SentinelOne Singularity Cloud Security Reviews

We are using SentinelOne for CSPM Cloud, specifically for cloud misconfiguration monitoring and related tasks on SentinelOne.

The reporting feature is noteworthy. We have scheduled reports for all accounts. We have seven to eight accounts in our AWS setup, so we have scheduled reports for production and similar tasks. We have separate reports for misconfiguration issues. For other accounts, we have created summary reports. We share these summary reports separately and can bifurcate them based on our requirements. Furthermore, we have added a feature where we can see the total hierarchy of an event, viewing the account details and the changes that occurred. When I joined, there were more than one hundred open findings on SentinelOne where our team was not fully aware of the misconfigurations. We had calls with SentinelOne to gain more solutions and proper descriptions, as many issues were not properly described. They have changed many scripts to improve alerting and reduce false alerts. In one instance, there was a twenty-four-hour delay in an issue appearing on the portal. They have since resolved these issues.

In the Analytics section, there is a tab for showing the severity of open issues by day. There are three options: by week, by month, and for more than thirty days. However, despite being aware of many issues open for more than thirty days, it shows no data available. We contacted the team, and they are working to resolve this, as it gives our management a false impression of there being no open incidents over that period.

I have worked with this product for the last one and a half years.

It is stable. Based on my observation, it appears stable.

There are no issues. It is working properly. I do not see any changes needed currently. We need to discuss with our team about adding something new, like resolving the Analytics part not showing data for more than thirty days. We have a call scheduled next week for this, and it will likely be resolved.

The customer service is good. When we raise a ticket, we receive a proper response, and it does not take much time.

Neutral

I have mainly worked with 'being safe'. Previously, I was involved in networking. Upon joining this organization, I became part of the InfoSec team, and we monitor networks and security. Initially, 'being safe' worked well, but after the migration, I have had more clarity on the issues.

During migration, we have not faced any issues. The migration from 'being safe' to SentinelOne was smooth. When I joined, eight accounts were already integrated with 'being safe'. We have not added new accounts yet, only migrated the existing eight.

We had a call with our team, and they resolved certain issues. They have changed many scripts to improve alerting.

The AWS team considered shifting from SentinelOne to another tool offered by AWS; however, during the migration and agreement signing, our CISO and InfoSec team advocated for keeping this tool. We have suggested enhancements, which SentinelOne has implemented without hesitation. The cooperation from SentinelOne has prevented us from wanting to shift.

Surely, it is a good tool to have. During the migration period and agreement signing, our CISO and InfoSec team required this tool, and SentinelOne made changes for us without hesitation. Their cooperative nature has influenced our decision not to shift. We are using CSPM; the rating is eight and a half to nine out of ten. I am an Information Security Manager. I would rate the overall solution as 8.5 to 9 out of 10.

We use SentinelOne Singularity Cloud Security to maintain security best practices. The platform alerts us to security issues, ranging from low to critical severity, based on our infrastructure. 

We chose SentinelOne Singularity Cloud Security for its targeted vulnerability recommendations and best practice guidance, which allow us to address alerts effectively and maintain a secure infrastructure.

SentinelOne Singularity Cloud Security is user-friendly and easy to understand.

SentinelOne Singularity Cloud Security's evidence-based reporting for helping prioritize and solve the most important cloud security issues is excellent.

The exploitability proof in reports is crucial, enabling me to pinpoint issues and solutions. Without it, identifying vulnerabilities and applying fixes would be impossible. The system alerts me to security events, pinpointing the problem's location with resource and account IDs. This detailed information allows for rapid resolution, saving valuable time.

Upon joining the company, the user interface was not very user-friendly. However, over time, upgrades were introduced, such as more issue resolution documentation and best practices, which enhanced the security of our infrastructure. I realized the benefits of SentinelOne Singularity Cloud Security within five months.

SentinelOne Singularity Cloud Security has significantly strengthened our security posture. Previously, we relied on AWS-managed security alarms, which provided a limited and reactive approach to threat detection. Singularity Cloud Security offers a more proactive and comprehensive solution, enhancing our ability to identify and respond to potential threats.

SentinelOne Singularity Cloud Security has reduced our mean time to detect by five to ten minutes.

SentinelOne Singularity Cloud Security allows us to complete remediation in five minutes.

The most valuable feature is the easy-to-understand user interface, which allows even non-technical users to comprehend and resolve issues. Additionally, the solution provides highly useful recommendations.

To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currently, these issues take two to three hours to be removed, creating unnecessary clutter and potentially delaying the identification of new issues.

I have been using SentinelOne Singularity Cloud Security for almost two years.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

Customer service and support are excellent. They respond promptly, and the technical support is knowledgeable and helpful with any issues we face.

Positive

The initial setup took approximately one week due to the testing phase. It went smoothly with the team's collaboration.

I was present with my team during the deployment process, but I did not personally deploy it.

I would rate SentinelOne Singularity Cloud Security ten out of ten.

Our organization has multiple departments, but only five individuals have access to Singularity Cloud Security.

Singularity Cloud Security's maintenance is handled by SentinelOne.

From a security standpoint, SentinelOne Singularity Cloud Security is excellent, and I highly recommend it.

As an application developer focused on AWS and cloud components, I rely on SentinelOne Singularity Cloud Security to stay informed about vulnerabilities and maintain best security practices.

I would rate the ease of use of Singularity Cloud Security a nine out of ten. It is very helpful for beginners due to its simplicity and straightforward integration with various cloud platforms like AWS, GCP, and Azure. Its user-friendly interface and familiarity across different cloud environments make it easy to understand and implement, regardless of prior experience.

Singularity Cloud Security prioritizes and resolves critical cloud security issues. When a problem arises in my infrastructure, SentinelOne alerts me, such as an open port in our AWS environment or a deviation from best practices. It provides alerts, suggests solutions, and offers documentation with best practices, which is helpful for those new to cloud platforms. This has reduced my response time by approximately 45 minutes. 

The Offensive Security Engine, powered by impressive AI/ML capabilities, seamlessly integrates with cloud infrastructure to analyze data and provide optimal security solutions. Its AI/ML-driven backend engine effectively identifies and resolves threats, making it a powerful tool for comprehensive security monitoring and protection.

We saw the benefits of SentinelOne Singularity Cloud Security immediately.

SentinelOne Singularity Cloud Security categorizes risk into four levels: low, medium, high, and critical. Teams handle low and medium alerts, which are based on best practices that we must follow. High and critical alerts are very important and require immediate attention. When these critical alerts occur, we contact PingSafe or the SentinelOne data team for support. They help us resolve the issue, identify affected resources, and provide comprehensive information. Occasionally, we receive direct support from SentinelOne, collaborating with them using their tools. The system is reliable and accurate, with no false positives.

It significantly reduced our mean time to detect threats. Previously, we didn't use security tools, so I had to identify and address vulnerabilities independently. To ensure best practices were followed, I had to manually investigate issues within our AWS environment and troubleshoot them alone. SentinelOne has been instrumental in guiding us toward securing our infrastructure by providing insights into best practices and automating threat detection.

SentinelOne Singularity Cloud Security has helped reduce our mean time to remediate.

The most valuable feature is the notification system, providing real-time alerts and comparisons crucial for maintaining security. Additionally, the dashboard's user interface and user experience are intuitive and easy to understand, even for new users.

One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India.

I have been using Singularity for around one year.

The customer service and support team is knowledgeable and helpful. Throughout the migration, they remained available for several hours without complaint, providing assistance at every step.

Positive

The initial deployment was not difficult. It was smooth, with support from experienced team members and customer support during the two to three-day migration process.

During migration, more than two people were involved, though only two were necessary.

The pricing is somewhat high compared to other market tools. This cost can be particularly prohibitive for small businesses and startups.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

My responsibility within our infrastructure is limited to the infrastructure itself, excluding the application and database layers. As such, I can only offer guidance on the infrastructure aspects of our implementation. When we deployed SentinelOne Singularity Cloud Security in our hybrid infrastructure, both cloud and data center-based, the migration was smooth, taking approximately two to three days of testing to complete successfully.

Working in a highly regulated space with stringent security requirements for money movement necessitates robust security measures. SentinelOne Cloud Security effectively secures our workloads, providing peace of mind and significantly reducing stress by addressing both security and regulatory needs.

The primary challenge we faced was achieving comprehensive visibility and observability across our extensive cloud environment, which comprises over 50 AWS accounts. It was difficult to determine the specific account and business entity associated with each workload. SentinelOne provided a centralized view of all workloads, enabling us to identify misconfigurations, pinpoint their location, and assess their potential impact. This clarity allowed us to prioritize responses based on the criticality of the affected account, such as production or highly regulated environments, thereby optimizing our response time.

To reduce noise and improve security monitoring, we implemented two key strategies. First, we leveraged the SentinelOne platform to identify internet-exposed assets and prioritize them for enhanced monitoring. SentinelOne's cloud-based capabilities significantly reduced false positives and helped establish a baseline for normal network activity. Second, we integrated the Infrastructure as Code module to automatically detect any deviations from the baseline or new misconfigurations. This proactive approach enabled us to efficiently address vulnerabilities and maintain a secure environment. After an initial cleanup, ongoing maintenance became much easier due to the continuous monitoring and automated alerts provided by SentinelOne and the IAC module.

Cloud security has helped reduce false positives by prioritizing vulnerabilities based on two factors: the criticality of the exposed asset and the environment it operates within. This prioritization metric helps eliminate false positives and allows teams to focus on fixing actual security issues.

Cloud security has improved incident response, primarily by enhancing observability. This allows for immediate identification of an IP address's host account and connected resources, which speeds up response time. Understanding the potential damage is also crucial, and this is achieved by knowing all resources accessible to the compromised asset. This comprehensive approach, combining identification and impact assessment, significantly strengthens security response capabilities.

SentinelOne Cloud Security reduces response times by providing context for assets, such as location, access details, and component interactions. This allows for quick identification of the responsible team and facilitates efficient damage assessment and remediation. Automated responses, like automatically fixing public S3 buckets, can be implemented, although caution is needed as some public access may be intentional.

SentinelOne Cloud Security has significantly improved team collaboration by simplifying the process of identifying the owner of a vulnerable or problematic component. Previously, this was a time-consuming task, but now the platform allows for quick identification of the responsible business entity and developer, enabling direct contact with the appropriate DevOps personnel. This streamlined process accelerates both detection and response times, ultimately enhancing overall security.

SentinelOne has released Purple AI, a tool with immense potential. It can analyze sentences and identify specific IP addresses or vulnerable machines, significantly aiding threat detection. This capability allows for rapid computation and complex query execution, delivering crucial answers in minutes and enhancing data analysis for security purposes.

Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively.

Once all components, including the cloud piece and container runtime piece, integrate further and incorporate an AI layer for better comprehension, it will greatly enhance the utility of Singularity Cloud Security.

I have been using SentinelOne's cloud piece for about three to four months.

SentinelOne has provided excellent support, enabling us to implement a robust solution customized to effectively meet our security and compliance needs.

Prior to implementing SentinelOne, we faced excessive false positives and an overwhelming number of findings, hindering prioritization. However, SentinelOne Cloud's offensive engine provides reassurance by automatically checking exposed assets for new threats, such as zero-day attacks, ensuring immediate awareness of any issues.

SentinelOne allows for customized prioritization, enabling changes based on specific accounts and the addition of further actions to misconfiguration adjustments. The graphing ability of SentinelOne CNAPP facilitates comprehensive chaining for in-depth analysis. The demos on misconfigurations and the prioritization matrix were particularly informative.

SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal.

When evaluating CNAPP vendors, several key considerations emerged. First, it was essential to assess the regulatory frameworks and ensure compliance. Second, the issue of false positives needed to be addressed to maintain efficiency. Finally, the prioritization capabilities, particularly the use of graphs to identify critical assets, were crucial factors in the selection process.

I would rate SentinelOne Cloud Security a nine out of ten. They are bringing all the pieces together, and once the Purple AI can interact with all the different components and correlate across them, I think that's where its real power will come from.

SentinelOne CNAPP was extremely helpful and chosen for three primary reasons: their responsive and efficient team facilitated a rapid deployment; the technology itself proved to be very robust and effective; and the platform's configurability allowed for seamless integration with our specific business needs.

For those evaluating SentinelOne CNAPP, it is advised to engage with their team for potential configuration changes. The tool offers comprehensive insights, providing productive usage from day one for penetration testers and security engineers.

Cloud Native Security is a cloud posture management solution. Initially, it focused on helping us understand and assess our compliance posture and cloud configuration for workloads, etc. 

There are three key use cases for Cloud Native Security:

1. Continuous Configuration Monitoring: This ensures 24/7 oversight of configurations and identifies any issues as they arise.
2. Asset Visibility: Gain immediate visibility of all cloud assets upon deployment and ensure they are properly tracked within the system.
3. Container Security: Assess vulnerabilities in Docker clusters and other containerized environments based on compliance requirements.

I have used Prisma Cloud extensively at several organizations. We have also used Wiz and Cloud Native Security. Cloud Native Security is particularly easy to use because it requires no configuration. All we need to do is create an API key that connects to our cloud account, and it will automatically start identifying all the workloads and accounts associated with our master account. We can see them all listed on our screen. Cloud Native Security does not require any configuration beyond selecting what we want to see on the screen. On the other hand, Prisma Cloud which I used until about a year and a half ago was superior in some ways. However, the amount of data it generated was very high, and it produced a lot of alerts and events. This required trained personnel who understood our workloads and specific cloud environments to manage it effectively. Cloud Native Security is a low-maintenance product. It is pre-configured and requires minimal manual setup, making it ideal for small to medium-sized teams that don't have dedicated resources to manage individual security products.

Like any other product, every incident has its own unique characteristics. Incidents are typically classified into categories of critical, high, medium, and low. This classification is based on the nature of the vulnerability, the ease of exploitation including whether authentication is required, and the potential impact. There are many similarities to other scoring systems when you consider the underlying factors and the overall environment. This system resonates with me because it considers multiple factors beyond just the Common Vulnerability Scoring System. For example, it takes into account features or passphrases that are displayed on the screen or found on devices, and how that data is stored.
The current system incorporates some internal analysis, but it's minimal. While the overall classification is likely appropriate, the remediation guidance could be enhanced. Ideally, for each vulnerability, there should be clear instructions on how to fix it. However, some vulnerabilities might be relevant to an organization's specific use case. For example, a public IP address being accepted by an SQL server on Azure might be flagged as a vulnerability, but it could be a legitimate configuration for an organization that has a specific database configuration requiring access from multiple locations.

Cloud Native Security operates entirely agentless. Using just the API key on the master tenant provides complete coverage, regardless of the cloud platform we're using. We avoid agent-based solutions for a simpler and more efficient approach.

While evidence of exploitability in Cloud Native Security's reporting might not be crucial, it would be beneficial. If a vulnerability is actively exploited, we need a comprehensive solution to analyze the information and enhance our monitoring. However, that's just our perspective. In terms of Cloud Native Security's scanning ability, I find it limited. It displays the essentials, and the module essentially fills the attack map. However, it doesn't explicitly consider the exploitability index. Despite this, the existing exploitability scoring seems adequate. If a vulnerability can be exploited on our network which is simply a local network with zero authentication required, the complexity is factored in, and the vulnerability is classified as high, medium, or critical.

We leverage the offensive security engine to identify potential zero-day vulnerabilities that might be relevant to our workloads. Additionally, it helps us assess exposed configurations or misconfigurations that could be exploited by these vulnerabilities. While this engine is a valuable secondary source of data for improvement, it doesn't replace the independent solution we used previously. We primarily rely on that solution for information specific to our environment.

There are two main approaches to IaC scanning. One involves internal and Docker security modules. These modules analyze internal container images to identify vulnerabilities. For additional scanning, we leverage other products. We use Tenable and integrate it with CI/CD tools. This allows us to scan code dynamically and analyze traffic on a one-time basis. Additionally, PingSage assists in gathering data for IaC scanning.

Cloud Native Security significantly reduces the number of false positives we encounter. Unlike some other tools, it generates very few alerts that are ultimately unimportant low noise. I've rarely seen false positives from Cloud Native Security. While some Cloud Native Security alerts might be legitimate concerns, we can also suppress them if they're not relevant to our standard operations. This allows us to configure our cloud environment to focus on the most critical alerts.

Cloud Native Security has had a positive impact on our risk posture. As our only CSPM solution, it helps us with asset discovery, critical asset monitoring, and configuration issue detection and remediation.

Cloud Native Security has significantly reduced our average time to detection. Detection is almost always achieved in a single instance. We've confirmed this through multiple tests. The longest detection time we've encountered is around three to four hours. This extended timeframe occurs because the scan isn't running continuously. Instead, it operates at specific intervals, periodically examining our infrastructure and performing analysis. Consequently, the detection speed depends on when the misconfiguration happened relative to the next scheduled scan.

Our remediation process is entirely internal. Servers deliver the fix based on the severity assigned by Cloud Native Security, which is directly related to the vulnerabilities found. We then use our internal analysis to consider the environmental configuration. If the vulnerability is a zero-day in the user acceptance environment, we delay remediation until a later time. However, if it's found in the production environment, we address it immediately. We also prioritize remediation based on importance, so we see alerts related to production or pre-production instances first. The remaining vulnerabilities are addressed afterward.

Cloud Native Security has had a positive impact on our engineering functions, such as DevOps and the cloud infrastructure network team. It fosters a collaborative environment where teams can address alerts independently. This empowers engineers to take ownership and resolve issues promptly. DevOps is our primary user group, and Cloud Native Security helps them manage infrastructure, network, and CI/CD deployments efficiently.

Collaboration helps save time, particularly in engineering tasks related to infrastructure and technical deployment, rather than in development itself.

Cloud Native Security offers attack path analysis. This feature analyzes a combination of vulnerabilities, misconfigurations, and load balancer configurations to predict potential attack scenarios. This comprehensive picture helps us make informed investment decisions and determine appropriate security controls.

We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to:

• Continuously monitor configurations 24/7.
• Gain immediate visibility of all assets as they are deployed and ensure they are included in the system.
• Identify underlying configuration issues.

Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.

One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by Cloud Native Security or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.

I have been using Cloud Native Security for almost eight years.

Cloud Native Security is a SaaS product and I've never experienced an outage. It's highly reliable and available whenever we need it. They have scheduled maintenance, but it's infrequent, typically only happening once or twice a year. Whenever there is maintenance, they provide advance notice, just like any other OEM would do.

Scaling Cloud Native Security is straightforward. Creating a dedicated API team is the primary step, and this typically takes around five to ten minutes. Within a few hours, we'll see feedback integrated into our Azure and AWS consoles, along with the configuration of new alerts. Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource. This means it's elastic, with access to a vast amount of computing power and storage on the backend.

Their technical support has become very reliable. They have grown from a small team to a large one, and initially, the founders themselves would handle deployments. Now, they have dedicated Customer Success Managers and configuration automation tools to ensure smooth deployments. Even if they don't have an immediate resolution to our problem, the team actively investigates and works on solutions.

Neutral

In the past, I've used Prisma Cloud and Wiz. While they were functional, Cloud Native Security offers several advantages. It's very cost-effective and requires minimal configuration, making it a great fit for my needs. As I move between companies, I'm always happy to recommend Cloud Native Security to new employers.

When evaluating security products, there are several key factors to consider. Return on investment, initial investment cost, and built-in functionality are all important. Cloud Native Security excels in these areas. Their licensing model is based on the number of integrated accounts, rather than complex metrics like nodes, clusters, or data volume. This simplicity makes Cloud Native Security easy to use and manage. Additionally, it offers faster performance compared to other solutions I've used.

The deployment process is quick, taking only about five minutes. We simply need to meet with Cloud Native Security for setup. They will then guide us to the main portal and create an API key for us. On our end, we'll enable the key in our administrative console, whether it's Azure or AWS. Once that's done, the initial discovery scan will take approximately 90 minutes to two hours to run. After that, we'll start to see updates appearing in the portal.

The implementation was completed in-house.

There are different pricing models for software licenses. Some models are based on the individual number of assets a user has. Others consider the number of nodes, clusters, and accounts, with different pricing for each factor. I've also seen models that use the number of deployed APIs, endpoints, agents, or users. From what I've seen, Cloud Native Security seems similar. Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products. This simplicity makes their pricing straightforward and potentially cost-effective.

I would rate Cloud Native Security an eight out of 10.

While components like cloud configuration, central security, and management volume boast zero maintenance, we do encounter situations with Kubernetes. Occasionally, security issues or container-specific security problems might cause the cluster to disconnect. In these cases, we need to manually intervene by running a batch script to re-onboard the cluster. This is the only instance of internal maintenance required.

Before implementing Cloud Native Security, organizations should consider the specific security challenges they're facing. For organizations that are at least 80 percent cloud-based, a CSPM solution becomes essential. Even for hybrid organizations with on-premises and cloud components, cloud security offers advantages in terms of maintenance ease, reliability, and cost-effectiveness. 

Key Considerations When Choosing a Security Solution:

• Use Case: What specific security risks are you trying to mitigate?
• Objectives: What are your security goals?
• Incident Response Needs: Do you require detailed event logging and extensive incident response capabilities?

Matching Use Cases to Solutions:

• Customization: Cloud Native Security excels in customization and can be tailored to meet specific needs. It's ideal for teams lacking extensive cloud security expertise to establish and refine security policies. While some organizations, including both large and small ones, might not require this level of control, it remains a valuable use case for others.
• Targeted Security Features: Different use cases call for different security features. Container security or vulnerability management might be your primary concern. In some cases, Cloud Native Security's vulnerability management can be used as a complementary solution alongside a more comprehensive primary tool.

Ultimately, the decision comes down to your specific needs and deployment model. Don't get caught in the trap of seeking a one-size-fits-all solution. Consider your security team's capabilities and whether Cloud Native Security can truly replace them or if it would function best as a complementary tool.

We used it for security purposes. I was working as a firewall security engineer. I used SentinelOne Singularity Cloud Security for all the firewalls on the cloud and for getting alerts. We got all the alerts on our dashboard.

Evidence-based reporting was effective for helping prioritize and solve important cloud security issues proactively. It helped with vulnerability management. The dashboard provided an overview of open security issues.

SentinelOne Singularity Cloud Security improved our security posture. It helped our business by providing efficient protection. We had more visibility than the open-source solutions. If there was any vulnerability, I got an alert. If there was anything crucial, I also got an email.

SentinelOne Singularity Cloud Security significantly improved our ability to protect workloads such as containers, serverless, and Kubernetes. We got alerted about any issues, and we just followed the documentation.

SentinelOne Singularity Cloud Security reduced our false positive rate by 10%. It improved our mean time to detect and remediate by 20%. 

The automated malware scanning for S3 buckets improved our security response time by 20% to 30%.

The GUI is one of the best features. Audit reports and documentation for alerts are also valuable.

SentinelOne Singularity Cloud Security is easy to use.

The price is on the higher side. 

The dashboard can be more detailed.

I have been using SentinelOne Singularity Cloud Security for seven to eight months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They are informative and helpful, but at times, they don't have detailed knowledge.

Neutral

It's easy to implement. Its maintenance is handled by another team.

We have four to five people for deployment. We can also get help from their customer support.

We have seen about 40% ROI.

The pricing tends to be high.

SentinelOne Singularity Cloud Security is better than other vendors because we get all the cloud-related, data center-related information. We have a consolidated place for all the information.

I would recommend this solution to other users. It's effective for security, and it's scalable.

I would rate SentinelOne Singularity Cloud Security a nine out of ten.

I use SentinelOne for the traffic flow in my customer's account.

Singularity Cloud Security gives us alerts, and it is helpful for us to get these alerts. We get to know about any issues through these alerts. We can resolve the issues accordingly.

It helps resolve issues more quickly. I do not have to analyze them on my own. We get to know the issues, and we also have documentation and recommendations about how to resolve them. That is very helpful for me.

We were able to realize its benefits pretty quickly because I already had its knowledge. I had studied a little bit and researched it. After implementation, my work got faster by almost 60% to 70%. The client was happy with that.

Singularity Cloud Security has reduced the number of risks. After resolving an issue on one of the servers, I can implement the fix on other servers before getting alerts about those. There is about 70% to 80% reduction.

It has been beneficial for all team members because we are all working in shifts and we are not able to communicate with each other much. The documentation has helped a lot.

Our security posture is much better. I do not have the numbers, but we see fewer notifications about security and threats. We follow the guidelines and best practices.

The security that it provides is valuable. It has a user-friendly dashboard that I can access without any difficulty.

Security notifications or alerts are also very useful. The alert mechanism helps in identifying issues.

It is very easy to use. I would rate it a nine out of ten for usability.

Sometimes, I am not able to see the flow when there is an issue. When anyone complains and I have to troubleshoot it, I find it difficult to search. 

The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles.

I have six months of experience using it.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. Our clients are large organizations.

In our AWS Cloud, we have multiple accounts. We have almost 400 users. The AppSec team is a different team that is responsible for its installation. We are its users.

I use vendor support. I would rate them a nine out of ten.

Positive

I did not use any different solution before.

Initially, it took a lot of time because I had to first learn it and then implement it. First time, there can be some challenges. It took some time to understand because it was my first setup. Once I understood the process, it became easier with subsequent setups.

We implemented this solution after reviewing the documentation. Our AppSec team deployed it.

I would recommend this solution. I find it very user-friendly, and the documentation is also good enough to give solutions, which is very important. In addition to notifications, we also get solutions.

I would rate Singularity Cloud Security a nine out of ten.

The primary use of SentinelOne Singularity Cloud Security involves cloud security, posture management, networking, and EKS. I am trying to solve Security Posture Management with this solution.

The best features are audit and compliance monitoring, along with vulnerability assessment, security, and the UI.

I have improved my ability to protect workloads such as containers, serverless, and Kubernetes through serverless functions.

SentinelOne Singularity Cloud Security has helped protect the serverless environment more effectively. There was an incident where my developer mistakenly made my repository public, and SentinelOne Singularity Cloud Security gave me an alert within 25-30 seconds, which helped me address the issue in a minimum time period.

My mean time to detect has been reduced by 30%.

SentinelOne Singularity Cloud Security's automated malware scanning for S3 buckets has reduced my security response time by 10 to 20%.

The solution has had a positive effect on the collaboration between cloud security application developers and AppSec teams. When EKS application teams use the infrastructure, the cloud team can identify vulnerable points and collaborate through Jira, which they follow up on.

The solution saves 40% of my time.

The improvements I have seen are mainly in the dashboard and everything related to EKS. From the Kubernetes perspective, the alerts are more detailed. I would add real-time protection as a feature.

I have been using this solution for almost one year.

I would rate the stability of the solution as nine out of ten.

I would rate the scalability as nine out of ten.

I would rate the technical support as nine out of ten.

Positive

I did not use any other product before using SentinelOne Singularity Cloud Security.

The deployment process was carried out by our existing team and customer support teams, with two members from the customer support team helping us deploy the solution on the cloud.

The solution is easy to use.

The training, onboarding, and learning curve are smooth. When I joined my organization, SentinelOne Singularity Cloud Security played a very important role because there was no security-related software deployed on our infrastructures.

My environment consists of 13 people working with SentinelOne Singularity Cloud Security.

The solution requires maintenance, but it does not fall under my team's responsibilities.

I do not currently use Artificial Intelligence with SentinelOne Singularity Cloud Security.

I would recommend SentinelOne Singularity Cloud Security to other users for security and management purposes, as it would help organizations in various ways.

Overall, I would rate the solution as nine out of ten.