Try our new research platform with insights from 80,000+ expert users

Anomali vs SentinelOne Singularity Identity comparison

Anomali and SentinelOne are both solutions in the Advanced Threat Protection (ATP) category. Anomali is ranked #20 with an average rating of 8.5, while SentinelOne is ranked #15 with an average rating of 9.5. Anomali holds a 3.2% mindshare in ATP, compared to SentinelOne’s 2.0% mindshare. Additionally, 80% of Anomali users are willing to recommend the solution, compared to 95% of SentinelOne users who would recommend it.
Anomali
Read 4 Anomali reviews
  • 4,147 Views
  • 622 Comparison Views
80% willing to recommend
SentinelOne Singularity Ide...
Read 22 SentinelOne Singularity Identity reviews
  • 3,041 Views
  • 578 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 18, 2026

Anomali and SentinelOne Singularity Identity are prominent players in the cybersecurity industry. SentinelOne Singularity Identity seems to have an advantage due to its extensive features and perceived value, despite Anomali's appealing pricing and support.

Features: Anomali provides strong threat intelligence capabilities, effective threat modeling, and adaptable API functionality. SentinelOne Singularity Identity focuses on AI-driven anomaly and identity detection, offers a unified console for visibility, and features machine learning capabilities for threat detection.

Room for Improvement: Anomali could enhance its dataset size, improve user interface customization, and expand real-time threat alert capabilities. SentinelOne Singularity Identity might refine its false positive management, enhance observability capabilities, and streamline its cross-sectional threat correlation.

Ease of Deployment and Customer Service: Anomali integrates smoothly with existing infrastructures and offers efficient customer service. SentinelOne Singularity Identity boasts a simple deployment process and responsive support, providing a slightly better experience in setup and assistance.

Pricing and ROI: Anomali is attractive due to its lower initial costs and solid ROI with key threat management functions. SentinelOne Singularity Identity demands higher upfront costs but delivers a better long-term ROI because of its advanced capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Anomali vs. SentinelOne Singularity Identity Report (Updated: February 2026).
Buyer's Guide
Anomali vs. SentinelOne Singularity Identity
February 2026
Download the complete report
Helped 881,733 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anomali
Ranking in Advanced Threat Protection (ATP)
20th
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
4
Ranking in other categories
Security Information and Event Management (SIEM) (31st), User Entity Behavior Analytics (UEBA) (12th), Threat Intelligence Platforms (TIP) (7th), Extended Detection and Response (XDR) (25th)
SentinelOne Singularity Ide...
Ranking in Advanced Threat Protection (ATP)
15th
Average Rating
9.0
Reviews Sentiment
7.3
Number of Reviews
22
Ranking in other categories
Vulnerability Management (21st), Threat Deception Platforms (3rd), Identity Threat Detection and Response (ITDR) (5th)
 

Mindshare comparison

As of February 2026, in the Advanced Threat Protection (ATP) category, the mindshare of Anomali is 3.2%, up from 0.8% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 2.0%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
SentinelOne Singularity Identity2.0%
Anomali3.2%
Other94.8%
Advanced Threat Protection (ATP)
 

Featured Reviews

CC
ChrisCollins
Enterprise Security Architect V at FirstEnergy
Enables automated threat intelligence sorting and enhances proactive threat hunting capabilities
You have to have at least a threat intelligence background or a SOC analyst background to use it, as that's the information you'll dig around with in there. If you don't have that kind of knowledge, it probably can be a little hard to use, but they do provide training. They offer training not only for how to use the platform but also some basic threat intelligence training to explain what these things are and what these terms mean. My company is a customer of Anomali. I would recommend it to other people. I would advise making sure you don't pick it without testing other products and have your use cases well thought out and documented before testing, so you know it will solve the problems you're trying to address. Keep an open mind with it and realize that whatever you can dream of, you can probably do with the platform. Overall, I would rate Anomali an eight out of ten.
Read full review
Roftiel Constantine - PeerSpot reviewer
Roftiel Constantine
Global Chief Information Security Officer at Barry-Wehmiller
Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities
During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"The most valuable aspect of Anomali is the threat modeling capability."
"We now have a very robust collection of threat intelligence based on the capabilities that Anomali provides."
"The incident and threat logs are great."
"The most valuable feature of SentinelOne Singularity Identity is its ability to detect based on behavior rather than just static signatures."
"The response is a valuable aspect of SentinelOne."
"They have different levels of support. We have the highest level where they are constantly checking all the endpoints. If at any certain point, they identify that a computer has been triggered by a virus, a link, or something else, they would automatically tell us that within 15 seconds. If they notice something, they automatically send us an email saying that they noticed something in the computer, and they are going to block it."
"SentinelOne stands out due to its AI capabilities, which lead to excellent prevention."
"One of the top things we're interested in is cloud protection."
"The AI provides a futuristic ML model. That helps a lot when it comes to shifting security approaches and hep better forecast attacks."
"Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart."
More SentinelOne Singularity Identity pros
 

Cons

"Less code in integration would be nice when building blocks."
"Support in the past has been top-notch, but recent trends indicate that it has taken a back seat, as we often don't get answers for days."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting."
"The first-level support has room for improvement."
"One area for improvement would be the self-healing nature of the agent."
"I don't like SentinelOne's reporting tools. Their reports seem fine theoretically, but the issue is the sample size. For example, it will report that there were four incidents, and that equals 25 percent fewer incidents compared to the previous months. It would be a great improvement if I could expand the range to see reports for the last six months, but it's always one month. That would be an easy thing for them to resolve."
"To improve SentinelOne, I would suggest adding a network detection and response capability."
"A lot of those features came from an acquisition of a different company."
"To enhance our already strong partnership with SentinelOne, we should focus on improving collaboration."
"We've brought three critical items to their attention regarding vulnerability management."
"The resolution turnaround from SentinelOne Singularity Identity's support should be improved."
More SentinelOne Singularity Identity cons
 

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
"SentinelOne Singularity Identity's pricing is cheaper than CrowdStrike and is really good."
"Compared to competitors, it's well-priced for the quality offered, and I don't see anyone surpassing them in that regard."
"SentinelOne seemed to offer more while being priced lower than its competitors."
"Ideally, I would like SentinelOne to lower their prices a little bit."
"There is a need to make yearly payments towards the licensing charges associated with the product...I think the prices associated with the product are okay and it is not too expensive."
"Their pricing has been fair, especially in the current market, and they haven't excessively increased prices at renewal times like many vendors do."
"Its price is a little bit high. It is a nice product, but it comes at a cost. Compared to other products, it is not cheap, but you sometimes have to pay for the value you get. It is not cheap, but it is worth it."
"The price of SentinelOne Singularity Identity is relatively high, but it offers numerous features and capabilities that make it well worth the investment."
More SentinelOne Singularity Identity pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
881,733 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Manufacturing Company
7%
Educational Organization
7%
Computer Software Company
7%
Computer Software Company
10%
Manufacturing Company
8%
Financial Services Firm
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise1
Large Enterprise5
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise5
Large Enterprise13
 

Questions from the Community

What needs improvement with Anomali ThreatStream?
An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting. Combining all aliases ...
See all answers
What is your primary use case for Anomali ThreatStream?
I use Anomali ( /products/anomali-reviews ) for threat hunting, threat collection, operationalization of intelligence, such as indicators of compromise (IOCs), and dissemination of reports for repo...
See all answers
What advice do you have for others considering Anomali ThreatStream?
For new users, I recommend taking the training provided by Anomali as it is very well articulated. I advise reading the user manual and taking the instructor-led training sessions from the customer...
See all answers
What is your experience regarding pricing and costs for SentinelOne Singularity Identity?
I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.
See all answers
What needs improvement with SentinelOne Singularity Identity?
Regarding improvements, I believe that API integration in third-party applications could be better. The Singularity tool uses its own credential in the record features.
See all answers
What is your primary use case for SentinelOne Singularity Identity?
One of the main use cases I describe is that we face lateral movement in our customer's server side. The customer is using 50 or more servers for the news channel, Daily Thanthi. Among those, one s...
See all answers
 

Comparisons

ThreatConnect Threat Intelligence Platform (TIP) vs Anomali Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Anomali
Compared 7% of the time
Recorded Future vs Anomali Logo
Recorded Future vs Anomali
Compared 7% of the time
Splunk Enterprise Security vs Anomali Logo
Splunk Enterprise Security vs Anomali
Compared 4% of the time
IBM Security QRadar vs Anomali Logo
IBM Security QRadar vs Anomali
Compared 3% of the time
ThreatQ vs Anomali Logo
ThreatQ vs Anomali
Compared 3% of the time
More Anomali Competitors
Huntress Managed ITDR vs SentinelOne Singularity Identity Logo
Huntress Managed ITDR vs SentinelOne Singularity Identity
Compared 13% of the time
Tenable Vulnerability Management vs SentinelOne Singularity Identity Logo
Tenable Vulnerability Management vs SentinelOne Singularity Identity
Compared 7% of the time
Wiz vs SentinelOne Singularity Identity Logo
Wiz vs SentinelOne Singularity Identity
Compared 6% of the time
Qualys VMDR vs SentinelOne Singularity Identity Logo
Qualys VMDR vs SentinelOne Singularity Identity
Compared 5% of the time
CrowdStrike Falcon vs SentinelOne Singularity Identity Logo
CrowdStrike Falcon vs SentinelOne Singularity Identity
Compared 5% of the time
More SentinelOne Singularity Identity Competitors
 

Product Reports

Buyer's Guide
Threat Intelligence Platforms (TIP)
January 2026
Anomali reportDownload Anomali product report
Buyer's Guide
SentinelOne Singularity Identity
January 2026
SentinelOne Singularity Identity reportDownload SentinelOne Singularity Identity product report
 

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics
No data available
 

Overview

Anomali delivers advanced threat intelligence solutions designed to enhance security operations by providing comprehensive visibility into threats and enabling real-time threat detection and management.

Anomali stands out in threat intelligence, offering an innovative platform that integrates data to identify and analyze threats effectively. It enables teams to streamline threat detection processes and respond to incidents with increased agility. With a focus on accuracy and efficiency, Anomali supports cybersecurity professionals in making informed decisions to safeguard their networks consistently.

What are Anomali's core features?
  • ThreatStream: A platform that aggregates threat intelligence feeds to enhance threat assessment.
  • Match: An automated detection feature that matches internal log data against threat intelligence insights.
  • Link: Provides graphical visualization for threat analysis, helping to understand threat vectors better.
  • STAXX: A lightweight tool for collecting and analyzing open-source threat intelligence.
What are the key benefits and ROI of using Anomali?
  • Improved Threat Detection: Streamlined processes lead to faster identification and response to threats.
  • Resource Efficiency: Automation reduces manual tasks, allowing security teams to focus on strategic activities.
  • Better Decision Making: Provides actionable insights that enable more informed security strategies.

In industries like finance and healthcare, Anomali is implemented to address specific challenges like compliance and data protection. By using this platform, organizations gain the ability to adapt to evolving threats, ensuring robust and adaptable security postures tailored to industry demands.

Anomali

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne
 

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
Information Not Available
Buyer's Guide
Anomali vs. SentinelOne Singularity Identity
February 2026
Free Report: Anomali vs. SentinelOne Singularity Identity
Find out what your peers are saying about Anomali vs. SentinelOne Singularity Identity and other solutions. Updated: February 2026.
DOWNLOAD NOW
881,733 professionals have used our research since 2012.
See our Anomali vs. SentinelOne Singularity Identity report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.