No more typing reviews! Try our Samantha, our new voice AI agent.

MetaDefender Endpoint vs SentinelOne Singularity Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
MetaDefender Endpoint
Ranking in Endpoint Detection and Response (EDR)
69th
Average Rating
0.0
Reviews Sentiment
5.7
Number of Reviews
1
Ranking in other categories
No ranking in other categories
SentinelOne Singularity End...
Ranking in Endpoint Detection and Response (EDR)
2nd
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
270
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Anti-Malware Tools (2nd), Extended Detection and Response (XDR) (2nd), AI-Powered Cybersecurity Platforms (3rd), AI Observability (2nd)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Jasmit Singh Juneja - PeerSpot reviewer
CEO & Technology Specialist at Karman Infotech Private Limited
Comprehensive endpoint visibility and multilayer security have strengthened compliance and protected removable media in critical environments
I work with the data sanitization feature, including USB. When it comes to data integrity, it is not meant for data integrity; it will modify your data. It will not look into your content, but it will look into embedded objects, such as hyperlinks, scripts, and any other embedded object, macro, and images. It will remove that potential malicious content, sanitize the hyperlink, remove the macro, sanitize the embedded objects, and remove the scripts if they are attached in your document to prevent you from zero-day attacks. MetaDefender Endpoint has an excellent malware detection feature; it has around thirty plus different anti-malware engines, so the detection ratio can go up to ninety-nine point nine percent. The vulnerability assessment feature definitely helps to address system vulnerabilities. You will have visibility of the vulnerability, and it is a continuous assessment. You will get complete visibility of your environment and of your endpoint.
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Soc Analyst at Softcell Technologies Limited
Automation has reduced alerts and freed the soc team to focus on faster incident response
Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I generally believe that Cortex XDR by Palo Alto Networks is probably the best in the market right now."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"Its ability to react to cyber data attacks is awesome."
"Cortex is a very good total solution on the endpoints."
"Palo Alto is the best security solution in the market."
"The tool's use cases are relevant to security."
"We switched because there were a lot of added features with Palo Alto that Check Point didn't have, and it was an upgrade for us."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Altogether, it is going to be complete endpoint protection and visibility."
"The reporting part is awesome."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"I am having a really good experience with SentinelOne Singularity, so I can't say there's anything they can improve because I'm not having any problems."
"We collect a lot of telemetry from Singularity Complete."
"Offers good protection against ransomware."
"It is purely cloud-based, meaning you don't need to have something installed, such as a server on-prem. You have cloud management and can access it from anywhere, with integration with SSO, with one click. It's also very lightweight."
"The most valuable feature is that it just unintrusively works in the background to carry out the protection."
"The most valuable feature is the automatic remediation."
 

Cons

"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"If he is using a smaller company, he can depend on some other tools because Cortex XDR by Palo Alto Networks is a bit expensive."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"I would like to see some additional features related to email protection included."
"The downsides of Cortex XDR by Palo Alto Networks are that in many incidents, when I enter the causality chain, there are numerous logs."
"There are some default policies which sometimes affect our applications and cause them to run around."
"The negative aspect is that it only provides visibility; you require integration with multiple products to get complete control."
"It's fine. It's correcting all the EFC files with a virus. All the achievements, maximum EFC files. Many EFC files will be flagged as a virus. Some virus databases need to be updated. The model is good at finding many EFC files. The trouble is it needs to be updated."
"There is not much focus on the on-premise solution as the license cap is so huge for small and medium-sized institutions."
"I really haven't done enough to really see any improvements."
"It's easy to deploy, but the documentation about the Linux part could be better because it's a little complicated only on the Linux part, specifically on Ubuntu; it could be clearer and simpler."
"When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools."
"SentinelOne makes it more difficult to define users. It is more granular than CrowdStrike, but it is not preferred because you have to check hundreds of roles."
"I feel that the custom dashboard feature is absent in SentinelOne Singularity Endpoint, as I can only use a default dashboard."
"The channel policy has room for improvement."
 

Pricing and Cost Advice

"Very costly product."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The price was fine."
"It has reasonable pricing for the use cases it provides to the company."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"Our license will require renewal in August, after which the maintenance will continue as usual."
Information not available
"I believe that the current pricing and licensing structure is fair."
"SentinelOne Singularity Complete is expensive compared to Microsoft but not Sophos."
"The pricing is reasonable."
"It's around $8 per client per month."
"At this time it is only a trial. After the trial period, I am going to purchase two licenses from SentinelOne."
"SentinelOne Singularity Complete is reasonably priced."
"The product's pricing is at par with what you see among major competitors. It's higher than McAfee, yet cheaper than CrowdStrike."
"I did not notice a significant increase in cost after adding SentinelOne."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
No data available
Computer Software Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Outsourcing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business127
Midsize Enterprise70
Large Enterprise91
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with MetaDefender Endpoint?
The negative aspect is that it only provides visibility; you require integration with multiple products to get comple...
What is your primary use case for MetaDefender Endpoint?
There are multiple use cases for MetaDefender Endpoint. The main one is a compliance check and system compliance chec...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What is your experience regarding pricing and costs for SentinelOne Singularity?
It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...
What needs improvement with SentinelOne Singularity?
I have encountered an issue related to the alerting mechanism in SentinelOne Singularity Complete. Sometimes I need t...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Sentinel Labs, SentinelOne Singularity, Singularity Platform
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: June 2026.
904,748 professionals have used our research since 2012.