Anomali vs SentinelOne Singularity Identity comparison

Anomali and SentinelOne are both solutions in the Advanced Threat Protection (ATP) category. Anomali is ranked #20 with an average rating of 8.5, while SentinelOne is ranked #15 with an average rating of 9.5. Anomali holds a 3.2% mindshare in ATP, compared to SentinelOne’s 2.0% mindshare. Additionally, 80% of Anomali users are willing to recommend the solution, compared to 95% of SentinelOne users who would recommend it.

Anomali

Read 4 Anomali reviews

4,409 Views
705 Comparison Views

80% willing to recommend

SentinelOne Singularity Ide...

Read 22 SentinelOne Singularity Identity reviews

3,305 Views
628 Comparison Views

95% willing to recommend

Anomali

SentinelOne Singularity Ide...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 18, 2026

Anomali and SentinelOne Singularity Identity are prominent players in the cybersecurity industry. SentinelOne Singularity Identity seems to have an advantage due to its extensive features and perceived value, despite Anomali's appealing pricing and support.

Features: Anomali provides strong threat intelligence capabilities, effective threat modeling, and adaptable API functionality. SentinelOne Singularity Identity focuses on AI-driven anomaly and identity detection, offers a unified console for visibility, and features machine learning capabilities for threat detection.

Room for Improvement: Anomali could enhance its dataset size, improve user interface customization, and expand real-time threat alert capabilities. SentinelOne Singularity Identity might refine its false positive management, enhance observability capabilities, and streamline its cross-sectional threat correlation.

Ease of Deployment and Customer Service: Anomali integrates smoothly with existing infrastructures and offers efficient customer service. SentinelOne Singularity Identity boasts a simple deployment process and responsive support, providing a slightly better experience in setup and assistance.

Pricing and ROI: Anomali is attractive due to its lower initial costs and solid ROI with key threat management functions. SentinelOne Singularity Identity demands higher upfront costs but delivers a better long-term ROI because of its advanced capabilities.

To learn more, read our detailed Anomali vs. SentinelOne Singularity Identity Report (Updated: March 2026).

Buyer's Guide

Anomali vs. SentinelOne Singularity Identity

March 2026

Download the complete report

Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Anomali

Ranking in Advanced Threat Protection (ATP)

20th

Average Rating

7.8

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (32nd), User Entity Behavior Analytics (UEBA) (12th), Threat Intelligence Platforms (TIP) (7th), Extended Detection and Response (XDR) (23rd)

SentinelOne Singularity Ide...

Ranking in Advanced Threat Protection (ATP)

15th

Average Rating

9.0

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Vulnerability Management (21st), Threat Deception Platforms (3rd), Identity Threat Detection and Response (ITDR) (5th)

Mindshare comparison

As of March 2026, in the Advanced Threat Protection (ATP) category, the mindshare of Anomali is 3.2%, up from 0.8% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 2.0%, up from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Advanced Threat Protection (ATP) Mindshare Distribution
Product	Mindshare (%)
SentinelOne Singularity Identity	2.0%
Anomali	3.2%
Other	94.8%

Advanced Threat Protection (ATP)

Featured Reviews

ChrisCollins

Enterprise Security Architect V at FirstEnergy

Enables automated threat intelligence sorting and enhances proactive threat hunting capabilities

You have to have at least a threat intelligence background or a SOC analyst background to use it, as that's the information you'll dig around with in there. If you don't have that kind of knowledge, it probably can be a little hard to use, but they do provide training. They offer training not only for how to use the platform but also some basic threat intelligence training to explain what these things are and what these terms mean. My company is a customer of Anomali. I would recommend it to other people. I would advise making sure you don't pick it without testing other products and have your use cases well thought out and documented before testing, so you know it will solve the problems you're trying to address. Keep an open mind with it and realize that whatever you can dream of, you can probably do with the platform. Overall, I would rate Anomali an eight out of ten.

Read full review

Roftiel Constantine

Global Chief Information Security Officer at Barry-Wehmiller

Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities

During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."

"We now have a very robust collection of threat intelligence based on the capabilities that Anomali provides."

"The most valuable aspect of Anomali is the threat modeling capability."

"The feature I have found most valuable is credential monitoring. This feature is easy and quick."

"The effectiveness of their AI and behavioral analysis helps mitigate zero-day activities and detect new threats."

"The product's initial setup phase is straightforward."

"SentinelOne Singularity Identity provides machine learning capabilities for threat detection; among the use cases, I have found static AI, behavioral AI, and dynamic AI to help with malware detection, so there are three types of AI in the Singularity console agent."

"The AI provides a futuristic ML model. That helps a lot when it comes to shifting security approaches and hep better forecast attacks."

"I like the detection and protection features. We don't need to do anything, and it will alert us when the mitigation is not successful. We only need to target those endpoints. Otherwise, we don't have to do anything about that."

"SentinelOne enhances our customers' risk management."

"All the features within the XDR are valuable as a whole for our organization."

"One of the top things we're interested in is cloud protection."

More SentinelOne Singularity Identity pros

Cons

"Support in the past has been top-notch, but recent trends indicate that it has taken a back seat, as we often don't get answers for days."

"Less code in integration would be nice when building blocks."

"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."

"An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting."

"Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one."

"The UI can be more user-friendly."

"Our engineers are dealing with issues to add exclusions to the antivirus for custom applications."

"The first-level support has room for improvement."

"The policies could be more precise, and Singularity should use more templates like alternative solutions have. Endpoint management is poor. We cannot manage individual endpoints and must rely on policies, exclusions, or block lists to apply settings to a group instead of the individual agent. If I have to make settings for one computer, I need to create a group, apply the configuration, and move the agent there. It's challenging to manage endpoints that way."

"One area for improvement would be the self-healing nature of the agent."

"The resolution turnaround from SentinelOne Singularity Identity's support should be improved."

"To improve SentinelOne, I would suggest adding a network detection and response capability."

More SentinelOne Singularity Identity cons

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."

"The cost of SentinelOne Singularity Identity is better than CrowdStrike."

"SentinelOne Singularity Identity's pricing is cheaper than CrowdStrike and is really good."

"Compared to competitors, it's well-priced for the quality offered, and I don't see anyone surpassing them in that regard."

"As a SentinelOne partner, we offer competitive pricing on comprehensive packages that include the SentinelOne license, our management services, and a proof-of-concept to ensure the technology meets your needs."

"Ideally, I would like SentinelOne to lower their prices a little bit."

"SentinelOne seemed to offer more while being priced lower than its competitors."

"The price is affordable."

"Their pricing has been fair, especially in the current market, and they haven't excessively increased prices at renewal times like many vendors do."

More SentinelOne Singularity Identity pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.

See recommendations

884,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

Manufacturing Company

Educational Organization

Computer Software Company

Financial Services Firm

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	2
Midsize Enterprise	1
Large Enterprise	5

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	5
Large Enterprise	13

Questions from the Community

What needs improvement with Anomali ThreatStream?

An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting. Combining all aliases ...

See all answers

What is your primary use case for Anomali ThreatStream?

I use Anomali ( /products/anomali-reviews ) for threat hunting, threat collection, operationalization of intelligence, such as indicators of compromise (IOCs), and dissemination of reports for repo...

See all answers

What advice do you have for others considering Anomali ThreatStream?

For new users, I recommend taking the training provided by Anomali as it is very well articulated. I advise reading the user manual and taking the instructor-led training sessions from the customer...

See all answers

What is your experience regarding pricing and costs for SentinelOne Singularity Identity?

I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.

See all answers

What needs improvement with SentinelOne Singularity Identity?

Regarding improvements, I believe that API integration in third-party applications could be better. The Singularity tool uses its own credential in the record features.

See all answers

What is your primary use case for SentinelOne Singularity Identity?

One of the main use cases I describe is that we face lateral movement in our customer's server side. The customer is using 50 or more servers for the news channel, Daily Thanthi. Among those, one s...

See all answers

Comparisons

Recorded Future vs Anomali

Compared 6% of the time

ThreatConnect Threat Intelligence Platform (TIP) vs Anomali

Compared 6% of the time

Splunk Enterprise Security vs Anomali

Compared 4% of the time

IBM Security QRadar vs Anomali

Compared 3% of the time

TrendAI Vision One – Network Security vs Anomali

Compared 3% of the time

More Anomali Competitors

Huntress Managed ITDR vs SentinelOne Singularity Identity

Compared 16% of the time

Tenable Vulnerability Management vs SentinelOne Singularity Identity

Compared 6% of the time

Wiz vs SentinelOne Singularity Identity

Compared 6% of the time

Microsoft Defender for Identity vs SentinelOne Singularity Identity

Compared 4% of the time

Qualys VMDR vs SentinelOne Singularity Identity

Compared 4% of the time

More SentinelOne Singularity Identity Competitors

Product Reports

Buyer's Guide

Threat Intelligence Platforms (TIP)

March 2026

Download Anomali product report

Buyer's Guide

SentinelOne Singularity Identity

February 2026

Download SentinelOne Singularity Identity product report

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics

No data available

Overview

Anomali delivers advanced threat intelligence solutions designed to enhance security operations by providing comprehensive visibility into threats and enabling real-time threat detection and management.

Anomali stands out in threat intelligence, offering an innovative platform that integrates data to identify and analyze threats effectively. It enables teams to streamline threat detection processes and respond to incidents with increased agility. With a focus on accuracy and efficiency, Anomali supports cybersecurity professionals in making informed decisions to safeguard their networks consistently.

What are Anomali's core features?

ThreatStream: A platform that aggregates threat intelligence feeds to enhance threat assessment.
Match: An automated detection feature that matches internal log data against threat intelligence insights.
Link: Provides graphical visualization for threat analysis, helping to understand threat vectors better.
STAXX: A lightweight tool for collecting and analyzing open-source threat intelligence.

What are the key benefits and ROI of using Anomali?

Improved Threat Detection: Streamlined processes lead to faster identification and response to threats.
Resource Efficiency: Automation reduces manual tasks, allowing security teams to focus on strategic activities.
Better Decision Making: Provides actionable insights that enable more informed security strategies.

In industries like finance and healthcare, Anomali is implemented to address specific challenges like compliance and data protection. By using this platform, organizations gain the ability to adapt to evolving threats, ensuring robust and adaptable security postures tailored to industry demands.

Anomali

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network

Information Not Available

Buyer's Guide

Anomali vs. SentinelOne Singularity Identity

March 2026

Free Report: Anomali vs. SentinelOne Singularity Identity

Find out what your peers are saying about Anomali vs. SentinelOne Singularity Identity and other solutions. Updated: March 2026.

DOWNLOAD NOW

884,873 professionals have used our research since 2012.

See our Anomali vs. SentinelOne Singularity Identity report.

See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.