• Home
  • SentinelOne Singularity Complete vs. Splunk Enterprise Security

SentinelOne Singularity Complete vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Anti-Malware Tools
November 2023
Executive Summary

We performed a comparison between SentinelOne Singularity Complete and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, SentinelOne, ESET and others in Anti-Malware Tools.
To learn more, read our detailed Anti-Malware Tools Report (Updated: November 2023).
Download the complete report
744,865 professionals have used our research since 2012.
Featured Review
Anonymous User
Helps to centralize and mitigate organizational risk
The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing... Read more →
John Yuko
Good visualization, reliable, scales well, and has good support
Using Splunk, give us the visualization we need, we can easily observe things such as user behavior analytics, irregular traffic, frequency, and... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening.""SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control.""The most valuable features are forensic investigation and ransomware prevention.""The most useful feature of all is deep visibility.""I appreciate the network control as well as the device control.""SentinelOne gives us visibility into various high-level vulnerabilities on every gateway on the network. It helps us prevent vulnerable devices from being compromised. We primarily use Singularity for its EDR functions. We're happy with that.""We find the solution to be scalable.""The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

More SentinelOne Singularity Complete Pros →

"The ability to ingest different log types from many different products in our environment is most valuable.""Great platform with user-friendly interface and GUI.""You can integrate Splunk with third-party security automation solutions and set rules for automatic response.""Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize.""Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later.""You can use it to gather syslog messages from anything.""Splunk has a wide range of features that customers use to find and analyze all kinds of logs.""Splunk Enterprise Security is able to process a huge amount of data without any issues."

More Splunk Enterprise Security Pros →

Cons
"Some reports could be better.""The anti-ransomware technology takes up a lot of disc space.""The grouping feature needs improvement.""There should be more integration models with different security operations tools or soft tools.""We have had cases where Singularity Complete has caused applications to malfunction.""The previous vendor had a lot more features and capabilities under the license. For example, I lost DLP as Sentinel One does not have DLP.""I've had some issues with the specific agents, however, we are moving off of that particular OS that we were having issues with. Other than that, it's been a pretty solid tool.""One of the things they could do is extend the product range to include Android and iPhone so that you could have the app on your phone as well. There is probably something going on there with that, but that's something that they're lacking at the moment. For instance, if I was to have to recommend a client to protect their phone, I'd have to recommend Norton or something else. I don't have an answer within the SentinelOne solution."

More SentinelOne Singularity Complete Cons →

"It will be helpful for customers if they can create some real-world cases, and we can find a case study to align with. I know that Splunk has tremendous potential. We only include a tiny piece of it. There is a lot of stuff that we need to learn. If Splunk can provide more real-time examples, that will be helpful for customers.""I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.""Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky.""The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options.""The UI can be improved. Dashboards and reports can be better in terms of graphics.""It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department.""The analytics of Splunk could be improved.""Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "The pricing is very reasonable."
  • "Its price can be lower because I'm seeing competition from another vendor who beats it on commercials."
  • "The pricing of the solution seems reasonable, we got a discount but it still seems reasonable. The licensing cost is $3 to $4 per endpoint and can be paid monthly or yearly, with the price changing according to commitment."
  • "Just buy the Capture Client and buy the installer itself in a license of 100,000, or whatever is needed. You don't need to invest in any management tools because they are already installed, and maintenance from the client will keep everything up and running."
  • "Its price is per endpoint per year. One of the features of its licensing is that it is a multi-tenanted solution. From an MSSP point of view, if I want to have several different virtual clouds of customers, it is supported natively, which is not the case with, for example, Microsoft Defender. Another nice thing about it is that you can buy one license if you want to. Some vendors insist that you buy 50 or 100, whereas here, you can just buy one."
  • "SentinelOne can cost approximately $70 per device."
  • "Its cost is yearly. It is not much costlier than other leading products available in the market. I would rate it a four out of five in terms of pricing."
  • "It's around $8 per client per month."

    • More SentinelOne Singularity Complete Pricing and Cost Advice →

  • "The pricing modules could be improved."
  • "This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
  • "It is expensive. I used to buy it early on, but then they combined it into a higher-up organization. They buy it for multiple systems now. Last time, I paid around 60K for it. There is just the licensing fee. That's all."
  • "I remember Splunk being relatively affordable. Kibana was more reasonable, but you get more with Splunk. If I was suggesting something, I would probably suggest Splunk because it is better to pay a little bit more and get a lot more."
  • "Expensive compared to other options."
  • "The price of Splunk is too high for our market."
  • "The price of this solution is expensive. However, it has great features. If you want a great solution you need to pay a price matching the features."
  • "There is an annual license required to use this solution."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Anti-Malware Tools solutions are best for your needs.
    See Recommendations
    744,865 professionals have used our research since 2012.
    Questions from the Community
    Cortex XDR by Palo Alto vs. Sentinel One
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to… more »
    Read all 3 answers   →
    Which is better - SentinelOne or Darktrace?
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for… more »
    Read all 7 answers   →
    What do you like most about SentinelOne?
    Top Answer:The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform.
    Read all 57 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    2nd
    out of 92 in Anti-Malware Tools
    Views
    11,869
    Comparisons
    6,410
    Reviews
    112
    Average Words per Review
    877
    Rating
    8.6
    1st
    out of 72 in Security Information and Event Management (SIEM)
    Views
    30,341
    Comparisons
    24,794
    Reviews
    72
    Average Words per Review
    850
    Rating
    8.5
    Comparisons
    Also Known As
    Sentinel Labs, SentinelOne Singularity
    Learn More
    SentinelOne
    Splunk
    Overview

    SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.

    SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels of security and varied payment options. SentinelOne works well with Linux, Windows, and MacOS, and can successfully support legacy infrastructures as well as the newer popular environments, including the latest operating systems. The single pane of glass management will save time and money by reducing manpower and ensuring comprehensive security protection of all your endpoints locally and worldwide.

    SentinelOne offers intensive training and support to meet every organization’s unique business needs.

    SentinelOne's levels of services and support include, but are not limited to:

    SentinelOne GO is a guided 90-day onboarding service to ensure successful deployment and success. It assists with the deployment planning and overview, initial user setup, and product overviews. It provides ongoing training and advisory meetings, ensuring that everything is set up correctly and that your team understands the appropriate protocols to ensure success.

    SentinelOne offers multi-tiered support based on your organizational needs from small business to enterprise, using their Designed Technical Account Management (TAM). They have support for every business level: Standard, Enterprise, and Enterprise Pro. SentinelOne is always available to ensure that you and your organization work together to minimize the risk of downtime and any threat exposure.

    Threat Hunting & Response Services

    Support for threat hunting and response include Watch Tower, Watch Tower Pro, Vigilance Respond, and Vigilance Respond Pro. Each of these services builds on the other, progressively adding features based on your organizational needs.

    Watch Tower: This is the entry-level plan and includes: Active campaign hunting and cyber crime alerts and course correction for potential threats, access to the Monthly Hunting & Intelligence Digest.

    Watch Tower Pro: Includes everything in WatchTower and customized threat hunting for all current & historical threats, unlimited access to Signal Hunting Library of Pre-Built Queries, Incident-Based Triage and Hunting, continuous customer service, followup and reporting, a Security Assessment, and quarterly Cadence meetings.

    Vigilance Respond: Includes all of the features of Watch Tower in addition to a security assessment and Cadence meetings, which are on-demand. Provides the features of Watch Tower Pro in addition to 24x7x365 monitoring, triage, and response.

    Vigilance Respond Pro: Includes all of the features of the above options, including a security assessment and quarterly cadence meeting as well as a complete digital forensic investigation and malware analysis.

    Reviews from Real Users

    Jeff D. who is an Operations Manager at Proton Dealership IT, tells us that "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

    "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring." relates Rae J., Director IR and MDR at a tech services company.

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Offer
    Learn more about SentinelOne Singularity Complete
    Learn More
    Learn more about Splunk Enterprise Security
    Learn More
    Sample Customers
    Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Manufacturing Company15%
    Financial Services Firm10%
    Computer Software Company9%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider6%
    Government6%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company17%
    Financial Services Firm16%
    Government10%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise24%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise19%
    Large Enterprise47%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Anti-Malware Tools
    November 2023
    Download Free Report
    Find out what your peers are saying about Microsoft, SentinelOne, ESET and others in Anti-Malware Tools. Updated: November 2023.
    DOWNLOAD NOW
    744,865 professionals have used our research since 2012.

    SentinelOne Singularity Complete is ranked 2nd in Anti-Malware Tools with 127 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 76 reviews. SentinelOne Singularity Complete is rated 8.6, while Splunk Enterprise Security is rated 8.6. The top reviewer of SentinelOne Singularity Complete writes "You don't need to configure a lot with it because it provides an unmatched layer of protection out of the box". On the other hand, the top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Intercept X Endpoint, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, Microsoft Sentinel, IBM Security QRadar and Elastic Security.

    We monitor all Anti-Malware Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.