SentinelOne Singularity Cloud Security Reviews

We have multiple applications in our AWS cloud environment. We have a private environment, and we do not disclose it to the Internet. We have configured multiple security alerts, such as for any incoming traffic from a public IP address.

We have also set up SentinelOne Singularity Cloud Security alerts for key rotation of security credentials for the accounts.

SentinelOne Singularity Cloud Security helps us to reduce the security overhead. We do not have to manage every small thing manually. They are taken care of by SentinelOne Singularity Cloud Security.

We use vulnerability scanners for our AWS servers. If there is any vulnerability, we get a report on that. We close those open security points. I do not know the exact name of the scanners, but they work great.

We rarely get false positives. We usually get real-time, accurate data. Sometimes there is a mismatch between the actual data and the data we get from SentinelOne Singularity Cloud Security, but that is negligible. It happens once in a thousand times.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It has saved about 60% of our time. It has helped us with that.

It has also reduced our mean time to detect. The time savings depend on the use case. On average, it saves ten to fifteen minutes per use case.

We do not use it at a large level for Infrastructure as Code scanning, but it saves us time. We do not have to click on the features in the GUI. We have set up some scripts with the Infrastructure as Code feature. We run them to generate reports and get the required output.

The Infrastructure as Code feature has helped us. We can integrate SentinelOne Singularity Cloud Security with our cloud tools. It helps with the development part. For example, Lambda is an AWS feature. It is a code environment. We can directly connect these two. It helps with the run time of the processes.

We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security's interface is quite good. It is beginner-friendly. If someone has even a little bit of idea about cloud security, they can learn it very easily.

I do not know if it is possible, but in AWS Cloud, there are multiple features or services, and if they can collaborate with them, it would be helpful. The Infrastructure as Code service available in SentinelOne Singularity Cloud Security and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in SentinelOne Singularity Cloud Security. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on SentinelOne Singularity Cloud Security, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great. It will be an amazing tool.

My organization has been using SentinelOne Singularity Cloud Security for one and a half years, but I have been using it for the past three to four months for cloud security.

I have not faced any downtime. If they have any kind of maintenance, they let us know via email a week or two before. The maintenance is usually done once a quarter, and it is done out of business hours, so we do not have any concerns about that.

I would rate it a seven out of ten for scalability. If they can collaborate with AWS services as well, it can be a 10 out of 10.

I have contacted them quite a few times. They are pretty good. They are within their SLAs. I have never raised a support case with a very high severity. For the cases I raised, they have an SLA of about 24 hours, and they always meet that SLA.

I always get a perfect answer in the reply. If I have some major issue and I am unable to understand that via email, they also come on a Teams or Webex call. They provide a good service. I would rate them a nine out of ten.

Positive

It is a cloud deployment. I believe they have an on-premise option as well,  but we are not using that. We are completely on the cloud.

I was not involved in its deployment. Its deployment was done by the organization about a year and a half ago. I only manage operations, and I have been here only for about three months.

It does not require any maintenance as such. In the infrastructure code part, we update the code, but I am not sure if that comes under maintenance.

You should be a little familiar with cloud security. Otherwise, you might face a few difficulties in accessing the SentinelOne Singularity Cloud Security console. If you are a little familiar, it will be very easy for you. A completely new user without a technical background can get a bit confused by the naming conventions in the GUI.

I would recommend SentinelOne Singularity Cloud Security to others. Overall, I would rate SentinelOne Singularity Cloud Security an eight out of ten.

SentinelOne Singularity Cloud Security is deployed on all our servers except for user machines. When Singularity identifies a downloaded application as malicious, it triggers an alert sent to our SIEM console. We can then investigate the alert details, including associated logs, to determine if the malware is static or actively malicious. We can also investigate suspicious IP addresses or domains. Additionally, Singularity monitors process creation and can provide forensic data on security incidents, including information about backdoor connections and the applications involved, like Chrome or other browsers.

SentinelOne Singularity Cloud Security stands out for its user-friendliness compared to competitors like CrowdStrike, FireEye HX, and Microsoft Defender. Unlike these tools, which can be cumbersome for tasks like running queries or searching for logs, Singularity offers intuitive interfaces and delivers results in seconds, even for complex searches across various hash formats, like MD5, SHA256, etc., without needing conversion.

Our existing SIEM console allows us to analyze alerts triggered by the SOC team. We can investigate potential false positives or conduct tests directly within the console. Additionally, the console facilitates quick searches for IOCs to identify malicious communications. Furthermore, Singularity Cloud Security offers a central management console for automated machine reboots, containment, and even self-maintenance in response to high-severity security alerts. This eliminates the need for manual intervention.

We saw the benefits of SentinelOne Singularity Cloud Security within the first two months of transitioning from FireEye HX. Singularity was easy to manage, and we were able to identify vulnerabilities.

SentinelOne Singularity Cloud Security has helped reduce the false positives we receive by 15 percent compared to FireEye HX.

Singularity has helped reduce our mean time to detect. The automatic containment of the infected machine is done within the first ten seconds of detection.

Singularity has helped reduce our mean time to remediate. 

The user-friendliness is the most valuable feature.

SentinelOne Singularity Cloud Security offers a custom search function with a default 14-day limit. Extending this period to 30 days requires an additional license. A two-month grace period for extended searches would be a valuable improvement. Additionally, enhancements to the threat-hunting capabilities of the hunter module are recommended.

I have been using SentinelOne Singularity Cloud Security for two years.

We had an incident in which they pushed a patch without notifying us and without testing, damaging all of our security controls. 

Neutral

We previously used FireEye HX but shifted to Singularity because we saw the potential while the POC was going on. The top three endpoint security solutions are SentinelOne Singularity, Microsoft Defender, and CrowdStrike. FireEye HX is not one of them.

The initial deployment's complexity was moderate. The entire deployment took six months to complete.

The implementation was completed with the help of the vendor.

I would rate SentinelOne Singularity Cloud Security seven out of ten. The lack of a 60-day search option for the log source lowers the overall score.

The endpoint security team does the maintenance.

SentinelOne Singularity Cloud Security is a good product that is easy to use. 

I am working with AWS. I'm a junior cloud engineer and on the client side, we use this software for security. We use this just for scanning all across the AWS environment for any bug, vulnerability, or high risk security issues, and we have to resolve these issues. The solution offers us low to critical alerts and our work depends on these alerts. If it is a critical alert, we have to resolve things as soon as possible. 

The scanning is very good. We have an AWS environment and we can scan our whole account very quickly. Once the alerts get analyzed, we can automatically start removing issues. 

It's easy to use. It comes with preconfigured settings. I haven't had to really change anything for months. 

We have used evidence-based reporting. We're able to give reports on AWS, for example, how many data centers are used, et cetera. We can collect all of the information from SentinelOne Singularity Cloud Security and share all kinds of data which we can share with the database team for analysis. 

The IaC scanning has been good. It's very interesting. 

When I create a stack for any services in AWS, I can scan everything in a robust environment. This enables me to understand the level of protection.

SentinelOne Singularity Cloud Security can also scan code and provide alerts of there are vulnerabilities.

It's helped us reduce the number of false positives. I've been on the project for 6 months, and it was only until 3 or 4 months in that I received a false alert. Out of 20 alerts coming in, maybe only one or two are wrong. 

The mean time to detect has been reduced. We check SentinelOne Singularity Cloud Security every day for a project happening 24/7. We check it frequently to ensure issues are being addressed quickly. We try to be consistent, however, the alerts don't come in at a certain time. They come in at varying times; we just work to keep on top of them.

We've had a glitch in SentinelOne Singularity Cloud Security where it has fed us false positives in the past.

Sometimes, it takes a few hours to detect a misconfiguration. It would be ideal if that happened faster. Detections should happen in minutes, not hours. 

I've been using the solution for 6 months.

I have not noticed any lagging or crashing. The stability seems to be good. 

We have dealt with support in the past. They were helpful.

Neutral

We did not previously use a different product.

We had senior members of the team manage the installation since they had expertise. I'm not sure how long the process itself took. 

I don't have any visibility on the pricing. 

I'd rate the solution 8 out of 10. 

There are a lot of options. It's a good idea to have a team member arrange on at least a quarterly basis, a review so that new team members can get up to speed on the product and everyone stays on the same page. This will help new team members understand the product. 

SentinelOne Singularity Cloud Security is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.

I would rate the ease of use of SentinelOne Singularity Cloud Security eight out of ten.

SentinelOne Singularity Cloud Security offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.

The evidence-based reporting is great and I appreciate the details the reports provide.

The IAC scanning picks everything up and is effective. The IAC scanning is proactive.

The two biggest benefits of SentinelOne Singularity Cloud Security are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.

SentinelOne Singularity Cloud Security has helped reduce the number of false positives we receive.

SentinelOne Singularity Cloud Security helps us manage our risk posture.

SentinelOne Singularity Cloud Security has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.

The most valuable feature of SentinelOne Singularity Cloud Security is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.

I wish SentinelOne Singularity Cloud Security provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.

I would appreciate the ability to customize the severity levels in SentinelOne Singularity Cloud Security as the current defaults do not meet my needs.

I have been using SentinelOne Singularity Cloud Security for one year.

SentinelOne Singularity Cloud Security is stable. I have not encountered any downtime.

SentinelOne Singularity Cloud Security is highly scalable.

Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.

Positive

The initial setup is easy. One person is required for the deployment.

The implementation was completed in-house.

I'm not familiar with SentinelOne Singularity Cloud Security's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security requires monthly updates.

Preparing for SentinelOne Singularity Cloud Security is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. SentinelOne Singularity Cloud Security will uncover security issues that manual efforts might miss.

We use SentinelOne Singularity Cloud Security as our CSPM. Integrated with our environment, SentinelOne Singularity Cloud Security scans for vulnerabilities and recommends remediation.

We implemented SentinelOne Singularity Cloud Security to monitor our cloud security for vulnerabilities in the configuration.

SentinelOne Singularity Cloud Security is easy to use.

The evidence-based reporting provides details of the vulnerability and the steps we need to take to resolve it.

The SentinelOne Singularity Cloud Security scanning engine provides valuable evidence by identifying and reporting vulnerabilities that could be attacker targets. This evidence of exploitability is crucial because it allows us to prioritize and patch vulnerabilities effectively. Without this information, we might not be able to address critical vulnerabilities promptly.

Thanks to SentinelOne Singularity Cloud Security, our security posture has improved significantly. Our team has been able to effectively address all critical and high vulnerabilities identified by the platform.

SentinelOne Singularity Cloud Security has improved our mean time to detection. Without a CSPM tool, we would not be able to identify vulnerabilities.

SentinelOne Singularity Cloud Security facilitated collaboration between our cloud security, application development, and AppSec teams. The evidence provided by SentinelOne Singularity Cloud Security streamlines collaboration and vulnerability resolution across these teams.

The collaboration has saved engineering time by up to 40 percent.

SentinelOne Singularity Cloud Security's improved compliance monitoring capabilities have helped us achieve a more secure posture.

All the features we use are equal and get the job done.

We encountered issues with some of the configured security rules. The vulnerability recommendations provided by SentinelOne Singularity Cloud Security were inaccurate. In some cases, the rules are strictly enforced but do not align with real-world use cases. To address this, I recommend revising the security rule definitions to better reflect practical scenarios and provide clearer explanations.

We encountered a problem with SentinelOne Singularity Cloud Security. They required a broad security policy, but we requested that they implement least privileged access and grant fewer permissions than they initially required. It took them over six months to respond to our request.

I have been using SentinelOne Singularity Cloud Security for 1.5 years.

I would rate the stability of SentinelOne Singularity Cloud Security 8 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 9 out of 10.

The technical support teams' response time was good but they were lacking a deep understanding of the different environments which caused delays in resolving our issues. 

Neutral

The initial deployment was straightforward and took 2 days to complete.

Two people from our team were involved in the deployment.

I would rate SentinelOne Singularity Cloud Security 7 out of 10.

Four people in our organization utilize SentinelOne Singularity Cloud Security.

No maintenance is required from our end.

I recommend SentinelOne Singularity Cloud Security to others for CSPM. 

We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. 

We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.

We are a services company. We are working for multiple clients from the banking sector or the finance sector. They have to follow the rules and regulations of their country. Each country has multiple compliance requirements, and SentinelOne Singularity Cloud Security helps with the compliance standards that need to be followed. We get reports on the basis of that. We get to know our compliance level. It helps organizations to achieve a high level of compliance.

Its reporting is very good. We do not have to go to the portal and see things again and again. All the required reports go to the respective teams. We have created multiple reports on the basis of applications and cloud accounts. The reports directly go to the application team or the cloud team. They are working on the security posture.

Offensive security is my favorite feature. It gives a lot of things with evidence. It also provides the severity levels, such as critical, high, and medium.

SentinelOne Singularity Cloud Security has reduced false alerts. We are using SentinelOne Singularity Cloud Security every day, and we are able to see every configuration. If we find anything different, we work with SentinelOne Singularity Cloud Security's support team. We create a support ticket as a bug or as a false positive. We are able to close an issue on the basis of priority.

SentinelOne Singularity Cloud Security is protecting our overall infrastructure. It protects our configuration, network, and IM configuration-related things. We trust SentinelOne Singularity Cloud Security. We are getting good results, and we hope to keep getting good results in the future as well.

SentinelOne Singularity Cloud Security has reduced the mean time to detect. If needed, we can also run a scan, and the results are reflected in the SentinelOne Singularity Cloud Security portal.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It also has auto-remediation capability, but we are not using that. As of now, we are following the information given for closing an alert. This information makes it quite easy. It is very helpful. We do not have to search on the web to find a way to fix the issue. The description it provides is good enough.

SentinelOne Singularity Cloud Security has affected the collaboration among our cloud security, application developers, and app sec teams. All the teams are on the same platform. They are able to communicate with each other.  

The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well.

Its UI is quite easy. The recommendation part is also quite easy to understand. Users can read the description, and they get to know which action to perform. It is quite easy to use it and onboard things. I would rate it a 9 out of 10 for the ease of use.

For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue. This is a feature request that we have. We are trying to get that done as soon as possible.

We have been using SentinelOne Singularity Cloud Security for the last year. We are implementing it for customers. We are also trying to be a partner of SentinelOne Singularity Cloud Security or SentinelOne.

It is stable. I would rate it a 10 out of 10 for stability. We have not faced any downtime. The platform is working well.

Its scalability is very good. We can onboard multiple accounts, Kubernetes clusters, or ECS services on a single platform.

I have contacted them. We also have a Customer Success Manager whom we can contact via email. Whenever required, we raise a support ticket with them. We get a call from them, and it gets resolved every time.

We also have biweekly calls with the SentinelOne Singularity Cloud Security team. We discuss any issue that we have with them. They let us know about the things they can do. They provide us with updates. This is how we are working with the SentinelOne team or the SentinelOne Singularity Cloud Security team.

Positive

SentinelOne Singularity Cloud Security is a SaaS solution. It is easy to deploy it for a customer. If we have all the permissions on the infrastructure, we can onboard any cloud within an hour. However, in an organization, some approvals might be required. In such a case, it can take a week.

It does not require any maintenance. Whatever they are doing is quite good, and the application is working fine. They let us know about their maintenance plans via email. We get to know that downtime is at a specific time. So far, we have not had any issues. It has been pretty good.

We have not used SentinelOne Singularity Cloud Security's agentless vulnerability scanning. We are trying to onboard all the features and enable them in our tenant. Currently, there are a few features that we have not enabled because we have onboarded some of the accounts as a single account. We are trying to onboard all the accounts at the org level, but we are facing some issues. We are communicating with the SentinelOne team. We are trying to get it done as soon as possible.

We have done a PoC of IaC for some of the projects. In a couple of months, we will start with this feature. It is quite a good feature because we get to the issues in our code before deploying it. It is very good for developers and the Infra team. They do not have to worry after the deployment of the application.

Overall, I would rate SentinelOne Singularity Cloud Security a 10 out of 10. It is helpful. It is easy to use and easy to understand. It makes it easy to explain things to the customers.

I consider it a cloud security posture management tool. It is being used for the overall posture of the environment. 

By implementing Cloud Native Security, we wanted to monitor end-to-end misconfigurations. That is why we started with it. We are now also using one other module for detection and response, but mainly, we are using it to monitor misconfiguration and benchmark compliance.

It is pretty good. It has good coverage and a good reporting system.

There has been tremendous improvement since implementing Cloud Native Security. Cloud Native Security reports any misconfiguration that is there in the infrastructure. We do not have to go and check each service individually. It has helped a lot.

For compliance management, we can find the benchmark compliance status in Cloud Native Security directly. We do not have to do anything. Many benchmarks that we are supposed to follow are added by default. It is pretty easy for us to showcase compliance to anyone.

Misconfiguration detection has been the most effective for threat detection in our cloud environment. We are mainly focusing on the misconfiguration. I can see any configuration-related issues in all the modules.

Because it covers all the modules, every single aspect of the compliance has improved. We were able to find out the critical issues related to cloud infrastructure. It is a real-time monitoring system, so, at any time, we can check and confirm.

Cloud Native Security provides information about the exact affected area. We can easily locate a resource in a particular account or service. It is very clear from the Cloud Native Security report where to look for a particular misconfiguration. They have also added a graphical representation.

The reports tell us what is the impact, how critical it is, and how to locate the issue. That helps to prioritize things and fix a critical issue on an urgent basis. It is easy to analyze things from our side.

After implementing Cloud Native Security, we were able to implement so many best practices. Initially, we were getting different types of issues. We learned from those issues, and we are now implementing best practices based on that. We are also able to do real-time monitoring.

It has helped reduce the number of false positives we deal with. We are hardly getting any false positives. Previously, if we had four false positives, we now have only one false positive.

Cloud Native Security's ease of use and precision in detection have improved our risk posture a lot.

Cloud Native Security has saved our mean time to detect. It has saved a lot of our time. It has saved almost 95% of the time because we cannot go and check all the services in AWS. It is very vast. Cloud Native Security gives us specific information. There is no manual effort.

Cloud Native Security has not helped reduce our mean time to remediate because remediation depends on so many factors. It has nothing to do with Cloud Native Security. We are getting the issues, and the team is responding to them. After fixing them, there is a lot of improvement in the number of issues.

It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end. The other thing is the coverage. As far as I know, it has pretty good coverage. 

It is very easy to use. I would rate it a nine out of ten for ease of use. 

We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks. 

I have been using Cloud Native Security for around ten months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

Overall, we have seven users of this solution, but at a time, we only have two active users. It is being used in a single location.

Their support is good. Whenever we have doubts, we get proper support. We connect with them and resolve the issue. I would rate them a nine out of ten.

Positive

We did not use any other solution. This is the first one.

It is on the cloud. The implementation phase varies. It can take a few months.

It does not require any maintenance.

I am not involved in the pricing, but it is cost-effective.

I would recommend Cloud Native Security to others. Overall, I would rate Cloud Native Security a nine out of ten.

I'm taking a look and digging into applications. I use it for general analysis. 

The visibility is very good. It allows me to go deeper into my investigations. It gives me the information I need. 

I do use the vulnerability scanning every day. It's excellent. I have no complaints. 

We do get false positives, however, it can be from downloading from dodgy sites or whatever the case may be. 

The mean time to detect is good. It's very fast.

It's good as is. From a beginner's perspective, while it's not necessarily complicated, it can be confusing. However, once you get the gist of it, it's pretty clear. For example, when you first go on it, you don't know what's going on. A few YouTube videos could be helpful. There isn't a lot of information out there to look at. 

I've been using the solution for roughly six to seven months. 

The stability of the solution is good. There is no lagging, crashing or downtime. This year we haven't had any downtime with the solution. 

The solution is very scalable. 

I've never contacted technical support. 

I did not previously use a different solution. 

When I joined the company, it was already being used; I did not set up the solution.

It doesn't need ongoing maintenance, although there are occasional agent updates. 

I don't know about the pricing or licensing. 

I'm an end-user.

I've never used the evidence-based reporting or the offensive or infrastructure-as-code scanning yet. 

I'd rate the solution nine out of ten.