SentinelOne Singularity Cloud Security Reviews

My use case for SentinelOne Singularity Cloud Security was mostly for cloud security, to identify vulnerabilities in the environment and to secure important sensitive data. These were the two primary use cases.

SentinelOne Singularity Cloud Security improved our risk posture significantly. There was a very great improvement that I can definitely confirm.

SentinelOne Singularity Cloud Security helped reduce our mean time to detect and mean time to remediate. 

The inclusion of proof of exploitability in SentinelOne Singularity Cloud Security's evidence-based reporting is quite important to me, as they were quite useful. 

Regarding its evidence-based reporting for helping prioritize and solve the most important cloud security issues, it mostly relates to our VMs running on GCP, which was the most important use case for us. I assess this agentless vulnerability scanning for vulnerability discovery across my cloud infrastructure as good; they frequently provide us with existing vulnerabilities, so overall, it was great to work with.

SentinelOne Singularity Cloud Security helped to reduce the number of false positives. I was using automated malware scanning for S3 buckets in SentinelOne, and we were able to resolve quite a good number of use cases with that, so it was pretty helpful.

SentinelOne Singularity Cloud Security improved collaboration among our cloud security teams, application developers, and AppSec teams. We were able to collaborate with different teams, sharing information about vulnerabilities related to development, explaining the actual problems, how they could be resolved, and how they could be verified first. This collaboration helped save engineering time, approximately three to four hours.

I appreciate its ability to scan the entire environment and fetch all items that are not configured properly, which is one of the best capabilities. It also suggests what the actual configuration should be, notifies instantly about any information that is leaked, and regularly gives updates about vulnerabilities that are present in the market.

SentinelOne Singularity Cloud Security is quite easy to use; there is not much complexity. The UI is quite user-friendly, making it very easy to use. 

One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have configured the policies could be enhanced. There could be a better way to configure custom policies, which is one aspect that I feel can be improved further.

I used this solution for two years.

In my opinion, it is stable.

It is a scalable solution.

I would rate my experience with the technical support of SentinelOne Singularity Cloud Security as eight out of ten.

Positive

I did not use a different SentinelOne solution or solutions from other vendors.

I was not involved in the deployment of the solution or the initial setup of SentinelOne Singularity Cloud Security.

We saw a return on investment with SentinelOne Singularity Cloud Security. The aspects where I have seen ROI were mainly in time-saving, as it saved considerable time in identifying vulnerabilities, testing vulnerabilities, and it helped in preventing quite a few incidents that could have led to major issues.

I think the pricing of SentinelOne Singularity Cloud Security is a bit high.

I would rate SentinelOne Singularity Cloud Security an eight out of ten.

We are using it for the primary purpose of cloud security posture management.

We use infrastructure as code scanning, as our primary mission is for cloud security posture management, and it identifies hard-coded secrets in source code, including aspects of Kubernetes security. 

It provides several features, such as attack visualization and evidence-based reporting, that help us proactively mitigate vulnerabilities. It reduces compliance risks and audit pressures.

For evidence-based reporting, we integrated it with CWPP and CI/CD. It helps us secure infrastructure because it presents the reports.

I can see the proof of exploitability results for each tool in the dashboard. It provides great insights into our cloud security posture and informs us about the complexities of certain issues.

SentinelOne Singularity Cloud Security helps us identify if the development has a public repository. It offers better UI and improved visibility compared to open-source tools. It identifies issues in minutes, including hard-coded secrets that could expose our systems if accessed publicly.

SentinelOne Singularity Cloud Security is on top of protecting ephemeral workloads. It has automated capabilities that block misconfigurations and identify issues.

SentinelOne Singularity Cloud Security has helped to reduce false positives. 

With SentinelOne Singularity Cloud Security, I appreciate the monitoring features and the report with the compliance score.

I find it easy to use, and there is nothing complicated about this. The dashboard and the UI/UX are very helpful, making it easy to follow and get used to.

There is room for improvement in application security posture management features, and SentinelOne Singularity Cloud Security is on the costlier side.

I have been using SentinelOne Singularity Cloud Security for around 2 years.

It is a highly stable product, and we have not faced any reliability issues.

It is scalable, and I would rate it a nine out of ten for scalability. We have not seen any performance slowdowns while onboarding multiple projects.

It is being used by multiple departments. Ten members of our security and DevOps team use the solution in our internal security team.

I would describe their support as neutral.

Positive

It was easy. It took two days. Its maintenance is handled by another team.

It has improved our detection and response rate by about 30%. 

It has improved collaboration. It has saved a lot of communication through the central dashboard. Anybody can look at the dashboard and see the open issues and resolve them accordingly.

It has improved our security posture by 30% to 40%.

SentinelOne Singularity Cloud Security is on the costlier side.

I have not looked into the agentless vulnerability scanning and automated malware scanning for S3 buckets on the dashboard. It runs in the background.

So far, I have not encountered any challenges while using SentinelOne Singularity Cloud Security. I would rate it a nine out of ten compared to other vendors I have experienced.

In my organization, we use SentinelOne Singularity Cloud Security to enhance our security posture. The platform provides alerts and recommendations on best practices, policies, and necessary updates to strengthen our infrastructure security.

We implemented SentinelOne Singularity Cloud Security to strengthen our security posture. Previously, we lacked clear guidance on best practices, including password reset policies, patching procedures, and VM updates. SentinelOne provides these best practices and recommendations, significantly improving our infrastructure security.

SentinelOne Singularity Cloud Security is user-friendly.

Evidence-based reporting helps prioritize and solve cloud security issues. When an issue occurs in my infrastructure, I receive an alert on their dashboard and a notification is sent to our common email address. SentinelOne Singularity Cloud Security provides a direct link to the affected resource in the AWS console, allowing me to navigate to the issue and resolve it quickly.

SentinelOne Singularity Cloud Security has improved my organization's security posture significantly. Before its implementation, we lacked an understanding of best practices for security. The solution has clarified our path by providing guidelines and alerts, which have helped us secure our infrastructure effectively.

It has reduced the number of false positives significantly, providing accurate data for our security processes.

SentinelOne Singularity Cloud Security has significantly improved our risk posture.

Prior to implementing SentinelOne Singularity Cloud Security, our mean time to detect ranged from 30 to 35 minutes. Now, with SentinelOne, our MTTD has significantly improved, falling within the range of 5 to 10 minutes.

Our mean time to remediate has been reduced to five minutes since implementing SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security offers several valuable features, most notably the rapid vulnerability notifications that provide timely alerts regarding our infrastructure. Furthermore, the platform's intuitive interface enables even novice team members to navigate the dashboard with ease, minimizing the need for extensive documentation.

I believe the UI/UX updates for SentinelOne Singularity Cloud Security have room for improvement. While the current interface is excellent, enhancements could make it more user-friendly. Additionally, an improved notification system that sends alerts about vulnerabilities directly to our centralized console would allow for a more prompt response.

I have been using SentinelOne Singularity Cloud Security for almost one and a half years.

I rate the stability of SentinelOne Singularity Cloud Security as nine out of ten.

I rate the scalability of SentinelOne Singularity Cloud Security as ten out of ten.

I have contacted SentinelOne's technical support team once, and they were very helpful. Their communication and product knowledge were excellent.

Positive

The initial cloud-based deployment was straightforward, taking approximately two to three working days with a team of three people.

The implementation was handled internally by my team with guidance from a senior resource.

I rate SentinelOne Singularity Cloud Security nine out of ten.

We have 150 users of SentinelOne Singularity Cloud Security.

I recommend SentinelOne Singularity Cloud Security to others because it is very important from a security standpoint. 

In its all-in-one aspect, we started with Cloud Security Posture Management at the beginning and then added the Offensive Security Engine, Vulnerability Management of CDR. We also use it for compliance.

By implementing this solution, we wanted an alerting mechanism and detection of any deviation from our current configuration. We also wanted visibility into Kubernetes and AWS cloud. We wanted something that continuously monitors and gives us updates so that we can take action.

We have an overview of our compliance status. We check on a weekly or monthly basis where we are with respect to various compliance standards.

Its dashboard is quite good. We can select any resource and go to any details we want. We have a visual representation of our assets and how they are connected.

I like the granularity of access. We can give read-only, admin, or other types of access to team members based on their roles.

It provides an option for auto-remediation, but we are not leveraging that. However, we are using the exploit information to check what they saw versus what we are seeing. It helps to be able to see their evidence.

It includes proof of exploitability in its evidence-based reporting. This is very important for us. We can validate if something is false positive or not only if we have any evidence from the findings. Having the evidence for every issue helps us prioritize the findings.

Offensive Security Engine has helped to clear a lot of vulnerabilities in the past. Through the dashboard, we could see all the metrics related to public exposure and misconfigurations. We have a lot of services in our cloud, and they were very hard to track. It solves that problem for us. 

Our time to detect and respond has improved drastically. If a misconfiguration happens, we gain visibility quickly. Our mean time to detect and respond has reduced by about 50%.

It has enabled collaboration between multiple teams for implementing cloud detection and response and understanding vulnerabilities. It has saved 20% to 30% of our time.

It has been highly effective in risk mitigation. Slack and Jira integrations have been helpful for alerting and creating tickets. We also have Kubernetes integration for insights. 

The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable. I get to customize severities or rules. The flexibility to rate a finding or category of vulnerabilities is the most interesting. 

The cloud misconfiguration feature gave us almost zero false positives. We are happy with this feature.

In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of critical severity, whereas they are not critical or of high severity. There is a mismatch of severities. They need to work on severity management. 

Alert fatigue is an issue as well. We get many alerts because of severity mismanagement. In CDR, there is no option to rescan or recheck. In cloud security, if a resource is restarting multiple times and gets a new name, we get alerts each time, leading to alert fatigue. If restarted five times, we get five alerts, which is not favorable.

I have used the solution for two years.

It is a stable product. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We are using the Enterprise plan which is the maximum that one can leverage. We are paying for all the features, but we are currently not leveraging VCS. We want to increase the usage of that.

Their technical support is top-notch. I made friends there.

Positive

Previously, there was no product. We relied on in-house, independent ad-hoc automations. We now have a comprehensive and all-in-one solution.

Its deployment was easy. It was set up in less than a week.

There were a couple of people from PingSafe and a couple of people from our side.

We are based out of Indonesia and India. The deployment was done on the cloud. We use AWS. The PingSafe team was from Bangalore, India.

Its maintenance is taken care of by the SentinelOne team. There is nothing required from us.

On the resource side, we do not have to invest much money or time into developing our own automation or tools. It has saved us more than 50% of our time.

It is cost-effective compared to other solutions in the market.

I recommend looking at the exact requirements and exploring options for CSPM and Offensive Security Engine. These two are a must-have. I would recommend reviewing the use case first and seeing if any other features are required. 

I would recommend this solution to others. Overall, I would rate it a ten on ten for cloud security.

I personally use this for infrastructure security purposes because it provides alerts for any threat detection or vulnerability detection in my infrastructure. This ensures that these issues are addressed promptly.

It has helped us a lot with security practices which are supported by the industry benchmarks. The security tools and policies are regularly updated based on new evidence or changing threat landscapes.

Furthermore, after SentinelOne Singularity Cloud Security was deployed in our system, it provided quick alerts. Previously, tools did not offer fast notifications in case of incidents. SentinelOne Singularity Cloud Security delivers alerts in seconds or milliseconds. It connects directly with my dashboard. I can see the issue. They also provide critical documentation, helping me address issues. 

It has improved our risk posture significantly. The risk posture improved from 60% to 70% to 90% to 95%. We have better control over the risk posture.

It has reduced our mean time to detect. Previously, it took me around ten to fifteen minutes, but with SentinelOne Singularity Cloud Security, it takes around seven to eight minutes to resolve an issue. There is often a 60% to 70% reduction. It has also reduced our mean time to remediate by about 45%.

Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions.

Another valuable feature is the excellent defense mechanism against ransomware, including rollback features. Their managed service for 24/7 monitoring of the infrastructure for any threats and risks is also valuable.

It is easy to use. A new person can easily understand what SentinelOne does by checking the dashboard. It has an intuitive dashboard and streamlined processes, making it user-friendly for security teams like us.

From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the alert appears on the dashboard, but I have to log in to the dashboard and refresh it. I would prefer it to provide better alerting and notifications so that I can resolve issues on priority.

I have been using the solution for 1.5 years.

I personally did not find any lagging issues or other issues. It is perfect.

It is scalable. I would rate it a nine out of ten for scalability.

They provide excellent customer service, coming to calls very quickly. Their information and technical knowledge are excellent with no comparison to other products I have used.

Positive

We previously used an antivirus product.

The initial setup is quite easy. Their customer support team was also there during deployment. They were knowledgeable, and it took about three to four days to complete deployment and testing.

Its maintenance is handled by SentinelOne. They update it regularly.

We only took help from the PingSafe customer support team for deployment, mostly to address any issues. Four people were more than enough.

I have not found any other solution to be this helpful. After its deployment, I feel totally secure. Everything works smoothly, and I do not need to look into any part. I am tension-free. 

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

We are using SentinelOne for CSPM Cloud, specifically for cloud misconfiguration monitoring and related tasks on SentinelOne.

The reporting feature is noteworthy. We have scheduled reports for all accounts. We have seven to eight accounts in our AWS setup, so we have scheduled reports for production and similar tasks. We have separate reports for misconfiguration issues. For other accounts, we have created summary reports. We share these summary reports separately and can bifurcate them based on our requirements. Furthermore, we have added a feature where we can see the total hierarchy of an event, viewing the account details and the changes that occurred. When I joined, there were more than one hundred open findings on SentinelOne where our team was not fully aware of the misconfigurations. We had calls with SentinelOne to gain more solutions and proper descriptions, as many issues were not properly described. They have changed many scripts to improve alerting and reduce false alerts. In one instance, there was a twenty-four-hour delay in an issue appearing on the portal. They have since resolved these issues.

In the Analytics section, there is a tab for showing the severity of open issues by day. There are three options: by week, by month, and for more than thirty days. However, despite being aware of many issues open for more than thirty days, it shows no data available. We contacted the team, and they are working to resolve this, as it gives our management a false impression of there being no open incidents over that period.

I have worked with this product for the last one and a half years.

It is stable. Based on my observation, it appears stable.

There are no issues. It is working properly. I do not see any changes needed currently. We need to discuss with our team about adding something new, like resolving the Analytics part not showing data for more than thirty days. We have a call scheduled next week for this, and it will likely be resolved.

The customer service is good. When we raise a ticket, we receive a proper response, and it does not take much time.

Neutral

I have mainly worked with 'being safe'. Previously, I was involved in networking. Upon joining this organization, I became part of the InfoSec team, and we monitor networks and security. Initially, 'being safe' worked well, but after the migration, I have had more clarity on the issues.

During migration, we have not faced any issues. The migration from 'being safe' to SentinelOne was smooth. When I joined, eight accounts were already integrated with 'being safe'. We have not added new accounts yet, only migrated the existing eight.

We had a call with our team, and they resolved certain issues. They have changed many scripts to improve alerting.

The AWS team considered shifting from SentinelOne to another tool offered by AWS; however, during the migration and agreement signing, our CISO and InfoSec team advocated for keeping this tool. We have suggested enhancements, which SentinelOne has implemented without hesitation. The cooperation from SentinelOne has prevented us from wanting to shift.

Surely, it is a good tool to have. During the migration period and agreement signing, our CISO and InfoSec team required this tool, and SentinelOne made changes for us without hesitation. Their cooperative nature has influenced our decision not to shift. We are using CSPM; the rating is eight and a half to nine out of ten. I am an Information Security Manager. I would rate the overall solution as 8.5 to 9 out of 10.

Cloud Native Security is a cloud posture management solution. Initially, it focused on helping us understand and assess our compliance posture and cloud configuration for workloads, etc. 

There are three key use cases for Cloud Native Security:

1. Continuous Configuration Monitoring: This ensures 24/7 oversight of configurations and identifies any issues as they arise.
2. Asset Visibility: Gain immediate visibility of all cloud assets upon deployment and ensure they are properly tracked within the system.
3. Container Security: Assess vulnerabilities in Docker clusters and other containerized environments based on compliance requirements.

I have used Prisma Cloud extensively at several organizations. We have also used Wiz and Cloud Native Security. Cloud Native Security is particularly easy to use because it requires no configuration. All we need to do is create an API key that connects to our cloud account, and it will automatically start identifying all the workloads and accounts associated with our master account. We can see them all listed on our screen. Cloud Native Security does not require any configuration beyond selecting what we want to see on the screen. On the other hand, Prisma Cloud which I used until about a year and a half ago was superior in some ways. However, the amount of data it generated was very high, and it produced a lot of alerts and events. This required trained personnel who understood our workloads and specific cloud environments to manage it effectively. Cloud Native Security is a low-maintenance product. It is pre-configured and requires minimal manual setup, making it ideal for small to medium-sized teams that don't have dedicated resources to manage individual security products.

Like any other product, every incident has its own unique characteristics. Incidents are typically classified into categories of critical, high, medium, and low. This classification is based on the nature of the vulnerability, the ease of exploitation including whether authentication is required, and the potential impact. There are many similarities to other scoring systems when you consider the underlying factors and the overall environment. This system resonates with me because it considers multiple factors beyond just the Common Vulnerability Scoring System. For example, it takes into account features or passphrases that are displayed on the screen or found on devices, and how that data is stored.
The current system incorporates some internal analysis, but it's minimal. While the overall classification is likely appropriate, the remediation guidance could be enhanced. Ideally, for each vulnerability, there should be clear instructions on how to fix it. However, some vulnerabilities might be relevant to an organization's specific use case. For example, a public IP address being accepted by an SQL server on Azure might be flagged as a vulnerability, but it could be a legitimate configuration for an organization that has a specific database configuration requiring access from multiple locations.

Cloud Native Security operates entirely agentless. Using just the API key on the master tenant provides complete coverage, regardless of the cloud platform we're using. We avoid agent-based solutions for a simpler and more efficient approach.

While evidence of exploitability in Cloud Native Security's reporting might not be crucial, it would be beneficial. If a vulnerability is actively exploited, we need a comprehensive solution to analyze the information and enhance our monitoring. However, that's just our perspective. In terms of Cloud Native Security's scanning ability, I find it limited. It displays the essentials, and the module essentially fills the attack map. However, it doesn't explicitly consider the exploitability index. Despite this, the existing exploitability scoring seems adequate. If a vulnerability can be exploited on our network which is simply a local network with zero authentication required, the complexity is factored in, and the vulnerability is classified as high, medium, or critical.

We leverage the offensive security engine to identify potential zero-day vulnerabilities that might be relevant to our workloads. Additionally, it helps us assess exposed configurations or misconfigurations that could be exploited by these vulnerabilities. While this engine is a valuable secondary source of data for improvement, it doesn't replace the independent solution we used previously. We primarily rely on that solution for information specific to our environment.

There are two main approaches to IaC scanning. One involves internal and Docker security modules. These modules analyze internal container images to identify vulnerabilities. For additional scanning, we leverage other products. We use Tenable and integrate it with CI/CD tools. This allows us to scan code dynamically and analyze traffic on a one-time basis. Additionally, PingSage assists in gathering data for IaC scanning.

Cloud Native Security significantly reduces the number of false positives we encounter. Unlike some other tools, it generates very few alerts that are ultimately unimportant low noise. I've rarely seen false positives from Cloud Native Security. While some Cloud Native Security alerts might be legitimate concerns, we can also suppress them if they're not relevant to our standard operations. This allows us to configure our cloud environment to focus on the most critical alerts.

Cloud Native Security has had a positive impact on our risk posture. As our only CSPM solution, it helps us with asset discovery, critical asset monitoring, and configuration issue detection and remediation.

Cloud Native Security has significantly reduced our average time to detection. Detection is almost always achieved in a single instance. We've confirmed this through multiple tests. The longest detection time we've encountered is around three to four hours. This extended timeframe occurs because the scan isn't running continuously. Instead, it operates at specific intervals, periodically examining our infrastructure and performing analysis. Consequently, the detection speed depends on when the misconfiguration happened relative to the next scheduled scan.

Our remediation process is entirely internal. Servers deliver the fix based on the severity assigned by Cloud Native Security, which is directly related to the vulnerabilities found. We then use our internal analysis to consider the environmental configuration. If the vulnerability is a zero-day in the user acceptance environment, we delay remediation until a later time. However, if it's found in the production environment, we address it immediately. We also prioritize remediation based on importance, so we see alerts related to production or pre-production instances first. The remaining vulnerabilities are addressed afterward.

Cloud Native Security has had a positive impact on our engineering functions, such as DevOps and the cloud infrastructure network team. It fosters a collaborative environment where teams can address alerts independently. This empowers engineers to take ownership and resolve issues promptly. DevOps is our primary user group, and Cloud Native Security helps them manage infrastructure, network, and CI/CD deployments efficiently.

Collaboration helps save time, particularly in engineering tasks related to infrastructure and technical deployment, rather than in development itself.

Cloud Native Security offers attack path analysis. This feature analyzes a combination of vulnerabilities, misconfigurations, and load balancer configurations to predict potential attack scenarios. This comprehensive picture helps us make informed investment decisions and determine appropriate security controls.

We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to:

• Continuously monitor configurations 24/7.
• Gain immediate visibility of all assets as they are deployed and ensure they are included in the system.
• Identify underlying configuration issues.

Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.

One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by Cloud Native Security or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.

I have been using Cloud Native Security for almost eight years.

Cloud Native Security is a SaaS product and I've never experienced an outage. It's highly reliable and available whenever we need it. They have scheduled maintenance, but it's infrequent, typically only happening once or twice a year. Whenever there is maintenance, they provide advance notice, just like any other OEM would do.

Scaling Cloud Native Security is straightforward. Creating a dedicated API team is the primary step, and this typically takes around five to ten minutes. Within a few hours, we'll see feedback integrated into our Azure and AWS consoles, along with the configuration of new alerts. Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource. This means it's elastic, with access to a vast amount of computing power and storage on the backend.

Their technical support has become very reliable. They have grown from a small team to a large one, and initially, the founders themselves would handle deployments. Now, they have dedicated Customer Success Managers and configuration automation tools to ensure smooth deployments. Even if they don't have an immediate resolution to our problem, the team actively investigates and works on solutions.

Neutral

In the past, I've used Prisma Cloud and Wiz. While they were functional, Cloud Native Security offers several advantages. It's very cost-effective and requires minimal configuration, making it a great fit for my needs. As I move between companies, I'm always happy to recommend Cloud Native Security to new employers.

When evaluating security products, there are several key factors to consider. Return on investment, initial investment cost, and built-in functionality are all important. Cloud Native Security excels in these areas. Their licensing model is based on the number of integrated accounts, rather than complex metrics like nodes, clusters, or data volume. This simplicity makes Cloud Native Security easy to use and manage. Additionally, it offers faster performance compared to other solutions I've used.

The deployment process is quick, taking only about five minutes. We simply need to meet with Cloud Native Security for setup. They will then guide us to the main portal and create an API key for us. On our end, we'll enable the key in our administrative console, whether it's Azure or AWS. Once that's done, the initial discovery scan will take approximately 90 minutes to two hours to run. After that, we'll start to see updates appearing in the portal.

The implementation was completed in-house.

There are different pricing models for software licenses. Some models are based on the individual number of assets a user has. Others consider the number of nodes, clusters, and accounts, with different pricing for each factor. I've also seen models that use the number of deployed APIs, endpoints, agents, or users. From what I've seen, Cloud Native Security seems similar. Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products. This simplicity makes their pricing straightforward and potentially cost-effective.

I would rate Cloud Native Security an eight out of 10.

While components like cloud configuration, central security, and management volume boast zero maintenance, we do encounter situations with Kubernetes. Occasionally, security issues or container-specific security problems might cause the cluster to disconnect. In these cases, we need to manually intervene by running a batch script to re-onboard the cluster. This is the only instance of internal maintenance required.

Before implementing Cloud Native Security, organizations should consider the specific security challenges they're facing. For organizations that are at least 80 percent cloud-based, a CSPM solution becomes essential. Even for hybrid organizations with on-premises and cloud components, cloud security offers advantages in terms of maintenance ease, reliability, and cost-effectiveness. 

Key Considerations When Choosing a Security Solution:

• Use Case: What specific security risks are you trying to mitigate?
• Objectives: What are your security goals?
• Incident Response Needs: Do you require detailed event logging and extensive incident response capabilities?

Matching Use Cases to Solutions:

• Customization: Cloud Native Security excels in customization and can be tailored to meet specific needs. It's ideal for teams lacking extensive cloud security expertise to establish and refine security policies. While some organizations, including both large and small ones, might not require this level of control, it remains a valuable use case for others.
• Targeted Security Features: Different use cases call for different security features. Container security or vulnerability management might be your primary concern. In some cases, Cloud Native Security's vulnerability management can be used as a complementary solution alongside a more comprehensive primary tool.

Ultimately, the decision comes down to your specific needs and deployment model. Don't get caught in the trap of seeking a one-size-fits-all solution. Consider your security team's capabilities and whether Cloud Native Security can truly replace them or if it would function best as a complementary tool.

We used it for security purposes. I was working as a firewall security engineer. I used SentinelOne Singularity Cloud Security for all the firewalls on the cloud and for getting alerts. We got all the alerts on our dashboard.

Evidence-based reporting was effective for helping prioritize and solve important cloud security issues proactively. It helped with vulnerability management. The dashboard provided an overview of open security issues.

SentinelOne Singularity Cloud Security improved our security posture. It helped our business by providing efficient protection. We had more visibility than the open-source solutions. If there was any vulnerability, I got an alert. If there was anything crucial, I also got an email.

SentinelOne Singularity Cloud Security significantly improved our ability to protect workloads such as containers, serverless, and Kubernetes. We got alerted about any issues, and we just followed the documentation.

SentinelOne Singularity Cloud Security reduced our false positive rate by 10%. It improved our mean time to detect and remediate by 20%. 

The automated malware scanning for S3 buckets improved our security response time by 20% to 30%.

The GUI is one of the best features. Audit reports and documentation for alerts are also valuable.

SentinelOne Singularity Cloud Security is easy to use.

The price is on the higher side. 

The dashboard can be more detailed.

I have been using SentinelOne Singularity Cloud Security for seven to eight months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They are informative and helpful, but at times, they don't have detailed knowledge.

Neutral

It's easy to implement. Its maintenance is handled by another team.

We have four to five people for deployment. We can also get help from their customer support.

We have seen about 40% ROI.

The pricing tends to be high.

SentinelOne Singularity Cloud Security is better than other vendors because we get all the cloud-related, data center-related information. We have a consolidated place for all the information.

I would recommend this solution to other users. It's effective for security, and it's scalable.

I would rate SentinelOne Singularity Cloud Security a nine out of ten.