SentinelOne Singularity Cloud Security Reviews

As an application developer focused on AWS and cloud components, I rely on SentinelOne Singularity Cloud Security to stay informed about vulnerabilities and maintain best security practices.

I would rate the ease of use of Singularity Cloud Security a nine out of ten. It is very helpful for beginners due to its simplicity and straightforward integration with various cloud platforms like AWS, GCP, and Azure. Its user-friendly interface and familiarity across different cloud environments make it easy to understand and implement, regardless of prior experience.

Singularity Cloud Security prioritizes and resolves critical cloud security issues. When a problem arises in my infrastructure, SentinelOne alerts me, such as an open port in our AWS environment or a deviation from best practices. It provides alerts, suggests solutions, and offers documentation with best practices, which is helpful for those new to cloud platforms. This has reduced my response time by approximately 45 minutes. 

The Offensive Security Engine, powered by impressive AI/ML capabilities, seamlessly integrates with cloud infrastructure to analyze data and provide optimal security solutions. Its AI/ML-driven backend engine effectively identifies and resolves threats, making it a powerful tool for comprehensive security monitoring and protection.

We saw the benefits of SentinelOne Singularity Cloud Security immediately.

SentinelOne Singularity Cloud Security categorizes risk into four levels: low, medium, high, and critical. Teams handle low and medium alerts, which are based on best practices that we must follow. High and critical alerts are very important and require immediate attention. When these critical alerts occur, we contact PingSafe or the SentinelOne data team for support. They help us resolve the issue, identify affected resources, and provide comprehensive information. Occasionally, we receive direct support from SentinelOne, collaborating with them using their tools. The system is reliable and accurate, with no false positives.

It significantly reduced our mean time to detect threats. Previously, we didn't use security tools, so I had to identify and address vulnerabilities independently. To ensure best practices were followed, I had to manually investigate issues within our AWS environment and troubleshoot them alone. SentinelOne has been instrumental in guiding us toward securing our infrastructure by providing insights into best practices and automating threat detection.

SentinelOne Singularity Cloud Security has helped reduce our mean time to remediate.

The most valuable feature is the notification system, providing real-time alerts and comparisons crucial for maintaining security. Additionally, the dashboard's user interface and user experience are intuitive and easy to understand, even for new users.

One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India.

I have been using Singularity for around one year.

The customer service and support team is knowledgeable and helpful. Throughout the migration, they remained available for several hours without complaint, providing assistance at every step.

Positive

The initial deployment was not difficult. It was smooth, with support from experienced team members and customer support during the two to three-day migration process.

During migration, more than two people were involved, though only two were necessary.

The pricing is somewhat high compared to other market tools. This cost can be particularly prohibitive for small businesses and startups.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

My responsibility within our infrastructure is limited to the infrastructure itself, excluding the application and database layers. As such, I can only offer guidance on the infrastructure aspects of our implementation. When we deployed SentinelOne Singularity Cloud Security in our hybrid infrastructure, both cloud and data center-based, the migration was smooth, taking approximately two to three days of testing to complete successfully.

Working in a highly regulated space with stringent security requirements for money movement necessitates robust security measures. SentinelOne Cloud Security effectively secures our workloads, providing peace of mind and significantly reducing stress by addressing both security and regulatory needs.

The primary challenge we faced was achieving comprehensive visibility and observability across our extensive cloud environment, which comprises over 50 AWS accounts. It was difficult to determine the specific account and business entity associated with each workload. SentinelOne provided a centralized view of all workloads, enabling us to identify misconfigurations, pinpoint their location, and assess their potential impact. This clarity allowed us to prioritize responses based on the criticality of the affected account, such as production or highly regulated environments, thereby optimizing our response time.

To reduce noise and improve security monitoring, we implemented two key strategies. First, we leveraged the SentinelOne platform to identify internet-exposed assets and prioritize them for enhanced monitoring. SentinelOne's cloud-based capabilities significantly reduced false positives and helped establish a baseline for normal network activity. Second, we integrated the Infrastructure as Code module to automatically detect any deviations from the baseline or new misconfigurations. This proactive approach enabled us to efficiently address vulnerabilities and maintain a secure environment. After an initial cleanup, ongoing maintenance became much easier due to the continuous monitoring and automated alerts provided by SentinelOne and the IAC module.

Cloud security has helped reduce false positives by prioritizing vulnerabilities based on two factors: the criticality of the exposed asset and the environment it operates within. This prioritization metric helps eliminate false positives and allows teams to focus on fixing actual security issues.

Cloud security has improved incident response, primarily by enhancing observability. This allows for immediate identification of an IP address's host account and connected resources, which speeds up response time. Understanding the potential damage is also crucial, and this is achieved by knowing all resources accessible to the compromised asset. This comprehensive approach, combining identification and impact assessment, significantly strengthens security response capabilities.

SentinelOne Cloud Security reduces response times by providing context for assets, such as location, access details, and component interactions. This allows for quick identification of the responsible team and facilitates efficient damage assessment and remediation. Automated responses, like automatically fixing public S3 buckets, can be implemented, although caution is needed as some public access may be intentional.

SentinelOne Cloud Security has significantly improved team collaboration by simplifying the process of identifying the owner of a vulnerable or problematic component. Previously, this was a time-consuming task, but now the platform allows for quick identification of the responsible business entity and developer, enabling direct contact with the appropriate DevOps personnel. This streamlined process accelerates both detection and response times, ultimately enhancing overall security.

SentinelOne has released Purple AI, a tool with immense potential. It can analyze sentences and identify specific IP addresses or vulnerable machines, significantly aiding threat detection. This capability allows for rapid computation and complex query execution, delivering crucial answers in minutes and enhancing data analysis for security purposes.

Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively.

Once all components, including the cloud piece and container runtime piece, integrate further and incorporate an AI layer for better comprehension, it will greatly enhance the utility of Singularity Cloud Security.

I have been using SentinelOne's cloud piece for about three to four months.

SentinelOne has provided excellent support, enabling us to implement a robust solution customized to effectively meet our security and compliance needs.

Prior to implementing SentinelOne, we faced excessive false positives and an overwhelming number of findings, hindering prioritization. However, SentinelOne Cloud's offensive engine provides reassurance by automatically checking exposed assets for new threats, such as zero-day attacks, ensuring immediate awareness of any issues.

SentinelOne allows for customized prioritization, enabling changes based on specific accounts and the addition of further actions to misconfiguration adjustments. The graphing ability of SentinelOne CNAPP facilitates comprehensive chaining for in-depth analysis. The demos on misconfigurations and the prioritization matrix were particularly informative.

SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal.

When evaluating CNAPP vendors, several key considerations emerged. First, it was essential to assess the regulatory frameworks and ensure compliance. Second, the issue of false positives needed to be addressed to maintain efficiency. Finally, the prioritization capabilities, particularly the use of graphs to identify critical assets, were crucial factors in the selection process.

I would rate SentinelOne Cloud Security a nine out of ten. They are bringing all the pieces together, and once the Purple AI can interact with all the different components and correlate across them, I think that's where its real power will come from.

SentinelOne CNAPP was extremely helpful and chosen for three primary reasons: their responsive and efficient team facilitated a rapid deployment; the technology itself proved to be very robust and effective; and the platform's configurability allowed for seamless integration with our specific business needs.

For those evaluating SentinelOne CNAPP, it is advised to engage with their team for potential configuration changes. The tool offers comprehensive insights, providing productive usage from day one for penetration testers and security engineers.

Cloud Native Security is a cloud posture management solution. Initially, it focused on helping us understand and assess our compliance posture and cloud configuration for workloads, etc. 

There are three key use cases for Cloud Native Security:

1. Continuous Configuration Monitoring: This ensures 24/7 oversight of configurations and identifies any issues as they arise.
2. Asset Visibility: Gain immediate visibility of all cloud assets upon deployment and ensure they are properly tracked within the system.
3. Container Security: Assess vulnerabilities in Docker clusters and other containerized environments based on compliance requirements.

I have used Prisma Cloud extensively at several organizations. We have also used Wiz and Cloud Native Security. Cloud Native Security is particularly easy to use because it requires no configuration. All we need to do is create an API key that connects to our cloud account, and it will automatically start identifying all the workloads and accounts associated with our master account. We can see them all listed on our screen. Cloud Native Security does not require any configuration beyond selecting what we want to see on the screen. On the other hand, Prisma Cloud which I used until about a year and a half ago was superior in some ways. However, the amount of data it generated was very high, and it produced a lot of alerts and events. This required trained personnel who understood our workloads and specific cloud environments to manage it effectively. Cloud Native Security is a low-maintenance product. It is pre-configured and requires minimal manual setup, making it ideal for small to medium-sized teams that don't have dedicated resources to manage individual security products.

Like any other product, every incident has its own unique characteristics. Incidents are typically classified into categories of critical, high, medium, and low. This classification is based on the nature of the vulnerability, the ease of exploitation including whether authentication is required, and the potential impact. There are many similarities to other scoring systems when you consider the underlying factors and the overall environment. This system resonates with me because it considers multiple factors beyond just the Common Vulnerability Scoring System. For example, it takes into account features or passphrases that are displayed on the screen or found on devices, and how that data is stored.
The current system incorporates some internal analysis, but it's minimal. While the overall classification is likely appropriate, the remediation guidance could be enhanced. Ideally, for each vulnerability, there should be clear instructions on how to fix it. However, some vulnerabilities might be relevant to an organization's specific use case. For example, a public IP address being accepted by an SQL server on Azure might be flagged as a vulnerability, but it could be a legitimate configuration for an organization that has a specific database configuration requiring access from multiple locations.

Cloud Native Security operates entirely agentless. Using just the API key on the master tenant provides complete coverage, regardless of the cloud platform we're using. We avoid agent-based solutions for a simpler and more efficient approach.

While evidence of exploitability in Cloud Native Security's reporting might not be crucial, it would be beneficial. If a vulnerability is actively exploited, we need a comprehensive solution to analyze the information and enhance our monitoring. However, that's just our perspective. In terms of Cloud Native Security's scanning ability, I find it limited. It displays the essentials, and the module essentially fills the attack map. However, it doesn't explicitly consider the exploitability index. Despite this, the existing exploitability scoring seems adequate. If a vulnerability can be exploited on our network which is simply a local network with zero authentication required, the complexity is factored in, and the vulnerability is classified as high, medium, or critical.

We leverage the offensive security engine to identify potential zero-day vulnerabilities that might be relevant to our workloads. Additionally, it helps us assess exposed configurations or misconfigurations that could be exploited by these vulnerabilities. While this engine is a valuable secondary source of data for improvement, it doesn't replace the independent solution we used previously. We primarily rely on that solution for information specific to our environment.

There are two main approaches to IaC scanning. One involves internal and Docker security modules. These modules analyze internal container images to identify vulnerabilities. For additional scanning, we leverage other products. We use Tenable and integrate it with CI/CD tools. This allows us to scan code dynamically and analyze traffic on a one-time basis. Additionally, PingSage assists in gathering data for IaC scanning.

Cloud Native Security significantly reduces the number of false positives we encounter. Unlike some other tools, it generates very few alerts that are ultimately unimportant low noise. I've rarely seen false positives from Cloud Native Security. While some Cloud Native Security alerts might be legitimate concerns, we can also suppress them if they're not relevant to our standard operations. This allows us to configure our cloud environment to focus on the most critical alerts.

Cloud Native Security has had a positive impact on our risk posture. As our only CSPM solution, it helps us with asset discovery, critical asset monitoring, and configuration issue detection and remediation.

Cloud Native Security has significantly reduced our average time to detection. Detection is almost always achieved in a single instance. We've confirmed this through multiple tests. The longest detection time we've encountered is around three to four hours. This extended timeframe occurs because the scan isn't running continuously. Instead, it operates at specific intervals, periodically examining our infrastructure and performing analysis. Consequently, the detection speed depends on when the misconfiguration happened relative to the next scheduled scan.

Our remediation process is entirely internal. Servers deliver the fix based on the severity assigned by Cloud Native Security, which is directly related to the vulnerabilities found. We then use our internal analysis to consider the environmental configuration. If the vulnerability is a zero-day in the user acceptance environment, we delay remediation until a later time. However, if it's found in the production environment, we address it immediately. We also prioritize remediation based on importance, so we see alerts related to production or pre-production instances first. The remaining vulnerabilities are addressed afterward.

Cloud Native Security has had a positive impact on our engineering functions, such as DevOps and the cloud infrastructure network team. It fosters a collaborative environment where teams can address alerts independently. This empowers engineers to take ownership and resolve issues promptly. DevOps is our primary user group, and Cloud Native Security helps them manage infrastructure, network, and CI/CD deployments efficiently.

Collaboration helps save time, particularly in engineering tasks related to infrastructure and technical deployment, rather than in development itself.

Cloud Native Security offers attack path analysis. This feature analyzes a combination of vulnerabilities, misconfigurations, and load balancer configurations to predict potential attack scenarios. This comprehensive picture helps us make informed investment decisions and determine appropriate security controls.

We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to:

• Continuously monitor configurations 24/7.
• Gain immediate visibility of all assets as they are deployed and ensure they are included in the system.
• Identify underlying configuration issues.

Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.

One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by Cloud Native Security or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.

I have been using Cloud Native Security for almost eight years.

Cloud Native Security is a SaaS product and I've never experienced an outage. It's highly reliable and available whenever we need it. They have scheduled maintenance, but it's infrequent, typically only happening once or twice a year. Whenever there is maintenance, they provide advance notice, just like any other OEM would do.

Scaling Cloud Native Security is straightforward. Creating a dedicated API team is the primary step, and this typically takes around five to ten minutes. Within a few hours, we'll see feedback integrated into our Azure and AWS consoles, along with the configuration of new alerts. Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource. This means it's elastic, with access to a vast amount of computing power and storage on the backend.

Their technical support has become very reliable. They have grown from a small team to a large one, and initially, the founders themselves would handle deployments. Now, they have dedicated Customer Success Managers and configuration automation tools to ensure smooth deployments. Even if they don't have an immediate resolution to our problem, the team actively investigates and works on solutions.

Neutral

In the past, I've used Prisma Cloud and Wiz. While they were functional, Cloud Native Security offers several advantages. It's very cost-effective and requires minimal configuration, making it a great fit for my needs. As I move between companies, I'm always happy to recommend Cloud Native Security to new employers.

When evaluating security products, there are several key factors to consider. Return on investment, initial investment cost, and built-in functionality are all important. Cloud Native Security excels in these areas. Their licensing model is based on the number of integrated accounts, rather than complex metrics like nodes, clusters, or data volume. This simplicity makes Cloud Native Security easy to use and manage. Additionally, it offers faster performance compared to other solutions I've used.

The deployment process is quick, taking only about five minutes. We simply need to meet with Cloud Native Security for setup. They will then guide us to the main portal and create an API key for us. On our end, we'll enable the key in our administrative console, whether it's Azure or AWS. Once that's done, the initial discovery scan will take approximately 90 minutes to two hours to run. After that, we'll start to see updates appearing in the portal.

The implementation was completed in-house.

There are different pricing models for software licenses. Some models are based on the individual number of assets a user has. Others consider the number of nodes, clusters, and accounts, with different pricing for each factor. I've also seen models that use the number of deployed APIs, endpoints, agents, or users. From what I've seen, Cloud Native Security seems similar. Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products. This simplicity makes their pricing straightforward and potentially cost-effective.

I would rate Cloud Native Security an eight out of 10.

While components like cloud configuration, central security, and management volume boast zero maintenance, we do encounter situations with Kubernetes. Occasionally, security issues or container-specific security problems might cause the cluster to disconnect. In these cases, we need to manually intervene by running a batch script to re-onboard the cluster. This is the only instance of internal maintenance required.

Before implementing Cloud Native Security, organizations should consider the specific security challenges they're facing. For organizations that are at least 80 percent cloud-based, a CSPM solution becomes essential. Even for hybrid organizations with on-premises and cloud components, cloud security offers advantages in terms of maintenance ease, reliability, and cost-effectiveness. 

Key Considerations When Choosing a Security Solution:

• Use Case: What specific security risks are you trying to mitigate?
• Objectives: What are your security goals?
• Incident Response Needs: Do you require detailed event logging and extensive incident response capabilities?

Matching Use Cases to Solutions:

• Customization: Cloud Native Security excels in customization and can be tailored to meet specific needs. It's ideal for teams lacking extensive cloud security expertise to establish and refine security policies. While some organizations, including both large and small ones, might not require this level of control, it remains a valuable use case for others.
• Targeted Security Features: Different use cases call for different security features. Container security or vulnerability management might be your primary concern. In some cases, Cloud Native Security's vulnerability management can be used as a complementary solution alongside a more comprehensive primary tool.

Ultimately, the decision comes down to your specific needs and deployment model. Don't get caught in the trap of seeking a one-size-fits-all solution. Consider your security team's capabilities and whether Cloud Native Security can truly replace them or if it would function best as a complementary tool.

We used it for security purposes. I was working as a firewall security engineer. I used SentinelOne Singularity Cloud Security for all the firewalls on the cloud and for getting alerts. We got all the alerts on our dashboard.

Evidence-based reporting was effective for helping prioritize and solve important cloud security issues proactively. It helped with vulnerability management. The dashboard provided an overview of open security issues.

SentinelOne Singularity Cloud Security improved our security posture. It helped our business by providing efficient protection. We had more visibility than the open-source solutions. If there was any vulnerability, I got an alert. If there was anything crucial, I also got an email.

SentinelOne Singularity Cloud Security significantly improved our ability to protect workloads such as containers, serverless, and Kubernetes. We got alerted about any issues, and we just followed the documentation.

SentinelOne Singularity Cloud Security reduced our false positive rate by 10%. It improved our mean time to detect and remediate by 20%. 

The automated malware scanning for S3 buckets improved our security response time by 20% to 30%.

The GUI is one of the best features. Audit reports and documentation for alerts are also valuable.

SentinelOne Singularity Cloud Security is easy to use.

The price is on the higher side. 

The dashboard can be more detailed.

I have been using SentinelOne Singularity Cloud Security for seven to eight months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

They are informative and helpful, but at times, they don't have detailed knowledge.

Neutral

It's easy to implement. Its maintenance is handled by another team.

We have four to five people for deployment. We can also get help from their customer support.

We have seen about 40% ROI.

The pricing tends to be high.

SentinelOne Singularity Cloud Security is better than other vendors because we get all the cloud-related, data center-related information. We have a consolidated place for all the information.

I would recommend this solution to other users. It's effective for security, and it's scalable.

I would rate SentinelOne Singularity Cloud Security a nine out of ten.

The primary use of SentinelOne Singularity Cloud Security involves cloud security, posture management, networking, and EKS. I am trying to solve Security Posture Management with this solution.

The best features are audit and compliance monitoring, along with vulnerability assessment, security, and the UI.

I have improved my ability to protect workloads such as containers, serverless, and Kubernetes through serverless functions.

SentinelOne Singularity Cloud Security has helped protect the serverless environment more effectively. There was an incident where my developer mistakenly made my repository public, and SentinelOne Singularity Cloud Security gave me an alert within 25-30 seconds, which helped me address the issue in a minimum time period.

My mean time to detect has been reduced by 30%.

SentinelOne Singularity Cloud Security's automated malware scanning for S3 buckets has reduced my security response time by 10 to 20%.

The solution has had a positive effect on the collaboration between cloud security application developers and AppSec teams. When EKS application teams use the infrastructure, the cloud team can identify vulnerable points and collaborate through Jira, which they follow up on.

The solution saves 40% of my time.

The improvements I have seen are mainly in the dashboard and everything related to EKS. From the Kubernetes perspective, the alerts are more detailed. I would add real-time protection as a feature.

I have been using this solution for almost one year.

I would rate the stability of the solution as nine out of ten.

I would rate the scalability as nine out of ten.

I would rate the technical support as nine out of ten.

Positive

I did not use any other product before using SentinelOne Singularity Cloud Security.

The deployment process was carried out by our existing team and customer support teams, with two members from the customer support team helping us deploy the solution on the cloud.

The solution is easy to use.

The training, onboarding, and learning curve are smooth. When I joined my organization, SentinelOne Singularity Cloud Security played a very important role because there was no security-related software deployed on our infrastructures.

My environment consists of 13 people working with SentinelOne Singularity Cloud Security.

The solution requires maintenance, but it does not fall under my team's responsibilities.

I do not currently use Artificial Intelligence with SentinelOne Singularity Cloud Security.

I would recommend SentinelOne Singularity Cloud Security to other users for security and management purposes, as it would help organizations in various ways.

Overall, I would rate the solution as nine out of ten.

In our organization, we use SentinelOne Singularity Cloud Security for infrastructure security purposes. It secures our infrastructure, data, and everything. That's the primary use case for this.

It is very useful and easy to use for beginners as well as pros. From a beginner's perspective, its dashboard is very convenient, and the UI/UX is very easy to understand.

Regarding proof of exploitability in SentinelOne Singularity Cloud Security, when a developer makes a repository public, it identifies issues in minutes. If the repository has some hardcoded secrets, they would cause problems for us because anybody on the internet could access it. Those keys could allow the exploitation of the systems. SentinelOne Singularity Cloud Security catches the issues quickly. The same applies to a public bucket. One of our DevOps engineers made it public which had many files in it. SentinelOne Singularity Cloud Security was on top of it. The solution has an automated workflow that blocks such misconfigurations.

We primarily use infrastructure as code scanning for cloud security posture management, but the solution also provides capabilities for identifying hardcoded secrets in the source code. It covers Kubernetes security with around 20 to 35 members from security and DevOps being users of this solution.

It has reduced our mean time to detect by 30% to 40%. Our mean time to remediate is also reduced by 20% to 30%.

The compliance monitoring feature of SentinelOne Singularity Cloud Security gives us a report with a compliance score to ensure we meet certain regulatory standards. We can show our compliance as a percentage, and we do this to demonstrate that we are serious about security and for audit purposes. That is the best feature I appreciate.

SentinelOne Singularity Cloud Security is an excellent CSPM tool, but its CWPP features need improvement, and there is scope for more application security posture management features. There aren't many ASPM solutions on the market, and the existing ones are costly. I would like to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM and CSPM, and the feature I'd like to see is runtime protection.

I have been using it for around two years.

We have experienced some dashboard lagging issues.

I contacted their technical support when we faced an issue on the dashboard. Sometimes it gets laggy, and we conversed with the customer support team. They informed us it was some network issue and guided us very informatively and usefully. I would rate the support a nine out of ten.

Positive

I personally did not use any alternative to SentinelOne Singularity Cloud Security.

The initial installation is easy. It takes around two to three days to fully deploy it.

We had seven to eight people.

It requires maintenance after deployment, but that is not handled by me. There is a separate team, the InfoSec team, which manages the maintenance.

I would rate SentinelOne Singularity Cloud Security a nine out of ten.

My company does utility energy disaggregation. We use SentinelOne Singularity Cloud Security for vulnerability management and to limit our exposure to attacks. SentinelOne Singularity Cloud Security scans our AWS cloud environment and provides detailed analysis. It can identify enabled ports or anything that isn't completely integrated with our security. SentinelOne Singularity Cloud Security gives us the details, and we only need to follow their instructions to ensure the vulnerabilities are fixed.

My company handles a lot of customer data for US and European clients. GDPR and SOC 2 standards require that we are almost completely free of vulnerabilities. We also have a SentinelOne Singularity Cloud Security safety score and report that we can provide to our customers. SentinelOne Singularity Cloud Security is integrated with our AWS environment, and it monitors a few customer-critical applications. Two people at my company use SentinelOne Singularity Cloud Security. I am on the IT security side, and another person from the platform security side uses it. 

Since implementing SentinelOne Singularity Cloud Security, we've discovered many vulnerabilities and security issues in our environment. We've fixed those so our data will not be leaked or otherwise compromised. Our priority is protecting customer data, and if we have any issues with the data, it won't be good for business.

SentinelOne Singularity Cloud Security has reduced the false positive rate by around 40 or 50 percent. It has improved our risk posture. We're more secure now. The solution has reduced our mean detection time by about 70 to 80 percent. It does a lot of the work for us. The mean time to remediate has nearly been cut in half. 

The solution's compliance features help us remain SOC 2 compliant. Our third-party auditors ask us to provide vulnerability reports and fix all vulnerabilities we have detected. SentinelOne Singularity Cloud Security gives us all this information our SOC 2 auditors need.

I like the accuracy of SentinelOne Singularity Cloud Security's vulnerability reports and offensive security engine. If any ports are enabled that aren't secure enough, SentinelOne Singularity Cloud Security detects them and provides a report. It's easy to use, and that's one reason we have used it continuously for a long time.

The evidence-based reporting helps us prioritize cloud security issues. We divide things into critical and non-critical vulnerabilities. The critical vulnerabilities have the highest priority, and we take a little more time to fix them if they aren't critical. The proof of exploitability is crucial because our customers ask about the vulnerabilities we fixed and how we detected them. They want to know what security fixes were made. These things are in the proof of exploitability. This is also helpful for SOC 2 auditing.

We use SentinelOne Singularity Cloud Security. If SentinelOne Singularity Cloud Security integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console. 

I have used SentinelOne Singularity Cloud Security for the last two years.

SentinelOne Singularity Cloud Security is stable. 

I rate SentinelOne Singularity Cloud Security 10 out of 10 for scalability.

I rate SentinelOne Singularity Cloud Security support 10 out of 10. They're excellent. When we send an email, they respond quickly and proactively provide solutions. 

Positive

Deploying SentinelOne Singularity Cloud Security is straightforward. The SentinelOne Singularity Cloud Security team asked us to give them some details about our environment that were easy to provide, and we started from there. The deployment took a few days. It required two people from our side and two from SentinelOne Singularity Cloud Security. After deployment, SentinelOne Singularity Cloud Security doesn't need any maintenance. It's a cloud-based platform that updates automatically. 

We've seen a reduction in resources devoted to vulnerability monitoring. Before SentinelOne Singularity Cloud Security we spent a lot of time monitoring and fixing these issues. SentinelOne Singularity Cloud Security enabled us to divert more resources to the production environment. The detailed information SentinelOne Singularity Cloud Security about how to fix vulnerabilities reduces the time spent on remediation by about 70 to 80 percent. 

We use SentinelOne's endpoint protection and SentinelOne Singularity Cloud Security. If the 2 solutions are integrated into a package, the cost of SentinelOne Singularity Cloud Security should be reduced. As a standalone product, SentinelOne Singularity Cloud Security is appropriately priced according to industry standards.

I rate SentinelOne Singularity Cloud Security 9 out of 10. This is the best solution on the market. They are doing an excellent job. 

We primarily use SentinelOne Singularity Cloud Security for cloud security posture management, but the solution also provides other capabilities, like infrastructure-as-code scanning. It identifies hard-coded secrets in the source code and covers Kubernetes security. About 25 members of the security and DevOps teams use the solution. 

We have integrated all of SentinelOne Singularity Cloud Security's CWPP, CSPM, application security, and container scanning features into Jira. It's more of a vulnerability management tool for us. All the issues SentinelOne Singularity Cloud Security identifies flow into Jira, and we have several dashboards that provide an overview of open security issues.

We were using open-source tools. Collecting and collating the results from each tool into one dashboard was so difficult, and SentinelOne Singularity Cloud Security solved this problem. SentinelOne Singularity Cloud Security gives us greater insight into our cloud security posture. For example, it tells us if buckets are public or ports are open. It can also tell you if a repository is going public or if any hard-coded secrets are pushed into the source code. SentinelOne Singularity Cloud Security will notify you when permissive users are created in the GCP environment. It offers a better UI and improved visibility compared to our open-source tools. 

SentinelOne Singularity Cloud Security helped us identify when a developer made our repository public. It identified the issue in minutes. The repository had a few hard-coded secrets that would've caused problems for us because anybody on the internet could access those keys and exploit the systems. SentinelOne Singularity Cloud Security caught the issue quickly. The same goes for public buckets. One of our DevOps engineers made a bucket public, and it had a lot of files in it. SentinelOne Singularity Cloud Security was on top of it. The solution has an automated workflow that automatically blocks this kind of misconfiguration.

It has helped us reduce the number of false positives. Sometimes, you get too many false positives because the tool doesn't have enough context. For example, let's say we have a bucket that we want to be public, and CSPM tools will identify the public bucket as a vulnerability. We can make exceptions or mute the alert. SentinelOne Singularity Cloud Security provides many ways in the UI to mark false positives or mute those tickets so that I don't get them repeatedly. I can also create tags for every issue and put all of the false positives under one tag.

The detection is almost instant. We get Slack or email notifications immediately when issues are detected, reducing our mean time to detect by more than 30 percent. Our remediation time has also improved by about 30 percent or more. We are in the fintech space, so we remedy vulnerabilities right away. The faster our detection, the faster our response. Both have significantly improved. 

SentinelOne Singularity Cloud Security facilitates collaboration between the application security, cloud, and DevOps teams. These three teams use it, and the security team manages it. When SentinelOne Singularity Cloud Security flags vulnerabilities, they are forwarded to DevOps for remediation. Previously, we needed to identify and report the issues, but there would be lapses in communication. Now it's a central dashboard. Anybody can look at the dashboard to see the open issues, what needs to be explored, and how the problems can be remediated. It's self-explanatory. Teams can understand the issues and descriptions, and they directly act on the recommendations.

As a frequently audited company, we value SentinelOne Singularity Cloud Security's compliance monitoring features. They give us a report with a compliance score for how well we meet certain regulatory standards, like HIPAA. We can show our compliance as a percentage. It's also a way to show that we are serious about security.

There is a feature that provides visibility into how an attack could happen. For example, they'll highlight the system vulnerabilities and outline how an attack could be propagated. That visualization helps me prioritize remediation. If I don't know where to start, I can check to see which ones are critical. It provides an exploitability score that enables me to prioritize the issues. 

SentinelOne Singularity Cloud Security is very easy to use, and they have a responsive support team that is available when we face any problems. We can reach out to them for tweaks, and they're always there to tell us how something works. However, most features are self-explanatory, so we don't typically need support to use the product.  

SentinelOne Singularity Cloud Security evidence-based reporting helps us prioritize and solve critical security issues. We have onboarded crucial projects into SentinelOne Singularity Cloud Security, and issues related to those projects are our top priority. The new visualization features demonstrate how an attacker can enter the system, highlighting potential pathways that can be exploited. It will outline all the steps the attacker could take. With that visibility, we can ensure the perimeter is strong, and an attacker cannot enter. It reduces the risk. SentinelOne Singularity Cloud Security helps prioritize issues based on the likelihood of exploitation. I have all the evidence of how an attacker can exploit the weaknesses in my parameter.

The proof of exploitability is helpful because we don't need to refer the issues to the security team. The DevOps guys can also use it to understand the various attack vectors and scenarios. The offensive security engine identifies any misconfigured security settings or other issues. That helps us because we are frequently audited and must report these issues to the auditors. audit heavy company. SentinelOne Singularity Cloud Security gives me these issues in advance so I can close the vulnerabilities before we are audited. It has helped us prepare. 

Infrastructure-as-code scanning is another useful feature. In pre-production, it identifies embedded secrets and misconfigurations. We can also identify issues with Kubernetes or some privileged containers. These features all help us pass the audit. Secure IAC code isn't easily exploitable by attackers. We can be more proactive about identifying and resolving vulnerabilities. 

SentinelOne Singularity Cloud Security is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection.

We have used SentinelOne Singularity Cloud Security for more than a year.

I rate SentinelOne Singularity Cloud Security 9 out of 10 for stability. It's a highly stable product, and we haven't had any issues with reliability. 

I rate SentinelOne Singularity Cloud Security 9 out of 10 for scalability. Our company is growing, and we don't see any performance slowdown from onboarding multiple projects. There are also no changes to the functionality or visibility that it provides. We're confident that it can scale to the level that we want.

I rate SentinelOne Singularity Cloud Security support 7 out of 10. Before SentinelOne acquired SentinelOne Singularity Cloud Security, the support was excellent. I would rate it 9 out of 10. Now, I would rate it 7 because there have been some changes due to the transfer of ownership. It isn't great, but it's okay. They are reachable, but it was much easier when SentinelOne Singularity Cloud Security was an independent company. Still, we can contact them when we need some customization, and they'll help us. 

Neutral

We previously used a mixture of manual work and open-source tools. However, these open-source solutions couldn't cover CSPM and container security. 

Deploying SentinelOne Singularity Cloud Security was straightforward. I wasn't a part of it, but I know it was easy to deploy. 

The return on investment is difficult to quantify. We will be fined if we fall out of compliance, but I would only know how much that would cost us once that has happened. SentinelOne Singularity Cloud Security helps us avoid those fines by proactively mitigating vulnerabilities. 

SentinelOne Singularity Cloud Security is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced.

I rate SentinelOne Singularity Cloud Security 8 out of 10. I would recommend SentinelOne Singularity Cloud Security to any company looking for a cloud security solution. It's more than a CSPM. It provides visibility into application security vulnerabilities and container security.