SentinelOne Singularity Cloud Security Reviews

I have experience in both cloud and developer roles. In my cloud infrastructure role, I focused on the infrastructure itself, not the application level. We deployed SentinelOne Singularity Cloud Security across our cloud and data center environments for security purposes. This tool provided alerts and best practice recommendations, including vulnerability notifications. I would then use the Singularity console to address any issues promptly, which significantly reduced our mean time to resolution.

SentinelOne Singularity Cloud Security has an intuitive dashboard and streamlined setup process, making it user-friendly for security teams.

It categorizes alerts into four levels: critical, high, medium, and low. Singularity Cloud Security automatically prioritizes security concerns, such as ransomware attacks or best practices, eliminating the need for manual intervention and presenting the most urgent alerts.

SentinelOne Singularity Cloud Security is important because its reporting includes proof of exploitability. This is very helpful for engineers as it provides alerts, identifies areas needing attention, and directs us to the relevant documentation.

The benefits of SentinelOne Singularity Cloud Security were immediately apparent after deployment in our data center and cloud environment.

SentinelOne Singularity Cloud Security helps reduce false positives and improves system accuracy through machine learning. The detailed alerts aid in investigating potential threats, enhancing our security posture.

SentinelOne Singularity Cloud Security reduces our mean time to detect.

SentinelOne Singularity Cloud Security offers valuable scalability suitable for organizations of all sizes, from small businesses to large enterprises. Its comprehensive ransomware protection includes rollback features and 24/7 threat monitoring, with managed services providing continuous monitoring and threat hunting.

While SentinelOne Singularity Cloud Security offers robust protection, its cost could be a barrier for some users. Additionally, compatibility issues may arise with older operating systems and legacy environments. Organizations with limited internet connectivity might also face challenges due to the cloud-based nature of the platform.

The Singularity Cloud Security console is experiencing delays in clearing resolved issues, which can take over an hour to be removed from the display.

I have been using SentinelOne Singularity Cloud Security for about two years.

Sometimes, I experience lag issues with SentinelOne Singularity Cloud Security, which might be related to my laptop or Internet connection.

SentinelOne Singularity Cloud Security scales well, making it suitable for organizations of all sizes, from small enterprises to large businesses.

Customer support is knowledgeable about the company's software and operating systems, responding quickly within two to four minutes.

Positive

While GuardDuty and CloudTrail offer some overlapping functionalities with SentinelOne Singularity Cloud Security in cloud environments, SentinelOne provides a more comprehensive and integrated approach to cloud security.

The initial setup was somewhat straightforward but took about three to four days due to the extensive infrastructure involved. Testing added more time to the process.

Our team of six or seven collaborated with a third-party installer and SentinelOne's technical support team.

While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses.

I rate SentinelOne Singularity Cloud Security ten out of ten.

SentinelOne manages the maintenance of Singularity Cloud Security.

We are running the entire cloud base on AWS infrastructure. The major use case for this product is cloud misconfiguration because a lot of changes keep happening in our environment. There are multiple teams and multiple verticals within our organization. We have different verticals across different business units. They have their local IT infrastructure teams, and all these teams are making changes. 

We have IT admins at multiple locations. There is a team of 10 to 12 members. It was a challenge to manage cloud security when they made changes, spun up new servers, or created new instances for new projects. Cloud misconfiguration was one of the major areas where we saw issues because things were not getting created as per the process or security protocol. When they are creating instances, they are not aware of the implications and the security incidents that may happen by keeping certain ports open. They might not be aware of the security issues that may come up. So, cloud misconfiguration was one of the main reasons why we opted for this product.

Another reason was to have a dashboard for the management and for the centralized team. We are a part of the centralized team that is taking care of the entire platform. It is very necessary for us to keep track of the changes and see if any P1 or critical security incidents are open. They are a risk to our organization's security. We wanted to have such visibility. Manually keeping track of those changes and open issues was very difficult for us.

It highlights critical or high-priority incidents. That is helpful. When we have a lot of issues on the dashboard, we can at least prioritize them based on the severity. We target critical incidents first and then move to the high-priority incidents. We still have medium and low-priority incidents on the dashboard. We require some amount of time to fix them. From a reporting perspective, it helps us to prioritize accordingly. We know that at least from a high-impact point of view, we are secure.

We do generic vulnerability scanning whenever there are any new changes or we are building any new applications. We keep the generic vulnerability scanning on whenever any new instances are created, and we run the scan once a week for already created instances.

We have not explored evidence-based reporting much. It is a good feature, but we mostly look at the priority of the incidents. We fix them based on the criticality. The description of the issues and the categorization make it easy to utilize the reports.

It has affected our risk posture. All the critical incidents and high-priority issues have been resolved. We are in a better place now in terms of risk posture. The medium-severity issues still need to be fixed, but earlier, we used to have critical incidents as well. We did not have any visibility into those things. We are now quite confident that we do not have any major security issues. We keep running the scan every week. It helps us to detect any new changes or vulnerabilities in our environment.

We could see its benefits immediately in terms of visibility. Previously, we did not have any visibility into where we were in terms of the security landscape. That benefit was immediate, and then we started fixing the problems and reduced critical issues and high-priority issues. We became confident in our security, and we were able to secure the environment wherever we had an incident. Its benefits were immediate from a visibility point of view, and then it took two to three months to have a direct impact in terms of security.

Singularity Cloud Native Security helped us to reduce false positives. We also have a managed service provider. We took their help to reduce false alarms and other issues. It also helped us to implement some of the best practices while creating any instances or making any changes to any particular instances. We created best practices and standard operating procedures for the infrastructure team. They follow the standard operating procedures while making any changes or creating any instances. We are seeing a drop in the number of issues compared to two or three years ago.

Our remediation time is reduced. Initially, it took some time to identify the remediation steps and what had to be done to fix the problems, but now we know what needs to be done. From a prevention point of view, we now know what we should not do. That has helped with changes that we keep on doing in the environment.

Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues. We created a road map and prioritized the issues based on the criticality of the problem. We have reduced P1s. We have resolved any critical incidents that came up in the dashboard. We still get high-priority incidents, and we keep on prioritizing and fixing them. That is because we have visibility into the open issues that we have. Management is also happy. They are aware of the things that are coming up on the dashboard. They are aware of the impact and the risk. We did not have this visibility previously. All the teams that are a part of IT are aware of the importance of it. It has been included as part of our software development cycle.

It is very easy to use. The user interface or the dashboard is quite simple. It clearly shows you the type of issues that are there. It also breaks down and groups them into the types of issues. If I have 100 issues on the dashboard, it categorizes them. Out of these 100 issues, 50 of them might be related to the same category. If I choose one of the high-priority incidents and fix them, all 50 issues might get fixed. This way, it is a bit easier for us to target specific use cases and resolve a lot of underlying problems. The descriptions are helpful. It gives us information about how to resolve a particular problem. It is easier when the tool itself tells you what you have to do to fix an issue. You can then research more and get it done. It is quite simple. Even the leaders who are not very technical can understand what is the impact and what is causing the problem.

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing that a new type of risk has been identified.

We use Jira for pushing any changes. If any kind of integration is possible between Jira and the Singularity Cloud Native Security dashboard, it will be easier for us to track. Before approving in Jira, I can ensure that any issues in Singularity Cloud Native Security are closed. Such an integration will be helpful.

Its pricing model is a little bit inflexible. Different organizations have different structures. We have multiple business units. Based on the different verticals, we have to create different subscriptions for them. If I create a new subscription and add it to Singularity Cloud Native Security, as per the current licensing model, I have to pay more for that. It should not be like that. It should be based on the number of servers. This kind of flexibility would help customers like us.

It has been close to two years since we have been using this solution. Prior to this, we were working with CrowdStrike, and then we migrated to SentinelOne two years back.

I have not seen any issue with Singularity Cloud Native Security.

If any slowness is there, we will probably wait and run it after half an hour or one hour. Nothing major has been highlighted to me or has been a blocker as such. The pricing model is the only thing that would be a concern. 

We take help from our managed service provider. If we have to fix any particular problem that we are not aware of or do not have the expertise for, we get help from the managed service provider. They have a service team with experts. They get it done for us.

We did not directly use any other solution. We have a managed service provider. We have taken their help, but it was more of a tool that they used at their end, and then they shared a report with us. Based on that report, we took action. It was not a regular thing that we used to do. Once in a quarter, we would probably allow them to scan and send us a report. Based on that, we used to take action. That was the process that we used to follow earlier.

Its implementation was a little bit difficult because it was a new tool that we were using. It takes time to understand the issues, specifically in terms of what has to be done to fix them. Aligning all the teams was a little bit difficult for the initial two to three months, but once we understood the product and what needed to be done for the issues that were getting highlighted in the dashboard, it was easy.

Initially, we had to do a lot of sessions to bridge the gap. That was because this initiative was taken by the Cloud Security team and the DevOps team. We needed a lot of patience to collaborate with the engineering or development team. A lot of the issues required help from the engineering team in terms of making changes at the core level as well. It took one or two months of time to do sessions with the developers and create SOP within the development life cycle itself. Overall, the support from the leadership was quite good. All the leaders agreed that this is a very important change that we are bringing into the organization, and it will be an ongoing thing that we need to follow. We have also added it as part of the SDLC. We use Jira to manage changes and defects. We have added security as one of the flags over there. Someone from the InfoSec team has to give a sign-off for any changes that are happening. If a project is going live, he has to check any open issues in Singularity Cloud Native Security. He has to give a sign-off before the project goes live. That is one of the changes that we have pushed in terms of the product life cycle itself, and that has helped to align different things. Unless they get a sign-off from the InfoSec team, it cannot be deployed. Everyone knows the process now. It is a part of the cycle.

It took at least 45 days to deploy and utilize all the features. We did not do it in one go. We did it phase-wise. We opted for one subscription, and then we slowly deployed it across other subscriptions.

It does not require any maintenance from our side. We have a managed service provider, and they are keeping track of it. There is no additional maintenance as such. We just have to keep track of things. It is more of a process adherence and making sure that we keep a check before we push anything into production.

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native Security, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of Singularity Cloud Native Security was low. 

Singularity Cloud Native Security is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning. There should not be an extra charge for adding a subscription, and the pricing should be based on the number of servers that I am scanning.

We are not using Singularity Cloud Native Security's Offensive Security Engine. We used the Infrastructure as Code (IaC) Scanning initially. When the demo was given, we had to use that scanning, but it is not something that we keep running on a regular basis.

Overall, I would rate it a nine out of ten. I am quite happy with the service and the value that it provides. The one point that I am not giving is because of the pricing model. If it had a more flexible pricing model, I would rate it a ten out of ten.

We currently use Cloud Native Security for cloud security posture management, leveraging both the CWP module and the authentication security tab. While we regularly utilize these features, we're planning to onboard the cloud detection and response module, along with the ISIS scanning functionality.

We implemented Cloud Native Security as a secondary control measure to complement our existing security posture. In our Prisma Cloud environment, we have a detection score threshold set at 70 or above. As Cloud Native Security was a new entrant in the market, we wanted to evaluate its capabilities. Fortunately, Cloud Native Security's unique features and policies proved valuable. For instance, Cloud Native Security detected an alert when a developer accidentally committed VS Code files to a public GitHub repository. This helped us promptly remove the VS code from GitHub.

Cloud Native Security is easy to use.

The feature that has been most effective in threat detection for our cloud environment has been the cloud visual attack tab.

Our cloud security is managed by Intel and Azure Entra. We download a report from them and send it to our team to address any identified issues.

I appreciate that Cloud Native Security incorporates evidence of exploitability into their reports, making them more reliable.

Cloud Native Security's offensive security engine excels at validating potential exploit paths and prioritizing the most critical vulnerabilities. This enables us to proactively identify and address these risks, ultimately strengthening our security posture.

Cloud Native Security has helped reduce our false positives. We can investigate and mute any false positives so they don't appear going forward.

Cloud Native Security helps us actively identify threats, ultimately improving our security posture.

Cloud Native Security has reduced our mean time to detect by 10 percent.

Cloud Native Security facilitates collaboration between our cloud security application developers and AppSec teams. This collaboration is further enhanced by a shared console that provides visibility into all active tickets. This transparency helps to reduce redundant requests, saving time.

Cloud Native Security offers a valuable tool called an offensive search engine. This tool has been helpful for us. It allows us to search for vulnerabilities and provides evidence directly on the screen. Additionally, Cloud Native Security offers a feature called Graph Explorer. This feature allows us to drill down into specific resources, search for them on the console, and view details such as open security rules and graph features.

While only 5 percent of our workload resides on the Google Cloud Platform, we would still like Cloud Native Security to be configured with automatic remediation capabilities for GCP.

In Prisma, there's a dedicated tab for managing high and medium-severity alerts. This allows us to easily enable or disable specific policies based on our current needs. With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case.

I have been using Cloud Native Security for six months.

I would rate the stability of Cloud Native Security 7 out of 10.

The only downtime we had was when switching from V1 to V2 but it was smooth.

I would rate the scalability of Cloud Native Security 8 out of 10.

The technical support is good.

Positive

For the past three years, Prisma Cloud has been our go-to security solution. Recently, we've added Cloud Native Security to our toolkit to further strengthen our security posture.

The initial deployment was straightforward. First, we onboarded the UAT account. Then, we added our product support account and other accounts. We then tested the UAT environment accounts. The entire deployment took one week to complete. Two people were involved in the deployment.   

I would rate Cloud Native Security 9 out of 10.

Our primary cloud security monitoring solution is Prisma Cloud by Palo Alto Networks, with Cloud Native Security as a secondary control measure.

We have 19 users overall in our cloud security team that utilize Cloud Native Security.

The only maintenance required is for updates.

I would recommend Cloud Native Security to others.

My company is trying to get an ISO certification by the second quarter of 2024, so we have been resolving certain security issues for the past year.

I use the solution in my company, where we have alerts coming from SentinelOne Singularity Cloud Security, especially if any security threats are there. Our company's primary concern in using the tool is to get the ISO certification. My company wants to get our infrastructure to meet ISO standards so that there won't be any issues while getting ISO certification.

With the product in my organization, I feel that we are more secure now, and our services have become better. My company gets to know if we are doing something right or wrong based on the scans that SentinelOne Singularity Cloud Security deploys. My company doesn't have to care much about security because SentinelOne Singularity Cloud Security takes care of it for us. My company also knows what all the best practices are there for each resource, which gives us a boundary of what we can do.

Most of the time, I have looked at the tool's dashboard to keep an eye on how much of my company is compliant regarding certain areas since we are eyeing ISO 22000 and ISO 22001. I just love the tool's dashboard, though I have not used it in depth. I like the dashboard mainly, and I know that all sections of ISO certification have been completed. I have not used the tool that much, but under that dashboard itself if I just click on the certification part, which states that 93 percent has been completed, it will show me the subcategories of what all things are still pending or how much percentage of it is still pending, and how many areas are yet to be resolved in relation to some of the resources. The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features.

When I joined my organization, I saw that SentinelOne Singularity Cloud Security was already implemented. I started to use the tool's alerting features and dashboard functionalities. Considering how much I used the product, I don't see any areas in it where improvements are required since everything seems fine.

Sometimes, there are alerts that don't have proper messaging attached. The tool can improve the alerting notifications. In SentinelOne Singularity Cloud Security, the alerts also show the affected resource that has a particular issue, but sometimes, the account shows as not applicable, and it isn't very helpful since you need to know the account the tool aims to point out.

The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement.

I have been using SentinelOne Singularity Cloud Security for more than a year. My company is a customer of the solution.

My company has not experienced bugs, downtime, or any other issues in the product.

Stability-wise, I rate the solution an 8 out of 10.

It is a scalable solution. Scalability-wise, I rate the solution a 7 out of 10.

My company's tech team consists of twelve people and around ten to twelve people use the product.

I rate the technical support an 8-9 out of 10.

Positive

The solution is deployed using the cloud services offered by AWS.

SentinelOne Singularity Cloud Security regularly sends us messages on Slack for cloud security monitoring if it finds a certain security threat. If the area revolving around the security threat is something my company wants to look into, we just quickly check the product to see if there is a quick fix, and if there are no solutions, then we find a way to deal with it. A person from our company's team regularly tries to fix all the issues raised by SentinelOne Singularity Cloud Security so that it is ISO compatible, and right now, my company is close to achieving it.

Speaking about the issues my company was trying to resolve by implementing SentinelOne Singularity Cloud Security in our environment, I would say that whatever issues the tool has raised till now are related to certain policies that we might not have implemented in our IAM. There should only be certain roles that can access certain resources. The aforementioned area consists of the types of issues my company is currently trying to resolve so that we stay up to the mark. In my company, we don't have any regular threats that come up, but they are mainly used in regard to policies.

Considering how much I have used it to date, I can say that it is an easy-to-use product. However, I have not used the product in-depth, so I can't comment much about it.

If I assess the evidence-based reporting for helping prioritize and solve important cloud security issues, I would say that the concerns raised by the product are valid ones, and it is important to deal with them. Though I am not sure what the question entails, I feel that the issues raised by the product are proper, and they should be resolved before actually implementing its features.

I think it is very important for the solution to include proof of exploitability in evidence-based reporting. You have to know what things might go wrong if an issue is not resolved, and it makes it easier for us to assess key issues and to decide which areas should be taken into priority, considering what potential issues might crop up in the long run or short term. In general, SentinelOne Singularity Cloud Security is a quite helpful tool.

The most valuable feature of the tool in terms of real-time threat detection stems from the alerts my company receives via Slack. I think the alert feature is something I have majorly looked into, but I haven't explored many of SentinelOne Singularity Cloud Security'd features.

Whether the compliance monitoring capabilities of the tool have benefited our organization or not is something that we will get to know soon via its results in the next two or three months. My company is very close to getting ISO certification with SentinelOne Singularity Cloud Security's help. I think if it gave our company a demo compliance feature, it could be helpful.

The product's UI is good if I speak about the impact of its ease of use on security operations. The UI is very easy to navigate. Basically, I was able to navigate through the tool's dashboard. Overall, the tool's UI structure looks good.

My company has rarely had to deal with an incident involving a false positive with SentinelOne Singularity Cloud Security in place, and I believe that it happened at the end of the previous year. After that, my company didn't need to deal with any false positives. With SentinelOne Singularity Cloud Security, the chances of seeing a false positive are rare.

In terms of risk posture, after going through the recommendations provided by SentinelOne Singularity Cloud Security during the implementation phase, I feel that my solution has helped my company get better and more secure because now we are less vulnerable to attacks. Overall, I think that the product is good for improving an organization's risk posture. In my company, we don't have any doubts about using the product since everything feels right with it.

The tool has reduced the mean time to detect risks since, with the use of the tool, it has become faster as it is now done automatically. In my company, I operate in a very small team where we don't have a specific person or department giving us insights about a particular tool. The tool has reduced the mean time to detect risks by more than 50 percent. My company never scanned our own infrastructure until SentinelOne Singularity Cloud Security did. Until my company had it in mind that we wanted to get an ISO certification, we never scanned our infrastructure.

The mean time required to remediate is an area that has improved a lot. My company has never tried to resolve any issues since we have never detected any problems. The mean time to remediate has improved by more than 50 percent.

The product can make the collaboration between cloud security application developers and AppSec teams better. In my company, we only have one team, and we don't have a few departments.

The product has helped my company save a lot of engineering time because we don't have to put up physical resources to do many things, as they are managed automatically. In my company, we just have to employ one engineer to resolve everything. My company doesn't actually have to spend time detecting issues and then solving them as the tool solves them for us.

I have not integrated the tool with the existing solutions in my company's infrastructure or workflows. I use it as a standalone product in my company.

The product is used in just one location.

I don't think that the product requires any maintenance. I don't think that my company does any maintenance for SentinelOne Singularity Cloud Security.

I recommend the product to those who plan to use it. I think the tool has a very good alerting system. The tool also gives a proper description of resources and alerts. I think that the tool is very good for meeting the certification compliance requirements.

I rate the overall tool a 9 out of 10.

We are a security-based company. We use SentinelOne Singularity Cloud Security to put our data planes on it. We have a cloud setup, and we have integrated SentinelOne Singularity Cloud Security into our environment. It checks for any audit or security-related issues.

By implementing SentinelOne Singularity Cloud Security, we wanted a centralized solution. We have many AWS accounts to manage, so we wanted a single dashboard with analytics. We wanted to be able to view and monitor everything at once. We also wanted to customize the rules on which we wanted the alerts to be set up. SentinelOne Singularity Cloud Security was a better option for our use case.

We have multiple rules set up on SentinelOne Singularity Cloud Security for things that we want to monitor. We have set up something for restricted access for SSH, and then we have access to the EC2 instances. If any of the rules are broken or if there is a bad actor, we get notified quickly. It also helps with the audit and keeping the infrastructure clean.

SentinelOne Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. This is quite important for us because we are a security-based company. We want to tag each and every alert correctly. We also need to provide RCA to the customers. SentinelOne Singularity Cloud Security forms a very good basic layer for things that are happening in the infrastructure. The reports that it gives are also nice. It gives us information about the impact and other things. It helps us.

Its setup is good. It also depends on how finely you want to set it up. It depends on the rules you set, the thresholds you set, and how quickly you act on things. We did not want SentinelOne Singularity Cloud Security to act on things, so we went for a basic setup without any auto-remediation. We act on the issues. It provides us with a basic layer of security.

Previously, we used to find issues from the AWS console and the AWS logs, but because we had multiple AWS accounts, finding out the issues was a bit of a pain point for us. We had to go inside 30 to 40 AWS accounts to find out the capabilities. We had to write our own automation scripts to find the full logs. We wanted a solution that gave us a centralized place to put all the issues that we were facing based on security concerns. With SentinelOne Singularity Cloud Security, we found a centralized solution. It was easy for us to get the data of 30 to 40 clusters in a single dashboard. It was pretty nice to have that. The UI seems a bit confusing initially, but once you start using it, it becomes more intuitive.

There is a team that is working on setting it up on ISE. So far, with just a vanilla setup, it is doing its job, and we are happy with it.

There are a few false positives, but we want them to be there. We do not want to miss out on something. We want everything to be monitored. It does not matter to us if it is a false positive. At the end of the day, the cost that we would pay by ignoring a true positive thinking it is a false positive would be much higher than going through false positives and marking them as false positives.

For every module and everything that we do on our AWS clusters, we evaluate the risk individually, and then SentinelOne Singularity Cloud Security forms an extra layer of security on top of the personal checks that we do. It is like a shield for us. It helps us a lot.

SentinelOne Singularity Cloud Security has reduced the mean time to detect issues by a lot. Earlier, it was a very manual process to detect errors. There was not a single place where we could look into all the alerts. They were all scattered. SentinelOne Singularity Cloud Security unified that. With SentinelOne Singularity Cloud Security, once the alert is detected, we can just look into it directly. We can go into a specific cluster, resolve the issues, and mark it as resolved. There is a 45% to 50% reduction in the mean time to detect.

Our mean time to remediate remains the same because we have manual remediation. There is no change in that. The main issue for us was to be able to detect issues, and SentinelOne Singularity Cloud Security solved that for us, but because remediation is taken care of by us manually, the mean time to remediate remains the same.

SentinelOne Singularity Cloud Security is continuously monitored by the customer success engineering team and the security team. These people contact the infrastructure team. The application team is not involved because we mostly monitor the infrastructure side. That is the AWS side. It helps us with better collaboration. When the time zones change, we do not have to give a lot of context or change information across different time zones to different people. They can go into the console, see the issue, and continue to work on it.

Earlier, if there was a security issue, it had to be handed over to people in different time zones. Because we are a global company, we have on-calls and other things. Earlier, it used to be a big process. We had to write down the whole documentation of what happened, where we were seeing the issue, and whether it was resolved or not. We had to provide the complete information on that single issue. Things are simpler now because people can just log into it and see what is in the pending state and which security vulnerabilities we are still facing. A person in a different time zone can just log into the SentinelOne Singularity Cloud Security console and start remediating the issue.

The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform. The integration is quite easy. It took around 15 minutes for the whole stack to set up. It was very easy to set up. That was one of the best things.

The custom rules are also valuable. We can set up our own thresholds on the rules. We can have a granular setup for the rules. We can also scan for specific ports and specific AWS modules. The granularity of rules is good. 

In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier. Initially, I had problems finding a few things and creating the policies. It was a bit difficult for me, but after going through the documentation, it got easier.

I was checking the IaC checks that they have, and they can add something for auto-remediating IaC. They can integrate something that will help auto-remediate on IaC and make needed changes to the code. They can also integrate something like CoPilot.

Other than that, I do not have any input. They have covered quite a bit. They are doing a good job. The features are good for what we are using it for right now.

I have been using SentinelOne Singularity Cloud Security for 3 to 4 months.

Its stability is good. We do not have a high volume. It is doing well for the scale that we have. I would rate it a 9 out of 10 for stability.

Its scalability is good. I would rate it an 8 out of 10 for scalability. It meets our requirements. SentinelOne Singularity Cloud Security does the very basic job of collecting the CloudWatch logs, keeping them in a centralized place, and looking for errors. We have scaled it across all of our AWS accounts, and it is doing well. I do not see any issues coming in the future as well.

SentinelOne Singularity Cloud Security is being used by our infrastructure team. There are 15 to 20 people who keep a check.

Their support was good. I would rate them an 8 out of 10.

Positive

We did not have anything like SentinelOne Singularity Cloud Security before.

The initial setup was straightforward. It only took about 15 minutes.

We initially had issues handling the setup. We were doing it slightly wrong. We ran it multiple times which messed up the setup. We got SentinelOne Singularity Cloud Security folks on the call. SentinelOne Singularity Cloud Security people assisted us with it, and it was very quick once they were on the call.

We are on the cloud. We have different AWS clusters, and we have onboarded AWS clusters to it. There is a single dashboard for us. We have not integrated it with anything else. SentinelOne Singularity Cloud Security is a separate system running, and we have not integrated it with anything. Being a security company, we are directly adding third-party solutions to our stack. 

SentinelOne Singularity Cloud Security does not require any maintenance from our side. It was a one-time installation, and since then, we have not had any issues with it.

Based on the things that we have tested, it does a pretty good job of alerting and reporting. If you have a highly scaled environment with 50 to 60 AWS clusters and you are looking for a tool that simplifies getting security logs, SentinelOne Singularity Cloud Security is the perfect solution. It does the job. I would recommend SentinelOne Singularity Cloud Security to others.

SentinelOne Singularity Cloud Security has an auto-remediation feature, but we are not using that because we have to give a lot of access to SentinelOne Singularity Cloud Security for that. We are not willing to do so. That is why we do not use the auto-remediation offered by SentinelOne Singularity Cloud Security. We just get the alerts, and then we act on them. We also do not use agentless vulnerability scanning, IaC scanning, and SentinelOne Singularity Cloud Security's Offensive Security Engine.

Overall, I would rate SentinelOne Singularity Cloud Security an 8 out of 10.

We use SentinelOne Singularity Cloud Security to enhance the security of our cloud and data center infrastructure. Its primary functions include providing alerts and guiding the implementation of best practices for cloud security.

To enhance our security posture, we implemented SentinelOne Singularity Cloud Security, as we lack a dedicated managed service for continuous environmental monitoring.

SentinelOne Singularity Cloud Security is easy to use. It offers an intuitive dashboard making it user-friendly.

The evidence-based reporting is helpful for navigating the evolving threat landscape. It enables us to implement security measures proven to reduce risk.

The inclusion of proof of exploitability in its evidence-based reporting fosters stakeholder trust and reduces reliance on human intervention.

SentinelOne Singularity Cloud Security has a minimal impact on system performance compared to traditional antivirus solutions and helps meet compliance requirements by maintaining detailed logs and audit trails.

It has reduced our false positive rate by 20 percent and has significantly improved our security posture by providing comprehensive visibility into all activities across our infrastructure.

SentinelOne Singularity Cloud Security has decreased our mean time to detect by 60 to 70 percent.

Singularity Cloud Security offers autonomous response capabilities, automatically remediating threats and restoring affected files without manual intervention. Its AI-powered threat detection utilizes advanced AI and machine learning to identify and respond to threats in real-time. Its scalability makes it particularly beneficial for small organizations.

The SentinelOne customer support needs improvement, as they are sometimes late in responding, which is critical in a production issue. Cost is also an area for improvement as it must be more affordable, particularly for smaller companies.

We have been using SentinelOne Singularity Cloud Security for almost one year.

I rate the stability of SentinelOne Singularity Cloud Security as eight out of ten. There are no major bugs, glitches, or downtime issues.

I rate the scalability of SentinelOne Singularity Cloud Security a nine out of ten. It is very scalable and suits our needs.

The technical support team's response time is slow at times.

Neutral

SentinelOne is far superior to our previous solution, Accops, due to its seamless updates, effortless maintenance, and user-friendly interface and dashboard.

The initial setup can be slightly time-consuming, requiring about two to three days for deployment on both cloud and data center infrastructure.

SentinelOne Singularity Cloud Security is costly. I would rate the price an eight out of ten, with ten being the most expensive.

I rate SentinelOne Singularity Cloud Security a nine out of ten.

SentinelOne Singularity Cloud Security is deployed across multiple departments in a single location. We have 14 direct users of the tool.

SentinelOne manages the maintenance for Singularity Cloud Security.

I would recommend SentinelOne for security, as it is easy to use. Even without technical knowledge, users can manage it through the dashboard and provided documentation.

We use Singularity Cloud Security to monitor our infrastructure and ensure it meets all security and compliance standards. The solution helps us maintain and strengthen our security posture. Singularity covers our AWS environment, Kubernetes clusters, and some of our GitHub repositories.

Our organization is growing steadily, so our infrastructure is expanding, and we're managing more technical resources. Singularity Cloud Security helps us track our resources so that we don't get lost in the overwhelming volume of things and ensures we follow best practices. The solution gives us better visibility into our resources and enables faster resolution. 

Another advantage of Singularity is compliance. I work in the payments industry, where regulations are strict.  Maintaining everything and ensuring all the resources meet compliance standards is challenging, but Singularity Cloud Security enables us to do that while saving a lot of time. 

Singularity has helped us reduce false positives, but it has also introduced some. Still, it's significantly less than many of the other tools we use. If we deal with fewer false positives, the technicians have more bandwidth to work on real issues. We don't need to spend time on the analysis and can focus on fixing the vulnerabilities and ensuring compliance. 

The solution has improved our security posture considerably. In the finance industry, we can't function if we aren't compliant. The better our security posture is, the more compliant we are. By reducing vulnerabilities, we have eliminated risk factors in our systems.

Our remediation time is shorter. It's easier to identify vulnerabilities. We don't need to do much analysis before fixing vulnerabilities. About 90 percent of the time, we can identify the correct problem instantly and begin remedying the finding. It has saved a lot of time. It takes us only one or two days to remedy critical issues, whereas it previously took two weeks. Our mean detection time has dropped from about a week to one or two days.

The solution has given us a lot of insight into cloud security. It shows us some best practices that many people in the company do not know. Singularity finds those weak spots and educates us on the latest best practices to follow. The next time we deploy changes to our infrastructure, we change our policies and designs based on the recommendations. 

Singularity Cloud Security's UI is clean, simple, and easy to use. When I started using it, I found it easy to learn what things are. Everything is explained in detail. It's always up to date with the latest technologies, such as AWS Kubernetes. They keep on top of trends with new features and updates.

The solution has a mapping feature that allows me to write my own queries and better understand my resources. It also offers some help with security controls on their end, suggesting best practices that you can use to write custom queries or standards. We have the flexibility to customize our infrastructure based on our needs. 

Singularity's evidence-based reporting rates my alerts so I can see which ones to prioritize and identify the critical vulnerabilities. It provides a highly detailed description of each vulnerability and the resolution steps. I can triage all the findings from one place and apply different filters based on my preferences.

The offensive security engine is another major feature. We use it for our infrastructure and machines to see if we have an exposure or liability. It takes some time, but the vulnerability reports are highly accurate. It saves us some time because we don't need to verify all the vulnerabilities. We just have to go fix them.

The detection time could be better. It takes a long time to scan. I'm not sure how long other tools take for the same amount of scanning, so I cannot compare it with other tools, but it takes us half a day to a full day to complete the scan. I want to get the reports faster so we can start fixing the problems. 

The proof of exploitability is another area for improvement. While I have all the information to troubleshoot the problem, it isn't detailed enough for an administrator. It has sufficient information for a general user, but an administrator would like to know all the ins and outs of the vulnerabilities that have been reported. 

I would like to see the map feature improve. It's good, but it isn't fully developed. It lets us use custom resources and policies but does not allow us to perform some actions. I would also like more custom integration and runtime security for Kubernetes.

We have used Singularity Cloud Security for about eight months. 

I haven't seen any major stability problems. There are some minor issues but they are rare. Overall, it has been a smooth experience.

Singularity is scalable. It has one UI that can be integrated easily with multiple backends, so we have all the data in one place and we can do whatever we want with it. 

I rate SentinelOne support eight out of 10. Their support team is proactive. It has been a while since I connected with them. They helped me with all my questions quickly. It was an excellent experience. 

Positive

I have worked on other infrastructure-as-code tools and other tools for various functions that Singularity performs, such an AWS Inspector, but now we use Singularity for most of it. 

The initial setup is not a very complex process. Because of the large number of resources, we have so many places where we need to integrate the solution repeatedly. It's easy to set up new places or add integrations. The initial setup took two to four weeks. That was how long it took to go back and forth and cover everything. 

We did a PoC first, which wasn't very hard. Our deployment team consisted of three or four people. The vendor team was very helpful when they deployed everything on our infrastructure. They helped us set up all the necessary permissions. 

The return on investment has been good. Singularity offers a lot of flexibility to focus on different aspects because it gives us a lot of information and helps us maintain the observability of all our resources. That is something that we value because of the sheer volume of resources we have. We couldn't do that manually or using some other tools. 

I rate SentinelOne Singularity seven out of 10. It's a solid product and I recommend checking it out. It has some excellent features, observability, metrics, etc. It's very cool.

We use SentinelOne Singularity Cloud Security to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate SentinelOne Singularity Cloud Security with our GitHub repositories that store our hard-coded secrets.

We renewed our contract with SentinelOne Singularity Cloud Security for another year because it's extremely easy to use. The user-friendly UI, along with its integration with Jira and the ability to consume alerts through Slack, make it a valuable tool for our team.

Evidence-based reporting facilitates addressing complaints related to mandatory controls. SentinelOne Singularity Cloud Security offers an option for high-alert items to be kept publicly available if we're confident we have appropriate controls implemented.

SentinelOne Singularity Cloud Security's agentless vulnerability scanning has identified a significant number of vulnerabilities.

SentinelOne Singularity Cloud Security's evidence-based reporting, particularly its proof of exploitability, is highly valuable. For example, their recommendations significantly reduce investigation time and allow us to easily research vulnerabilities using tags. This targeted approach helps stakeholders prioritize and address critical vulnerabilities efficiently through the dashboard.

We utilize the offensive security engine, but fortunately, it doesn't detect many vulnerabilities. It primarily identifies publicly known patch versions and the exposure of the SMTP service. On the other hand, I would rate the ASM functionality an eight out of ten.

IaC scanning has been effective in identifying code-level issues whenever infrastructure as code is scanned.

SentinelOne Singularity Cloud Security automatically populates and maps our network, identifying any misconfigurations within the first two hours of deployment.

It has reduced false positives by around 90 percent.

Our mean time to detection has been improved, especially for critical areas. Our mean time to remediation has been improved as well.

SentinelOne Singularity Cloud Security has improved our risk posture by providing visibility into our cloud infrastructure.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud security application developers and the app security team.

It helped our developers save time.

SentinelOne Singularity Cloud Security offers an intuitive user interface that lets us navigate quickly and easily. Additionally, its identification feature allows us to customize rules and configurations in the cloud.

IaS scanning identifies misconfigured code within GitHub repositories. This represents a "shift left" approach to security.

Customized queries should be made easier to improve SentinelOne Singularity Cloud Security. 

I have been using SentinelOne Singularity Cloud Security for one and a half years.

While SentinelOne Singularity Cloud Security is stable for around 90 percent of the time, there are occasional glitches in the UI. However, as a security tool, our primary focus is on the results it delivers, rather than the aesthetics of the dashboards themselves.

Scaling SentinelOne Singularity Cloud Security is easy. We recently integrated with AWS and it went well.

We regularly contact the technical support team about some UI glitches. We provide them with feedback on these glitches regularly. Additionally, we would like to see some new features added to Jira when creating tickets. We've also been in touch with the technical support team about this.

The technical support team's responses are good and have been improving.

We've noticed a decline in their response times lately. This could be due to the recent acquisition of SentinelOne Singularity Cloud Security by SentinelOne. Previously, their response times were much faster.

Positive

The initial deployment was straightforward.

Deploying SentinelOne Singularity Cloud Security is a quick process that involves creating a dedicated service account, granting the necessary roles to the service account, and attaching the service account to SentinelOne Singularity Cloud Security.

The total deployment time took around 15 minutes.

The implementation was completed in-house.

The features included in SentinelOne Singularity Cloud Security justify its price point. The agent-level monitoring for Kubernetes clusters is particularly valuable and could support a modest price increase.

Our evaluation of Prisma Cloud and Trend Micro on an open-source platform for identifying misconfigurations yielded a high number of false positives, limiting its effectiveness. We chose SentinelOne Singularity Cloud Security based on the price and the ease of use.

The setup and cleanup need to be done first to get things organized. This makes SentinelOne Singularity Cloud Security a much easier option than the other products we evaluated, which were all very complex. So, we won't be jumping straight to CWP. Instead, we'll focus on securing our perimeter. We believe SentinelOne Singularity Cloud Security can solve this issue, and the support we received during the proof of concept was also very positive. Considering all these factors, we decided to go with SentinelOne Singularity Cloud Security. 

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security does not require maintenance.

It is easy to use, but it works best when you have established organizational practices in place. If you feel this is critical, don't hesitate to address it directly. Integrating SentinelOne Singularity Cloud Security is straightforward, so there's no need to worry about that. It's a ready-made solution that can be integrated with just a click. You can then address the specific issues you find most important. Ideally, integrate all your relevant sources during onboarding, such as GitHub or any cloud accounts you use. This ensures you capture everything from the start and get the best possible results.