We performed a comparison between IBM Security QRadar and SentinelOne Singularity Complete based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements.
Comparison Results: Our users prefer IBM Security QRadar over SentinelOne Singularity Complete. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management. SentinelOne Singularity Complete users say it lacks some of QRadar's more advanced features and requires enhancements in automation, reporting functionality, user-friendliness, and stability.
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The integration with other Microsoft solutions is the most valuable feature."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"Microsoft 365 Defender is a stable solution."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I have found the ability to delete unwanted threats beneficial."
"The monitoring and dashboards are great."
"Improved our organization's TCO."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"The visibility it gives you into your infrastructure has been great."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"A nice benefit is when we go to the process of selecting our youth cases, they go by building blocks. QRadar links it to building blocks."
"Improves visibility and has a great new dashboard."
"We get events and make the correlation, or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens."
"The EDR functionality of the platform is what we use the most. That was the primary reason why we got SentinelOne. That is what we use the most in terms of functionality."
"It's a plug-and-play solution that works well with other out of box integrations that we have."
"The protection SentinelOne Singularity Complete provides to our endpoint devices in terms of cybersecurity is valuable."
"We are able to write some custom rules on SentinelOne."
"The visibility component is the most valuable feature."
"It uses AI technology so it can find known and unknown threats. It is stable and provides one of the best technical support."
"The solution can search for hidden and dormant threats on encrypted traffic in your environment."
"The most valuable feature is the machine learning capability, as opposed to the traditional rule-based antivirus."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The price should be adjustable by region."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"From a functionality point of view there are issues sometimes."
"The interface is very old. IBM should remake it into a more modern interface."
"The playbook guide which specifies the rules for security use cases needs to be provided to support in case the organization needs help."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"They have to build more quantitative monitoring, profiling, and make it more predictive."
"The implementation of the solution's technology needs to be simplified."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"For the common needs of clients to fulfill requirements, a real integration with Blueworks Live (BPA modeling tool also from IBM) and a more suitable BPM on cloud solution for midsize customers."
"Singularity Complete's process stream has room for improvement."
"It would be good to see some small tools to test files or hashes that are a potential threat, I know there are already products offering this."
"The channel policy has room for improvement."
"An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."
"They can just continue adding more integrations with these big brands and software security products."
"In automation, if we could schedule when we run the task and on which systems we want to run the task, it would improve automation."
"Maybe they can develop some firewall aspects for it to better protect us."
"The product must provide the ability to update applications from the SentinelOne Management Console."
More SentinelOne Singularity Complete Pricing and Cost Advice →
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while SentinelOne Singularity Complete is ranked 2nd in Extended Detection and Response (XDR) with 177 reviews. IBM Security QRadar is rated 8.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our IBM Security QRadar vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.