SentinelOne Singularity Cloud Security Reviews

We use the tool for cloud security management. We check the vulnerabilities in the cloud during the configuration phase using SentinelOne Singularity Cloud Security. We check how many cloud assets are being covered and how many issues have been identified from multiple cloud assets. We check different types of issues. We look into cloud network configuration, Offensive Security, Kubernetes security, and vulnerabilities. We also use the ThreatWatch option to check for active attacks happening worldwide. We can also check compliance, analytics, and asset inventory. We use the tool in multiple locations.

Without the product, we cannot know the configurations and the issues that are present in the cloud assets. SentinelOne Singularity Cloud Security helps us to know such details easily. It guides us and shows the flaws or vulnerabilities present in the cloud assets. It also provides good remediation processes with screenshots. It is easy to tackle and remediate the issues present in the cloud assets.

The solution provides detailed visibility into the security state of the assets and workloads across all the platforms. The remediation process is good. It clearly provides every step required in the resolution with screenshot links. I like it very much. The product helps us identify the misconfigurations and flaws present in our organization. We meet with the concerned teams and resolve the issues. It helps us a lot by finding all the issues in the cloud assets.

We use the solution's agentless vulnerability scanning. There are different categories in the product. It is useful for us that SentinelOne Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. It is required for every company that uses clouds. SentinelOne Singularity Cloud Security has helped reduce the number of false positives we deal with. Most of the time, we do not get false positives. It is usually below 10%.

The product has improved our risk posture by 50%. We can detect vulnerabilities faster. SentinelOne Singularity Cloud Security has sped up the process by 80% to 90%. SentinelOne Singularity Cloud Security provides us with the remediation process. It has reduced the mean time to remediate. Without the tool, we wouldn't know the process to remediate. We can get some things on Google, but the product provides the exact process we need to follow. The solution improves the mean time to remediate by 70%. It is a very helpful tool for remediation.

SentinelOne Singularity Cloud Security is a collaborative tool. It is very easy to use. Anyone can easily use it. We can easily check the flaws and collaborate with other teams. SentinelOne Singularity Cloud Security has helped us save engineering time by 50%. We use other tools for compliance. We have endpoint security solutions and antivirus products for normal assets. Similarly, we need a tool for the cloud assets. I will recommend SentinelOne Singularity Cloud Security to everyone who uses the cloud.

Under the containers section, we have a cluster. It is a link between the organization and SentinelOne Singularity Cloud Security. We don't get any notifications from SentinelOne Singularity Cloud Security when the clusters are down. The SentinelOne Singularity Cloud Security database doesn't receive any updates. It doesn't trigger any alerts. We must check things manually. It must be improved in future releases. If notifications are available, then it will be more helpful, easy, and time-saving. We can easily contact the team, check why the cluster is down, and restart things.

I have been using the solution for one and a half years.

The solution is stable. I rate the stability an eight out of ten.

We have eight users in our organization. The solution does not need any maintenance. I rate the scalability a nine out of ten.

The technical support is good. The team responds within 24 hours and resolves all the issues we raise. The team also arranges monthly meetings for updates. The support team educates us about the upcoming updates in the tool. The team helps us if an individual or a team has issues with SentinelOne Singularity Cloud Security. The support people also help us with the remediation process if we are stuck at any stage.

Positive

The tool is deployed on the cloud. The deployment can be done in a day. One or two people from our organization and two to three people from the development team of SentinelOne Singularity Cloud Security were involved in the deployment. The solution was easy to deploy. It was not complicated.

The product has saved us time, money, and resources. We have saved 80% of time, 20% of resources, and 80% of money.

The tool is cost-effective. It is neither cheap nor expensive.

The tool is easy to use. Compared to other products, SentinelOne Singularity Cloud Security is the most easy to use. There are different severity categories, such as critical, high, medium, and low. We get notifications for critical things. Critical issues have the highest priority. The ability to prioritize the issues is helpful for us.

Overall, I rate the product an eight out of ten.

We use SentinelOne Singularity Cloud Security for our AWS cloud used in my project and to check the account's vulnerabilities.

SentinelOne Singularity Cloud Security has improved our organization a lot. Before using SentinelOne Singularity Cloud Security, we had not covered many points according to vulnerabilities. We have used the solution's dashboard, which shows the criticality of issues, and we have rectified and resolved many issues according to their severity.

SentinelOne Singularity Cloud Security has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability. If it is not a critical problem, we can try to solve it within 4-5 hours. If it's very critical, then we can take action immediately.

SentinelOne Singularity Cloud Security takes 4-5 hours to detect and highlight an issue, and that time should be reduced. Sometimes, the solution shows false alerts. The comments section has also been turned off for the last 10 to 15 days. These are the two issues I'm facing right now in SentinelOne Singularity Cloud Security.

I have been using SentinelOne Singularity Cloud Security for the last three months.

SentinelOne Singularity Cloud Security is a stable solution, and I haven’t come across any bugs or glitches.

I rate the solution an 8 out of 10 for stability.

The solution has good scalability. Around 10 users in my team use the solution.

I rate SentinelOne Singularity Cloud Security's scalability an 8-10 out of 10.

SentinelOne Singularity Cloud Security's pricing is good because it provides us with a solution.

Suppose we find a volume not attached to any EC2 instance during scanning. SentinelOne Singularity Cloud Security detects such vulnerabilities, and we try to resolve them. SentinelOne Singularity Cloud Security is an easy-to-use solution. Everybody in my team works with SentinelOne Singularity Cloud Security to monitor any vulnerabilities it detects.

SentinelOne Singularity Cloud Security is a good tool for security and vulnerability detection for me and my team. The solution is easy to use, and we are very familiar with the dashboard, which shows the criticality of particular problems. It also shows the link to a particular vulnerability or problem so that we can directly go to that particular problem.

Through the solution's dashboard, we can see problems and detect vulnerabilities. Then, we assign each problem to another and try to resolve it. In the pre production environment, we used to try a blue/green deployment. If we try to get any alerts from that particular dashboard, SentinelOne Singularity Cloud Security will detect them.

SentinelOne Singularity Cloud Security has improved our risk posture by 50% to 60%. Earlier, we couldn't identify the things created by mistake during production. If something is created by mistake or if we are unable to detect mistakes in the production environment, SentinelOne Singularity Cloud Security scans and alerts us of any vulnerabilities.

SentinelOne Singularity Cloud Security takes approximately 4-5 hours to detect an issue. We conducted a test by creating one issue, which was highlighted in the SentinelOne Singularity Cloud Security dashboard within four to five hours. The issue was still present in the SentinelOne Singularity Cloud Security scan after we resolved it, and it was removed after four to five hours.

SentinelOne Singularity Cloud Security has helped reduce our mean time to remediate, and we immediately take action on the issue. In my opinion, SentinelOne Singularity Cloud Security is really collaborative, and other teams use it at the utmost level. The solution is really helpful for us regarding system security.

SentinelOne Singularity Cloud Security has helped us save around 30% to 40% of engineering time. We just see the SentinelOne Singularity Cloud Security dashboard for issues it has detected and try to resolve them as soon as possible. SentinelOne Singularity Cloud Security has helped us save approximately 30% to 40% of our resources, time, and money.

SentinelOne Singularity Cloud Security is integrated with the AWS tool our team uses to detect vulnerabilities. SentinelOne Singularity Cloud Security is a SaaS (Software as a service) solution. We have five to six accounts on SentinelOne Singularity Cloud Security and use them in multiple locations. The solution does not require any maintenance. I would recommend the solution to other users.

Overall, I rate SentinelOne Singularity Cloud Security a 9 out of 10.

We use SentinelOne Singularity Cloud Security to identify threats and vulnerabilities in our AWS accounts and the compute resources that are hosted on those cloud accounts.

We implemented SentinelOne Singularity Cloud Security to address network-related issues, such as communication between individual components (part-to-part or node communication). SentinelOne Singularity Cloud Security's Graph Explorer feature also helped us understand the overall network landscape, including the attack surface. This feature allows us to discover and explore various components within our AWS environment. In essence, SentinelOne Singularity Cloud Security helped us identify how different networks connect and how microservices within our system interact with each other.

We've implemented SentinelOne Singularity Cloud Security across all our core companies, including acquisitions. Previously, managing separate AWS accounts for each company with dedicated DevOps and security teams was a significant challenge. SentinelOne Singularity Cloud Security helped us consolidate these accounts into a single platform, simplifying the process. Now, we can easily track key security metrics. For instance, SentinelOne Singularity Cloud Security provides frequent alerts for critical events such as publicly exposed instances or security groups with significant traffic changes from any source. Monitoring these elements across multiple accounts and security groups was previously difficult without a centralized platform. SentinelOne Singularity Cloud Security has been instrumental in streamlining this process.

We recently made some changes to our information systems. SentinelOne Singularity Cloud Security helped identify instances that were inadvertently made public. This identification is important for compliance purposes, as it allows us to track how well these public instances adhere to regulatory frameworks.

SentinelOne Singularity Cloud Security's compliance monitoring capabilities have provided us with some benefits, particularly in understanding our overall security posture. However, it's important to note that SentinelOne Singularity Cloud Security only monitors our cloud infrastructure. There might be internal deployments with compensating controls that address missing controls identified by SentinelOne Singularity Cloud Security (e.g., control X is missing but mitigated by internal control Y). These internal controls wouldn't be visible to SentinelOne Singularity Cloud Security. Therefore, while SentinelOne Singularity Cloud Security provides a valuable starting point at the surface level, manual review is necessary to ensure complete compliance coverage.

SentinelOne Singularity Cloud Security is easy to navigate. Its menus are straightforward and intuitive, making the overall user experience smooth.

One of the key benefits of the evidence-based reporting is its proof of exploitability. This feature allows us to prioritize vulnerabilities that have been demonstrably compromised and take immediate action to mitigate the risks.

The offensive security engine feature constantly scans and lets us know if any vulnerabilities in our environment can be exploited. While the offensive security engine for verifying exploit paths and prioritizing breach control is valuable, it lacks context awareness. For instance, it might flag something we intentionally made public, like a new website for an upcoming event. In those cases, we can safely ignore the alert. Overall, the engine is a useful tool. We extract the information it provides and prioritize it. A dedicated team reviews the alerts and, if necessary, escalates them to our DevOps team for further action.

By centralizing cloud infrastructure monitoring with SentinelOne Singularity Cloud Security, our security team's productivity, and MTTR have been significantly improved.

Over time SentinelOne Singularity Cloud Security has reduced the number of false positives by 40 percent.

SentinelOne Singularity Cloud Security has significantly improved our organization's risk posture. Since implementing it, we've been able to assess the risk associated with recently discovered CVEs much faster than before. This efficiency is due to the proactive identification and scanning capabilities. Now, we start each day with a clear summary of potential risks, allowing us to prioritize effectively.

SentinelOne Singularity Cloud Security has reduced our mean time to detection by 90 percent. This is because it scans every day and sends us real-time email alerts, allowing us to take immediate action.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 40 percent.

We have a dedicated channel where we collaborate with SentinelOne Singularity Cloud Security and our internal teams.

The collaboration helped save our engineering time by 60 percent.

The user interface and ease of use have had a positive impact on our security operations. For example, we recently needed a list of assets deployed in a specific GN in a cloud account for a particular incident. We went straight to SentinelOne Singularity Cloud Security and were able to quickly obtain the assets along with a map of the security groups linked to them. The UI's simplicity helped us save significant time by eliminating the need to search for information manually.

Notifications about the latest vulnerabilities are a valuable feature. SentinelOne Singularity Cloud Security automatically updates itself with the newest threats and scans our infrastructure across all integrated data accounts for them. This is helpful because it's difficult to keep up with the volume of CVEs, especially the critical ones.

The UI is responsive and user-friendly.

There's room for improvement in the graphic explorer. We'd like something that helps us visualize traffic between different ports and containers. Currently, we can see host networking, like communication between instances or perhaps within Kubernetes. However, we're looking for a tool that can also visualize port-to-port communication and display it as a graph. This would give us a clearer picture of our network traffic and help strengthen our network security.

The dashboard currently displays CVEs, but it would be beneficial to receive proactive email notifications in addition to this.

I would also like to have runtime security in SentinelOne Singularity Cloud Security.

I have been using SentinelOne Singularity Cloud Security for 7 months.

I would rate the stability of SentinelOne Singularity Cloud Security 9 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 8 out of 10. We can easily add new cloud accounts.

The technical support response time is good. For feature requests, they can be a little slow.

Positive

The time invested in security operations for threat detection and monitoring has yielded a return on investment of 70 percent. We've also seen a financial benefit by avoiding the need for additional staff to monitor and correlate all database accounts individually by 40 percent. SentinelOne Singularity Cloud Security automates these tasks efficiently.

SentinelOne Singularity Cloud Security is less expensive than other options.

I would rate SentinelOne Singularity Cloud Security 8 out of 10.

We're planning to integrate SentinelOne Singularity Cloud Security with our CI/CD pipeline and Slack. Currently, our only integration is with an email system, which means we receive alerts and notifications via email. We're evaluating the effectiveness of this approach. Integrating with tools like Jira or Slack could help manage the issue of false positives and notification overload, which currently requires the manual closing of alerts. We're still assessing the best course of action, but integration with Jira is a strong possibility.

Around 15 people from our security and DevOps teams use SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is a SaaS that is integrated with our main company and all our acquisitions.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others for its cloud security capabilities. I particularly appreciate its offensive security approach. Coming from an offensive security background, I find PingSentinelOne Singularity Cloud Securityafe excels at identifying real threats that we can address immediately. This proactive approach is a major advantage of SentinelOne Singularity Cloud Security. While the defensive side might involve some assumptions and possibilities, I believe the offensive capabilities are the key reason we use SentinelOne Singularity Cloud Security.

We use SentinelOne Singularity Cloud Security as a cloud security posture management tool. SentinelOne Singularity Cloud Security is integrated with our GCP, Azure, and AWS accounts. It will identify all the misconfigurations and security issues on all these cloud platforms and alert us. In addition to the CSPM capabilities, SentinelOne Singularity Cloud Security has several other features like vulnerability management, container security, Kubernetes security posture management, and secret scanning

All of these features are bundled inside SentinelOne Singularity Cloud Security. It combines all the telemetry from the cloud, containers, and the Kubernetes platform. The vulnerability scanners are connected to the registries and give us a holistic picture of what else is vulnerable versus all the dummy data others would give.

Before SentinelOne Singularity Cloud Security, we didn't have visibility into the security aspects of our cloud environment. SentinelOne Singularity Cloud Security allows us to see all the misconfigurations and security vulnerabilities. Certain native tools from AWS are quite expensive and not as reliable, but SentinelOne Singularity Cloud Security fixes that issue. Also, for highly regulated companies, having a cloud security posture management tool is a hard requirement.

Regarding risk posture, there are two kinds of risk: perceived and actual. SentinelOne Singularity Cloud Security has helped us reduce the actual risk. Our compliance score went up from 70 percent to more than 95 percent now.

We realized SentinelOne Singularity Cloud Security's benefits maybe 1 or 2 months after the deployment. We integrated the regional module, and the extra features were there. About 6 months in, we really scaled it up. 

SentinelOne Singularity Cloud Security has helped reduce the number of false positives we deal with. They've been highly proactive. We have a Slack channel with their support team. We tell them the false positive you're seeing, and they get on a call with you in 30 minutes to solve that issue. 

The detection time is immediate. It finds vulnerabilities almost instantly, so the detection time has decreased considerably. In terms of remediation, it depends on how we are doing it. The remediation time has gone down, but not to the extent that we need it to. 

SentinelOne Singularity Cloud Security has improved cooperation between the DevOps and security teams by helping identify critical issues that must be prioritized instead of just going through and fixing each one. 

SentinelOne Singularity Cloud Security released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. SentinelOne Singularity Cloud Security's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue.  

For example, let's say you have a vulnerability in a public instance of AWS EC2, and there's a relationship between that instance and the Kubernetes platform. From there, Kubernetes is connected to a container with a misconfiguration or vulnerability. That attack path is the root cause of the issue in your environment. It doesn't simply tell you whether something is public. That is a feature AWS provides natively. Native AWS tools provide us binary results about whether the instance is open, but SentinelOne Singularity Cloud Security can break down the data to identify the core issues. 

SentinelOne Singularity Cloud Security is one of the easiest platforms to use. It's super intuitive. I have used CSPM tools in the past like CrowdStrike. This is much easier. With one click, you can deploy it in an hour. It automatically picks up a lot of the telemetry on its own. You don't need extra configuration steps because the scripts are all there. We can launch the cloud automation templates, and SentinelOne Singularity Cloud Security just directly deploys.

Agentless scanning is convenient for us. It will automatically copy the registry details from AWS, Azure, or GCP without any additional configuration before. If you have registries saved outside of your cloud environment, you can input the client key and secret file, and SentinelOne Singularity Cloud Security will integrate and scan it automatically. You don't need to deploy the agent because it does it on the back end. The best part is that they take this element and bring the cloud security posture management along with it. It will integrate the vulnerability scan into the containers, Kubernetes platform, and the entire cloud platform.

The offensive security engine isn't SentinelOne Singularity Cloud Security's standout feature, but it's an add-on that gives you insight into vulnerabilities in your cloud environment and how attackers can exploit them. 

We have integrated SentinelOne Singularity Cloud Security's infrastructure-as-code features into our GitHub platform, enabling us to scan all the TerraForm and Kubernetes YAML code for vulnerabilities. That is a nice feature that allows you to detect issues in your code before it is deployed. It's inside the pipeline. It will scan the code and block the deployment if it doesn't meet preset criteria.

I want SentinelOne Singularity Cloud Security to integrate additional third-party resources. For example, SentinelOne Singularity Cloud Security is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If SentinelOne Singularity Cloud Security had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement.

I have used SentinelOne Singularity Cloud Security for a year.

I have not experienced any instability, yet. SentinelOne Singularity Cloud Security is pretty solid. 

SentinelOne Singularity Cloud Security is scalable if you have the licenses. 

I rate SentinelOne Singularity Cloud Security support 8 out of 10. From the deployment until December of last year, SentinelOne Singularity Cloud Security's support was stellar and proactive. The support hasn't been as good since SentinelOne Singularity Cloud Security was acquired by another company. It's similar to what I've seen with other acquisitions. When it was a startup, you got more personalized support. You could even get the CTO to get on the call with you, which was nice. They have room to improve, but maybe they are undergoing a transition period after the acquisition. 

Positive

We used a different solution, but the correlation wasn't as good, and it was expensive. 

Deploying SentinelOne Singularity Cloud Security is effortless because it's a cloud-based platform. It's pretty intuitive, and we had lots of support from SentinelOne Singularity Cloud Security. If we had issues, we just got them on a call, and they fixed them. SentinelOne Singularity Cloud Security requires no maintenance on our end after deployment. 

SentinelOne Singularity Cloud Security is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less. 

I rate SentinelOne Singularity Cloud Security 9 out of 10. I recommend that new users onboard as many features as possible. Don't just stick to the cloud security part. Integrate the cloud security with your containers and GitHub or Bitbucket repositories. Perform all the integrations whether you need them or not, and it will take care of everything on the back end for you.

I am working as an application developer, and SentinelOne Singularity Cloud Security plays a role in the cloud infrastructure where my application is deployed. It provides me with alerts and ensures that I follow best practices in everything.

It gives us alerts and resolutions for anything that is missing or any vulnerabilities in our infrastructure in terms of security. If we have a firewall that is missing some rules that may expose us to attacks, it lets us know. It guides us through alerts, documentation, and other things.

It is very easy to use. The dashboard is very useful for beginners.

Its evidence-based reporting helps prioritize and solve the most important cloud security issues. It can automatically fix certain vulnerabilities or inform us to fix them on priority.

It alerts us on everything at the infrastructure level. Our application is deployed in the cloud. From the load balancer to the application level, there are many points. SentinelOne Singularity Cloud Security plays an important role in terms of security. 

Before SentinelOne Singularity Cloud Security, there was nothing I used as a best practice. It gives me much clarity in my daily work. Earlier, I would look into what kind of rules I needed to add, but there was no helpful reference or documentation. SentinelOne Singularity Cloud Security highlighted those things, helping me secure my cloud infrastructure.

SentinelOne Singularity Cloud Security has reduced our false alerts by 10%. It has improved our risk posture by 25%.

SentinelOne Singularity Cloud Security reduces our mean time to remediate. Previously, it would take me around 20 minutes to understand what was happening, but SentinelOne Singularity Cloud Security gives me clarity about what I have to do a lot quicker.

The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open. I get this data every month, so I do not need to check the dashboard. 

Furthermore, at every point, it provides documentation that offers overall information on how to resolve issues, what points to check, and more. It offers a checklist, which is very helpful. 

They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding.

I have used the solution for around two to three years.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. 

It is being used at multiple locations and regions. In my team, 14 users are there.

I would rate their support a ten out of ten.

Positive

I did not use any similar solution previously. 

We have a hybrid deployment model. The initial setup is very simple. It probably took two to three days.

Its maintenance is managed by SentinelOne. We do not have a look into maintenance.

It is a good product to get data from a security point of view. I would definitely recommend this product to others. It offers maximum security and scalability. It is easy. I can just open SentinelOne Singularity Cloud Security and get the data.

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

As a financial institution, we rely on SentinelOne Singularity Cloud Security as our single source of truth for both CSVM and CWPP data. SentinelOne Singularity Cloud Security provides us with essential security benchmarks, including those for Kubernetes deployments and CSVMs. It also allows us to monitor our overall cloud security posture and identify vulnerabilities for remediation. SentinelOne Singularity Cloud Security serves as a centralized platform for all our cloud security metrics.

We rely on SentinelOne Singularity Cloud Security for all our reporting needs. It serves as a comprehensive tool for vulnerability management, ISC management, and reporting on hard-coded secrets. Additionally, it functions as a source for vulnerability identification.

The security engine provides a large vulnerability database. While it's not exhaustive, it's a valuable resource due to its significant size and well-organized data. This database allows for effective security management and vulnerability identification.

I would rate SentinelOne Singularity Cloud Security's meant time to remediation abilities a 10 out of 10.

SentinelOne Singularity Cloud Security helps the collaboration between our cloud security app developers and AppSec team.

The user interface is well-designed and easy to navigate. Our security team relies on it for several tasks. They can use it to retrieve Jira tickets and assign them to the appropriate teams for resolution. This functionality helps them identify and address vulnerabilities efficiently.

I'm not convinced that SentinelOne Singularity Cloud Security's features offer significant value for our SecOps team. While it might be useful for stakeholders and management to have a tool that aligns with business goals and provides insights, we could potentially achieve this with open-source CSPM tools. In its current state, I don't see SentinelOne Singularity Cloud Security directly addressing our specific needs.

While agentless vulnerability scanning is a positive feature, SentinelOne Singularity Cloud Security lacks the ability to effectively group and customize the provided metrics. This creates a significant limitation, as we cannot easily create the specific metrics that are most useful for our needs. For example, if we want to group a specific set of metrics by a particular label or namespace, there is no straightforward way to do so within SentinelOne Singularity Cloud Security. The UI offers visualizations for the provided metrics, but it lacks the functionality to segregate and customize them. This inability to create user-defined metrics is a major drawback of SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security helped reduce the number of false positives in the previous version of SentinelOne Singularity Cloud Security 1.0. Users reported a high volume of false positives with the newer version, and it wasn't clear how SentinelOne Singularity Cloud Security 2.0 would address this issue. Additionally, users have to manually mute many false positives in SentinelOne Singularity Cloud Security 2.0, which is a significant drawback.

I would rate SentinelOne Singularity Cloud Security's mean time to detect ability a 6 out of 10.

While Cloud Security Posture Management tools offer valuable functionality, selling a product solely based on open-source CSPM solutions can be challenging. To differentiate themselves, SentinelOne Singularity Cloud Security should focus on two key areas: security and workload protection within the CI/CD pipeline. Firstly, SentinelOne Singularity Cloud Security needs to provide robust security features beyond basic CSPM capabilities. This could involve advanced threat detection and mitigation functionalities. Secondly, workload protection within the CI/CD pipeline is crucial. Here, SentinelOne Singularity Cloud Security should offer insightful metrics that are well-organized and allow for user customization. This means providing granular control over metric segmentation. Users should be able to define their own metrics and choose how they want them aggregated. Ideally, SentinelOne Singularity Cloud Security should allow users to import custom metrics and create custom segregations based on their specific needs, such as namespaces or custom levels. For example, if SentinelOne Singularity Cloud Security gathers metrics from Kubernetes clusters, users should be able to define their own metrics alongside the pre-defined ones and organize them into relevant categories. This level of customization allows stakeholders to focus on the metrics that matter most to them, potentially reducing the overwhelming volume of data from thousands of records to a more manageable set of hundreds. In conclusion, SentinelOne Singularity Cloud Security should prioritize UI improvements and offer advanced data segregation capabilities to truly stand out in the marketplace. This will empower users to tailor their security posture management experience to their specific needs.

SentinelOne Singularity Cloud Security's current documentation could be improved to better assist customers during the cluster onboarding process. Providing comprehensive documentation with clear and abundant examples would greatly enhance the user experience for new customers. This would empower them to set up their clusters efficiently and effectively.  

I have been using SentinelOne Singularity Cloud Security for 1.5 years.

SentinelOne Singularity Cloud Security seems to be stable, with no reported crashes. However, there's also not a lot of traffic going through the service. It's unclear exactly what SentinelOne Singularity Cloud Security does internally.

There aren't many users who actively add technical details to run SentinelOne Singularity Cloud Security's tools. Additionally, it seems we don't actively incorporate new features. Ideally, clients should share proper answer keys so we can identify if their app crashes.

If we could onboard more users, we could potentially gain access to more resources. However, a recurring issue is missing data. Clients sometimes provide extensions, but clicking on them reveals no information. This lack of data is a significant drawback, even though the system itself seems stable.

SentinelOne Singularity Cloud Security is scalable and supports multiple tenancies with no drawbacks.

As a mature organization, we expect a higher level of service from our technical support providers. Unfortunately, we've found that the responses from SentinelOne Singularity Cloud Security's technical support team have been repetitive and not particularly helpful, especially considering the cost of their services. 

Neutral

The initial deployment is straightforward.

It doesn't take more than 30 minutes to deploy SentinelOne Singularity Cloud Security into an organization using any cloud platform.

One person can complete the deployment. 

SentinelOne Singularity Cloud Security's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price.

I would rate SentinelOne Singularity Cloud Security 5 out of 10.

Our organization primarily relies on our internal scanning tool for IaC security. While many industry tools utilize open-source IaC scanning solutions under the hood, we haven't found significant value in adopting SentinelOne Singularity Cloud Security's specific IaC offering. This solution might be more beneficial for organizations lacking dedicated SecOps teams, but its additional cost is a factor to consider.

It should transition from an agent-based system to an agentless one. This is crucial because many industry tools are moving in this direction, and SentinelOne Singularity Cloud Security should follow suit. They should also introduce more features, improve security compliance, and place greater focus on Kubernetes, RBAC systems, and visualization. If they do choose to maintain an agent-based system, they should significantly improve their metric collection capabilities. This would be beneficial because currently, customer response times seem to be slow. By addressing these requirements, SentinelOne Singularity Cloud Security can ensure continued growth.

As a senior IT security director, I oversee the governance and guidance of security deployments, including the development and implementation of use cases. My primary guiding principle, which is shared by my team, is to prioritize visibility. This translates into our use of SentinelOne Singularity Cloud Security to gain comprehensive visibility across our hybrid infrastructure including cloud, on-premises, and end-user workstations. Ultimately, visibility is the main driver of our security strategy.

Singularity Cloud Security significantly reduced our organization's threat detection time by providing immediate data visibility. This allows our team to analyze telemetry in real-time, query it, and identify anomalies or potential threats using the Singularity platform. We can create rules that automatically trigger alerts based on this real-time data, enabling immediate response. This instant threat detection and response capability is a major improvement over our previous reliance on multiple tools with delayed data flows. Singularity Cloud Security eliminates those delays, saving valuable time in incident response scenarios.

MTTR and MTTD are critical metrics for incident response processes. They measure the time it takes to fully address an incident, from initial detection to complete remediation. Minimizing these times is crucial to limit damage, as attackers can quickly exploit vulnerabilities and compromise additional systems. Rapid detection and response are essential to disrupt attackers and prevent further progression within the attack chain.

Singularity Cloud helps reduce false positives by allowing engineers direct access to data. This access enables querying, validation, and the creation of correlation searches for improved data analysis. Instead of a black box approach, Singularity provides full visibility into the code and syntax used, increasing confidence in the results. Ultimately, Singularity offers greater control over correlation searches, detection rules, and response scenarios due to the enhanced engagement and control it provides.

Singularity's ability to create custom correlation searches significantly reduces noise by avoiding reliance on generic, pre-built searches that often lead to false positives in diverse organizational environments. This targeted approach results in a high positive rate and efficacy, allowing for focused detection and response. By designing and running custom searches, Singularity minimizes the need to sift through irrelevant alerts, unlike systems using default rules that inundate analysts with noise. This translates to a very low noise-to-efficacy ratio, enabling efficient and accurate incident response.

Singularity Cloud offers valuable data and capabilities extending beyond security, benefiting various business units. For example, it helped troubleshoot a newly introduced service with limited telemetry. My team created custom correlation searches to track specific event types, confirming the software's functionality. This success garnered positive feedback throughout the company, reaching even the CIO and CSR, as it enabled the business to showcase the software's effectiveness in a way that was previously impossible.

SentinelOne improves our regulatory compliance by fulfilling the endpoint detection and response requirements of various frameworks. Many federal regulations require businesses to meet specific security standards, including those related to endpoint, identity, and cloud security. SentinelOne enables us to meet these requirements and assure potential partners that we have a robust security posture. This strengthens our partnerships and streamlines procurement processes, demonstrating how SentinelOne contributes to our compliance efforts.

SentinelOne's evidence-based reporting, particularly the CNS reports, fosters trust due to the transparency of the data source and the ability to understand the underlying mechanisms. Knowing the search criteria, data types, and information gathering process, especially when customized for detection engineering, creates confidence in the product and the relationship with SentinelOne. This transparency and customization allow users to delve into the mechanics of the reporting, understand its functionality, and ultimately trust the evidence provided.

AI is a crucial consideration for security strategies. While some view AI as a potential replacement for human analysts, others see it as a powerful tool to enhance their capabilities. The latter approach emphasizes AI's ability to accelerate incident response, improve threat detection, and provide valuable insights to analysts. This perspective suggests that AI should be used to augment human expertise, enabling analysts to make faster and more informed decisions, particularly in prioritizing threats and developing a sixth sense for identifying malicious activity. By integrating AI as an enabler, organizations can empower their security teams to become more efficient and effective, ultimately strengthening their overall security posture.

Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable. It allows us to focus on specific detections with high efficacy, avoiding the noise typical with default rules, thus enhancing our incident response efficiency. Additionally, the engineer engagement enables us to have full visibility into the code and design effective correlation searches and detection rules.

While the future roadmap presented by SentinelOne appears promising, I hope the envisioned advancements are realistically achievable and that the gap between current offerings and long-term goals is not too significant. If SentinelOne can deliver on its vision, it will be truly impressive, and we will continue to support its efforts.

I have been using SentinelOne Singularity Cloud Security for four years.

Singularity Cloud has been stable over the course of our usage.

We have not faced issues with scalability and find the solution flexible enough to accommodate our dynamic environments.

SentinelOne has consistently provided excellent support. While there were some initial challenges when we first partnered with them four years ago, these were resolved over time with continued effort and communication. As with any relationship, investment leads to strong, positive outcomes, and we have maintained a great working relationship with SentinelOne ever since.

Positive

Prior to SentinelOne, we did not use an EDR vendor. Four years ago, ransomware became increasingly prevalent, transitioning from a niche topic in IT news to a major concern covered by prominent media outlets like CNN and the Wall Street Journal. This heightened awareness led to increased pressure from company leadership, demanding strategies to mitigate the risk of ransomware attacks. Consequently, we sought an EDR solution to bolster our security posture. SentinelOne was selected over two competitors due to its superior detection capabilities, customization options, and competitive pricing, all critical factors considering our budgetary constraints. In retrospect, I believe we made the correct decision.

The initial setup was straightforward and well-supported by SentinelOne.

We implemented the solution with the help of SentinelOne's support and engineering team.

By significantly reducing incident response time and false positives, the ROI has been evident in terms of optimizing our security operations and minimizing risks.

The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments. The combination of pricing and the ability to customize detection rules was a key factor in selecting SentinelOne.

We evaluated two other competitors before choosing SentinelOne based on detection capabilities, customization opportunities, and competitive pricing.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

Currently, our cloud workload protection system is deployed for visibility only, without blocking capabilities or enforced policies. While we are not yet utilizing its full protection potential, this proactive approach allows our development, IT, and quality teams to gradually transition to containerized workloads over the next few years. SentinelOne's cloud workload protection tools provide the necessary functionality to secure our environment as teams adopt modern serverless methodologies. Although full implementation is an ongoing effort, having these tools in place ensures we can confidently secure our evolving infrastructure.

We've thoroughly enjoyed our four-year partnership with SentinelOne. Their account management and readily available engineering support have been exemplary, setting a high standard for customer service. While escalations can sometimes experience delays, their responsiveness has been the best we've encountered. The entire organization, from account managers and engineers to the managed detection response service, operates cohesively.

Cloud security is challenging, especially in multi-cloud environments, but as we use a single cloud provider, we leverage native security tools for detection and visibility. While we initially considered cloud-native protection unnecessary, we realized the limitations of relying solely on our provider's knowledge and visibility. Their data is inherently limited by their own experience. SentinelOne, with its global customer base across various cloud providers, offers broader threat intelligence. Learning from attacks across all cloud platforms, like Amazon, Azure, and Google, is crucial for a comprehensive security posture. By partnering with SentinelOne, we gain access to this wider threat landscape and benefit from a learned security environment.

Our organization relies on Azure services. A key advantage of SentinelOne is its ability to serve customers across various data centers, including those hosted by Azure and Amazon.

I recommend colleagues and professionals in information security give SentinelOne a try, as they will quickly see the benefits, especially if not working with modern cloud-based solutions. SentinelOne's capabilities in visibility and detection make it a valuable addition to any security strategy.

SentinelOne's openness to customer feedback is impressive. I've served on other customer advisory boards, even for competitors, but SentinelOne stands out. They actively involve customers in shaping their products, including the user interface, detection rules, and Singularity AI Cloud components. This customer-centric approach fosters a mutually beneficial relationship where customer feedback directly enhances the security solutions. I encourage all SentinelOne customers to explore opportunities like beta testing, advisory boards, or UX feedback programs. The company's success translates to improved security for organizations like mine, and the close collaboration builds a strong, valuable partnership. Seeing our feedback implemented in their products is truly remarkable.

We use SentinelOne Singularity Cloud Security to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. SentinelOne Singularity Cloud Security finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. 

SentinelOne Singularity Cloud Security is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack. 

When I joined the organization, we didn't have this kind of security tool in our infrastructure. SentinelOne Singularity Cloud Security helps us secure any resources that were mistakenly made public and other vulnerabilities. Initially, we were primarily focused on projects, not on the security side, but we were dealing with some system vulnerabilities that hackers could exploit, like publicly accessible resources. The detection is highly granular. It gives you small vulnerabilities and very new types. 

The SentinelOne Singularity Cloud Security team will help you reduce false positives quickly. When we first used SentinelOne Singularity Cloud Security, false positives were high, so we contacted the team. They did some testing and modifications, and the problem was solved in one or two days. 

The mean detection time has drastically reduced. The detection time varies depending on what we're scanning. When we're scanning GitHub, it takes 7 to 10 minutes. On the cloud platforms, it depends on resource availability. It takes 10 minutes on the high end, but the mean is about 1 or 2. Overall, it has been reduced by about 10 percent. 

The remediation time is up to us. SentinelOne Singularity Cloud Security just detects it, but it gives us an assessment and recommendations, making it easier to resolve. When we fix a vulnerability for a particular resource, the issue will not occur again. 

SentinelOne Singularity Cloud Security can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub. Using SentinelOne Singularity Cloud Security's evidence-based reporting, we can rank the severity of issues as critical, high, medium, etc. Having the ability to prioritize security issues is crucial for any organization. 

One good thing about SentinelOne Singularity Cloud Security is that it gives you a consolidated view of compliance and vulnerabilities. We can follow SentinelOne Singularity Cloud Security's guidance and comply with those use cases. When you get an alert, they explain how to resolve those issues. 

The user interface is excellent because we see everything in a single panel and can manage all the operations from one portal. It's integrated with Slack, so we can coordinate on the open tickets. We can also mute notifications. The interface is straightforward and easy to use. Anyone can use it.

The offensive security engine is a helpful feature in cases like when a developer leaves some API element exposed, and we can view the potential exploit path. It's helpful when we are deploying any AWS account or service because all our systems depend on AWS.  When the service is initially deployed, we can see what happens and get all the details about anything that depends on it. 

When you find a vulnerability and resolve it, the same issue will not occur again. I want SentinelOne Singularity Cloud Security to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again. 

We have used SentinelOne Singularity Cloud Security for more than 2 years.

I rate SentinelOne Singularity Cloud Security 9 out of 10 for stability. We've never had any glitches. 

We've had no issues with scalability. We've onboarded about 6 or 7. There is no digital investment. You can integrate multiple accounts from various providers. 

The support team was valuable during the initial stages. SentinelOne Singularity Cloud Security contacted us every three weeks. They checked our infrastructure and reviewed all the issues that we were incorporating into the system. They took direct responsibility for the system and could solve queries quickly.

Positive

Previously, we were using the native tools of each cloud provider. For example, we used GuardDuty on the AWS.

Deploying SentinelOne Singularity Cloud Security is straightforward. You can onboard new AWS accounts in five to 10 minutes, and it will start scanning very quickly. They give you a script to run on AWS. You can enroll your accounts based on the template, and it starts collecting data. We onboarded six or seven accounts. It hardly took any time. It's a SaaS solution so we don't need to maintain it. We only need to do the onboarding. 

I rate SentinelOne Singularity Cloud Security 7 out of 10. SentinelOne Singularity Cloud Security isn't a unique solution. Other solutions have the same features, but I like SentinelOne Singularity Cloud Security because it's simpler to use. It doesn't require any maintenance and the scalability is good. However, I think other solutions can give the same level of detail and insight.