No more typing reviews! Try our Samantha, our new voice AI agent.

Semgrep vs SentinelOne Singularity Cloud Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
6.3
Semgrep improves ROI by accelerating development, reducing manual labor, and addressing vulnerabilities early, enhancing efficiency and profitability.
Sentiment score
5.8
SentinelOne enhances productivity, reduces incident response by 80%, with efficient automation, improved compliance, and comprehensive attack prevention.
This can be translated to being able to do the same amount of work with less technicians.
SecOps Engineer at IriusRisk
Tasks that previously took days are completed in significantly less time.
DevOps Engineer at Exponential Craft
I can say it saves us time related to coding and also saves money, making it a very reliable tool for our organization with great features.
Angular Developer at Flourish Software
After implementing SentinelOne, it takes about five to seven minutes.
Cloud engineer at a construction company with 5,001-10,000 employees
Our ability to get in and review our vulnerability stance, whether daily, monthly, weekly, or whatever it might be, has drastically improved over our prior provider.
IT Support Specialist at a non-tech company with 201-500 employees
It has saved us more than 50% of our time.
Sr security engineer at Halodoc
 

Customer Service

Sentiment score
6.1
Semgrep's customer service is efficient, with comprehensive documentation and community support reducing the need for direct assistance.
Sentiment score
7.7
SentinelOne Singularity Cloud Security's support is praised for expertise and responsiveness, though some mention slow responses and interaction issues.
Their documentation and community are very active, so most of the time when problems occur, I get a solution.
Sr. Project Analyst [Cybersecurity] at a consultancy with 10,001+ employees
Customer support and services for Semgrep are very reliable and good.
Angular Developer at Flourish Software
Customer support is really good and there is also strong community support.
SecOps Engineer at IriusRisk
Having a reliable team ready and willing to assist with any issues is essential.
Director, DevOps at Relay Network
Throughout the migration, they remained available for several hours without complaint, providing assistance at every step.
Mobile Application Developer at a retailer with 1-10 employees
In my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne.
Senior Technical Engineer at Safezone Secure Solutions Private Limited
 

Scalability Issues

Sentiment score
8.1
Semgrep scales efficiently for both small and large teams, adapting well to diverse environments with cloud-native features.
Sentiment score
8.0
SentinelOne Singularity Cloud Security is praised for efficient scalability, seamless integration, and resource-friendly operation across diverse environments.
I was able to control it from 10 repositories or 10 services to thousands of repositories in a couple of minutes very simply.
Cloud & Application Security at Sixt SE
This is an open-source tool, so it absolutely does the job, but if you were to implement a tool such as this in an enterprise, this would probably not be scalable.
DevSecOps Security Engineer at a manufacturing company with 10,001+ employees
Semgrep makes it easy to integrate and grow within any environment without concern for crashes.
DevOps Engineer at Exponential Craft
The SentinelOne Singularity Cloud exhibits high scalability.
Security Analyst at Intersistemi Italia s.p.a.
We've automated in our MDM so any device that we start in our MDM automatically installs SentinelOne.
IT Support Specialist at a non-tech company with 201-500 employees
It is scalable. I would rate it a ten out of ten for scalability.
Sr security engineer at Halodoc
 

Stability Issues

Sentiment score
7.8
Semgrep generally operates stably, though AI scanning limitations and integration improvements are needed for large repositories.
Sentiment score
8.3
SentinelOne Singularity Cloud Security is highly reliable, with minimal downtime and effective performance despite rare UI glitches.
If there is no master branch or default branch, the tool fails to identify it and will never scan it unless manually somebody looks into it and fixes the issue.
Cloud & Application Security at Sixt SE
Since I have been using it, I have not experienced any downtime.
Angular Developer at Flourish Software
I would rate the stability of SentinelOne Singularity Cloud Security a 10 because as of now we have not faced any stability issues.
Security Analyst at Softcell Technologies Limited
SentinelOne Singularity Cloud Security operates consistently, and that is how a product should work—you should not have to worry about it.
Technical Lead at CloudBolt Software
SentinelOne Singularity Cloud is incredibly reliable.
Security Analyst at Intersistemi Italia s.p.a.
 

Room For Improvement

Semgrep needs user-friendly enhancements, better documentation, efficient scanning, integration flexibility, AI advancements, and improved notifications and databases.
SentinelOne Singularity Cloud Security needs better integration, reduced costs, improved detection, and enhanced support, visibility, customization, and documentation.
The UI and additional dashboarding and other details would definitely make the tool more user-friendly and more of a candidate to be implemented in an enterprise.
DevSecOps Security Engineer at a manufacturing company with 10,001+ employees
Currently, they are working on identifying business logic vulnerabilities or privilege escalation vulnerabilities by looking at the code, and they should continue to focus on and improve this effort.
Cloud & Application Security at Sixt SE
More advanced dependency analysis features in the SCA part and deeper vulnerability databases would be beneficial.
SecOps Engineer at IriusRisk
It gives our management a false impression of there being no open incidents over that period.
Information Security Manager at SBI General Insurance
A centralized dashboard with numerous metrics would improve user understanding.
Development Manager at SBI General Insurance
I feel there is room for improvement in SentinelOne Singularity Cloud Security, particularly in creating custom dashboards since it only has a default dashboard feature, and a capability for creating custom dashboards would help us a lot as analysts.
Security Analyst at Softcell Technologies Limited
 

Setup Cost

SentinelOne Singularity Cloud Security's flexible pricing is cost-effective for larger organizations, though less accessible for smaller businesses.
It is basically open-source, so the cost to set up is no cost.
Sr. Project Analyst [Cybersecurity] at a consultancy with 10,001+ employees
It offers very reasonable pricing and costs.
Angular Developer at Flourish Software
With very little negotiation involved, we just let them know what we could pay and they were willing to meet us at slightly above what we paid with Sophos, which was still very fair for what we were looking at.
IT Support Specialist at a non-tech company with 201-500 employees
It should not be based on subscription. It should be based on the number of servers that I am scanning.
AVP DevOps and Product Support at a recruiting/HR firm with 1,001-5,000 employees
I was able to consolidate two security vendors into one by switching to SentinelOne, and I now pay less than I did for either of them.
Director, DevOps at Relay Network
 

Valuable Features

Semgrep enhances security and efficiency with customizable rules, seamless integration, and user-friendly interfaces for rapid issue detection.
SentinelOne Singularity Cloud Security offers AI-driven threat detection and versatile integration, enhancing security across major cloud infrastructures.
When you triage with AI, it gathers context around the finding and reduces the noise about 80 to 90 percent of the time, asking you to focus only on findings that really matter.
Cloud & Application Security at Sixt SE
The Software Composition Analysis is the most valuable feature in Semgrep.
DevSecOps Security Engineer at a manufacturing company with 10,001+ employees
The best feature of Semgrep is its ability to highlight high priority issues during scanning, making it critical for developers to address these vulnerabilities promptly.
DevOps Engineer at Exponential Craft
This tool has been helpful for us. It allows us to search for vulnerabilities and provides evidence directly on the screen.
Cloud Security Specialist at a insurance company with 10,001+ employees
The cloud misconfiguration feature gave us almost zero false positives.
Sr security engineer at Halodoc
The user-friendliness is the most valuable feature.
Security Administrator at a retailer with 10,001+ employees
 

Categories and Ranking

Semgrep
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
7
Ranking in other categories
Static Application Security Testing (SAST) (13th), Supply Chain Management Software (4th), Software Composition Analysis (SCA) (8th), Static Code Analysis (5th)
SentinelOne Singularity Clo...
Average Rating
8.8
Reviews Sentiment
7.4
Number of Reviews
132
Ranking in other categories
Vulnerability Management (4th), Cloud and Data Center Security (3rd), Container Security (3rd), Cloud Workload Protection Platforms (CWPP) (3rd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd), AI Observability (4th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Semgrep is designed for Static Application Security Testing (SAST) and holds a mindshare of 2.3%, down 2.7% compared to last year.
SentinelOne Singularity Cloud Security, on the other hand, focuses on Cloud-Native Application Protection Platforms (CNAPP), holds 6.4% mindshare, up 3.8% since last year.
Static Application Security Testing (SAST) Mindshare Distribution
ProductMindshare (%)
Semgrep2.3%
SonarQube14.2%
Checkmarx One9.1%
Other74.4%
Static Application Security Testing (SAST)
Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
ProductMindshare (%)
SentinelOne Singularity Cloud Security6.4%
Wiz12.7%
Prisma Cloud by Palo Alto Networks10.6%
Other70.3%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Manjunath Maneppagol - PeerSpot reviewer
Cloud & Application Security at Sixt SE
Context-aware code analysis has reduced noise and now improves developer experience with actionable security findings
I have consistently observed that their scan time is an issue for mono repos. Sometimes with their AI-based scanning, when you triage that scan, the scan never completes or finishes(, which makes it difficult. Another consistent issue is that whenever you have a new repo to onboard to the platform, the tool ideally should detect the master branch by default. However, sometimes the tool fails to identify it and will never scan it unless manually somebody looks into it and fixes the issue. Although their support team is really good, this issue was present six or eight months ago during the POC and is still present now. If it is affecting multiple customers, it should be prioritized and fixed. I would say that their integration aspects could have been improved. I see a lot of different security solutions that provide flexibility to the security teams based on Jira project, team divisions, Slack, and all those can be very much easily customized. Semgrep needs to work on the enhancement of their notification capabilities. Currently, they are working on identifying business logic vulnerabilities or privilege escalation vulnerabilities by looking at the code, and they should continue to focus on and improve this effort. Regarding stability, whenever you have a mono-repo which is a very large repository, the scan never finishes or the scan never kicks in. At that time, you have to reach out to the support team and ask them to expand the resources in the back end to fix it. This is an issue I keep seeing often on that platform.
KP
Software Developer at Softcell Technologies Limited
Advanced rollback and AI-driven insights have protected endpoints and simplified security operations
We can check multiple types of alerts and triggers, and we can analyze these. There are many types of functions such as Kill, Quarantine, and remediate rollback types of features, which we can use for client safety. The rollback feature is the best feature because it is only used in SentinelOne Singularity Cloud Security. We have used multiple types of EDR, but the rollback feature is unique to SentinelOne Singularity Cloud Security. When many types of attacks happen in an organization, the rollback feature deletes all types of malicious files and other malware-type files and completely cleans your system. This feature is very interesting according to me. SentinelOne Singularity Cloud Security provides many types of features such as Kill and Quarantine, which are very interesting features for security operations. There are deep visibility features, and Purple AI is also one of the best features. It is easy for security operations and incident response. We can check log analysis with the help of deep visibility, and any types of attacks, malware, and phishing attacks are detected by SentinelOne Singularity Cloud Security. Many types of security operations can be tracked and observed with the help of SentinelOne Singularity Cloud Security. Purple AI is one of the interesting features in SentinelOne Singularity Cloud Security. Deep visibility is one of the best features in SentinelOne Singularity Cloud Security. You can find any types of logs and any types of devices through searching portals, similar to Google search. It gives you information regarding this. With deep visibility, you can search for any name. For example, we can search for any name and check what is happening with that person's laptops, what USB is connected or disconnected, and whether the network is connected or not. This is with the help of Purple AI.
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
903,807 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Manufacturing Company
11%
Computer Software Company
7%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Large Enterprise4
By reviewers
Company SizeCount
Small Business55
Midsize Enterprise27
Large Enterprise63
 

Questions from the Community

What needs improvement with Semgrep?
As we use Semgrep for secret scanning, I know it is an open-source tool. Oftentimes, that leads to the refinement of the engine, but oftentimes Semgrep ends up flagging a lot of false positive valu...
What is your primary use case for Semgrep?
I have used Semgrep more as a testing and a POC tool. So, there is no consistent usage of Semgrep, but I have used the tool multiple times for POC purposes. As a DevSecOps Security Engineer, my mai...
What advice do you have for others considering Semgrep?
My advice to others looking into using Semgrep is to keep in mind that this is an open-source tool. I gave Semgrep an overall rating of 6.5 out of 10.
What is your experience regarding pricing and costs for PingSafe?
The pricing is basically not very low and very high. It is in the middle range for easy buying for any small organization and big organization. According to me, it is the best price for the EDR. We...
What needs improvement with PingSafe?
According to me, there is one thing I dislike, which is the dashboard. SentinelOne Singularity Cloud Security does not provide a custom dashboard according to our mindset. There are more types of E...
What is your primary use case for PingSafe?
I have recently used SentinelOne Singularity Cloud Security. We also have the CrowdStrike EDR tool, which is similar to SentinelOne Singularity Cloud Security and other EDR solutions. We used the C...
 

Also Known As

Semgrep Code, Semgrep Supply Chain, Semgrep AppSec Platform
PingSafe
 

Overview

 

Sample Customers

Policygenius, Tide, Lyft, Thinkific, FloQast, Vanta, and Fareportal
Information Not Available
Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Static Application Security Testing (SAST). Updated: June 2026.
903,807 professionals have used our research since 2012.