SentinelOne Singularity Cloud Security Reviews

Our primary use case is for security purposes. It is deployed on our cloud to handle our security threat detections. It scans our infrastructure to recognize security issues, detect attacks, and provide protection.

SentinelOne offers an intuitive dashboard to streamline and set up processes. It is user-friendly for security and InfoSec teams.

It helps with regular compliance and transparency. They provide a clear rationale for security practices, which helps in gaining stakeholder's trust. The data-driven approach aligns with compliance framework requirements. I also see a reduction in reliance on human judgment.

It has reduced our mean time to detect by 30% to 40%. There is about a 20% to 30% reduction in the meantime to remediate. In case of any threat, we get alerted within milliseconds. It provides me with everything I need.

It scans my infrastructure very well and finds any issues.

The features that stand out are threat detection using advanced artificial intelligence and machine learning, helping to identify and respond to threats in real-time. 

Additionally, the extended detection and response (XDR) provides deep visibility and unified security across our endpoints, network, and cloud environments. 

The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashboard can also be laggy.

I have been using the solution for about one year.

The solution is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it an eight out of ten for scalability.

The technical support is excellent. I would rate them a nine out of ten.

Positive

We did not have any similar solution previously. We used AWS services such as GuardDuty and CloudTrail.

By implementing SentinelOne Singularity Cloud Security, we wanted AI-powered scanning and threat detection. SentinelOne stands out due to its ability to provide alerts and documentation without needing to continuously monitor the services. Everything is centralized. It alerts me through an email or a notification if something is happening in our infrastructure. I can look into it and see what I need to do.

It is deployed on the cloud. It took about four days to implement it.

Its maintenance is taken care of by SentinelOne.

Initially, 8 people were involved in deploying the solution. We have about 13 people using this solution.

The implementation of the solution has resulted in a saving of time and resources by around 40%.

SentinelOne is quite costly compared to other security platforms. I would rate it an eight out of ten for costliness.

I would recommend this solution to other users because of its security. 

Overall, I would rate SentinelOne Singularity Cloud Security a ten out of ten.

We use SentinelOne Singularity Cloud Security to improve our security posture through evidence-based alerts by detecting and mitigating vulnerabilities.

We sought a CSPM solution that could be configured to adhere to the security policies of our required integrations. SentinelOne Singularity Cloud Security stood out as a strong candidate due to its compliance with industry standards like ISO and its ability to provide valuable security insights.

SentinelOne Singularity Cloud Security is a SaaS solution.

SentinelOne Singularity Cloud Security boasts a user-friendly interface that avoids information overload. The clean layout allows for easy navigation, even for new users, while still offering the ability to delve deeper into the data for a more granular view.

I would rate the evidence-based reporting of SentinelOne Singularity Cloud Security an eight out of ten.

SentinelOne Singularity Cloud Security's proof of exploitability is invaluable because it allows us to demonstrate the root cause of security issues to stakeholders clearly and concisely, streamlining the remediation process.

I would rate the offensive security engine's ability to assess and verify exploit paths and prioritize breach potential a nine out of ten.

The easy-to-use UI helps our security team review evidence from a single dashboard.

SentinelOne Singularity Cloud Security has broadened our viewpoint within our environment, allowing us to see things from multiple angles. This wider perspective provides greater assurance to our team and the entire enterprise.

It has helped reduce around ten percent of the false positives.

Thanks to SentinelOne Singularity Cloud Security, our cloud security posture has significantly improved. We've effectively mitigated critical and high vulnerabilities, achieving a strong security position from a CSPM perspective.

SentinelOne Singularity Cloud Security has impacted collaboration between our cloud security application developers and AppSec teams. To address this, we've granted controlled access to SentinelOne Singularity Cloud Security for all relevant teams. We've also encouraged its use by providing training on the tool itself.

SentinelOne Singularity Cloud Security stands out for its user-friendly interface and intuitive software, making it easy to navigate and use. It excels at presenting remediation steps in a clear and actionable way. Additionally, the reporting capabilities ensure we maintain compliance. However, the most valuable feature for us is the ability to conduct authentic security testing, providing real-world insights into our vulnerabilities.

The vulnerability scanner generates a high number of false positives that it flags as alerts, even though they're not actual threats. This suggests a configuration issue. We need to address this, especially since some of these flagged vulnerabilities have already been mitigated by other means.

The compliance monitoring dashboard, while helpful, doesn't integrate seamlessly with our entire system. This creates a disconnect: a high volume of alerts doesn't necessarily reflect a decline in compliance. For instance, I might have a thousand alerts on my ISO-related compliance dashboard, yet the compliance itself remains at 99.99 percent. This inconsistency makes it difficult to justify remediating every alert. In other words, I might give a clean bill of health from a compliance standpoint, yet still expect them to resolve the alert, which can be confusing. Therefore, we need to address either the way the dashboard generates alerts or the way we create them. Ideally, alerts should be directly tied to compliance standards and have a clear role in the overall compliance process. If they don't meet these criteria, perhaps they shouldn't be flagged as high or critical in severity.

Crafting customized policies can be tricky. Take creating our own, for instance. It requires a deep dive into the customization options, as the language used can be complex and demands a certain level of skill.

Since Sentinel's acquisition of SentinelOne Singularity Cloud Security, there has been a decline in both the frequency of new releases and the quality of support. Previously, SentinelOne Singularity Cloud Security was known for its proactive approach.

SentinelOne Singularity Cloud Security utilizes additional modules besides CSPN. Ideally, there should be a correlation between these systems. This would ensure that the assets we review for vulnerabilities within SentinelOne Singularity Cloud Security are consistent with those reviewed in CSPN. This consistency would simplify the process, allowing us to focus on a single review level. This level could be defined from a configuration perspective or by a compliance standard, such as the web application itself. If SentinelOne Singularity Cloud Security migrates data, this correlation between systems would be especially beneficial to ensure continued integration with all modules.

I have been using SentinelOne Singularity Cloud Security for six months.

The core modules of SentinelOne Singularity Cloud Security are stable but some of their new features had bugs in them.

I would rate the stability of SentinelOne Singularity Cloud Security seven out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

The technical support is good.

Positive

We've added SentinelOne Singularity Cloud Security to our existing Palo Alto Prisma Cloud environment. This will allow us to directly compare the results of the two tools.

The implementation is straightforward and takes a couple of days to complete.

We had five to ten people involved, excluding the SentinelOne Singularity Cloud Security developers.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

We have SentinelOne Singularity Cloud Security accessible in multiple departments with a total of 20 users.

There is no maintenance required from our end.

While SentinelOne Singularity Cloud Security advertises itself as a Cloud-Native Application Protection Platform solution, it offers some CNAPP functionalities but doesn't provide a fully comprehensive picture of your cloud security posture. In essence, it has some CNAPP capabilities, but it's not a complete CNAPP solution yet.

My primary use case for SentinelOne Singularity Cloud Security is for security purposes. It provides me with alerts. 

By implementing this solution, we wanted notifications about any potential threats, such as port scanning or unauthorized access attempts. This is why we have deployed it on the cloud to monitor and secure our systems.

It has an intuitive dashboard, which streamlines the setup process. It is a user-friendly tool for security teams handling cloud or data centers.

For fewer false positives, they ensure that their threat intelligence databases are up to date. That reduces misclassification and improves system accuracy over time through machine learning.

SentinelOne Singularity Cloud Security has improved our security posture. We are almost 100% secure.

It has reduced our mean time to remediate by 40% and the mean time to detect by about 70%.

SentinelOne Singularity Cloud Security offers valuable features like runtime notifications. These alerts come to my account, ensuring that if any port or component within my infrastructure is opened or compromised, I am informed immediately. It highlights issues within minutes or even seconds. 

It is very easy to use. It is user-friendly. Dashboards and other features are easy to use even for newbies. Someone new can easily understand the dashboard and other features.

The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity. Desktop features might be useful for smaller organizations with less complex security needs. 

Moreover, there is a higher price point compared to traditional endpoint protection solutions, which may not be ideal for smaller organizations.

I have been using SentinelOne Singularity Cloud Security for around one and a half to two years.

It is stable. I would rate its stability a nine out of ten.

I would rate its scalability as seven out of ten because there might be issues due to internet connectivity or occasional lag when deploying for monitoring purposes.

It is being used at multiple locations and by multiple teams. In my team, there are about 12 people.

I would rate the customer service and support as eight out of ten.

Positive

Before SentinelOne Singularity Cloud Security, we did not use any solution in the cloud. We had no centralized system. We had to go through cloud services such as GuardDuty, but it took time to analyze the issue and the root cause.

We wanted to follow the best practices and have something centralized. SentinelOne Singularity Cloud Security gives us centralized and real-time data.

We have multiple clouds and a data center. Its deployment is easy. The initial setup was straightforward, and it took a total of around five days, including testing time.

We have seen approximately 30% return on investment.

It is a little expensive. I would rate it a four out of ten for pricing.

I would rate SentinelOne Singularity Cloud Security an eight out of ten overall. I would recommend it to other users due to its effectiveness in providing centralized notifications and reducing the meantime to address issues.

In its all-in-one aspect, we started with Cloud Security Posture Management at the beginning and then added the Offensive Security Engine, Vulnerability Management of CDR. We also use it for compliance.

By implementing this solution, we wanted an alerting mechanism and detection of any deviation from our current configuration. We also wanted visibility into Kubernetes and AWS cloud. We wanted something that continuously monitors and gives us updates so that we can take action.

We have an overview of our compliance status. We check on a weekly or monthly basis where we are with respect to various compliance standards.

Its dashboard is quite good. We can select any resource and go to any details we want. We have a visual representation of our assets and how they are connected.

I like the granularity of access. We can give read-only, admin, or other types of access to team members based on their roles.

It provides an option for auto-remediation, but we are not leveraging that. However, we are using the exploit information to check what they saw versus what we are seeing. It helps to be able to see their evidence.

It includes proof of exploitability in its evidence-based reporting. This is very important for us. We can validate if something is false positive or not only if we have any evidence from the findings. Having the evidence for every issue helps us prioritize the findings.

Offensive Security Engine has helped to clear a lot of vulnerabilities in the past. Through the dashboard, we could see all the metrics related to public exposure and misconfigurations. We have a lot of services in our cloud, and they were very hard to track. It solves that problem for us. 

Our time to detect and respond has improved drastically. If a misconfiguration happens, we gain visibility quickly. Our mean time to detect and respond has reduced by about 50%.

It has enabled collaboration between multiple teams for implementing cloud detection and response and understanding vulnerabilities. It has saved 20% to 30% of our time.

It has been highly effective in risk mitigation. Slack and Jira integrations have been helpful for alerting and creating tickets. We also have Kubernetes integration for insights. 

The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable. I get to customize severities or rules. The flexibility to rate a finding or category of vulnerabilities is the most interesting. 

The cloud misconfiguration feature gave us almost zero false positives. We are happy with this feature.

In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of critical severity, whereas they are not critical or of high severity. There is a mismatch of severities. They need to work on severity management. 

Alert fatigue is an issue as well. We get many alerts because of severity mismanagement. In CDR, there is no option to rescan or recheck. In cloud security, if a resource is restarting multiple times and gets a new name, we get alerts each time, leading to alert fatigue. If restarted five times, we get five alerts, which is not favorable.

I have used the solution for two years.

It is a stable product. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We are using the Enterprise plan which is the maximum that one can leverage. We are paying for all the features, but we are currently not leveraging VCS. We want to increase the usage of that.

Their technical support is top-notch. I made friends there.

Positive

Previously, there was no product. We relied on in-house, independent ad-hoc automations. We now have a comprehensive and all-in-one solution.

Its deployment was easy. It was set up in less than a week.

There were a couple of people from PingSafe and a couple of people from our side.

We are based out of Indonesia and India. The deployment was done on the cloud. We use AWS. The PingSafe team was from Bangalore, India.

Its maintenance is taken care of by the SentinelOne team. There is nothing required from us.

On the resource side, we do not have to invest much money or time into developing our own automation or tools. It has saved us more than 50% of our time.

It is cost-effective compared to other solutions in the market.

I recommend looking at the exact requirements and exploring options for CSPM and Offensive Security Engine. These two are a must-have. I would recommend reviewing the use case first and seeing if any other features are required. 

I would recommend this solution to others. Overall, I would rate it a ten on ten for cloud security.

I use SentinelOne Singularity Cloud Security as an endpoint security tool. We have deployed it on multiple users' endpoints and multiple servers to protect them from security threats.

As a security engineer responsible for administering the SentinelOne Singularity Cloud Security, Kubernetes, and VR tool, I work in an organization with over 10,000 employees and numerous virtual servers and corporate network machines. To safeguard these systems from security threats, we've deployed Singularity across all endpoints and servers to monitor for and respond to incidents, gathering detailed information about their spread and affected machines.

Any security incident or malware detection is reported to security administrators within a fraction of a second. Basic rules and AI detections drive this rapid response. For example, suppose a file is flagged as suspicious based on its activity and alignment with the MITRE ATT&CK framework. In that case, the system identifies the file's behavior, categorizes it according to MITRE attackers, generates AI-based responses, and provides insights to security administrators for review and further investigation.

Automated remediation is highly effective, responding in mere fractions of a second to block, quarantine, or contain affected files or devices. Additionally, it can isolate endpoints from the network to prevent malware from spreading or containing compromised systems.

The Ranger feature is not exclusive to Linux systems. It scans all devices on a network, providing information about the types of machines and operating systems present within that specific network environment.

Workload telemetry visibility is valuable during incident response, triage, and analysis. Detailed information about the process is provided when an incident is reported, offering deep insights. For example, if a file is flagged as malware, the entire process behind its execution, including accessed files and invoked processes, is displayed. This comprehensive history effectively aids in determining file behavior and accurately classifying it as benign or malicious.

The benefits of SentinelOne Singularity Cloud Security are immediately visible through the quick response time.

The mean time to detection is under half a second.

The mean time to remediate is between one and one and a half seconds.

It provides an automated response, eliminating the need to block and investigate files manually. SentinelOne Singularity immediately blocks suspicious files, and subsequent investigation allows us to whitelist the file completely or maintain the block.

The most valuable features are automated threat response, AI detection, and static and dynamic detection. Monitoring all activities on the server's endpoint provides security administrators with deep visibility into endpoints, servers, and the incidents occurring on them.

I request that SentinelOne investigate this false positive, as SentinelOne has a higher false positive rate than other XDR solutions. While false positives are an expected part of incident response, excessive numbers can indicate accuracy issues with the tool.

I have been using SentinelOne Singularity Cloud Security for two years.

Cloud-based stability is beneficial because it eliminates downtime for business owners, ensuring uninterrupted operations.

Scalability is relatively straightforward as it primarily involves installing agents on additional machines and addressing licensing requirements.

Auto-scaling based on workload demands is beneficial, for example, when a hundred machines are added to the corporate network. We need to deploy the SentinelOne agent to these additional machines and confirm that the license accommodates the increased number of devices.

We previously used Crowdstrike Falcon but prefer SentinelOne Singularity Cloud Security because it is user-friendly. The GUI is easy to understand, operate, and administer.

Due to SentinelOne's cloud-based nature, initial deployment is straightforward. Simply installing the agent on the endpoints we wish to protect is sufficient, making setup within our existing corporate network infrastructure relatively uncomplicated.

The deployment time varies depending on the number of endpoints and servers accessible within the network, but it typically takes one to two months to complete and transfer responsibility.

Two people are necessary for deployment: one to handle administrative tasks and another to manage the SCCM component, such as pushing agents to multiple machines.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

Sometimes, Singularity incorrectly flags legitimate files as malware or suspicious, which can disrupt the work of some project users. However, we understand the importance of protecting against potential threats and appreciate Singularity's proactive approach. We can easily whitelist false positives, minimizing productivity impact and ensuring our system remains secure.

SentinelOne Singularity Cloud Security is a valuable tool for organizations with the budget to invest in it. It offers robust protection for servers and endpoints, which are primary targets for security breaches. Given the critical nature of endpoint security, this software should not be overlooked. SentinelOne has a strong reputation, provides rapid response times, and includes features such as deep visibility into malicious files, enabling security administrators to isolate threats in the cloud through sandboxing directly.

The only maintenance required is for agent upgrades.

We're managing our cloud environment on AWS, and SentinelOne Singularity Cloud Security is assisting us as a CSPM tool. It identifies vulnerabilities in our configuration and helps prevent malicious attacks.

Our current cloud environment allows independent resource deployment by our six to eight-person team, which increases the risk of misconfiguration. To mitigate this, we implemented SentinelOne Singularity Cloud Security. This security tool generates alerts for misconfigurations, allowing us to promptly address them and maintain a strong cloud security posture.

Having too many resources with platform access made misconfigurations more likely. SentinelOne Singularity Cloud Security addressed this by helping us configure everything according to best practices, helping improve our security posture.

SentinelOne Singularity Cloud Security is easy to use.

Evidence-based alerts help us mitigate the priority issues that are detected.

The proof of exploitability in evidence-based reporting is helpful.

The offensive security engine strengthens our organization's security posture by validating potential attacker paths and prioritizing vulnerabilities with the highest likelihood of being exploited in a breach.

Infrastructure as Code facilitates the identification of pre-production issues within our Cloud Formation Templates and Terraform configurations.

SentinelOne Singularity Cloud Security has been instrumental in ensuring our strong cloud security posture, effectively helping us manage and mitigate risks. SentinelOne Singularity Cloud Security helped our team reduce the number of false positives.

SentinelOne Singularity Cloud Security plays a key role in strengthening our risk posture. By providing alerts, it assists both our information security and security assessment teams in identifying and mitigating potential threats, ultimately improving our overall security position.

It has improved our mean time to detection by 30 percent and effectively reduces our average time to resolve incidents. By providing valuable information, SentinelOne Singularity Cloud Security empowers our team to quickly diagnose and rectify problems.

It has improved the collaboration of our cloud security application developers and AppSec teams.

SentinelOne Singularity Cloud Security has helped save engineering time by 50 percent. 

SentinelOne Singularity Cloud Security offers security solutions for both Kubernetes and CI/CD pipelines. It helps with vulnerability remediation, ensuring timely alerts for misconfigured resources, so we can address security issues efficiently.

While SentinelOne Singularity Cloud Security offers real-time response, there is room for improvement in alert accuracy. We've encountered instances where misconfigurations created by teammates were not flagged promptly by SentinelOne Singularity Cloud Security, leading to downstream issues.

I have been using SentinelOne Singularity Cloud Security for one year.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security nine out of ten.

The technical support is helpful.

Positive

SentinelOne Singularity Cloud Security's team clearly explained the implementation process, which our team of three was then able to complete in just one week.

SentinelOne Singularity Cloud Security falls within the typical price range for cloud security platforms.

I would rate SentinelOne Singularity Cloud Security ten out of ten.

Our organization has over 35 members across various teams, each utilizing SentinelOne Singularity Cloud Security according to their specific needs.

No maintenance is required on our end.

I recommend SentinelOne Singularity Cloud Security to others. It has done a great job of improving our security posture.

We are using it for the primary purpose of cloud security posture management.

We use infrastructure as code scanning, as our primary mission is for cloud security posture management, and it identifies hard-coded secrets in source code, including aspects of Kubernetes security. 

It provides several features, such as attack visualization and evidence-based reporting, that help us proactively mitigate vulnerabilities. It reduces compliance risks and audit pressures.

For evidence-based reporting, we integrated it with CWPP and CI/CD. It helps us secure infrastructure because it presents the reports.

I can see the proof of exploitability results for each tool in the dashboard. It provides great insights into our cloud security posture and informs us about the complexities of certain issues.

SentinelOne Singularity Cloud Security helps us identify if the development has a public repository. It offers better UI and improved visibility compared to open-source tools. It identifies issues in minutes, including hard-coded secrets that could expose our systems if accessed publicly.

SentinelOne Singularity Cloud Security is on top of protecting ephemeral workloads. It has automated capabilities that block misconfigurations and identify issues.

SentinelOne Singularity Cloud Security has helped to reduce false positives. 

With SentinelOne Singularity Cloud Security, I appreciate the monitoring features and the report with the compliance score.

I find it easy to use, and there is nothing complicated about this. The dashboard and the UI/UX are very helpful, making it easy to follow and get used to.

There is room for improvement in application security posture management features, and SentinelOne Singularity Cloud Security is on the costlier side.

I have been using SentinelOne Singularity Cloud Security for around 2 years.

It is a highly stable product, and we have not faced any reliability issues.

It is scalable, and I would rate it a nine out of ten for scalability. We have not seen any performance slowdowns while onboarding multiple projects.

It is being used by multiple departments. Ten members of our security and DevOps team use the solution in our internal security team.

I would describe their support as neutral.

Positive

It was easy. It took two days. Its maintenance is handled by another team.

It has improved our detection and response rate by about 30%. 

It has improved collaboration. It has saved a lot of communication through the central dashboard. Anybody can look at the dashboard and see the open issues and resolve them accordingly.

It has improved our security posture by 30% to 40%.

SentinelOne Singularity Cloud Security is on the costlier side.

I have not looked into the agentless vulnerability scanning and automated malware scanning for S3 buckets on the dashboard. It runs in the background.

So far, I have not encountered any challenges while using SentinelOne Singularity Cloud Security. I would rate it a nine out of ten compared to other vendors I have experienced.

In my organization, we use SentinelOne Singularity Cloud Security to enhance our security posture. The platform provides alerts and recommendations on best practices, policies, and necessary updates to strengthen our infrastructure security.

We implemented SentinelOne Singularity Cloud Security to strengthen our security posture. Previously, we lacked clear guidance on best practices, including password reset policies, patching procedures, and VM updates. SentinelOne provides these best practices and recommendations, significantly improving our infrastructure security.

SentinelOne Singularity Cloud Security is user-friendly.

Evidence-based reporting helps prioritize and solve cloud security issues. When an issue occurs in my infrastructure, I receive an alert on their dashboard and a notification is sent to our common email address. SentinelOne Singularity Cloud Security provides a direct link to the affected resource in the AWS console, allowing me to navigate to the issue and resolve it quickly.

SentinelOne Singularity Cloud Security has improved my organization's security posture significantly. Before its implementation, we lacked an understanding of best practices for security. The solution has clarified our path by providing guidelines and alerts, which have helped us secure our infrastructure effectively.

It has reduced the number of false positives significantly, providing accurate data for our security processes.

SentinelOne Singularity Cloud Security has significantly improved our risk posture.

Prior to implementing SentinelOne Singularity Cloud Security, our mean time to detect ranged from 30 to 35 minutes. Now, with SentinelOne, our MTTD has significantly improved, falling within the range of 5 to 10 minutes.

Our mean time to remediate has been reduced to five minutes since implementing SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security offers several valuable features, most notably the rapid vulnerability notifications that provide timely alerts regarding our infrastructure. Furthermore, the platform's intuitive interface enables even novice team members to navigate the dashboard with ease, minimizing the need for extensive documentation.

I believe the UI/UX updates for SentinelOne Singularity Cloud Security have room for improvement. While the current interface is excellent, enhancements could make it more user-friendly. Additionally, an improved notification system that sends alerts about vulnerabilities directly to our centralized console would allow for a more prompt response.

I have been using SentinelOne Singularity Cloud Security for almost one and a half years.

I rate the stability of SentinelOne Singularity Cloud Security as nine out of ten.

I rate the scalability of SentinelOne Singularity Cloud Security as ten out of ten.

I have contacted SentinelOne's technical support team once, and they were very helpful. Their communication and product knowledge were excellent.

Positive

The initial cloud-based deployment was straightforward, taking approximately two to three working days with a team of three people.

The implementation was handled internally by my team with guidance from a senior resource.

I rate SentinelOne Singularity Cloud Security nine out of ten.

We have 150 users of SentinelOne Singularity Cloud Security.

I recommend SentinelOne Singularity Cloud Security to others because it is very important from a security standpoint.