SentinelOne vs Symantec

28 October 2020 | ITHQ Tech Team

Symantec is one of the oldest names in AV: it has also faced many security issues. How does its endpoint protection stand up against one of the most disruptive solutions, SentinelOne?

 

Symantec: one of the most recognisable brands in technology

Symantec has been around since 1982, becoming one of the most recognised names in anti-virus software following its M&A with Peter Norton Computing in 1990.

However, this company - with its foundations in preventing viruses from spreading via floppy disk - has also had to weather some well publicised security scandals.

In 2012 alone, source code was stolen from an Indian government server, the New York Times was hacked and details of an exploit were posted that would allow attackers to crash Symantec's connection product, pcAnywhere, on computers running Windows.

There followed lack of trust issues with both Google and Firefox, over SSL certificates. Yet Symantec Endpoint Protection (now owned by Broadcom) remains a well-regarded enterprise tool.

 

SentinelOne: resetting standards for endpoint protection

SentinelOne is rapidly becoming synonymous with unbeatable endpoint protection, as its record-breaking MITRE ATT&CK APT29 2020 test showed and its 100% Total Accuracy Rating by SE Labs.

Already a Gartner Magic Quadrant Leader, SentinelOne is making waves in further testing, as the table below shows. It is competitively and transparently priced, whilst Defender for Endpoint is more expensive and subject to Microsoft's complex licensing.

SentinelOne has published some seriously impressive video proof of its capabilities, not least where it defeats Maze ransomware in under two minutes. The platform also comes with a built-in ransomware warranty of up to $1 million - a warranty that has never been claimed.

If you're looking for a next generation endpoint protection solution and need help creating a shortlist, here's a direct comparison page to help.

 

Endpoint Protection: Key considerations

  • Is it easy to deploy and manage?
  • Is it dependent on cloud command and control for detection and response?
  • How effective has it been against zero-day attacks?
  • Do you have feature parity across Windows, Mac and Linux?
  • How does it perform in real world test scenarios?
  • What do other customers say about it?

 

Comparison of Business Benefits and Features

 

Symantec Logo

SentinelOne logo
Business Benefits
Autonomous Protection and Response

Cloud Dependent + Signatures

Yes
Fast Recovery
No - manual ops
Can be automated or 1-click
OS freedom (Windows / Mac / Linux feature parity)
Yes Yes
Fewer alerts with more context
Partial - high alert volumes
Yes
Threat hunting
Manual - separate product Yes - full storyline
API integration Graph & Rest - partial
Yes
Features
On-device AI
No - signatures
Yes
On-device behavioural AI
Limited to OS events
Yes
Exploit protection
Limited Yes + context
Lateral movement Through firewall rules
Yes + context
Remediation
Manual / Limited
Automated
Rollback No
Automated
Integrated threat feeds Yes
Yes
Remote shell
No
Yes
Device control USB & supported devices
Yes
Device control
Yes
Yes
Firewall control Yes Yes
Bluetooth control Yes
Yes
Threat hunting
Manual
Yes - full storyline
Deep visibility No
Yes

 

Industry and Peer Reviews

Gartner Peer Insights

 

Symantec Logo

Endpoint Protection

SentinelOne logo

Endpoint Protection Platform

 

SentinelOne vs Symantec Gartner Peer Insights

 

 

 

Gartner Magic Quadrant for Endpoint Protection Platforms

May 2021 - full report here

 

GMQ_21_leaders_S1

 

Independent Testing

 

Symantec Logo

TESTING BODY

SentinelOne logo
Provided coverage across the attack chain stages

MITRE ATT&CK logo

APT29 2020

Scored record results:

 - Least missed detections

 - Most high-quality detections

 - Most correlated   detections
NR
NSS labs Top ROI score and Recommended rating 2019
Unknown VB100virus 100% block rate across   Windows testing
Top Product
AVTest Approved Product (2017)
AAA rated: In top 10 vendors
SELabslogo AAA rated: In top 10 vendors

 

 

Pricing

All prices calculated at per endpoint per month, for comparison purposes.

Pricing is 'starting from' and based on list pricing. It can be subject to change, volume discounts etc.

Correct at October 2020

 

Contact us for accurate pricing based on your specific requirements

SentinelOne logo

 Minimum purchase - 5 endpoints - only through ITHQ

Payment can be billed monthly - only through ITHQ

To achieve these prices below, minimum purchase 100 endpoints, billed annually.

Quote always required for accurate pricing

Core Control Complete
$4.16 $4.90 $9.00
Includes full advanced EDR
All Core features plus device, firewall and bluetooth control
All Control features plus threat hunting and deep visibility

 

Symantec Logo

Complete Endpoint Defense Suite with SEP

Minimum purchase - 50 licenses

Priced according to Insight.com

Initial subscription - 1 year license + 1 year support: $117.99 per device

Thereafter:

500 - 999 licenses 50 - 99 licenses
$12.99 per device per month $15.99 per device per month

 

 

SentinelOne Get a Demo