SentinelOne vs Cybereason

04 September 2020 | ITHQ Tech Team

SentinelOne and Cybereason Endpoint Protection Platforms perform many similar EDR tasks. Both businesses have offices in Boston and Israel and independent comparison sites such as itcentralstation regularly pitch them against each other.

Whilst SentinelOne is a Leader on Gartner's Magic Quadrant for Endpoint Protection, Cybereason has yet to feature. SentinelOne also performed far better than Cybereason in the MITRE ATT&CK APT29 2020 testing.

But perhaps the biggest difference between SentinelOne and Cybereason is price, with Cybereason starting at $50 per endpoint (according to our research) compared with $4.16 per endpoint for SentinelOne.

If you're looking for a next generation endpoint protection solution and these two are on your list, here's a direct comparison page to help.


Endpoint Protection: Key considerations

  • Is it easy to deploy and manage?
  • Is it dependent on cloud command and control for detection and response?
  • How effective has it been against zero-day attacks?
  • Do you have feature parity across Windows, Mac and Linux?
  • How does it perform in real world test scenarios?
  • What do other customers say about it?


Comparison of Business Benefits and Features


cybereason logo

SentinelOne logo
Business Benefits
Autonomous Protection and Response No – Cloud dependent legacy AV OEM (Bitdefender)  Yes
Fast Recovery
No - manual
Can be automated or 1-click
OS freedom (Windows / Mac / Linux feature parity)
No – MacOS and Linux versions are basically legacy AV (sig based)  Yes
Fewer alerts with more context
No – Utilises MALOPS, which increases the alerts and has varying context Yes
Threat hunting
Yes - full storyline
API integration
On-device AI
No - OEM AV + behavioural 'rules'
On-device behavioural AI
Limited - behavioural 'rules'
Exploit protection Limited - behavioural 'rules' Yes + context
Lateral movement Limited - behavioural 'rules' Yes + context
Remediation Manual Automated
Rollback No
Integrated threat feeds Yes
Remote shell Yes - Powershell
Device control USB and Windows only
Firewall control Yes Yes
Bluetooth control No
Threat hunting
Yes - optional
Yes - full storyline
Deep visibility Yes - optional


Industry and Peer Reviews

Gartner Peer Insights


cybereason logo

Defense Platform


Endpoint Protection Platform



Gartner Magic Quadrant for Endpoint Protection Platforms May 2021







Indpendent Testing

cybereason logo


Scored good results

Mitre no backgroundAPT29 2020

Scored record results:

 - Least missed detections

 - Most high-quality detections

 - Most correlated   detections
Recommended rating
NSS labs Top ROI score and Recommended rating 2019
Unknown VB100virus 100% block rate across   Windows testing
Unknown 1

Approved for Windows  and MacOS

Unknown 2 In top 10 vendors




All prices calculated at per endpoint per month, for comparison purposes.

Pricing is 'starting from' and based on list pricing. It can be subject to change, volume discounts etc.

Correct at September 2020


Contact us for accurate pricing based on your specific requirements


SentinelOne logo

 Minimum purchase - 5 endpoints - only through ITHQ

Payment can be billed monthly - only through ITHQ

To achieve these prices below, minimum purchase 100 endpoints, billed annually.

Quote always required for accurate pricing

Core Control Complete
$4.16 $4.90 $9.00
Includes full advanced EDR
All Core features plus device, firewall and bluetooth control
All Control features plus threat hunting and deep visibility


cybereason logo

Minimum purchase - not specified

Payment billed: not specified

Priced according to third party sources

Pro Enterprise Ultimate
Includes NGAV and threat detection
All Pro features plus controls, EDR and threat hunting
All Enterprise features plus advanced endpoint response and cyber posture assessment


SentinelOne Get a Demo