SentinelOne Singularity Cloud Security Reviews

We have multiple applications in our AWS cloud environment. We have a private environment, and we do not disclose it to the Internet. We have configured multiple security alerts, such as for any incoming traffic from a public IP address.

We have also set up SentinelOne Singularity Cloud Security alerts for key rotation of security credentials for the accounts.

SentinelOne Singularity Cloud Security helps us to reduce the security overhead. We do not have to manage every small thing manually. They are taken care of by SentinelOne Singularity Cloud Security.

We use vulnerability scanners for our AWS servers. If there is any vulnerability, we get a report on that. We close those open security points. I do not know the exact name of the scanners, but they work great.

We rarely get false positives. We usually get real-time, accurate data. Sometimes there is a mismatch between the actual data and the data we get from SentinelOne Singularity Cloud Security, but that is negligible. It happens once in a thousand times.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It has saved about 60% of our time. It has helped us with that.

It has also reduced our mean time to detect. The time savings depend on the use case. On average, it saves ten to fifteen minutes per use case.

We do not use it at a large level for Infrastructure as Code scanning, but it saves us time. We do not have to click on the features in the GUI. We have set up some scripts with the Infrastructure as Code feature. We run them to generate reports and get the required output.

The Infrastructure as Code feature has helped us. We can integrate SentinelOne Singularity Cloud Security with our cloud tools. It helps with the development part. For example, Lambda is an AWS feature. It is a code environment. We can directly connect these two. It helps with the run time of the processes.

We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security's interface is quite good. It is beginner-friendly. If someone has even a little bit of idea about cloud security, they can learn it very easily.

I do not know if it is possible, but in AWS Cloud, there are multiple features or services, and if they can collaborate with them, it would be helpful. The Infrastructure as Code service available in SentinelOne Singularity Cloud Security and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in SentinelOne Singularity Cloud Security. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on SentinelOne Singularity Cloud Security, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great. It will be an amazing tool.

My organization has been using SentinelOne Singularity Cloud Security for one and a half years, but I have been using it for the past three to four months for cloud security.

I have not faced any downtime. If they have any kind of maintenance, they let us know via email a week or two before. The maintenance is usually done once a quarter, and it is done out of business hours, so we do not have any concerns about that.

I would rate it a seven out of ten for scalability. If they can collaborate with AWS services as well, it can be a 10 out of 10.

I have contacted them quite a few times. They are pretty good. They are within their SLAs. I have never raised a support case with a very high severity. For the cases I raised, they have an SLA of about 24 hours, and they always meet that SLA.

I always get a perfect answer in the reply. If I have some major issue and I am unable to understand that via email, they also come on a Teams or Webex call. They provide a good service. I would rate them a nine out of ten.

Positive

It is a cloud deployment. I believe they have an on-premise option as well,  but we are not using that. We are completely on the cloud.

I was not involved in its deployment. Its deployment was done by the organization about a year and a half ago. I only manage operations, and I have been here only for about three months.

It does not require any maintenance as such. In the infrastructure code part, we update the code, but I am not sure if that comes under maintenance.

You should be a little familiar with cloud security. Otherwise, you might face a few difficulties in accessing the SentinelOne Singularity Cloud Security console. If you are a little familiar, it will be very easy for you. A completely new user without a technical background can get a bit confused by the naming conventions in the GUI.

I would recommend SentinelOne Singularity Cloud Security to others. Overall, I would rate SentinelOne Singularity Cloud Security an eight out of ten.

We use the solution for monitoring the security of our infrastructure. It helps us identify all the vulnerabilities.

We had code and infrastructure, and we just weren't sure of all the vulnerabilities within them. This knowledge has helped protect us from security loopholes. 

It's integrated with all of our cloud services on our accounts. It automatically fetches all the resources, scans through the code, and reports back on our vulnerabilities. It helps with all of our overall security standards as per the industry, and it can give us a rating. If I go to the compliance section, it gives me an idea of how I'm performing with respect to compliance metrics.

There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring.

It's fairly easy to use. I'd rate the ease of use 7 out of 10. There is a learning curve around the initial issues. However, we can look at issue descriptions and what to do. It gives us a lot of details about an issue, so that helps. 

Evidence-based reporting helps prioritize and solve our cloud security issues.

PingSafe includes proof of exploitability in evidence-based reporting. It's really important. If we did have any proof, it would be harder to pinpoint false positives. I like that it gives proof.

The code scanning is helpful. Whenever somebody commits a recent code, it helps identify that immediately and check vulnerabilities. 

It has positively affected our exposure. Before we implemented it, we were having lots of issues, and now, with PingSafe, we're up to 87% compliance with respect to all security metrics. It's been a gradual process, however, we're getting better and better. 

We've been able to reduce mean time to detect. It's gotten a bit faster. If you have a solution like this, you can take a more proactive approach. When a vulnerability happens, you can act immediately. Our mean time to detect has improved by about 80%.

It's also helped us with our mean time to remediate. It shows recommended actions and helps tell us what could possibly remediate the issue. 

The product has positively affected collaboration among our cloud security, application developers, and AppSec teams. PingSafe, however, is more centered around our infrastructure security and doesn't impact developer productivity much.

The compliance monitoring capabilities are helpful. We're a venture product, so we need to be compliant with everything. When we get a report, we can see what we need to do for compliance, and it helps us identify issues and mitigate them effectively to increase compliance. 

There is a bit of a learning curve for new users. The ease of use could be better.

We've had an issue where we muted a false positive, however, when we made some changes to a cloud configuration, it popped up again. So it hasn't really reduced false positives; you just need to manually ignore them. 

I've used the solution for one year. 

The solution has been stable throughout. 

We have three to four users that are actively using PingSafe. They are admins and engineers. 

So far, we haven't had any scalability issues. 

They have great technical support.

Positive

We didn't use a different solution previously.

The initial deployment was pretty quick. When you integrate any of your cloud service providers, it doesn't take long. We had it implemented in a few days. One of our reps can just work with the team to get it ready.

It's not integrated with any other security tools, however, it is integrated within our infrastructure. 

No maintenance is required.

I don't have any visibility on the pricing of PingSafe. 

We have not evaluated other solutions. 

I'd recommend the solution to other users. Overall, I'd rate the product 8 out of 10. 

SentinelOne Singularity Cloud Security is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.

I would rate the ease of use of SentinelOne Singularity Cloud Security eight out of ten.

SentinelOne Singularity Cloud Security offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.

The evidence-based reporting is great and I appreciate the details the reports provide.

The IAC scanning picks everything up and is effective. The IAC scanning is proactive.

The two biggest benefits of SentinelOne Singularity Cloud Security are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.

SentinelOne Singularity Cloud Security has helped reduce the number of false positives we receive.

SentinelOne Singularity Cloud Security helps us manage our risk posture.

SentinelOne Singularity Cloud Security has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.

The most valuable feature of SentinelOne Singularity Cloud Security is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.

I wish SentinelOne Singularity Cloud Security provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.

I would appreciate the ability to customize the severity levels in SentinelOne Singularity Cloud Security as the current defaults do not meet my needs.

I have been using SentinelOne Singularity Cloud Security for one year.

SentinelOne Singularity Cloud Security is stable. I have not encountered any downtime.

SentinelOne Singularity Cloud Security is highly scalable.

Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.

Positive

The initial setup is easy. One person is required for the deployment.

The implementation was completed in-house.

I'm not familiar with SentinelOne Singularity Cloud Security's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security requires monthly updates.

Preparing for SentinelOne Singularity Cloud Security is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. SentinelOne Singularity Cloud Security will uncover security issues that manual efforts might miss.

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

SentinelOne Singularity Cloud Security is deployed on all our servers except for user machines. When Singularity identifies a downloaded application as malicious, it triggers an alert sent to our SIEM console. We can then investigate the alert details, including associated logs, to determine if the malware is static or actively malicious. We can also investigate suspicious IP addresses or domains. Additionally, Singularity monitors process creation and can provide forensic data on security incidents, including information about backdoor connections and the applications involved, like Chrome or other browsers.

SentinelOne Singularity Cloud Security stands out for its user-friendliness compared to competitors like CrowdStrike, FireEye HX, and Microsoft Defender. Unlike these tools, which can be cumbersome for tasks like running queries or searching for logs, Singularity offers intuitive interfaces and delivers results in seconds, even for complex searches across various hash formats, like MD5, SHA256, etc., without needing conversion.

Our existing SIEM console allows us to analyze alerts triggered by the SOC team. We can investigate potential false positives or conduct tests directly within the console. Additionally, the console facilitates quick searches for IOCs to identify malicious communications. Furthermore, Singularity Cloud Security offers a central management console for automated machine reboots, containment, and even self-maintenance in response to high-severity security alerts. This eliminates the need for manual intervention.

We saw the benefits of SentinelOne Singularity Cloud Security within the first two months of transitioning from FireEye HX. Singularity was easy to manage, and we were able to identify vulnerabilities.

SentinelOne Singularity Cloud Security has helped reduce the false positives we receive by 15 percent compared to FireEye HX.

Singularity has helped reduce our mean time to detect. The automatic containment of the infected machine is done within the first ten seconds of detection.

Singularity has helped reduce our mean time to remediate. 

The user-friendliness is the most valuable feature.

SentinelOne Singularity Cloud Security offers a custom search function with a default 14-day limit. Extending this period to 30 days requires an additional license. A two-month grace period for extended searches would be a valuable improvement. Additionally, enhancements to the threat-hunting capabilities of the hunter module are recommended.

I have been using SentinelOne Singularity Cloud Security for two years.

We had an incident in which they pushed a patch without notifying us and without testing, damaging all of our security controls. 

Neutral

We previously used FireEye HX but shifted to Singularity because we saw the potential while the POC was going on. The top three endpoint security solutions are SentinelOne Singularity, Microsoft Defender, and CrowdStrike. FireEye HX is not one of them.

The initial deployment's complexity was moderate. The entire deployment took six months to complete.

The implementation was completed with the help of the vendor.

I would rate SentinelOne Singularity Cloud Security seven out of ten. The lack of a 60-day search option for the log source lowers the overall score.

The endpoint security team does the maintenance.

SentinelOne Singularity Cloud Security is a good product that is easy to use. 

We have one client, and we need a portal to manage security. We use Singularity to provide security information and identify vulnerabilities or malicious scripts that need to be fixed. It also provides recommendations about each of the vulnerabilities that are helpful.

We provide cloud services on our site using AWS. Singularity detects flaws that we must close for security reasons. We use Singularity to observe those findings and fix things based on the customer's requirements. Previously, we used to segregate issues and look after them. Singularity helped us secure our infrastructure. We've significantly reduced our potential security breaches to a minimum. 

It has improved how we operate on a larger scale. We set up the platform, onboarded the info, and then gradually moved further. Over time, it helped us slowly resolve those issues. We were using the cloud platforms' native security tools, but those were unhelpful. Now, we rely on this more than those services. 

Singularity reduced our false positive rate by about 60 percent. We've had even better results in terms of our risk posture. We can rely on this tool to improve our security conditions on a broader scale. If I gave our security posture a percent rating, I would give it 89 percent.

The solution saves time by giving us everything in one place. You don't need to manually check every account. It tells us a lot. Singularity reduces our detection time by about 60 percent. 

Singularity has improved collaboration among cloud security, application developers, and AppSec teams. Previously, it would take around a week for engineers to address issues. Now that we use this tool, we resolve issues in one or two days.

We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues. Singularity is easy and convenient to use. It is extremely easy for a novice to understand what the dashboard is trying to say and the terminology's meanings.

Evidence-based reporting is excellent for auditing. It shows all the findings and severity: low, high, medium, or critical. We solve the low-level and medium issues. Next, we resolve high-level and critical problems. It's easy to fix the security breaches.

We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating. 

We have used Singularity Cloud Security for about six months.

I rate Singularity nine out of 10 for stability. 

I rate Singularity eight out of 10 for scalability. 

I rate SentinelOne support nine out of 10. 

Positive

Singularity took about a week to deploy. A team of 40 to 50 people was involved. 

I rate SentinelOne Singularity Cloud Security nine out of 10. I would recommend the tool to others. It's a convenient and cost-effective tool for identifying security breaches. You get everything in one place, saving you time and costs.

We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. 

We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.

We are a services company. We are working for multiple clients from the banking sector or the finance sector. They have to follow the rules and regulations of their country. Each country has multiple compliance requirements, and SentinelOne Singularity Cloud Security helps with the compliance standards that need to be followed. We get reports on the basis of that. We get to know our compliance level. It helps organizations to achieve a high level of compliance.

Its reporting is very good. We do not have to go to the portal and see things again and again. All the required reports go to the respective teams. We have created multiple reports on the basis of applications and cloud accounts. The reports directly go to the application team or the cloud team. They are working on the security posture.

Offensive security is my favorite feature. It gives a lot of things with evidence. It also provides the severity levels, such as critical, high, and medium.

SentinelOne Singularity Cloud Security has reduced false alerts. We are using SentinelOne Singularity Cloud Security every day, and we are able to see every configuration. If we find anything different, we work with SentinelOne Singularity Cloud Security's support team. We create a support ticket as a bug or as a false positive. We are able to close an issue on the basis of priority.

SentinelOne Singularity Cloud Security is protecting our overall infrastructure. It protects our configuration, network, and IM configuration-related things. We trust SentinelOne Singularity Cloud Security. We are getting good results, and we hope to keep getting good results in the future as well.

SentinelOne Singularity Cloud Security has reduced the mean time to detect. If needed, we can also run a scan, and the results are reflected in the SentinelOne Singularity Cloud Security portal.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It also has auto-remediation capability, but we are not using that. As of now, we are following the information given for closing an alert. This information makes it quite easy. It is very helpful. We do not have to search on the web to find a way to fix the issue. The description it provides is good enough.

SentinelOne Singularity Cloud Security has affected the collaboration among our cloud security, application developers, and app sec teams. All the teams are on the same platform. They are able to communicate with each other.  

The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well.

Its UI is quite easy. The recommendation part is also quite easy to understand. Users can read the description, and they get to know which action to perform. It is quite easy to use it and onboard things. I would rate it a 9 out of 10 for the ease of use.

For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue. This is a feature request that we have. We are trying to get that done as soon as possible.

We have been using SentinelOne Singularity Cloud Security for the last year. We are implementing it for customers. We are also trying to be a partner of SentinelOne Singularity Cloud Security or SentinelOne.

It is stable. I would rate it a 10 out of 10 for stability. We have not faced any downtime. The platform is working well.

Its scalability is very good. We can onboard multiple accounts, Kubernetes clusters, or ECS services on a single platform.

I have contacted them. We also have a Customer Success Manager whom we can contact via email. Whenever required, we raise a support ticket with them. We get a call from them, and it gets resolved every time.

We also have biweekly calls with the SentinelOne Singularity Cloud Security team. We discuss any issue that we have with them. They let us know about the things they can do. They provide us with updates. This is how we are working with the SentinelOne team or the SentinelOne Singularity Cloud Security team.

Positive

SentinelOne Singularity Cloud Security is a SaaS solution. It is easy to deploy it for a customer. If we have all the permissions on the infrastructure, we can onboard any cloud within an hour. However, in an organization, some approvals might be required. In such a case, it can take a week.

It does not require any maintenance. Whatever they are doing is quite good, and the application is working fine. They let us know about their maintenance plans via email. We get to know that downtime is at a specific time. So far, we have not had any issues. It has been pretty good.

We have not used SentinelOne Singularity Cloud Security's agentless vulnerability scanning. We are trying to onboard all the features and enable them in our tenant. Currently, there are a few features that we have not enabled because we have onboarded some of the accounts as a single account. We are trying to onboard all the accounts at the org level, but we are facing some issues. We are communicating with the SentinelOne team. We are trying to get it done as soon as possible.

We have done a PoC of IaC for some of the projects. In a couple of months, we will start with this feature. It is quite a good feature because we get to the issues in our code before deploying it. It is very good for developers and the Infra team. They do not have to worry after the deployment of the application.

Overall, I would rate SentinelOne Singularity Cloud Security a 10 out of 10. It is helpful. It is easy to use and easy to understand. It makes it easy to explain things to the customers.

Our Cloud Native Security use cases depend on the type of SQL server we use. Currently, we need to check all cloud-based configurations directly. Cloud Native Security helps us identify SQL configurations on our local PCs.

Cloud Native Security has improved our cloud security monitoring processes. We can now capture all issues and misconfigurations in real-time, allowing us to respond quickly.

It streamlined compliance management for our organization. They schedule a meeting with us every month to discuss any requirements on our end, such as updating the Cloud Native Security version. For example, one time they informed us that we needed to update to Cloud Native Security version four. We inquired with their customer support team, who were very approachable and requested them to implement the cloud version of Cloud Native Security version four into our Cloud Native Security dashboard. They implemented it within five to six days. We were happy to adopt the enhanced security controls of Cloud Native Security version four. The customer success team and the customer-facing teams were very helpful and provided us with the best solution. This is why we chose Cloud Native Security. They are a well-established CSPM company in India with a proven track record of assisting businesses with compliance requirements. By onboarding Cloud Native Security, we gained a cloud-based configuration management system for our workloads.

It's easy to use.

Our cloud security issues are already automated using a common subscription ticketing tool to capture them. Reports are then sent to both the internal DevOps team to identify potential false positives and the business team to assess if resolving the issue aligns with business requirements.

Cloud Native Security's event-based evidence reporting should include proof of exploitability. This would allow users to easily identify misconfigured areas in the graph and click on a provided link to conveniently be redirected to the cloud service provider management console page for more details.

Cloud Native Security's offensive security engine proved valuable recently. When an endpoint was mistakenly exposed, it automatically captured the unauthorized request in the cloud and sent an alert to our email address. This notification allowed us to take swift action and restrict access to the URL on our network.

The AI helps us handle the hundreds of audits each year helping to enhance our security posture.

Cloud Native Security's access to the IIM role in the cloud formation template significantly reduces false positives, thereby maximizing the number of true positives.

Cloud Native Security helps us improve our risk posture, failover capabilities, and compliance levels.

Cloud Native Security reduces our MTTD. We are alerted within seconds on the dashboard and email of the detection.

To assess our MTTR, we need to consult with the DevOps team and conduct an impact analysis. If the impact analysis reveals no disruption to the production application within the AWS network architecture, we can proceed with remediation immediately. However, if the analysis identifies a potential impact, obtaining management approval will add to the resolution timeframe.

Cloud Native Security improves collaboration between our cloud security application developers and AppSec teams. It's particularly helpful for AppSec because we can leverage cloud security controls directly from Cloud Native Security. This also allows us to mitigate cloud misconfigurations.

Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities.

In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams. 

I have been using Cloud Native Security for six months.

Cloud Native Security is stable.

The scalability of Cloud Native Security is good.

The technical support is the best. They can integrate our suggestions for security control into Cloud Native Security within three days.

Positive

The deployment took one week. The deployment was completed by one person from our team along with a tech team from Cloud Native Security.

Cloud Native Security is priced reasonably for our workload.

I would rate Cloud Native Security ten out of ten.

We have a large number of users of Cloud Native Security in our organization.

I recommend Cloud Native Security to others.