Try our new research platform with insights from 80,000+ expert users

SentinelOne Singularity Complete vs Veracode comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
SentinelOne Singularity Complete reduced incident response time and costs, improving ROI with advanced features and central management.
Sentiment score
6.8
Veracode improved code quality, security, and efficiency, leading to cost savings, faster releases, and enhanced operational benefits for organizations.
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
We have not faced any attacks since we implemented it.
It has absolutely helped reduce our organizational risk.
The scanners of Veracode bring status of the weaknesses in the current infrastructure. It scans and provides reports regarding the servers, the network, and the applications running on those servers.
Regarding price, the evaluation should focus on how efficiently they will recover their investment, considering the time saved through the use of Veracode Fix, for example, and the ability to fix code at dev time compared to the problems faced when fixing after the product is already deployed.
 

Customer Service

Sentiment score
7.3
SentinelOne Singularity Complete is praised for effective, fast support, though some desire more phone and interactive assistance.
Sentiment score
7.3
Veracode provides effective, prompt support with knowledgeable staff, though response times and coordination occasionally need improvement.
They do a great job of figuring out the problem and pointing you to generic documentation or working with you to fine-tune a solution.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
Access to the engineering team is crucial for faster feedback on the product fix process.
They are very responsive and quick to help with queries within our scope.
They respond very quickly since security is something critical.
 

Scalability Issues

Sentiment score
8.1
SentinelOne Singularity Complete is versatile, seamlessly expanding across platforms, integrating easily, but faces issues when scaling down.
Sentiment score
7.5
Veracode is scalable and effective for large user volumes, though some note potential scaling costs and manageable packaging challenges.
It's all auto-scale and auto-categorized, configuring automatically.
The tool's built-in automation for deploying the agents works well for large infrastructures like mine.
My deployment is relatively small, and SentinelOne Singularity Complete works within those constraints.
Cloud solutions are easier to scale than on-premise solutions.
It has a good capacity to scale effectively.
 

Stability Issues

Sentiment score
7.9
SentinelOne Singularity Complete is stable, reliable, with minor connectivity issues during updates; users appreciate its performance and stability.
Sentiment score
7.9
Users find Veracode stable and reliable, with occasional well-communicated maintenance and improved stability, despite some glitches and false positives.
It has caused problems with interoperability between third-party tools, which could lead to entire servers crashing or specific tools failing.
This indicates room for improvement in stability when interacting with other solutions.
Initially, there were issues, particularly on the management side, but now the console is much more stable.
If the Veracode server is down, we experience many issues during the scan.
It's not that easy to onboard, but once they have been onboarded on the platform, and the pipeline configured alongside the product configured, it works effectively.
 

Room For Improvement

SentinelOne Singularity Complete needs UI refinement, better automation, flexible policies, reduced resource use, and improved pricing and support.
Veracode faces criticism for false positives, outdated UI, slow scans, high costs, and poor support for new technologies.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
Providing a single pane of visibility for the end user would be beneficial.
It's challenging to prevent a user from manipulating their privileges or someone else's of others, and it's difficult to control what users can access at the organizational level.
If it could be integrated directly with code repositories such as Bitbucket or GitHub, without the need to create a pipeline to upload and decode code, it would simplify the code scan process significantly.
We had issues with scanning large applications. Scanning took a lot of time, so we kept it outside the DevOps pipeline to avoid delaying deployments.
A nice addition would be if it could be extended for scenarios with custom cleansers.
 

Setup Cost

SentinelOne Singularity Complete is seen as cost-effective by some but pricey compared to traditional antivirus solutions, yet feature-rich.
Veracode's high pricing suits large enterprises but is challenging for smaller businesses, with negotiable terms for optimal value.
If you want protection, you have to pay the price.
They counted many of the instances and licenses as duplicates despite them only being alive once, which was frustrating.
It’s cheaper than other competitors.
It's not the most expensive solution.
If there's a security gap, you'll never know the cost or effect.
Pricing-wise, I find it a bit expensive because it's based on the number of users requesting access to Veracode.
 

Valuable Features

SentinelOne Singularity Complete offers robust, AI-driven security and seamless integration, enhancing performance and protection for enterprises.
Veracode integrates with CI/CD pipelines, offering fast scans, low false positives, and tools for efficient vulnerability management and compliance.
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
It offers confidence by preventing exposure to vulnerabilities and helps ensure that we are not deploying vulnerable code into production.
The best features in Veracode include static analysis and the early detection of vulnerable libraries; it integrates with tools such as Jenkins.
It fixes issues directly in the IDE while you're doing it.
 

Categories and Ranking

SentinelOne Singularity Com...
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
198
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd), Extended Detection and Response (XDR) (2nd)
Veracode
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
201
Ranking in other categories
Application Security Tools (2nd), Static Application Security Testing (SAST) (2nd), Container Security (8th), Software Composition Analysis (SCA) (3rd), Static Code Analysis (1st), Application Security Posture Management (ASPM) (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. SentinelOne Singularity Complete is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 5.8%, down 7.1% compared to last year.
Veracode, on the other hand, focuses on Application Security Tools, holds 9.0% mindshare, down 10.7% since last year.
Endpoint Detection and Response (EDR)
Application Security Tools
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
It integrates well with other platforms, is user-friendly, and is stable
SentinelOne Singularity Complete integrates with our other security solutions, correlating data from NDR, ADR, SIEM, and XDR tools. All this information is consolidated within SentinelOne, providing a centralized access point. SentinelOne Singularity Complete has helped us streamline our security operations by consolidating multiple solutions into a single platform. We are currently in the process of acquiring a threat intelligence platform to complete our security stack. We use Ranger to monitor our network and track connected devices. This is crucial because it helps us quickly identify unauthorized machines connected to our infrastructure, including personal devices. We have additional security measures in place, but Ranger provides an extra layer of protection. It also alerts us if the SentinelOne Singularity Complete agent is missing from any new or existing machines, allowing us to take appropriate action. SentinelOne Ranger's agentless and hardware-independent nature is crucial for our environment with 26,000 endpoints, as manual management of such a large number would be extremely challenging. Ranger uses a multi-layered approach to prevent vulnerable devices from being compromised. We employ scanners, network configurations, and a risk scanner to assess devices, endpoints, servers, and cloud infrastructures. Vulnerability reports and timelines for remediation are shared with device owners or custodians. This proactive strategy enables us to address vulnerabilities efficiently and secure our infrastructure. SentinelOne Singularity Complete has significantly enhanced our security posture. While no system is impenetrable, this solution has brought us closer to achieving a high level of protection, ensuring we maintain at least a 90 percent security level. Our team is dedicated to refining alerts and eliminating false positives from our solutions. Additionally, a team is responsible for identifying and excluding alerts from the solution. We can manually expedite this process by reviewing these elements and utilizing our security tools. We have been able to reduce the alert volume by 20 percent. Our 30-member Security Operations Center team has been able to redirect their focus to other tasks due to the time saved after implementing SentinelOne Singularity Complete. SentinelOne Singularity Complete has helped us improve our mean time to detect threats, which we accomplish using the Vigilance service for detection and response. SentinelOne Singularity Complete has helped us decrease our organizational risk. We utilize the Security Scorecard to manage our security posture, which has remained steady at 90 percent.
Sajal Sharma - PeerSpot reviewer
Offers shift-left security strategy and helps us with the latest security configurations, OWASP standards, and SAST standards
It's robustness is the main benefit to the organization. As it gets upgraded with time, it also improves the coverage – security configuration coverages and vulnerability coverages. It also updates itself with the latest known vulnerabilities that are uploaded to the NVD, OWASP, or other databases. So it gets upgraded itself with that. And so with each upgrade, it gets better and better. The solution offers the ability to prevent vulnerable code from going into production. It provides us with a report containing multiple remediations and mitigations for each vulnerability. For example, if it finds a cross-site scripting vulnerability, it will also include references like CWE and CVE records, instructions on how to fix it, and the specific line of code or module where the vulnerability is present. This helps us fix the issues accordingly. I'm a penetration tester and DevSecOps engineer. I evaluate the findings, mark false positives, and manually exploit vulnerabilities if they exist. If we need further clarification, we raise a ticket with the Veracode team and get consultancy from them. We are a software development team. If we find a vulnerability, I exploit it and come back with the best possible mitigation, and the dev team fixes it. If we use Veracode Fix, it might use third-party implementations or make changes we aren't aware of. We need to be very aware of what our application is using internally. It should be known to us. As per my experience, the solution's policy reporting ensures compliance with industry standards. It comes with multiple features. I get the most out of it, and it's good. The solution provides visibility into application status at every phase of development. Like static analysis, dynamic analysis, software composition, and manual penetration tests - throughout the SDLC We have a pipeline that I maintain. I use the Veracode API account and have integrated it with AWS and our Jenkins pipeline. We use Snyk for SCA and Veracode for SAST scanning. At the earliest stage of the build, the SAST scan runs along with the JS and PHP files. It provides us with reports, which are then handed over to the other tools we depend on. If I validate the report or check the Veracode dashboard and find vulnerabilities, I mark them as false positives or existing issues. We work on multiple projects, but the one I'm handling these days only uses Veracode for SAST. It's been about one and a half years since I've been working with Veracode and this project. It is quite impressive. There are some things Veracode cannot find, like code obfuscations inside the code and some insecure randoms. Sometimes, it misses those flaws. But overall, if I compare it with other tools, it is better. I will definitely recommend others to use this tool. We run the scan before each deployment. If the dev team builds a new module or something, we scan it along with all the files. If we find anything, we get it fixed. That's how it works. Veracode is quite important to the organization's shift-left security strategy because we make a scan for each deployment. Sometimes, if I think we need to perform a shift-left, I just make a scan before deployment and check for any misconfiguration or vulnerability in the code.
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Manufacturing Company
8%
Financial Services Firm
7%
Government
6%
Computer Software Company
16%
Financial Services Firm
16%
Manufacturing Company
8%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
Which gives you more for your money - SonarQube or Veracode?
SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...
What do you like most about Veracode?
The SAST and DAST modules are great.
What is your experience regarding pricing and costs for Veracode?
The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.
 

Also Known As

Sentinel Labs, SentinelOne Singularity
Crashtest Security , Veracode Detect
 

Overview

 

Sample Customers

Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.
859,687 professionals have used our research since 2012.