London, UK | 020 3997 7979
SentinelOne and Kaspersky Endpoint Protection Platforms make many shortlists, despite Kaspersky being a controversial contender.
Kaspersky is banned across US government due to its links with the Russian government. It has also been reported to falsify malicious hashes in open source virus databases and has been at the centre of many controversies included executives being arrested for treason.
Despite all this, it continues to score well as an anti virus platform and has been responsible for identifying
several new malware variants. Notably, however, the malware they've discovered has always been linked to the US and European governments, further enhancing their reputation as a Russian state actor.
SentinelOne is far more balanced when it comes to malware discovery, pointing the finger of shame in all directions equally depending on the evidence.
SentinelOne also performed far better than Kaspersky in the MITRE ATT&CK APT29 2020 testing and places higher right on the Gartner Magic Quadrant.
However, if you're looking for an XDR solution and these two are on your list, here's a direct comparison page to help.
|
|
 |
|
| Business Benefits | ||
| Autonomous prevention, detection, and recovery from threats in real-time. | Partial - legacy signatures but reliant on cloud |
Yes |
| Fast Recovery |
Partial |
Yes - Can be automated or 1-click |
| OS freedom (Windows / Mac / Linux feature parity) |
Yes | Yes |
| Fewer alerts with more context |
No | Yes |
| AI-powered prevention, detection, response, and threat hunting. | Yes - Cloud Threat Intelligence. | Yes |
| API integration |
Limited | Yes |
| Scalability | Yes - scalable management console. | Yes - Support for containers and serverless workloads, especially Kubernetes dynamic workloads. |
| Higher accuracy across entire attack surface. | No | Yes - Consistent identification of tactics and techniques in the MITRE Phase 2 evaluations. |
| Centralised Visibility | No - Disjointed solutions. | Yes - full storyline. |
| Automation & Control | Yes - Adaptive Anomaly Control. | Yes - Automated mitigation options via the Storyline Active Response Capability. |
| Data analytics | Yes | No - SentinelOne does not have its own network security sources to add. |
|
Collection and reporting of; inventory, config and policy management of endpoint devices. |
No - significant policy tuning required. | Yes |
|
Mobile Threat Defence |
Yes | Yes |
|
Ease of deployment |
Yes - hybrid deployment model. |
Yes - Excellent timeliness and quality of customer support. |
| Features | ||
|
AI across user endpoints, containers, cloud workloads, and IoT devices. |
Yes |
Yes - New IoT discovery and protection capabilities in its Ranger product. |
| Static & Behavioural AI |
Partial - limited ML |
Yes |
| Exploit protection | Partial - legacy signatures |
Yes + context |
| Lateral movement | Partial - legacy signatures and OS events |
Yes + context |
| Remediation | Manual |
Automated |
| Rollback | Yes but no VSS - proprietary method |
Automated |
| Integrated threat feeds | Yes |
Yes |
| Remote shell | No |
Yes |
| Device control | Yes - unencrypted device discovery. |
Yes - Device discovery via Ranger. |
| Firewall control | USB - no Bluetooth control |
Yes |
| Bluetooth control | Yes | Yes |
| Threat hunting |
Cloud dependent |
Yes - full storyline |
| Deep visibility | Manual |
Yes |
| Event Correlation | Manual |
Yes |
| Execution Restriction | Yes - Dynamic allowlisting database. | Yes |
| Vulnerability scanning | Yes | Yes - Priority list of vulnerable applications. |
| Security patching | Yes | Yes |
| Triage | Manual | Yes - Investigate in seconds with automated correlations and Storyline. |
| Disk Encryption | Yes | No - Missing add-on for fully featured DLP. |
|
Endpoint Security for Business |
Endpoint Protection Platform |
 |
TESTING BODY |
 |
| Scored good results in Telemetry |
APT29 2020 |
Scored record results:
|
| AA rating 2020 |
 |
Top ROI score and Recommended rating 2019 |
| N/A |  |
99.8% block rate across Windows testing |
| Lowest number of false positives for the last 4 consecutive years. |
 |
100% protection against zero-day malware attacks on Windows |
 |
 |
In top 10 vendors Recognized for the commitment to pushing the boundaries of autonomous technology — delivering innovation at scale and speed, and shaping the endpoint market. |
| Lowest overall score |  |
Performs better than several legacy AV products for the following:
|
All prices calculated at per endpoint per month, for comparison purposes.
Pricing is 'starting from' and based on list pricing. It can be subject to change, volume discounts etc.
Correct at February 2021
Contact us for accurate pricing based on your specific requirements
|
Minimum purchase - 5 endpoints - only through ITHQ Payment can be billed monthly - only through ITHQ To achieve these prices below, minimum purchase 100 endpoints, billed annually. Quote always required for accurate pricing |
||
| Core | Control | Complete |
| $4.16 | $4.90 | $9.00 |
| Includes full advanced EDR |
All Core features plus device, firewall and bluetooth control |
All Control features plus threat hunting and deep visibility |
|
Minimum purchase - 5 users Payment always billed annually
|
||
| Small Office | Cloud | Cloud Plus |
| $2.50 |
$3.38 |
$5.42 |
| Includes anti-spam, vulnerability scanning, and patch management | All Standard features plus web controls, enhanced auditing and cloud discovery |
All Advanced features plus device controls, cloud discovery blocking, and data discovery |
