We performed a comparison between Elastic Security and SentinelOne Singularity Complete based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The most valuable feature is the speed, as it responds in a very short time."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The most valuable feature for me is Discover."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The 365 management and analytics from the cloud is another great feature."
"It is great for security monitoring and blocking when needed."
"Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked."
"The autonomous platform is valuable because we can separate false positives and negatives."
"SentinelOne Singularity Complete, together with SentinelOne Vigilance, is an EDR tool with capabilities such as these, which I found valuable: the dashboard that shows you all the information and the power to either manually or automatically quarantine issues or threats in the environment."
"SentinelOne's auto-rollback feature is the most valuable."
"I appreciate the network control as well as the device control."
"The most valuable feature is the quick response to attacks."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The web filtering solution needs to be improved because currently, it is very simple."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The solution does not offer a unified response and standard data."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"I would like more ways to manage permissions and restrict access to certain users."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible."
"SentinelOne is making a lot of moves to acquire various companies, but the roadmap isn't clear, and it is still uncertain how the new acquisitions will integrate. For example, SentinelOne recently acquired a mobile security solution, but there is no real integration between the platforms."
"An area for improvement in SentinelOne is the search feature. You can't go beyond twenty thousand events, which ruins the task because it isn't enough when you're doing your investigation."
"SentinelOne needs to provide more documentation for administrators and analytics."
"My biggest complaint is that when you're logged into the console there is the Help section where you can review all the documentation. But when you log in to the support portal, there is documentation there as well. They need to sync those two into one place so that I don't have to search in two different locations for an answer."
"We had some stability issues when we started working with SentinelOne."
"The filtering features of the application management console could be improved."
"If there is a vulnerability that we know about, I search for that vulnerability—for example, Adobe. There are different versions of Adobe, but I'm not able to compile them into one report. I have to create separate reports for those versions."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Elastic Security is rated 7.6, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Fortinet FortiAnalyzer, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Elastic Security vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.