SentinelOne Singularity Complete vs SentinelOne Singularity Hologram comparison

The compared SentinelOne Singularity Complete and SentinelOne Singularity Hologram solutions aren't in the same category. SentinelOne Singularity Complete is ranked #2 in EDR , with an average rating of 9.0, and holds a 5.0% mindshare in the category. SentinelOne Singularity Hologram is ranked #28 in ATP , with an average rating of 7.0, and holds a 0.8% mindshare. Additionally, 98% of SentinelOne Singularity Complete users are willing to recommend the solution, compared to 100% of SentinelOne Singularity Hologram users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between SentinelOne Singularity Complete and SentinelOne Singularity Hologram based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: March 2026).

Buyer's Guide

Endpoint Detection and Response (EDR)

March 2026

Download the complete report

Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

Endpoint Detection and Response (EDR) Mindshare Distribution
Product	Mindshare (%)
SentinelOne Singularity Complete	5.0%
CrowdStrike Falcon	8.4%
Microsoft Defender for Endpoint	6.9%
Other	79.7%

Endpoint Detection and Response (EDR)

Advanced Threat Protection (ATP) Mindshare Distribution
Product	Mindshare (%)
SentinelOne Singularity Hologram	0.8%
Microsoft Defender for Office 365	7.6%
Palo Alto Networks WildFire	7.5%
Other	84.1%

Advanced Threat Protection (ATP)

Q&A Highlights

Pawel Kaminski

Solutions Architect at IT Solution Factor Sp. z o.o.

Aug 18, 2023

Does SentinelOne have a Virtual Patching functionality?

Yes -- SentinelOne has a Virtual Patching functionality called Virtual Patching and Exploit Shield. This preventive security solution uses behavioral AI to identify and block zero-day attacks and vulnerabilities before they can be exploited. Virtual Patching and Exploit Shield works by: Identifying vulnerable applications and devices on the network Applying a virtual patch to vulnerable applications and devices Monitoring the applications and devices for any malicious activity Virtual Patching and Exploit Shield helps protect organizations against zero-day attacks and vulnerabilities. It complements traditional patching solutions and helps organizations reduce their attack surface. It also improves security posture. Here are some of the benefits of using SentinelOne Virtual Patching and Exploit Shield: Protects against zero-day attacks and vulnerabilities Reduces the attack surface Improves security posture Easy to deploy and manage Can be used with a variety of applications and devices

See all answers

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

Vaibhav Mahendra Kolhe

Soc Analyst at Softcell Technologies Limited

Automation has reduced alerts and freed the soc team to focus on faster incident response

Regarding mean time to respond, the improvements I see with SentinelOne Singularity Complete are that genuine files also get alerts. We are getting false positives, but we are also getting genuine true positive alerts. The improvement will be deep visibility because as I am using Splunk as a SIEM, I compare deep visibility with Splunk, but deep visibility has limited access with only a 14-day policy to retain logs. The improvement will be in overall policy management. The third point will be the complexity of policies. If we want some endpoints to use only USB or if we need to block USB on some points, the policy management is very complex. The fourth point will be that Mac OS and Linux don't have the rollback policy; that policy is only for Windows. These four points are improvements if SentinelOne Singularity Complete can address them. Data privacy and security when utilizing Purple AI is crucial for SentinelOne Singularity Complete, and SentinelOne Singularity Complete lacks in data security. Data security is very important in this world. In my organization, if we deploy SentinelOne Singularity Complete and we have integrated all the firewalls, all devices, and AWS devices to SentinelOne Singularity Complete, logs will be forwarded to SentinelOne Singularity Complete through SentinelOne Singularity Complete. However, SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution. From the data security point of view, SentinelOne Singularity Complete is not good.

Read full review

Graham Peck

Data Security Manager at Leeds United FC

Lockdown devices and ports on endpoints so that you can stop propagation of any virus if it's detected but performance utilization can be better

It's scalable in the form of it now covers mobile devices as well as a number of other different types of devices, not just Windows. Also, there's no limit as to how many devices you can install it on. We plan to expand the number of devices/users as we get more people onboard or upgrade to more mobile devices; we will then increase the number of licenses for mobile devices. We've got 450 licenses, but we've got about 375 devices and users currently. I would rate the scalability a ten out of ten. There's not a product yet that I've found that I can't put it on, especially now that they've got the new release, which was the mobile agents.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution's stability is generally good."

"After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."

"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."

"Stability is a primary factor, and then there's the ease of distribution and policy management."

"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."

"It's a nice product that's stable and scalable."

"It has pretty much everything we need and works well within the Palo Alto ecosystem."

More Cortex XDR by Palo Alto Networks pros

"It is great for security monitoring and blocking when needed."

"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."

"The tool's most valuable feature is EDR."

"Our clients have been able to survive a ransomware attack without even knowing that they had had files encrypted and automatically rolled back - even their Point of Sale (POS) system did not miss a beat and the business continued as normal without interruption."

"This feature is fantastic because it remediates issues while maintaining a clear audit trail, which is great for compliance."

"The interface of SentinelOne Singularity Complete is user-friendly, and we can quickly find what we need."

"Overall, I would rate it a nine out of ten."

"Unlike other endpoint solutions like Kaspersky or Trend Micro, SentinelOne's agents are exceptionally lightweight, updating seamlessly without consuming significant network or system resources."

More SentinelOne Singularity Complete pros

"The automated response capability in SentinelOne enhances security operations. It means I don't have to worry about having too many security people watching it because you can automate a lot of the tasks."

Cons

"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."

"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."

"A little bit more automation would be nice."

"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."

"The downsides of Cortex XDR by Palo Alto Networks are that in many incidents, when I enter the causality chain, there are numerous logs."

"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."

"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."

"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."

More Cortex XDR by Palo Alto Networks cons

"I rate Singularity Cloud Workload Security's stability a four out of ten."

"The false alerts can be annoying, especially during administrative tasks."

"The solution can use up a lot of resources when scanning. It would be ideal if it was lighter."

"In the SIEM solution, I would like to see improvements in the data injection process, as it is very fast, and the log collector option is very nice. However, there are issues in blocking the hash, which is complicated due to different segregation for Windows, Linux, and macOS, so I ask for an improvement in this hash blocking function and the manual generation of how many VSS snapshots."

"The MDM functionality and maturity still need improvement."

"The ability to integrate this product with an antivirus solution would be welcome. Even consolidation with more security products, like Umbrella networking abilities etc. to provide more on this platform, that would be great."

"One area of SentinelOne that definitely has room for improvement is the reporting. The canned reports are clunky and we haven't been able to pull a lot of good information directly from them."

"The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab."

More SentinelOne Singularity Complete cons

"The performance utilization on the device that it's monitoring. This aspect needs improvement."

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."

"This is an expensive solution."

"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."

"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."

"Its pricing is kind of in line with its competitors and everybody else out there."

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"I did not notice a significant increase in cost after adding SentinelOne."

"The licensing is convenient, straightforward, and very clear."

"The price of SentinelOne is on the higher side compared to other solutions, such as Symantec."

"Nothing good is cheap, and SentinelOne is no exception."

"The one I use is $6 a month per device. Some are $4 and there are some that are more than that."

"The cost of utilizing all the features of SentinelOne Singularity Complete is high."

"While the cost of SentinelOne Singularity Complete might seem high at first glance, it's important to consider the value it offers."

"Spend money on the security for the endpoint."

More SentinelOne Singularity Complete pricing and cost advice

"I would rate the pricing a three out of ten; one is very expensive, and ten is an absolutely cheap product."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

884,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

Manufacturing Company

Financial Services Firm

Comms Service Provider

Computer Software Company

12%

Manufacturing Company

Financial Services Firm

Government

Manufacturing Company

15%

Comms Service Provider

10%

Computer Software Company

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	20
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	93
Midsize Enterprise	48
Large Enterprise	78

No data available

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

Which is better - SentinelOne or Darktrace?

Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...

See all answers

What do you like most about SentinelOne Singularity?

The Ranger feature is valuable.

See all answers

What is your experience regarding pricing and costs for SentinelOne Singularity?

It is neither too costly, but definitely, it is one of the advantages that SentinelOne is quite adapted towards the p...

See all answers

What is your experience regarding pricing and costs for SentinelOne Singularity Hologram?

It's obviously increased my cost when it comes to security management because I didn't have it before, and it isn't t...

See all answers

What needs improvement with SentinelOne Singularity Hologram?

The performance utilization on the device that it's monitoring. This aspect needs improvement.

See all answers

What advice do you have for others considering SentinelOne Singularity Hologram?

Overall, I would rate the solution a seven out of ten. I won't give it a ten. I've seen some others that I may next t...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 9% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Fortinet FortiEDR vs SentinelOne Singularity Complete

Compared 5% of the time

CrowdStrike Falcon vs SentinelOne Singularity Complete

Compared 5% of the time

Microsoft Defender for Endpoint vs SentinelOne Singularity Complete

Compared 3% of the time

Huntress Managed EDR vs SentinelOne Singularity Complete

Compared 3% of the time

Trellix Endpoint Security Platform vs SentinelOne Singularity Complete

Compared 2% of the time

More SentinelOne Singularity Complete Competitors

Tenable Vulnerability Management vs SentinelOne Singularity Hologram

Compared 15% of the time

SentinelOne Singularity Identity vs SentinelOne Singularity Hologram

Compared 13% of the time

Acalvio vs SentinelOne Singularity Hologram

Compared 11% of the time

Microsoft Defender for Endpoint vs SentinelOne Singularity Hologram

Compared 9% of the time

Proofpoint Identity Threat Defense vs SentinelOne Singularity Hologram

Compared 9% of the time

More SentinelOne Singularity Hologram Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

SentinelOne Singularity Complete

February 2026

Download SentinelOne Singularity Complete product report

Buyer's Guide

Advanced Threat Protection (ATP)

February 2026

Download SentinelOne Singularity Hologram product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

Sentinel Labs, SentinelOne Singularity

Attivo Networks

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

SentinelOne Singularity Complete delivers advanced endpoint protection leveraging AI-driven threat detection and behavior analysis for efficient malware and ransomware response. Its standout features enhance security insights and ensure comprehensive endpoint management.

SentinelOne Singularity Complete provides robust ransomware recovery through unique rollback capabilities and seamless integration with various security solutions. Its machine learning enhances endpoint protection, minimizing false positives and automating responses. While praised for real-time threat monitoring, incident management, and asset management, it faces challenges in managing the console, customizing UI, and maintaining policy flexibility. Some users report difficulties with deployment and integration with existing systems, and enhanced reporting, alert management, and documentation are desired. Its appeal extends to deploying across multiple operating systems, offering comprehensive security coverage and facilitating cybersecurity compliance.

What standout features does SentinelOne Singularity Complete offer?

Rollback Capability: Provides effective ransomware recovery.
AI-Driven Threat Detection: Enhances threat identification and response.
Behavior Analysis: Automates and refines security processes.
Seamless Integration: Works well with other security solutions.
Machine Learning: Minimizes false positives and improves threat response.

What benefits should users consider in reviews?

Enhanced Security Insights: Improves overall threat management.
Reduced Detection Time: Lowers incident response time significantly.
User-Friendly Interface: Simplifies process for deployment and management.
Comprehensive Endpoint Protection: Ensures broad defense against threats.

Industries implement SentinelOne Singularity Complete for its AI capabilities in advanced endpoint protection, particularly against malware and ransomware. It's utilized across diverse operating systems, aiding in real-time threat monitoring and facilitating compliance. Organizations use it for vulnerability assessments and asset management, ensuring optimal protection in complex IT environments.

SentinelOne

Singularity Hologram, a component of the SentinelOne Singularity platform, leverages advanced, high-interaction deception and decoy technology to lure in-network attackers and insider threat actors into engaging and revealing themselves. By mimicking production IT, IoT, and OT OSes, applications, data, native cloud technologies, and more, Singularity Hologram uncovers covert adversary activity, collects high-fidelity telemetry, and garners actionable intelligence to help you strengthen your defenses. Singularity Hologram decoys appear indistinguishable from production assets and are designed to engage and misdirect attackers away from real systems and data. All decoys encompass a breadth of form factors, adapting to a variety of business & organizational needs.

SentinelOne

Sample Customers

CBI Health Group, University Honda, VakifBank

Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank

NSS Labs., Fierce IT security, FireEye

Buyer's Guide

Endpoint Detection and Response (EDR)

March 2026

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: March 2026.

DOWNLOAD NOW

884,873 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.