We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The most valuable aspect is undoubtedly the exploration capability"
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"I like the indexing of the logs."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"SentinelOne Singularity Complete has a valuable feature that allows us to install the agent on every endpoint and extract all asset information for reporting purposes in our live inventory."
"The solution offers very rich details surrounding threats or attacks."
"When there is an incident, the solution's Storyline feature gives you a timeline, the whole story, what it began with, what it opened, et cetera. You have the whole picture in one minute. You don't need someone to analyze the system, to go into the logs. You get the entire picture in the dashboard. The Storyline feature has made our response time very fast because we don't need to rely on outside help."
"We have a preference for their receptor. It's good at finding many EFC files. EFC files could have a virus."
"The most valuable feature is the automatic remediation."
"The most valuable feature is that it does what it says it will do. It fulfills its claims. It’s not really common for products to do that today."
"The product can scale."
"The Deep Visibility feature is the most useful part of the EDR platform. It gives us good insights into what is actually happening on the endpoints, e.g., when we have malicious or suspicious activity. We came from a legacy type AV previously, so we didn't have that level of visibility or understanding. For simplifying threat-hunting, it is extremely useful, where traditional techniques in threat hunting are quite laborious. We can put in indicators of compromise and it will sweep the environment for them, then they would give us a breakdown of what assets have been seen and where they have been seen, which is more of a forensics overview."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"The interface could be more user friendly because it is sometimes hard to deal with."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"I would have liked the dashboard to be more user-friendly."
"There should be more integration models with different security operations tools or soft tools."
"In terms of improvement, the documentation could be better. I would also like to see SingularityOne compatibility with Huntress, and the tighter integration between them would bring more to the table."
"I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible."
"There aren't enough reporting capabilities for decision-makers."
"I would appreciate it if they would consider providing a comprehensive vulnerability assessment report that goes beyond just application vulnerabilities."
"I rate Singularity Complete a seven out of ten for affordability. It's more expensive than our previous solution, but it does its job well. At the same time, there is some room for improvement. Cheaper is always better."
"SentinelOne's customer support is sluggish and frequently fails to deliver sufficient assistance."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 59 reviews while SentinelOne Singularity Complete is ranked 2nd in Extended Detection and Response (XDR) with 177 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Fortinet FortiAnalyzer, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
