No more typing reviews! Try our Samantha, our new voice AI agent.

SanerNow CyberHygiene Platform vs SentinelOne Singularity Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
SanerNow CyberHygiene Platform
Ranking in Endpoint Detection and Response (EDR)
42nd
Average Rating
9.6
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Vulnerability Management (49th), Patch Management (17th), Risk-Based Vulnerability Management (19th)
SentinelOne Singularity End...
Ranking in Endpoint Detection and Response (EDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
263
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Extended Detection and Response (XDR) (2nd), AI-Powered Cybersecurity Platforms (3rd), AI Observability (2nd)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of SanerNow CyberHygiene Platform is 0.7%, up from 0.1% compared to the previous year. The mindshare of SentinelOne Singularity Endpoint is 5.3%, down from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Endpoint5.3%
Cortex XDR by Palo Alto Networks3.6%
SanerNow CyberHygiene Platform0.7%
Other90.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JU
Information Technology Supervisor at DMCI Homes, Inc.
Can automate updates and manage software licenses more effectively
Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools. Before, we struggled with setting policies and making changes to workstations. Now, we can automate updates and manage software licenses more effectively. We monitor who's using various licenses like Office, CAD, Visio, and Lumion.
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"There has been a significant reduction of approximately 70% to 80% in our internal MTTR and MTTD metrics, now around five to eight minutes whereas previously it was hours, which has helped tremendously."
"It is an easy-to-use tool."
"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"Traps pays for itself within the first 16 months of a three-year subscription."
"The behavior-based detection feature is valuable."
"My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
"Although it is, in fact, a complete vulnerability management solution, the most valuable feature is the patch management functionality. Most of our customers give preference to this tool over other tools when it comes to patch management."
"Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools."
"I strongly recommend this solution."
"It identifies what applications are vulnerable. If I go to the applications, such as Adobe Photoshop or Adobe Reader, I can see our current list of vulnerabilities: How many are vulnerable and how many need to be updated with patching. One of the most valuable aspects is the ease of finding specific vulnerabilities."
"The solution gives me peace of mind when it comes to the reliability of the computers on our system."
"The Deep Visibility feature is the most useful part of the EDR platform. It gives us good insights into what is actually happening on the endpoints, e.g., when we have malicious or suspicious activity. We came from a legacy type AV previously, so we didn't have that level of visibility or understanding. For simplifying threat-hunting, it is extremely useful, where traditional techniques in threat hunting are quite laborious. We can put in indicators of compromise and it will sweep the environment for them, then they would give us a breakdown of what assets have been seen and where they have been seen, which is more of a forensics overview."
"SentinelOne offers one of the best software quotes and has excellent reviews and everything."
"Deep Visibility is a valuable feature."
"SentinelOne also provides equal protection across Windows, Linux, and macOS. I have all of them and every flavor of them you could possibly imagine. They've done a great job because I still have a lot of legacy infrastructure to support. It can support legacy environments as well as newer environments, including all the latest OS's... There are cost savings not only on licensing but because I don't have to have different people managing different consoles."
"SentinelOne is stable and reliable."
 

Cons

"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"SanerNow has good integration with the more well known ITSM tools, but at the same time there are many other ITSM (IT Service Management) tools available in the market, including local tools here in India, and I'm not sure how SanerNow plans to integrate with them all out of the box."
"SanerNow CyberHygiene Platform needs to incorporate more documentation."
"SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful."
"I rate Singularity Cloud Workload Security's stability a four out of ten."
"My biggest complaint is that when you're logged into the console there is the Help section where you can review all the documentation. But when you log in to the support portal, there is documentation there as well. They need to sync those two into one place so that I don't have to search in two different locations for an answer."
"Periodically we have an application that does not work correctly when SentinelOne is installed, yet performs as expected when SentinelOne is removed."
"The solution is expensive. It is costlier than Trend Micro and Palo Alto XDR."
"In terms of improvements for SentinelOne Singularity Endpoint, the dashboard is complex for new users, and there are a lot of false positive alerts, particularly from genuine EXE files."
"The volume of shadow copies becomes too large and we have to manage that."
"Regarding the pricing, Singularity Platform is very high compared to other platforms that have been worked with, such as CrowdStrike and other Sophos EDRs."
 

Pricing and Cost Advice

"I feel it is fairly priced."
"Its pricing is kind of in line with its competitors and everybody else out there."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"This is an expensive solution."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"As with several other solutions such as Microsoft MECM and SCCM, the licensing for SanerNow involves per-device pricing for each kind of product or service on offer."
"The pricing is reasonable - we paid about 2.5 million for 3,500 nodes."
"SentinelOne Singularity Complete is fairly priced."
"The pricing is comparable with other vendors but some customers find it a bit costly."
"While SentinelOne Singularity Complete carries a higher price tag than some endpoint security solutions, customers find its robust features and return on investment justify the cost."
"It was cheaper than McAfee, which was a way to convince management to go with the solution."
"The pricing and licensing make sense."
"The pricing model is simple."
"This solution is less expensive than its competitors."
"SentinelOne Singularity Complete's pricing is affordable."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Outsourcing Company
14%
Construction Company
8%
Retailer
8%
Financial Services Firm
8%
Computer Software Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business125
Midsize Enterprise69
Large Enterprise90
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for SanerNow?
The pricing is reasonable - we paid about 2.5 million for 3,500 nodes.
What needs improvement with SanerNow?
SanerNow CyberHygiene Platform needs to incorporate more documentation.
What is your primary use case for SanerNow?
We use the tool for patch, application, and vulnerability management.
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...
What needs improvement with SentinelOne Singularity?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need t...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
SecPod SanerNow, SanerNow RP
Sentinel Labs, SentinelOne Singularity, Singularity Platform
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Siemens, Aruba, SironLabs, POS Aviation, Kotak, Kaizen Automotive, Amagi, McNeilus Steel, Claremont, Glassbeam, Marlabs, Amazon Web Services
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about SanerNow CyberHygiene Platform vs. SentinelOne Singularity Endpoint and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.