SentinelOne Singularity Cloud Security Reviews

I am working as an application developer, and SentinelOne Singularity Cloud Security plays a role in the cloud infrastructure where my application is deployed. It provides me with alerts and ensures that I follow best practices in everything.

It gives us alerts and resolutions for anything that is missing or any vulnerabilities in our infrastructure in terms of security. If we have a firewall that is missing some rules that may expose us to attacks, it lets us know. It guides us through alerts, documentation, and other things.

It is very easy to use. The dashboard is very useful for beginners.

Its evidence-based reporting helps prioritize and solve the most important cloud security issues. It can automatically fix certain vulnerabilities or inform us to fix them on priority.

It alerts us on everything at the infrastructure level. Our application is deployed in the cloud. From the load balancer to the application level, there are many points. SentinelOne Singularity Cloud Security plays an important role in terms of security. 

Before SentinelOne Singularity Cloud Security, there was nothing I used as a best practice. It gives me much clarity in my daily work. Earlier, I would look into what kind of rules I needed to add, but there was no helpful reference or documentation. SentinelOne Singularity Cloud Security highlighted those things, helping me secure my cloud infrastructure.

SentinelOne Singularity Cloud Security has reduced our false alerts by 10%. It has improved our risk posture by 25%.

SentinelOne Singularity Cloud Security reduces our mean time to remediate. Previously, it would take me around 20 minutes to understand what was happening, but SentinelOne Singularity Cloud Security gives me clarity about what I have to do a lot quicker.

The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open. I get this data every month, so I do not need to check the dashboard. 

Furthermore, at every point, it provides documentation that offers overall information on how to resolve issues, what points to check, and more. It offers a checklist, which is very helpful. 

They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding.

I have used the solution for around two to three years.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. 

It is being used at multiple locations and regions. In my team, 14 users are there.

I would rate their support a ten out of ten.

Positive

I did not use any similar solution previously. 

We have a hybrid deployment model. The initial setup is very simple. It probably took two to three days.

Its maintenance is managed by SentinelOne. We do not have a look into maintenance.

It is a good product to get data from a security point of view. I would definitely recommend this product to others. It offers maximum security and scalability. It is easy. I can just open SentinelOne Singularity Cloud Security and get the data.

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

Our cloud security posture is managed with SentinelOne Singularity Cloud Security, a tool that identifies and highlights potential security weaknesses in our systems.

It is user-friendly.

SentinelOne Singularity Cloud Security helps reduce the number of false positives by 20 percent.

In evidence-based reporting, demonstrating that a vulnerability can be exploited is crucial. This information allows us to directly address the issue through manual remediation.

SentinelOne Singularity Cloud Security has improved our risk posture and has reduced our mean time to detection by 50 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 30 percent.

The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats.

SentinelOne Singularity Cloud Security filtering has some areas that cause problems, and to achieve single sign-on functionality, a break-glass feature, which is currently unavailable, is necessary.

I have been using SentinelOne Singularity Cloud Security for one year.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security is scalable.

The technical support is good.

Positive

We previously used Prisma Cloud but when we would request a feature we had to wait until the next release. That is the advantage of SentinelOne Singularity Cloud Security.

The deployment took a few weeks to complete.

SentinelOne Singularity Cloud Security falls somewhere in the middle price range, neither particularly cheap nor expensive.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

We have around five people working with SentinelOne Singularity Cloud Security.

No maintenance is required for SentinelOne Singularity Cloud Security.

We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.

The solution is very good at tracing issues. 

The dashboard is quite helpful. It's easy to use. The product is flexible and can be used in multi-cloud setups.

It's an easy solution for a beginner. 

We've taken advantage of the reporting, which is quite good. It provides us with all the information we need. They have proof of exploitability capabilities, which is important to use. 

The solution has agentless vulnerability scanning, which we use. You can look at extra ports. It's a great feature. 

Its infrastructure of code scanning is useful. I can see it in the container configuration file. It's good for identifying preproduction issues in the container configuration files. It's working well. However, it's not dynamic. It's static.

We were able to witness the benefits after some time had passed. Within a month or two had passed, we began to really witness change. Previously, we were running blind, and now we can see where things might go wrong. 

Our risk posture has improved. Both time to detect and time to remediate have improved.

It's positively affected the communication between cloud security, application developers, and AppSec teams. 

They could have more comprehensive reporting. I'd like to see more details. 

We've found a lot of false positives. It has not helped us reduce our level of false positives. 

We'd like them to work on integration between networks. If I deployed the solution with another layer of security, they can't talk to each other. PinGSafe basically needs to integrate with more tools, especially on the security side. 

I've used the solution for 1.5-2 years. 

The stability is good. I haven't noticed any lagging or crashing. 

The solution can scale fast. The dependency is on the API side, however. 

I've contacted technical support in the past. The quality is good. However, sometimes their staff don't know the details. The speed of response is good.

Positive

I have used other solutions, including Prisma and Datadog. 

I was involved in the initial deployment of PingSafe. It was very easy to implement. We had two to three people working on the set up process. 

There is no maintenance needed for the solution once it is up and running. 

I'm a PingSafe customer. 

I'd rate the solution 8 out of 10. If someone is looking for a CPSM tool, they should look into PingSafe's capabilities to see if they match what a company needs. 

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

Cloud Native Security is a CSPM platform we use for cloud security. It checks for vulnerabilities in our web applications and cloud configurations. It also detects infrastructure-as-code issues. Additionally, it scans to find secrets in our code before it goes live. 

Cloud Native Security identifies vulnerabilities before any bad actor can exploit them. We know if there's a misconfiguration in the cloud or vulnerabilities in our cloud-hosted applications. Kubernetes security is also a component. It also has multiple benchmarks for compliance with security regulations.

Since implementing Cloud Native Security, our risk posture has greatly improved. We are more compliant now. It has built-in compliance benchmarks for various regulatory standards. We were around 60 percent compliant when we started, and now we're at more than 95 percent. 

Cloud Native Security has reduced our mean detection time by continuously scanning and sorting issues into high, medium, and low priority. We can easily detect things before the wrong person finds them. The solution reduces our remediation time, but it varies depending on the team. We address critical issues immediately. Cloud Native Security's rescan capability is good because we can rescan in a few minutes to know whether the issue has been fixed. 

Cloud Native Security enables more collaboration between the security team and developers. The solution allows everyone to view the dashboard, so we can integrate more users and project teams. Everyone can look at the Cloud Native Security dashboard and see which issues are in their repositories or buckets. It's easier for everyone to work together to address issues. 

It saves a lot of time because we would need to look for secrets manually without Cloud Native Security. Searching for cloud misconfiguration issues is also time-consuming and hard to do correctly because our infrastructure is huge. It's inconvenient for the security team to check manually and do penetration testing of every component

When we initially integrated Cloud Native Security, we used to get some false positives, but it was manageable. Now, I rarely see any false positives because Cloud Native Security has improved its tool. We've given them a lot of feedback to help them differentiate between false positives and hits. It was a lot of manual work, but that has gotten better. 

Cloud Native Security is user-friendly. Everything in Cloud Native Security is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features. Recently, they added evidence-based reporting abilities. It tells us exactly where the issue is and gives us links to the endpoint and screenshots.

It allows us to scan for vulnerabilities and rate limits without deploying agents. Cloud Native Security allows us to set those values according to our server capabilities and preferences. We can also decide how many cluster images to scan.

The infrastructure-as-code feature is helpful for discovering open ports in some of the modules. It will tell us precisely where the port is open, including the repository and source code. Thus, we know that a port is open on that particular line. After integrating Cloud Native Security into our organization's system, we identified many thousands of secrets that are pushed into the source code.

We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization. 

The offensive security engine is pretty good, but I can't say it's complete. I rate it seven out of ten. Cloud Native Security's specialty is cloud security, so the offensive security does lack a few things. We cannot rip reports like Tenable, Qualys, and all those vulnerability scanners, but it identifies some sensitive issues like exposed APIs. Some other issues are not identified, like access, but it does detect sensitive information exposure. 

We have used Cloud Native Security for two or three years. 

I haven't had any issues with Cloud Native Security's stability. However, we once saw a spike in CPU consumption when they implemented a new feature.  We contacted Cloud Native Security, and they addressed it in a day. 

Cloud Native Security is highly scalable. 

I rate Cloud Native Security support nine out of ten. Their tech support is excellent. We have a dedicated person that we can contact directly. They recently introduced a new tool where we can chat with support directly from within the tool. 

Positive

Cloud Native Security is a SaaS solution, and the onboarding is straightforward. They have a good knowledge base, and it's easy to integrate it. You can get it up and running in under a day or two.

Cloud Native Security does offer ROI. We have used Cloud Native Security for more than three years, and we are stoked about the value the solution offers to our organization. 

Cloud Native Security doesn't cost much, so it's worth what you're paying, and the ROI is excellent. 

I rate Cloud Native Security nine out of ten. I would recommend it because many of the solutions that provide capabilities like secret scanning, cloud configurations, and offensive security charge by module, and the costs are pretty high. Cloud Native Security is more cost-effective, so I would recommend it. Also, the amount of issues Cloud Native Security detects is good.

We have deployed SentinelOne Singularity Cloud Workload Security to our servers and clients. 

Singularity's real-time detection and response capabilities so far have been great.

I like the way we have options in how we set up the automated remediation. We can set it up to automatically take action, or we can set it up to just flag or let us know that there is something that needs to be investigated. It has been really good in that regard. There are many, many options in how we can configure it, and I have liked that quite a lot.

Compared to my previous solution, I am more comfortable with SentinelOne Singularity Cloud Workload Security. I was always concerned that the previous solution was not catching everything. There were a lot of false positives, and there were several cases where it did not catch everything. Even when it did catch something, the logging and forensic details were very limited. SentinelOne Singularity Cloud Workload Security is the opposite of that. It gives us deep visibility into what is going on and what has happened. The mediation is great, and the logging is much more detailed. It has been a huge improvement over what I was using before. Singularity Cloud Workload Security has given me peace of mind.

To date, all threats detected were false positives or test threats. No actual threats have been encountered, but test threats were detected quickly.

One thing I particularly like about Singularity Cloud Workload Security is that it supports older legacy operating systems that we have been unable to eliminate. This is a valuable feature that other clients do not offer.

The visibility is the best part of the solution. To see exactly what's going on in all the clients, and processes that are running, I have got a few false positives, but those are relatively easy to investigate and remedy, and flag them as false positives.

We use Singularity Cloud Workload Security with Citrix and a non-persistent VDI. It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear. We eventually got it sorted out with the help of support, and I give credit to SentinelOne for that.

I have been using SentinelOne Singularity Cloud Workload Security for ten months.

I have not experienced any stability issues, client issues, or rogue agents causing problems. I have also not had any crashes. Overall, it has been great.

We have a relatively small environment, with fewer than a hundred endpoints deployed. So, scalability is easy for us. I don't know how it would work with thousands or even tens of thousands of clients, but I haven't had any issues so far.

The technical support is helpful.

Positive

Our previous solution, Trend Micro Worry-Free, in comparison, is quite poor. It did not give me very good visibility into what was happening with my clients, on the network, or what processes were running. If something happened, I was very limited in my ability to figure out what happened. In other words, the forensic capabilities of my previous solution were lacking.

There is no way to compare the turnaround time of obtaining telemetry data between the two solutions because Trend Micro Worry-Free did not provide any telemetry data. We would receive an email about a possible virus, but when we logged into the system to view the logs, there would be nothing there. Or, it would tell us that there was a virus, but it would not tell us which client was infected until we logged into the console. It was lacking in so many areas.

During the deployment, we conducted a test case. One of SentinelOne's sales engineers assisted us in setting up the software, configuring everything, and setting up notifications. They walked us through the process of setting everything up to my liking and how they would recommend setting up the software. They were instrumental in helping us deploy the system, and all of their assistance was included in the price of the system. We did not have to pay any additional fees. I found their assistance to be very helpful.

Without SentinelOne's help, the initial setup would likely be very complex. There are many options for configuring the product, which can be both beneficial and detrimental. On the one hand, it is beneficial if we are familiar with the software and know how to best configure it. This flexibility is a great advantage. On the other hand, if we are coming from a different product and do not know SentinelOne's software, it would be very helpful to have their assistance in walking us through the setup process and recommending a configuration.

I was the only person from our organization involved in the deployment.

I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought.

I also evaluated Carbon Black. I read a lot of reviews, both official and user-generated, to learn what people were saying about the product. What really drew me to SentinelOne was its legacy software support. This was a key factor for me, and it helped me eliminate some of the other options.

I would rate Singularity Cloud Workload Security eight out of ten.

The software itself is very good. Singularity Cloud Workload Security provides deep visibility and support. I have found the support team to be very responsive and helpful whenever I have engaged with them.

One of our requirements was that the solution was simple enough for me to maintain myself without spending a lot of time managing the software. There are software agent packages that become available, and I need to go in and approve them and push them out. There are occasional false positives, but overall, it's not a lot of work.

For straightforward clients on a PC or laptop, Singularity Cloud Workload Security works well. However, in edge-case scenarios like ours with Citrix and non-persistent VDI, we need to test it out to see if it works well enough in our environment. We had some initial problems getting it started, but we were able to resolve them. So, my advice is that if the scenario is straightforward, there should be no problems.

We use it to monitor Azure and AWS accounts. We also use it to monitor the GitHub account for any data leakage and misconfigurations and also to have proactive configuration checks.

We were looking for a CNAPP solution that could provide details about cloud misconfigurations, compliance, and any risks. SentinelOne Singularity Cloud Security provides that. The feature of offensive security has been very helpful for us.

We only use agentless scanning. We have not installed agents anywhere. It collects data and provides information.

We use SentinelOne Singularity Cloud Security's Offensive Security Engine. The analytics features of SentinelOne Singularity Cloud Security are something that other providers do not provide. They have scanning on the port base and simulation of attacks. It is a very helpful feature to proactively resolve issues. It handles verifying actual exploit paths and prioritizing breach potential very well.

The proactive approach and offensive security have helped us to fix things in advance before they can be exploited.

We were able to realize its benefits immediately. As soon as you configure it, it does its job. It takes a day to configure it and discover the assets. It is easily deployable, and it immediately starts providing inputs.

SentinelOne Singularity Cloud Security helped reduce the number of false positives. It also helps with our SOC monitoring. The alerts are reduced, and we are in compliance.

We get details about how much we are compliant with different frameworks. It helps us to evaluate the risk posture as well. We use the reports to evaluate our risk posture.

The proactive approach and advanced fixes reduce the number of false positives, but it is difficult to know if SentinelOne Singularity Cloud Security has reduced our mean time to detect. SentinelOne Singularity Cloud Security has definitely reduced our mean time to remediate.

SentinelOne Singularity Cloud Security has not had an effect on the collaboration among various teams because, in our environment, everything is done by IT, but we have visibility across all the domains. We can work together if needed, but it is not yet applicable to our organization.

The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue.

They also support private clouds to a certain extent. It is pretty easy and customizable.

SentinelOne Singularity Cloud Security's interface is pretty easy and comfortable. They keep on improvising it. When you are configuring, it is pretty easy.

It is a very secluded solution. It works only as CNAPP. It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better. It can discover the threats from the outside world. It can discover the threats or vulnerabilities happening across those assets. If it can bring that in and evaluate, it will be good.

We have been using SentinelOne Singularity Cloud Security for a year.

It is stable. We have not observed any issues.

We have not increased our assets, so it is difficult to say anything about the scalability part.

I never had to contact their support.

We were not using a similar solution previously.

It was pretty easy. It was very straightforward. They had many things available. We got the scripts on Azure, AWS, and GitHub, so the installation was pretty easy. It took a couple of hours.

It is a cloud solution. It does not require any maintenance.

We implemented it on our own. Only one person was required from our side.

Their support was not required. They offered to help. They assigned a customer success manager, but it was easy to deploy, so we did not require much help from their side.

Its pricing is okay. It is in line with what other providers were providing. It is not cheap. It is not expensive.

We evaluated 2 more products. One was Zscaler, and the other one was Wiz. Offensive security and support for the private cloud were the reasons for going for SentinelOne Singularity Cloud Security.

I would advise evaluating SentinelOne Singularity Cloud Security based on the use cases. You should know what is required and how SentinelOne Singularity Cloud Security can support that. If SentinelOne Singularity Cloud Security is able to fulfill your cases, it will be good. A thorough evaluation and mapping of the organization's objective should be done before buying SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security an 8 out of 10. It is good.

We mainly use SentinelOne Singularity Cloud Security. 

We like that it is cloud-native security. It gives us an overview of all cloud structures. For example, if I'm integrating with AWS or Azure and I'm not sure of all of the instances, it will scan the whole cloud and show us issues related to instances. It can help us uncover vulnerabilities. 

Of all the features we use, the cloud configuration and the offensive security engine are the most used. There is a secret scanning feature that I really like. It scans the public repositories, private repositories, and developer repositories. That way, we can see if any secret is added to the search engine or anywhere over the Internet. It detects this and then lets us know to which repository it was added. We can get it removed if we need to from repositories like GitHub.

The solution is good for verifying actual exploit paths. It helps us detect whether all the instances that are publicly available can be made private. We can see if anything is suspicious or harmful to us in the future or if any technical exploit has a specific port or something like that. If there is any vulnerability, such as if our Microsoft version is publicly exposed or if it is an older version, we can disable it, or we can upgrade to get the latest version of iOS to avoid exploitation.

The solution is easy to use. The interface is nice. Anyone can spend a day or two with the solution and they'll be able to understand the whole structure of the application, its features, and how to use it. 

The integration with other solutions is very good. We integrate it with Jira and it runs smoothly. There are also default integrations for various clouds, like Google and Azure. We can also get alerts in various ways, like through Jira or email.

The evidence-based reporting is useful. It provides evidence according to the issue. We get a proper overview of the issue. I can check the evidence panel to see if the issue is genuine or a false positive by looking at the evidence. 

We noted immediate benefits from using the solution. Within about a month, we had it integrated with Jira, and connected to all accounts and were able to easily find issues. 

With SentinelOne Singularity Cloud Security, we are 96% to 97% compliant. It helps us judge and, as necessary, mitigate risks. 

We've noticed a drop in false positives. I haven't noticed any false positives in SentinelOne Singularity Cloud Security, to be frank. Unless it's a glitch in the system, everything coming in is a positive.

Our mean time to detect has been reduced. 

It's helped us collaborate effectively between cloud security application developers and AppSec teams. Having a vulnerability management module gives good visibility to vulnerabilities that are highly exploitable. We can see exactly what's vulnerable or affected in order to troubleshoot.

We'd like the integration with Jira to be stronger in some areas. For example, we'd like to be able to create multiple tickets for multiple instances. Right now, we can only create one ticket and cannot be specific enough. There's no way to create multiple tickets. It's very difficult to assign multiple teams the same Jira ticket.

Scanning capabilities should be added for the dark web.

I've used the solution for the last two years. 

The stability is good. There's no lagging or crashing. There may be a downtime once a quarter. 

We haven't had any issues with scaling. 

Technical support is very good. We do have a monthly call with SentinelOne Singularity Cloud Security whereby we run through and resolve any issues. They typically answer our queries within 24 hours. The team is good. They seem technical. 

Positive

This is the first cloud security tool we've used. 

The initial deployment was easy. The SentinelOne Singularity Cloud Security team was very helpful. If we needed any help they were there to guide us. There's even a step-by-step guide. 

We had a member of the DevOps team provide us with all of the credentials and give permissions and another security team member to communicate to the SentinelOne Singularity Cloud Security team in order to arrange all of the integrations. 

The tool is very efficient. There is no maintenance needed. 

We did not need any assistance from a reseller or consultant. 

While my understanding is there will be a price increase, so far, the pricing has been okay.

We evaluated Prisma Cloud and Crowd Strike. We used Crowd Strike for a while; however, now we are only using SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is very good. It offers multiple modules, and no other tool provides vulnerability scanning, secret scanning, and container cloud security in one dashboard. 

We are a SentinelOne Singularity Cloud Security customer. 

I'd rate the solution 9 out of 10. Overall, the tool is good. 

New users should be ready for a lot of issues that will come onto their dashboard. They'll need a team of three to four at the outset to analyze the dashboard and work through reported vulnerabilities.