SentinelOne Singularity Endpoint vs Trellix ESM comparison

SentinelOne and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 98% of SentinelOne users are willing to recommend the solution, compared to 76% of Trellix users who would recommend it.

SentinelOne Singularity End...

Read 227 SentinelOne Singularity Endpoint reviews

98% willing to recommend

Trellix ESM

Read 38 Trellix ESM reviews

2,941 Views
2,647 Comparison Views

76% willing to recommend

SentinelOne Singularity End...

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 9, 2026

Trellix ESM and SentinelOne Singularity Complete are both active competitors in the cybersecurity field. SentinelOne Singularity Complete seems to have the upper hand due to its advanced AI functionalities and automated response, providing comprehensive endpoint protection.

Features: Trellix ESM is praised for its seamless integration, user-friendliness, and effective incident analysis capabilities. It offers customizable dashboards, extensive reporting, real-time threat detection, and compliance management, enhancing network visibility. SentinelOne Singularity Complete offers centralized management, AI-powered behavior detection, and autonomous threat response. It provides real-time dashboards, detailed reporting, and robust threat-hunting capabilities, excelling in endpoint threat management with minimal intervention, and shows strong integration with IT environments.

Room for Improvement: Trellix ESM could enhance its integration capabilities with SaaS solutions and support for diverse vendors. Stability improvements, better documentation, and a more intuitive interface are suggested. SentinelOne Singularity Complete could benefit from customizable reporting, enhanced policy controls, and better IT management integrations. Faster console load times and improved threat insights would boost usability. Its platform can be resource-intensive, requiring improvements in agent update processes and endpoint integration handling.

Ease of Deployment and Customer Service: Trellix ESM is mainly deployed on-premises, allowing controlled environments but facing challenges with timely assistance and complex access. Its technical support is well-regarded, with accessible resources. In contrast, SentinelOne Singularity Complete supports diverse models, including cloud options, aligning well with its flexible integration. Documentation and licensing clarity are areas for improvement noted by users.

Pricing and ROI: Trellix ESM's pricing is deemed reasonable considering its features, offering a positive ROI, especially for MSSP clients valuing its cost-effectiveness. However, SentinelOne, although viewed as affordable and scalable, is sometimes considered expensive despite its comprehensive features. Its efficient threat detection and response capabilities are highly valued, generating noticeable ROI by reducing threats and operational costs.

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: March 2026).

Buyer's Guide

Security Information and Event Management (SIEM)

March 2026

Download the complete report

Helped 886,174 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

7.0

SentinelOne Singularity Complete boosts efficiency, reduces response times, and increases productivity, offering significant cost savings and strong ROI.

Sentiment score

3.2

In-house teams claim McAfee offers high ROI, but executives struggle to see it without C-level focused reports.

SentinelOne Singularity Complete has helped reduce my organization's mean time to detect by fifty percent.

David Heinz

Director, Infrastructure & Security at Dreamscape Companies

If I engage five engineers for this project and implement SentinelOne, then only one resource is needed to manage the dashboard and criticality alerts.

Manoranjan Rana

Business Head at Ivalue Infosolution

Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.

David Smegelski

Computer Technician at VILLE DE POINTE-CLAIRE

For more quotes and insights, download the SentinelOne Singularity Endpoint report

No quotes available

For more quotes and insights, download the Trellix ESM report

Customer Service

Sentiment score

7.3

SentinelOne Singularity Complete's support is highly rated for responsiveness and expertise, despite occasional delays and communication issues.

Sentiment score

4.3

Trellix ESM customer service is generally satisfactory, but technical support varies with noted delays and skill gaps.

If we get stuck at midnight, any other TAC team will be in GMT or Europe or America, and they will assign our support engineer and suddenly schedule a call for us and resolve the issue.

Vaibhav Mahendra Kolhe

Soc Analyst at Softcell Technologies Limited

We are using the automated email process for support, and they respond within an hour or two hours sometimes.

David Smegelski

Computer Technician at VILLE DE POINTE-CLAIRE

A chat service would be beneficial.

Mohsinoddin Mohammed

Information Security Principal at a venture capital & private equity firm with 1,001-5,000 employees

For more quotes and insights, download the SentinelOne Singularity Endpoint report

I would rate support for Trellix ESM 10 out of 10 because if we connect with the support in the UK, we get excellent support.

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

It's rare for me to need them unless it's an issue with licensing, and they are the best in that regard.

Bernard Lugalia

Cyber Security Engineer at Protec

For more quotes and insights, download the Trellix ESM report

Scalability Issues

Sentiment score

7.9

SentinelOne Singularity Complete offers scalable, cloud-native security with minimal impact, supporting environments with centralized control and easy deployment.

Sentiment score

8.6

Trellix ESM is highly scalable and adaptable, excelling in enterprise environments but may have limitations for medium enterprises.

The platform is designed to handle thousands of endpoints without significant performance degradation.

Abhinandan Yadav

Network Security Engineer at Arrow PC Network Pvt Ltd

It's all auto-scale and auto-categorized, configuring automatically.

Deepak Bhaskaran

AGM IT Security at Page Industries Ltd

SentinelOne Singularity Complete is very scalable.

Krishna R

DGM. Technical Security at a tech services company with 10,001+ employees

For more quotes and insights, download the SentinelOne Singularity Endpoint report

Scalability is quite easier with Trellix ESM, because all we need to do is add more receivers to it, so it can go to any point.

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

For more quotes and insights, download the Trellix ESM report

Stability Issues

Sentiment score

7.9

SentinelOne Singularity Complete is stable and reliable, with minor issues like update conflicts and search performance noted by users.

Sentiment score

8.3

Trellix ESM is generally stable with effective support, though some users experience bugs and interruptions affecting reliability.

If I have to rate the stability level of Singularity Platform from one to ten, I would say it would be a strong nine.

reviewer2646066

Information Security Officer at a tech vendor with 51-200 employees

The automation helps a lot, and once implemented, we face no further issues regarding stability or scalability; everything works absolutely fine.

Mohan Janarthanan

Associate Vice President at Novac Technology Solutions

Even if the agent disconnects from our console, it will still protect the desktop or laptop.

Vaibhav Mahendra Kolhe

Soc Analyst at Softcell Technologies Limited

For more quotes and insights, download the SentinelOne Singularity Endpoint report

No quotes available

For more quotes and insights, download the Trellix ESM report

Room For Improvement

SentinelOne Singularity Complete needs UI and reporting improvements, better integrations, Linux support, and enhanced customer support.

Trellix ESM requires stability, HTML5 migration, and upgrades in customization, integration, support, usability, and AI for improved functionality.

The only thing that prevented the attack from succeeding was a free version of Malwarebytes.

Josh Vinson

Director, Information Technology at Premier Realty Group

When I find a log suspicious, if it automatically points out that a particular point in the log at a specific timing or frame is looking malicious, it would be easier for me.

Akash Das Barman

Cyber Security Mentor and trainee at DataSpace Academy

SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution.

Vaibhav Mahendra Kolhe

Soc Analyst at Softcell Technologies Limited

For more quotes and insights, download the SentinelOne Singularity Endpoint report

If there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that.

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

For more quotes and insights, download the Trellix ESM report

Setup Cost

SentinelOne offers competitive pricing, typically 12% cheaper than CrowdStrike, but can be costly for SMBs despite its robust features.

Trellix ESM offers flexible, slightly costly licensing, valued for its SOC features, with straightforward setup and deployment.

If you want protection, you have to pay the price.

Mohsinoddin Mohammed

Information Security Principal at a venture capital & private equity firm with 1,001-5,000 employees

There are other products that are less expensive, but I tell my clients that in security, they cannot cut corners or look for the cheapest solution.

reviewer1964085

President at a tech services company with 1-10 employees

Reputation and quality are important, but especially in today’s economy, price is a significant factor.

Daniel Giacomelli

Security and Compliance at a outsourcing company with 1,001-5,000 employees

For more quotes and insights, download the SentinelOne Singularity Endpoint report

No quotes available

For more quotes and insights, download the Trellix ESM report

Valuable Features

SentinelOne Singularity Complete offers advanced AI-powered threat management, real-time detection, seamless integration, and supports multiple OS platforms efficiently.

Trellix ESM excels in real-time threat detection, user-friendly interface, quick deployment, and strong integration with other technologies.

I have an advanced app providing visibility of all my endpoints, which was not the case before.

Deepak Bhaskaran

AGM IT Security at Page Industries Ltd

SentinelOne has a feature to decommission automatically, which has been fantastic.

David Smegelski

Computer Technician at VILLE DE POINTE-CLAIRE

There's also automation that gives my team free time, preventing them from having to look for every alert.

Magdy Ali

Network & Security Section Head/Digital Transformation at a government with 201-500 employees

For more quotes and insights, download the SentinelOne Singularity Endpoint report

The weakest point is it doesn't cover almost all the devices, so the customer has to be more dependent on the parsers to be written by the Professional Services team.

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

For more quotes and insights, download the Trellix ESM report

Categories and Ranking

SentinelOne Singularity End...

Average Rating

8.8

Reviews Sentiment

7.2

Number of Reviews

227

Ranking in other categories

Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Endpoint Detection and Response (EDR) (2nd), Extended Detection and Response (XDR) (2nd), AI Observability (4th)

Trellix ESM

Average Rating

7.6

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (29th)

Featured Reviews

Vaibhav Mahendra Kolhe

Soc Analyst at Softcell Technologies Limited

Automation has reduced alerts and freed the soc team to focus on faster incident response

Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Read full review

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

Offers comprehensive report generation while maintaining ease of integration

We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that. We can add some new features regarding AI in the future for Trellix ESM, but the maturity will take a longer time. There are many false positives that happen in an environment during the first couple of months, or around six months, so the system analyst is not able to identify whether the event which has occurred is a true positive or a false positive.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

886,174 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

11%

Manufacturing Company

Financial Services Firm

Government

Comms Service Provider

15%

Construction Company

11%

Financial Services Firm

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	104
Midsize Enterprise	51
Large Enterprise	79

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	6
Large Enterprise	24

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...

See all answers

Which is better - SentinelOne or Darktrace?

Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...

See all answers

What do you like most about SentinelOne Singularity?

The Ranger feature is valuable.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...

See all answers

What needs improvement with McAfee ESM?

Areas of Trellix ESM that could be improved or enhanced include checking on the clients who are still on-prem, especially banks, as most are not moving everything to the cloud due to confidentialit...

See all answers

What is your primary use case for McAfee ESM?

My customer's usual use case for Trellix ESM involves one client, as most of the users have moved to ESM. Nowadays, they don't use IPS only, since McAfee IPS is standalone; they incorporate firewal...

See all answers

Comparisons

CrowdStrike Falcon vs SentinelOne Singularity Endpoint

Compared 5% of the time

Fortinet FortiEDR vs SentinelOne Singularity Endpoint

Compared 4% of the time

Cortex XDR by Palo Alto Networks vs SentinelOne Singularity Endpoint

Compared 4% of the time

Microsoft Defender for Endpoint vs SentinelOne Singularity Endpoint

Compared 3% of the time

Huntress Managed EDR vs SentinelOne Singularity Endpoint

Compared 3% of the time

More SentinelOne Singularity Endpoint Competitors

OpenText Enterprise Security Manager vs Trellix ESM

Compared 15% of the time

IBM Security QRadar vs Trellix ESM

Compared 13% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 10% of the time

LogRhythm SIEM vs Trellix ESM

Compared 5% of the time

Fortinet FortiSIEM vs Trellix ESM

Compared 4% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Endpoint

March 2026

Download SentinelOne Singularity Endpoint product report

Buyer's Guide

Trellix ESM

March 2026

Download Trellix ESM product report

Also Known As

Sentinel Labs, SentinelOne Singularity, Singularity Platform

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

SentinelOne Singularity Complete is an advanced endpoint security platform featuring centralized management across multiple locations. It leverages AI-driven behavior detection, threat prioritization, and ransomware rollback for enhanced protection and streamlined operations.

With a focus on endpoint protection, threat detection, and automated response, SentinelOne Singularity Complete provides comprehensive security through AI-powered behavioral analysis and real-time threat detection. The centralized console simplifies management, offering seamless integration and minimal system impact. Its robust reporting capabilities facilitate compliance with audit-ready reports. Lightweight agents operate across diverse environments, improving visibility and performance while curbing manual efforts. To optimize its utility, faster console load times and improved customizability in reports and dashboards are recommended. Users may benefit from smoother integration with IT tools and enhanced policy management flexibility, as well as upgraded agent processes and simplified endpoint deployment. Expanding built-in analytics and refining alert management can further heighten platform efficacy.

What are the key features of SentinelOne Singularity Complete?

AI-Powered Detection: Utilizes advanced AI to identify potential threats based on behavior.
Automatic Remediation: Automatically rectifies detected issues, reducing response times.
Ransomware Rollback: Restores data to previous states if affected by ransomware attacks.
Centralized Dashboards: Provides real-time insights through intuitive dashboards.
Threat Prioritization: Identifies and ranks threats based on potential impact.

What benefits should users look for in reviews?

Integration: Seamlessly connects with security solutions to enhance risk management.
Minimal System Impact: Operates efficiently, preserving system performance.
Enhanced Protection: Delivers robust threat defense through AI-driven technology.
Compliance Support: Offers detailed reporting for audit readiness.
User Convenience: Combines autonomous decision-making with an intuitive interface.

In various industries, SentinelOne Singularity Complete is implemented for endpoint protection and incident management. Companies rely on it for its real-time threat detection and automated response capabilities, ensuring compliance and reduced manual intervention. Its adaptive nature supports diverse environments, enhancing operational efficiency.

SentinelOne

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Security Information and Event Management (SIEM)

March 2026

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, IBM and others in Security Information and Event Management (SIEM). Updated: March 2026.

DOWNLOAD NOW

886,174 professionals have used our research since 2012.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.