← EDR / XDRSentinelOne Singularity

StrongStrongStrongStrong

4.7

Vendors › EDR / XDR › SentinelOne Singularity

SentinelOne Singularity

Name: SentinelOne Singularity
Rating: 4.7 (4009 reviews)
Author: SentinelOne

SentinelOne

Founded 2013·US·Public

4.7

Combined score

4.7850

Gartner

4.72,869

▪ Editorial verdict

SentinelOne Singularity has built the most automated response capability in the EDR market. The one-click ransomware rollback is not a marketing claim - it is a genuinely unique capability that no other EDR vendor offers at equivalent maturity. Combined with 2,869 Gartner Peer Insights reviews averaging 4.7 out of 5, the platform consistently delivers on its autonomous response promise.

The platform excels at autonomous action. For security teams that want the EDR to act without waiting for analyst approval, SentinelOne is the strongest choice. For teams that want more analyst control over automated response decisions, the autonomous model can occasionally feel like it acts faster than desired.

The verdict: SentinelOne Singularity is right for organisations that want the highest autonomous response capability, particularly for ransomware resilience, with the strongest user validation in the category. Organisations evaluating both EDR and MDR should compare the full Singularity plus Vigilance cost against CrowdStrike Falcon Complete.

Last reviewed: May 2026

4.7850 reviews

Gartner

4.72,869 reviews

PeerSpot

8.7290 reviews

Gartner MQ: Leader (4 consecutive years)

EDR / XDR assessment

PROTECTIONStrong

Endpoint detection

5 / 5

Highest total review volume of any EDR — 2,869 Gartner reviews averaging 4.7. One-click automated ransomware rollback is unique to SentinelOne. Autonomous AI detects without requiring prior signatures.

Sources: Gartner Peer Insights, SentinelOne MITRE results

Extended XDR coverage

4 / 5

XDR extends to cloud workloads and identity via Singularity platform. Scored 4 because cloud-native coverage breadth is strong but maturing versus endpoint-native capabilities.

Sources: SentinelOne Singularity documentation, G2 reviews

OPERATIONSStrong

Automated response

5 / 5

Industry's strongest autonomous response — automated rollback, isolation, kill, and quarantine without manual intervention. 85% reduction in false positives reported by enterprise clients.

Sources: SentinelOne Vigilance documentation, Gartner reviews

Deployment & management

4 / 5

Scored 4 because multi-tier licensing (Core/Control/Complete) adds complexity for procurement, and advanced features require Enterprise licence.

Sources: SentinelOne pricing documentation, G2 reviews

ANALYTICSStrong

Threat hunting UX

4 / 5

Deep Visibility provides excellent raw telemetry search. Scored 4 because Storyline visualisation (unique SentinelOne capability) is excellent but newer analysts find it less familiar than CrowdStrike's timeline approach.

Sources: SentinelOne Deep Visibility documentation, G2 reviews

TRUST & ECOSYSTEMStrong

Ecosystem integrations

4 / 5

Strong integrations with major SIEM, SOAR, and cloud platforms. Scored 4 rather than 5 because the partner ecosystem is smaller than CrowdStrike.

Sources: SentinelOne integration marketplace

Strongest: Endpoint detection

Watch out for: Ecosystem integrations

Strengths & limitations

Strengths

●Highest total review volume of any EDR — 2,869 Gartner reviews

●One-click automated ransomware rollback — unique capability

●85% reduction in false positives reported by enterprise clients

Watch out for

●Premium pricing comparable to CrowdStrike

●Vendor lock-in risk within Singularity ecosystem

●New features (AI SIEM, cloud) still maturing

Best for

Organisations wanting autonomous AI-driven endpoint protection with highest peer validation and unique ransomware rollback.

Not suitable for: SMBs wanting cheapest option

Compliance coverage

●Essential Eight

●SOC 2

●HIPAA

●NIST CSF

●PCI-DSS

●CMMC

●GDPR

●NIS2

●ISO 27001

●CIS Benchmarks

○AU Privacy Act

○DORA

Switching intelligence

Switching from

Common migration paths based on review data

Also considering

Vendors typically shortlisted alongside

Also in our database

SentinelOne also appears in:

MDR / Managed SOC →Cloud Security Posture Management →

← Back to EDR / XDR Compare with other EDR / XDR vendors →

Quick facts

Pricing modelper endpoint/year; Core, Control, Complete tiers

Pricing range$69-$179/endpoint/year

Free trialYes — 30 days

Min seats5

Deployment time< 1 day

Complexity2 / 5

Pricing transparency3 / 5

AU presenceYes

IRAP assessedNo

Open sourceProprietary

Deployment

ModelsSaaS

OS supportWindows, macOS, Linux

CloudAWS, Azure, GCP

SupportPhone, Email, Chat, Dedicated CSM

Data residencyUS, EU, AU

Company

SentinelOne

Founded 2013 · 2,000-3,000 employees · Public

HQ: US

$800M+ ARR

Certifications

FedRAMP Moderate, SOC 2 Type II, ISO 27001, PCI-DSS

Integrations

OktaAzure ADSplunkServiceNowPalo AltoZscalerMicrosoft Sentinel