No more typing reviews! Try our Samantha, our new voice AI agent.

N-able EDR vs SentinelOne Singularity Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
50th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
SentinelOne Singularity End...
Ranking in Endpoint Detection and Response (EDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
263
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Extended Detection and Response (XDR) (2nd), AI-Powered Cybersecurity Platforms (3rd), AI Observability (2nd)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.4% compared to the previous year. The mindshare of SentinelOne Singularity Endpoint is 5.3%, down from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Endpoint5.3%
Cortex XDR by Palo Alto Networks3.6%
N-able EDR0.7%
Other90.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"They have a new GUI which is just fantastic."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"It'll not slow down your system when compared to others."
"Cortex is a very good total solution on the endpoints."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The most valuable features of this product are the management capabilities, which allow an IT organization to get quite a good picture of attempted cyber attacks, and its out-of-the-box investigation capabilities."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
"Scalable endpoint protection solution that takes seconds to set up per device. It has a rollback feature and offers good technical support."
"For me, the experience has been very good."
"The most valuable features of SentinelOne are the endpoint detection of threats, and it does not only rely on signatures for detection."
"We collect a lot of telemetry from Singularity Complete."
"The most valuable feature of SentinelOne is the EDR functionality. We are protected against threats, such as ransomware."
"The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
"The most valuable feature is that it just unintrusively works in the background to carry out the protection."
"I really like the storyline feature."
 

Cons

"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"Cortex XDR could be improved with more GUI features."
"The solution eats memory of the computer, unlike anything I've ever seen."
"A little bit more automation would be nice."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"I would like to see them add support for both Android and iOS smartphones."
"The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily."
"The setup process could be improved."
"SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful."
"The solution does not have an application security and control module."
"Sometimes, SentinelOne Singularity Complete takes time to reflect on some machines, which could be due to poor network connectivity."
"I would have liked the dashboard to be more user-friendly."
"There aren't enough reporting capabilities for decision-makers."
"I rate Singularity Cloud Workload Security's stability a four out of ten."
 

Pricing and Cost Advice

"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"It has reasonable pricing for the use cases it provides to the company."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"The tool's price is moderate."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Cortex XDR's pricing is ok."
"Our customers have expressed that the price is high."
"The pricing is average."
"Its pricing is competitive."
"The price is competitive, if you compare it with other solutions on the market."
"Overall, it was a good experience. It is pretty easy for us to increase the number."
"We pay $30,000 a year for 275 endpoints. We're growing, so I plan to buy another 75 endpoints. There is still a year and a half left in my three-year subscription, so I'm going to increase my endpoint count by 30 percent."
"The product's pricing is at par with what you see among major competitors. It's higher than McAfee, yet cheaper than CrowdStrike."
"The pricing of the solution seems reasonable, we got a discount but it still seems reasonable. The licensing cost is $3 to $4 per endpoint and can be paid monthly or yearly, with the price changing according to commitment."
"The pricing of SentinelOne is less than McAfee."
"SentinelOne's pricing could be lower."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Manufacturing Company
20%
Comms Service Provider
14%
Transportation Company
11%
Healthcare Company
8%
Computer Software Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business125
Midsize Enterprise69
Large Enterprise90
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...
What needs improvement with SentinelOne Singularity?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need t...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Sentinel Labs, SentinelOne Singularity, Singularity Platform
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about N-able EDR vs. SentinelOne Singularity Endpoint and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.