Try our new research platform with insights from 80,000+ expert users

Microsoft Defender Threat Intelligence vs SentinelOne Singularity Identity comparison

Microsoft and SentinelOne are both solutions in the Advanced Threat Protection (ATP) category. Microsoft is ranked #10 with an average rating of 8.4, while SentinelOne is ranked #7 with an average rating of 8.9. Microsoft holds a 1.6% mindshare in ATP, compared to SentinelOne’s 2.6% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 95% of SentinelOne users who would recommend it.
Microsoft Defender Threat I...
Read 32 Microsoft Defender Threat Intelligence reviews
  • 352 Views
  • 41 Comparison Views
93% willing to recommend
SentinelOne Singularity Ide...
Read 21 SentinelOne Singularity Identity reviews
  • 357 Views
  • 38 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 1, 2024

Microsoft Defender Threat Intelligence and SentinelOne Singularity Identity are leaders in cybersecurity solutions with distinct strengths. Microsoft Defender has an edge within the Microsoft ecosystem due to its seamless integration and data residency, while SentinelOne's behavioral detection and efficient cloud protection make it a strong contender for those prioritizing lightweight, non-intrusive solutions.

Features: Microsoft Defender Threat Intelligence offers seamless integration within the Microsoft ecosystem, advanced detection of zero-day vulnerabilities, and the capacity for global collaborative threat intelligence. Meanwhile, SentinelOne Singularity Identity is known for its dynamic behavioral-based detection, robust cloud protection capabilities, and a lightweight, non-intrusive agent designed for effective functionality without taxing system resources.

Room for Improvement: Microsoft Defender could enhance its compatibility with non-Microsoft products and address pricing for users without M365 E5 licenses. It could also provide more streamlined user feedback mechanisms. SentinelOne Singularity Identity could improve user-friendliness for less tech-savvy users, enhance support responsiveness, and incorporate web filtering and automated agent updates for a more comprehensive security solution.

Ease of Deployment and Customer Service: Microsoft Defender Threat Intelligence supports public, hybrid, and on-premises deployments, offering comprehensive support, though its user feedback processes may feel cumbersome. SentinelOne provides diverse deployment options, including public cloud and on-premises. However, user feedback on support efficiency varies, suggesting a need for more personalized customer service.

Pricing and ROI: Microsoft Defender Threat Intelligence is bundled with Microsoft 365 subscriptions, presenting cost benefits for existing users and reducing the reliance on multiple security platforms. SentinelOne, though priced higher, provides a feature-rich package justifying its cost. The pricing, while competitive, could be more transparent regarding annual increases, yet both solutions deliver notable ROI, enhancing security and threat protection capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity Report (Updated: June 2025).
Buyer's Guide
Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity
June 2025
Download the complete report
Helped 859,129 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.1
Microsoft Defender Threat Intelligence consolidates security, reduces costs, enhances intelligence, and effectively prevents breaches, offering significant ROI.
Sentiment score
7.5
SentinelOne Singularity Identity offered high return on investment with enhanced protection, efficiency, and time savings, justifying higher costs.
 

Customer Service

Sentiment score
7.4
Microsoft Defender support varies, with excellent technical help praised but mixed experiences with contact ease and expertise levels.
Sentiment score
7.8
SentinelOne Singularity Identity provides responsive customer service with higher tiers offering 24/7 support and prioritizing user success.
Level two support is knowledgeable and knows how the product works, which is very good.
For more quotes and insights, download the Microsoft Defender Threat Intelligence report
They have been responsive to our needs as integrators and those of the client.
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Scalability Issues

Sentiment score
7.9
Microsoft Defender Threat Intelligence offers scalable security, favored for flexibility, ease of use, and seamless cloud integration despite potential costs.
Sentiment score
8.3
SentinelOne Singularity Identity is praised for scalability, despite occasional integration and deployment challenges, often rated nine or ten.
If there were some customizations available, I would rate its scalability as nine out of ten.
For more quotes and insights, download the Microsoft Defender Threat Intelligence report
No quotes available
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Stability Issues

Sentiment score
8.3
Microsoft Defender Threat Intelligence is praised for stability, performance, security features, and resilience, despite occasional outages and delays.
Sentiment score
8.5
SentinelOne Singularity Identity is highly stable with minimal CPU usage, excellent performance, and effective support for installation issues.
It provides a high level of security and avoids phishing and scam emails.
For more quotes and insights, download the Microsoft Defender Threat Intelligence report
No quotes available
For more quotes and insights, download the SentinelOne Singularity Identity report
 

Room For Improvement

Microsoft Defender Threat Intelligence needs pricing, integration, support, AI, automation, and customization improvements for better affordability and usability.
SentinelOne Singularity Identity needs better management, enhanced features, user-friendly policies, improved support, and competitive pricing.
Providing code customization would help keep pace with new vulnerabilities and threats.
From the telemetry data standpoint, I would prefer Defender data to be more open in future updates.
For more quotes and insights, download the Microsoft Defender Threat Intelligence report
There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies.
For more quotes and insights, download the SentinelOne Singularity Identity report
reviewer1766421 - PeerSpot reviewer
MG
MM
 

Setup Cost

Microsoft Defender Threat Intelligence is cost-effective in E5 bundles but can be complex and costly standalone for SMEs.
SentinelOne Singularity Identity offers competitive pricing, valued integration, and customizable licensing, though pricing transparency is key for executive approval.
 

Valuable Features

Microsoft Defender Threat Intelligence integrates globally informed threat detection with seamless Microsoft product integration for comprehensive, automated protection and analysis.
SentinelOne Singularity Identity offers AI-driven threat detection, rapid response, and efficient security management with minimal system impact.
Our threat detection is enhanced due to the AI agents in Microsoft Defender Threat Intelligence, which helps in detecting automatically.
One of the best features is that it provides a certain level of customization, allowing us to set our spam confidence levels.
For more quotes and insights, download the Microsoft Defender Threat Intelligence report
With visibility into endpoint telemetry, SentinelOne does provide useful information to find threat actors and empowers those who are in the business of threat hunting.
For more quotes and insights, download the SentinelOne Singularity Identity report
MG
reviewer1766421 - PeerSpot reviewer
MM
 

Categories and Ranking

Microsoft Defender Threat I...
Ranking in Advanced Threat Protection (ATP)
10th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Threat Intelligence Platforms (4th), Microsoft Security Suite (15th)
SentinelOne Singularity Ide...
Ranking in Advanced Threat Protection (ATP)
7th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
21
Ranking in other categories
Vulnerability Management (10th), Threat Deception Platforms (2nd), Identity Threat Detection and Response (ITDR) (4th)
 

Mindshare comparison

As of June 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Microsoft Defender Threat Intelligence is 1.6%, up from 1.2% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 2.6%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP)
 

Featured Reviews

TapabrataSamanta - PeerSpot reviewer
A cost-effective solution for monitoring and security but lacks supports for non-Microsoft products
There are weaknesses, and Microsoft is working on addressing them. Over the past three to four years, the ATP and other components have improved significantly, and the integration has also advanced. We are using third-party services. While we have Microsoft Threat Intelligence, which leverages Microsoft's facilities, we also utilize additional third-party threat intelligence. As of today, we don't completely rely on Microsoft for certain regions. This is an area where Microsoft needs to improve. Consequently, we use Anomali, a third-party threat intelligence provider. We integrate our product's intelligence with Anomali, from which we obtain threat insights. Microsoft products offer significant advantages, especially in the realm of threat intelligence. It works very well with Microsoft products. However, you might need additional services if you have non-Microsoft products in your environment. For instance, if you use Apple or Linux, Microsoft's solutions alone might not be sufficient. If they can work more effectively, especially with zero-day attack speed and other sophisticated threats, it will help us provide our customers with timely newsletters about new attacks.
Read full review
Roftiel Constantine - PeerSpot reviewer
Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities
During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
859,129 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Educational Organization
10%
Government
9%
Computer Software Company
15%
Financial Services Firm
11%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft Defender Threat Intelligence?
It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use.
See all answers
What needs improvement with Microsoft Defender Threat Intelligence?
From the telemetry data standpoint, I would prefer Defender data to be more open in future updates.
See all answers
What is your primary use case for Microsoft Defender Threat Intelligence?
We have tried Microsoft Defender Threat Intelligence. I have expertise with Microsoft Defender products. I am not familiar with Microsoft Defender for IoT because we did not use that in our environ...
See all answers
Does SentinelOne have a Virtual Patching functionality?
Yes -- SentinelOne has a Virtual Patching functionality called Virtual Patching and Exploit Shield. This preventive security solution uses behavioral AI to identify and block zero-day attacks and v...
See all answers
What do you like most about SentinelOne Singularity Identity?
The XDR capabilities are very good.
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity Identity?
I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.
See all answers
 

Comparisons

Recorded Future vs Microsoft Defender Threat Intelligence Logo
Recorded Future vs Microsoft Defender Threat Intelligence
Compared 22% of the time
VirusTotal vs Microsoft Defender Threat Intelligence Logo
VirusTotal vs Microsoft Defender Threat Intelligence
Compared 20% of the time
Anomali vs Microsoft Defender Threat Intelligence Logo
Anomali vs Microsoft Defender Threat Intelligence
Compared 14% of the time
Cisco Threat Grid vs Microsoft Defender Threat Intelligence Logo
Cisco Threat Grid vs Microsoft Defender Threat Intelligence
Compared 14% of the time
Microsoft Sentinel vs Microsoft Defender Threat Intelligence Logo
Microsoft Sentinel vs Microsoft Defender Threat Intelligence
Compared 10% of the time
More Microsoft Defender Threat Intelligence Competitors
Tenable Vulnerability Management vs SentinelOne Singularity Identity Logo
Tenable Vulnerability Management vs SentinelOne Singularity Identity
Compared 11% of the time
Microsoft Defender for Identity vs SentinelOne Singularity Identity Logo
Microsoft Defender for Identity vs SentinelOne Singularity Identity
Compared 11% of the time
CrowdStrike Falcon vs SentinelOne Singularity Identity Logo
CrowdStrike Falcon vs SentinelOne Singularity Identity
Compared 10% of the time
SailPoint Identity Security Cloud vs SentinelOne Singularity Identity Logo
SailPoint Identity Security Cloud vs SentinelOne Singularity Identity
Compared 8% of the time
Microsoft Entra ID Protection vs SentinelOne Singularity Identity Logo
Microsoft Entra ID Protection vs SentinelOne Singularity Identity
Compared 6% of the time
More SentinelOne Singularity Identity Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender Threat Intelligence
June 2025
Microsoft Defender Threat Intelligence reportDownload Microsoft Defender Threat Intelligence product report
Buyer's Guide
SentinelOne Singularity Identity
May 2025
SentinelOne Singularity Identity reportDownload SentinelOne Singularity Identity product report
 

Overview

Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation. 

Microsoft

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne
Buyer's Guide
Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity
June 2025
Free Report: Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity
Find out what your peers are saying about Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity and other solutions. Updated: June 2025.
DOWNLOAD NOW
859,129 professionals have used our research since 2012.
See our Microsoft Defender Threat Intelligence vs. SentinelOne Singularity Identity report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.