So the big gorilla in this space is Palo Alto Networks. Both Crowdstrike and SentinelOne are small compared to them, so I found it interesting to see how Palo Alto positioned their XDR solution vs competitors.
This may be old news for some but I found it extremely interesting to see. They tout the great performance of Cortex XDR, their solution, in the MITRE ATT&CK Round 3 Results. They say that these results show that Cortex is the best solution, here:
https://www.paloaltonetworks.com/blog/2021/04/mitre-round-3-…
The link has graphs which cannot be reproduced here, so do have a look at the link.
The big take-out for me is how well tiny SentinelOne does. On:
-
The main graph on combined visibility and protection, Palo Alto is first, and SentinelOne second. Crowdstrike is 12th.
-
Protection efficacy, Palo Alto is in a group of companies who score 100%, SentinelOne in the second-highest group scoring above 80%, and Crowdstrike in the 4th group, scoring under 75%.
-
Visibility, SentinelOne is first, Palo Alto second, Crowdstrike 12th.
-
Technique detections, SentinelOne is first, Palo Alto second, Crowdstrike 27th; very close to last.
Of course S also touts this on their own website in the comparisons with the key competitors. But this is on Palo Alto’s site, not Crowdstrike’s or SentinelOne’s. And seeing the full graph of all competitors and noting the position of both Crowdstrike and SentinelOne on those tell me that SentinelOne has an XDR product that is as good, or better, than the leader in this space’s product. And that Crowdstrike is way down on the list.
Given the weight Palo Alto seem to attach to these results, it strikes me as validation of SentinelOne’s capabilities. Crowdstrike, obviously do not tout these results as they score poorly.
-WSM
(Long S)