »
    Read all 7 answers   →
    What is your primary use case for Microsoft Defender for Identity?
    Top Answer:Microsoft Defender for Identity is like a personal security guard for our organization's identity. It keeps a close eye on how we use our identities across both on-premises and Azure Active Directory… more »
    Read all 7 answers   →
    Does SentinelOne have a Virtual Patching functionality?
    Top Answer:Yes -- SentinelOne has a Virtual Patching functionality called Virtual Patching and Exploit Shield. This preventive security solution uses behavioral AI to identify and block zero-day attacks and… more »
    What do you like most about SentinelOne Singularity Identity?
    Top Answer:The XDR capabilities are very good.
    Read all 7 answers   →
    What is your experience regarding pricing and costs for SentinelOne Singu...
    Top Answer:If a company is a Microsoft shop, it makes sense to stick with Microsoft tools. It doesn't have mature SIEM capabilities or root cause analysis. It does not have a seamless integrated log management… more »
    Read all 6 answers   →
    Ranking
    6th
    out of 37 in Advanced Threat Protection (ATP)
    Views
    2,871
    Comparisons
    1,562
    Reviews
    9
    Average Words per Review
    956
    Rating
    8.9
    12th
    out of 37 in Advanced Threat Protection (ATP)
    Views
    142
    Comparisons
    100
    Reviews
    14
    Average Words per Review
    1,156
    Rating
    8.6
    Comparisons
    Also Known As
    Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity
    Learn More
    Microsoft
    SentinelOne
    Video Not Available
    Overview

    Microsoft Defender for Identity is a comprehensive security solution that helps organizations protect their identities and detect potential threats. It leverages advanced analytics and machine learning to provide real-time visibility into user activities, enabling proactive identification of suspicious behavior. 

    With its powerful detection capabilities, it can identify various types of attacks, including brute force, pass-the-hash, and golden ticket attacks. The solution also offers rich reporting and alerting capabilities, allowing security teams to quickly respond to incidents and mitigate risks. By continuously monitoring user activities and providing actionable insights, Microsoft Defender for Identity helps organizations strengthen their security posture and safeguard their sensitive data.

    Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

    Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

    Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

    By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

    Sample Customers
    Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.
    Information Not Available
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm13%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Manufacturing Company21%
    Healthcare Company14%
    Logistics Company7%
    Retailer7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company14%
    Government9%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business17%
    Midsize Enterprise17%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise19%
    Large Enterprise59%
    Buyer's Guide
    Microsoft Defender for Identity vs. SentinelOne Singularity Identity
    March 2024
    Free Report: Microsoft Defender for Identity vs. SentinelOne Singularity Identity
    Find out what your peers are saying about Microsoft Defender for Identity vs. SentinelOne Singularity Identity and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Microsoft Defender for Identity is ranked 6th in Advanced Threat Protection (ATP) with 13 reviews while SentinelOne Singularity Identity is ranked 12th in Advanced Threat Protection (ATP) with 14 reviews. Microsoft Defender for Identity is rated 9.0, while SentinelOne Singularity Identity is rated 8.6. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of SentinelOne Singularity Identity writes "It offers deep and continuous visibility into our attack surface". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID and Splunk User Behavior Analytics, whereas SentinelOne Singularity Identity is most compared with Qualys VMDR, SailPoint IdentityIQ, Tenable Vulnerability Management, Microsoft Defender for Office 365 and Claroty Platform. See our Microsoft Defender for Identity vs. SentinelOne Singularity Identity report.

    See our list of best Advanced Threat Protection (ATP) vendors and best Identity Threat Detection and Response (ITDR) vendors.

    We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.