SentinelOne Singularity Cloud Security Reviews

Singularity Cloud Security helps my organization achieve its goals by providing protection and cloud security posture management for our AWS organization. It offers detailed visibility into any misconfigurations, threats, or other items that come through from the AWS services, and enables my engineers to easily find and get information on how to triage those items.

SentinelOne has enabled us to identify and address misconfigurations more efficiently by streamlining the research and remediation process.

Singularity Cloud Security has significantly improved our risk management by providing clear visualization of threats, validating their severity, and prioritizing them. This allows us to efficiently allocate resources, strengthen our security posture, and minimize risk.

Cloud security has significantly reduced irrelevant alerts by effectively analyzing potential threats and determining their validity, a capability unmatched by any other product we've used.

Singularity Cloud Security has significantly reduced false positives by filtering out thousands of alerts triggered by offensive security tests and application configuration validation, resulting in a more manageable number of alerts requiring attention.

Singularity Cloud Security has improved incident response by integrating directly with our notification and task management services. This allows us to receive immediate notifications of critical misconfigurations or vulnerabilities and automatically generate service tickets for remediation.

Singularity Cloud Security utilizes push-based notifications to instantly detect misconfigurations and provide immediate alerts through integrated services, significantly reducing the mean time to detection compared to traditional polling-based methods.

Singularity Cloud Security has reduced our mean time to respond because its direct integration with our notification services allows for immediate attention to issues.

SentinelOne has improved our organization's regulatory compliance by providing insights into misconfigurations and issues before they impact our production environment. This proactive approach ensures consistent compliance with both regulatory standards and client expectations.

Cloud Native Security's evidence-based reporting allows for issue prioritization by determining their impact, enabling efficient time allocation to resolve the most critical problems first.

Cloud Workload Security's real-time threat protection safeguards our workloads, providing visibility into anomalies and threats, and automatically remediating them at a speed unattainable through manual intervention. This automation frees my team from time-consuming investigations and remediation, allowing them to focus on other critical tasks while ensuring our services remain actively protected.

The introduction of Purple AI by SentinelOne enhances our cybersecurity strategy by empowering engineers to proactively address security issues. This distributed approach allows engineers to triage, identify, and resolve problems within their own teams, reducing reliance on the SecOps team for all security tasks. By shifting responsibility leftward to the engineers directly accountable for specific components, we foster a more efficient and responsive security posture.

Cloud Native Security's evidence-based reporting allows us to prioritize issues by understanding their impact, helping us resolve the most important problems first. AWS real-time threat protection protects our workloads and provides visibility into anomalies or threats, automatically remediating them at speeds beyond our manual capabilities.

SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors. Additionally, the platform would benefit from an enhanced ability to provide a deeper, holistic view of the entire application deployment cycle, extending beyond effective run times.

I have been using SentinelOne Singularity Cloud Security for three months.

The most important aspect of the evaluation process was the support and responsiveness of the SentinelOne team, because great products alone cannot meet all needs. Ultimately, having a reliable team ready and willing to assist with any issues is essential.

We had an existing CNAP solution for about three years. While functional, it generated a lot of false positives and required extensive manual review. Additionally, it lacked useful integration with our other vendors and partners, and overall, felt somewhat outdated.

SentinelOne offers excellent pricing and licensing options. I was able to consolidate two security vendors into one by switching to SentinelOne, and I now pay less than I did for either of them.

As a cloud-native application operating exclusively within AWS, we procured SentinelOne through the AWS Marketplace. This partnership, facilitated through an EDP purchasing agreement, streamlines our procurement process, consolidates purchase records, and provides a discount on our AWS spending.

We did a proof of value with SentinelOne, reviewing and validating all the products we are currently using to determine their viability compared to our current vendors and ultimately make the decision to move forward with SentinelOne as our new product vendor.

Prior to evaluating SentinelOne as a CNAP vendor, we faced significant challenges with our existing vendors, primarily large organizations that were slow to update their products and meet our needs. However, our partnership with SentinelOne has been markedly different. Their leadership team demonstrates a strong commitment to customer success, fostering a culture of direct collaboration and continuous innovation, which aligns perfectly with our requirements for a partner.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

The partnership between SentinelOne and AWS, particularly the Singularity Cloud integrations, provides streamlined access to actionable information from AWS.

I would tell anybody considering Singularity Cloud Security to absolutely proceed. SentinelOne has been phenomenal to work with, and I am looking forward to a continued partnership as they innovate and integrate AI, consistently rolling out new features.

As a senior IT security director, I oversee the governance and guidance of security deployments, including the development and implementation of use cases. My primary guiding principle, which is shared by my team, is to prioritize visibility. This translates into our use of SentinelOne Singularity Cloud Security to gain comprehensive visibility across our hybrid infrastructure including cloud, on-premises, and end-user workstations. Ultimately, visibility is the main driver of our security strategy.

Singularity Cloud Security significantly reduced our organization's threat detection time by providing immediate data visibility. This allows our team to analyze telemetry in real-time, query it, and identify anomalies or potential threats using the Singularity platform. We can create rules that automatically trigger alerts based on this real-time data, enabling immediate response. This instant threat detection and response capability is a major improvement over our previous reliance on multiple tools with delayed data flows. Singularity Cloud Security eliminates those delays, saving valuable time in incident response scenarios.

MTTR and MTTD are critical metrics for incident response processes. They measure the time it takes to fully address an incident, from initial detection to complete remediation. Minimizing these times is crucial to limit damage, as attackers can quickly exploit vulnerabilities and compromise additional systems. Rapid detection and response are essential to disrupt attackers and prevent further progression within the attack chain.

Singularity Cloud helps reduce false positives by allowing engineers direct access to data. This access enables querying, validation, and the creation of correlation searches for improved data analysis. Instead of a black box approach, Singularity provides full visibility into the code and syntax used, increasing confidence in the results. Ultimately, Singularity offers greater control over correlation searches, detection rules, and response scenarios due to the enhanced engagement and control it provides.

Singularity's ability to create custom correlation searches significantly reduces noise by avoiding reliance on generic, pre-built searches that often lead to false positives in diverse organizational environments. This targeted approach results in a high positive rate and efficacy, allowing for focused detection and response. By designing and running custom searches, Singularity minimizes the need to sift through irrelevant alerts, unlike systems using default rules that inundate analysts with noise. This translates to a very low noise-to-efficacy ratio, enabling efficient and accurate incident response.

Singularity Cloud offers valuable data and capabilities extending beyond security, benefiting various business units. For example, it helped troubleshoot a newly introduced service with limited telemetry. My team created custom correlation searches to track specific event types, confirming the software's functionality. This success garnered positive feedback throughout the company, reaching even the CIO and CSR, as it enabled the business to showcase the software's effectiveness in a way that was previously impossible.

SentinelOne improves our regulatory compliance by fulfilling the endpoint detection and response requirements of various frameworks. Many federal regulations require businesses to meet specific security standards, including those related to endpoint, identity, and cloud security. SentinelOne enables us to meet these requirements and assure potential partners that we have a robust security posture. This strengthens our partnerships and streamlines procurement processes, demonstrating how SentinelOne contributes to our compliance efforts.

SentinelOne's evidence-based reporting, particularly the CNS reports, fosters trust due to the transparency of the data source and the ability to understand the underlying mechanisms. Knowing the search criteria, data types, and information gathering process, especially when customized for detection engineering, creates confidence in the product and the relationship with SentinelOne. This transparency and customization allow users to delve into the mechanics of the reporting, understand its functionality, and ultimately trust the evidence provided.

AI is a crucial consideration for security strategies. While some view AI as a potential replacement for human analysts, others see it as a powerful tool to enhance their capabilities. The latter approach emphasizes AI's ability to accelerate incident response, improve threat detection, and provide valuable insights to analysts. This perspective suggests that AI should be used to augment human expertise, enabling analysts to make faster and more informed decisions, particularly in prioritizing threats and developing a sixth sense for identifying malicious activity. By integrating AI as an enabler, organizations can empower their security teams to become more efficient and effective, ultimately strengthening their overall security posture.

Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable. It allows us to focus on specific detections with high efficacy, avoiding the noise typical with default rules, thus enhancing our incident response efficiency. Additionally, the engineer engagement enables us to have full visibility into the code and design effective correlation searches and detection rules.

While the future roadmap presented by SentinelOne appears promising, I hope the envisioned advancements are realistically achievable and that the gap between current offerings and long-term goals is not too significant. If SentinelOne can deliver on its vision, it will be truly impressive, and we will continue to support its efforts.

I have been using SentinelOne Singularity Cloud Security for four years.

Singularity Cloud has been stable over the course of our usage.

We have not faced issues with scalability and find the solution flexible enough to accommodate our dynamic environments.

SentinelOne has consistently provided excellent support. While there were some initial challenges when we first partnered with them four years ago, these were resolved over time with continued effort and communication. As with any relationship, investment leads to strong, positive outcomes, and we have maintained a great working relationship with SentinelOne ever since.

Positive

Prior to SentinelOne, we did not use an EDR vendor. Four years ago, ransomware became increasingly prevalent, transitioning from a niche topic in IT news to a major concern covered by prominent media outlets like CNN and the Wall Street Journal. This heightened awareness led to increased pressure from company leadership, demanding strategies to mitigate the risk of ransomware attacks. Consequently, we sought an EDR solution to bolster our security posture. SentinelOne was selected over two competitors due to its superior detection capabilities, customization options, and competitive pricing, all critical factors considering our budgetary constraints. In retrospect, I believe we made the correct decision.

The initial setup was straightforward and well-supported by SentinelOne.

We implemented the solution with the help of SentinelOne's support and engineering team.

By significantly reducing incident response time and false positives, the ROI has been evident in terms of optimizing our security operations and minimizing risks.

The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments. The combination of pricing and the ability to customize detection rules was a key factor in selecting SentinelOne.

We evaluated two other competitors before choosing SentinelOne based on detection capabilities, customization opportunities, and competitive pricing.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

Currently, our cloud workload protection system is deployed for visibility only, without blocking capabilities or enforced policies. While we are not yet utilizing its full protection potential, this proactive approach allows our development, IT, and quality teams to gradually transition to containerized workloads over the next few years. SentinelOne's cloud workload protection tools provide the necessary functionality to secure our environment as teams adopt modern serverless methodologies. Although full implementation is an ongoing effort, having these tools in place ensures we can confidently secure our evolving infrastructure.

We've thoroughly enjoyed our four-year partnership with SentinelOne. Their account management and readily available engineering support have been exemplary, setting a high standard for customer service. While escalations can sometimes experience delays, their responsiveness has been the best we've encountered. The entire organization, from account managers and engineers to the managed detection response service, operates cohesively.

Cloud security is challenging, especially in multi-cloud environments, but as we use a single cloud provider, we leverage native security tools for detection and visibility. While we initially considered cloud-native protection unnecessary, we realized the limitations of relying solely on our provider's knowledge and visibility. Their data is inherently limited by their own experience. SentinelOne, with its global customer base across various cloud providers, offers broader threat intelligence. Learning from attacks across all cloud platforms, like Amazon, Azure, and Google, is crucial for a comprehensive security posture. By partnering with SentinelOne, we gain access to this wider threat landscape and benefit from a learned security environment.

Our organization relies on Azure services. A key advantage of SentinelOne is its ability to serve customers across various data centers, including those hosted by Azure and Amazon.

I recommend colleagues and professionals in information security give SentinelOne a try, as they will quickly see the benefits, especially if not working with modern cloud-based solutions. SentinelOne's capabilities in visibility and detection make it a valuable addition to any security strategy.

SentinelOne's openness to customer feedback is impressive. I've served on other customer advisory boards, even for competitors, but SentinelOne stands out. They actively involve customers in shaping their products, including the user interface, detection rules, and Singularity AI Cloud components. This customer-centric approach fosters a mutually beneficial relationship where customer feedback directly enhances the security solutions. I encourage all SentinelOne customers to explore opportunities like beta testing, advisory boards, or UX feedback programs. The company's success translates to improved security for organizations like mine, and the close collaboration builds a strong, valuable partnership. Seeing our feedback implemented in their products is truly remarkable.

We use Singularity Cloud Security to monitor our infrastructure and ensure it meets all security and compliance standards. The solution helps us maintain and strengthen our security posture. Singularity covers our AWS environment, Kubernetes clusters, and some of our GitHub repositories.

Our organization is growing steadily, so our infrastructure is expanding, and we're managing more technical resources. Singularity Cloud Security helps us track our resources so that we don't get lost in the overwhelming volume of things and ensures we follow best practices. The solution gives us better visibility into our resources and enables faster resolution. 

Another advantage of Singularity is compliance. I work in the payments industry, where regulations are strict.  Maintaining everything and ensuring all the resources meet compliance standards is challenging, but Singularity Cloud Security enables us to do that while saving a lot of time. 

Singularity has helped us reduce false positives, but it has also introduced some. Still, it's significantly less than many of the other tools we use. If we deal with fewer false positives, the technicians have more bandwidth to work on real issues. We don't need to spend time on the analysis and can focus on fixing the vulnerabilities and ensuring compliance. 

The solution has improved our security posture considerably. In the finance industry, we can't function if we aren't compliant. The better our security posture is, the more compliant we are. By reducing vulnerabilities, we have eliminated risk factors in our systems.

Our remediation time is shorter. It's easier to identify vulnerabilities. We don't need to do much analysis before fixing vulnerabilities. About 90 percent of the time, we can identify the correct problem instantly and begin remedying the finding. It has saved a lot of time. It takes us only one or two days to remedy critical issues, whereas it previously took two weeks. Our mean detection time has dropped from about a week to one or two days.

The solution has given us a lot of insight into cloud security. It shows us some best practices that many people in the company do not know. Singularity finds those weak spots and educates us on the latest best practices to follow. The next time we deploy changes to our infrastructure, we change our policies and designs based on the recommendations. 

Singularity Cloud Security's UI is clean, simple, and easy to use. When I started using it, I found it easy to learn what things are. Everything is explained in detail. It's always up to date with the latest technologies, such as AWS Kubernetes. They keep on top of trends with new features and updates.

The solution has a mapping feature that allows me to write my own queries and better understand my resources. It also offers some help with security controls on their end, suggesting best practices that you can use to write custom queries or standards. We have the flexibility to customize our infrastructure based on our needs. 

Singularity's evidence-based reporting rates my alerts so I can see which ones to prioritize and identify the critical vulnerabilities. It provides a highly detailed description of each vulnerability and the resolution steps. I can triage all the findings from one place and apply different filters based on my preferences.

The offensive security engine is another major feature. We use it for our infrastructure and machines to see if we have an exposure or liability. It takes some time, but the vulnerability reports are highly accurate. It saves us some time because we don't need to verify all the vulnerabilities. We just have to go fix them.

The detection time could be better. It takes a long time to scan. I'm not sure how long other tools take for the same amount of scanning, so I cannot compare it with other tools, but it takes us half a day to a full day to complete the scan. I want to get the reports faster so we can start fixing the problems. 

The proof of exploitability is another area for improvement. While I have all the information to troubleshoot the problem, it isn't detailed enough for an administrator. It has sufficient information for a general user, but an administrator would like to know all the ins and outs of the vulnerabilities that have been reported. 

I would like to see the map feature improve. It's good, but it isn't fully developed. It lets us use custom resources and policies but does not allow us to perform some actions. I would also like more custom integration and runtime security for Kubernetes.

We have used Singularity Cloud Security for about eight months. 

I haven't seen any major stability problems. There are some minor issues but they are rare. Overall, it has been a smooth experience.

Singularity is scalable. It has one UI that can be integrated easily with multiple backends, so we have all the data in one place and we can do whatever we want with it. 

I rate SentinelOne support eight out of 10. Their support team is proactive. It has been a while since I connected with them. They helped me with all my questions quickly. It was an excellent experience. 

Positive

I have worked on other infrastructure-as-code tools and other tools for various functions that Singularity performs, such an AWS Inspector, but now we use Singularity for most of it. 

The initial setup is not a very complex process. Because of the large number of resources, we have so many places where we need to integrate the solution repeatedly. It's easy to set up new places or add integrations. The initial setup took two to four weeks. That was how long it took to go back and forth and cover everything. 

We did a PoC first, which wasn't very hard. Our deployment team consisted of three or four people. The vendor team was very helpful when they deployed everything on our infrastructure. They helped us set up all the necessary permissions. 

The return on investment has been good. Singularity offers a lot of flexibility to focus on different aspects because it gives us a lot of information and helps us maintain the observability of all our resources. That is something that we value because of the sheer volume of resources we have. We couldn't do that manually or using some other tools. 

I rate SentinelOne Singularity seven out of 10. It's a solid product and I recommend checking it out. It has some excellent features, observability, metrics, etc. It's very cool.

To address our client's infrastructure vulnerabilities, we implemented Singularity Cloud Security by SentinelOne. This security solution effectively identifies and resolves security issues, streamlining the process of ensuring our clients' infrastructure remains secure.

For the past year and a half, we've been managing AWS infrastructure for a client, originally using basic AWS security tools. While these provided a workable solution, Singularity Cloud Security offered a significant advantage. It prioritizes vulnerabilities by severity, high, medium, or low, allowing us to focus on the most critical issues first. This centralized tool gathers information and displays all details on a single dashboard, significantly reducing manual work. The dashboard helps us identify problems, understand their meaning and potential impact, and follow clear resolution steps. This streamlined process enables us to address security concerns quickly and effectively, ultimately enhancing our client's infrastructure security.

Singularity Cloud Security was convenient and effective for threat management. In the past, we relied on daily information gathering and alerts, requiring us to manually address the findings. Now, Singularity Cloud Security provides continuous threat detection and simplifies our work, significantly improving our security posture.

The automated security responses have significantly improved our overall security posture.

Singularity Cloud Security is easy to use as it gives us the proper step-by-step methods to solve that vulnerability.

I would rate the evidence-based reporting for helping prioritize and solve important cloud security issues nine out of ten.

It is helpful that Singularity Cloud Security includes proof of exploitability in the evidence-based reporting. Although it isn't perfect, it gives us the right solution to mitigate vulnerability.

Our infrastructure configuration is defined using an Infrastructure as Code template. This template allows us to scan our entire infrastructure for potential issues, including pre-production problems within templates or container configuration files. Previously, we stored infrastructure details in a format that required manual data retrieval via CSV files. Now, with IaC, we have a centralized control system that manages multiple accounts and provides vulnerability listings based on severity for each account.

Our previous default AWS security tool wasn't sufficient, so we adopted Singularity Cloud Security based on a client recommendation. It's been a huge improvement. Whereas our old tool took three months to gather data, Singularity Cloud Security provides a daily updated dashboard with vulnerability information. This allows us to prioritize and address security risks based on criticality, saving us significant time and effort compared to the past.

Singularity Cloud Security has helped reduce the number of false positives by 70 percent.

Singularity Cloud Security streamlines manual work by providing insightful information on security vulnerabilities. It not only identifies issues we might miss but also offers in-depth analysis, including potential future costs and the severity of the threat. Additionally, it presents basic details tailored for users with less security expertise, empowering them to understand and address vulnerabilities effectively.

Singularity Cloud Security has improved our risk posture by 80 percent and has reduced our mean time to detection by 85 percent.

Singularity Cloud Security has reduced our mean time to remediation by 70 percent.

It has streamlined collaboration between our cloud security, application developers, and AppSec teams. This tool automates manual tasks, reducing our team size from ten to five. It provides us with the information we need to effectively identify and address vulnerabilities, making our cloud environment more secure.

It has been a huge time-saver for our engineering team, saving them weeks of work.

We have saved around 70 percent of our overall time with Singularity Cloud Security. 

Singularity Cloud Security has positively impacted our operational costs. The time saved by reducing manual work and resource requirements translates directly into cost savings.

Singularity Cloud Security's AI empowers us with improved security solutions. When faced with uncertainty, the tool can quickly provide insights to help us gain a clear understanding of the situation. 

The most valuable aspect of Singularity Cloud Security is its unified dashboard. This reduces manual work by centralizing all security information, allowing us to see vulnerabilities categorized by severity, low, medium, high, and critical. This clear prioritization streamlines the process of understanding, addressing, and resolving security issues, making threat mitigation significantly more efficient.

A recurring issue caused frustration: a vulnerability alert would appear, and we'd fix it, but then the same alert would return the next day. We reported this to both our internal team and SentinelOne for investigation and resolution. This needs improvement to prevent these repetitive alerts.

In a future update, it would be beneficial to have both an AI chat function and a more modern user interface.

I have been using Singularity Cloud Security by SentinelOne for eight months.

I would rate Singularity Cloud Security's stability nine out of ten.

I would rate Singularity Cloud Security's scalability eight out of ten.

In AWS, we previously relied on Amazon Inspector, a built-in service that automatically scans for vulnerabilities including VDF findings, a type of assessment finding in our resources. This not only provided a default security solution but also integrated with AWS Security Hub, allowing us to centrally address critical security issues. We migrated to Singularity Cloud Security by SentinelOne because our prior tools were labor-intensive and lacked a unified dashboard. Previously, identifying which accounts had vulnerabilities required manually checking each one. Now, Singularity offers a single pane of glass for all our accounts, displaying both account details and any security findings. This significantly reduces manual work and simplifies our security posture.

The deployment took weeks and involved ten people.

Singularity Cloud Security by SentinelOne is cost-efficient.

I would rate Singularity Cloud Security by SentinelOne nine out of ten.

Singularity Cloud Security is deployed in multiple departments and we have five users.

Singularity Cloud Security occasionally requires scheduled downtime for maintenance, which allows our technicians to identify and address any potential problems.

I recommend Singularity Cloud Security. It's streamlined our operations by reducing manual work and simplifying problem-solving. The user interface is intuitive, allowing even new hires to become proficient after just a few weeks of training.

We are using the solution to identify the security vulnerabilities in our AWS infrastructure. Whenever we create a new infrastructure in AWS, if there is a vulnerability, an issue is created in the SentinelOne Singularity Cloud Security console. There are different severities, such as critical, medium, and high. The product also provides solutions to resolve the issues. SentinelOne Singularity Cloud Security provides a solution document for AWS. It helps us resolve issues. We have seven to eight AWS accounts. It is all in SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security identifies the issues with all the accounts.

Our company has very strict compliance requirements for security. SentinelOne Singularity Cloud Security has helped us resolve vulnerabilities and issues using best practices. It helps us resolve the security vulnerabilities of the AWS cloud infrastructure. The compliance monitoring capabilities are helpful. The tool identifies issues quickly. It gives us the root cause of the security issues rapidly.

The evidence given by the product helps us resolve the issues. It provides a step-by-step guide to resolve issues. It helps us a lot. SentinelOne Singularity Cloud Security provides us with a lot of information. It provides us with a document of AWS. We use AWS CloudFormation. If there is an issue with AWS CloudFormation or if the code is rapidly changing, SentinelOne Singularity Cloud Security will identify the issue.

The number of false positives depends on the requirements of the clients. If the client needs something for their application and it shows as an issue in SentinelOne Singularity Cloud Security, we must contact SentinelOne Singularity Cloud Security and close the issue as an exception. The tool has reduced the false positives by 10%.

The solution helps us maintain our risk posture. We use a web firewall in AWS. If we do not have a firewall in any of the resources, the SentinelOne Singularity Cloud Security console will identify it as an issue. The tool has helped reduce the mean time to detect. We check the SentinelOne Singularity Cloud Security dashboard daily. We have a checklist. We can identify how many issues are open and how many issues are closed. It helps us reduce the time to identify the issues and open vulnerabilities. SentinelOne Singularity Cloud Security has helped us reduce our workload and time by 50% to 60%.

SentinelOne Singularity Cloud Security helps reduce our mean time to remediate by 70% to 80%. The product reduces workload and time. It is very important in every organization to reduce time and find vulnerabilities. SentinelOne Singularity Cloud Security also provides us with solutions to the issues. Every organization must have a tool like SentinelOne Singularity Cloud Security. I will recommend the product to others.

The SentinelOne Singularity Cloud Security team identifies issues when we create the infrastructure. Within two to three hours, they create an issue in the SentinelOne Singularity Cloud Security console. It helps us resolve the vulnerabilities during the creation of the infrastructure. SentinelOne Singularity Cloud Security provides us with documents on how to resolve issues with the infrastructure. It saves our time in identifying issues. Integration with our cloud environment was straightforward.

Based on our application requirements, we discussed some improvement points with the SentinelOne Singularity Cloud Security team. However, after the new updates, what we asked for was not implemented. The exceptions we requested from the SentinelOne Singularity Cloud Security team were not included in the console. When we request any changes, they must be reflected in the next update.

I have been using the solution for two years.

The product is stable. I rate the stability a ten out of ten.

We have 12 users, including internal users and clients. I rate the scalability a nine out of ten.

The solution is deployed on the cloud. The deployment takes a few days. Our cloud team and the SentinelOne Singularity Cloud Security team were involved in the deployment process. We need two to three people for the deployment. The tool does not require any maintenance.

I am satisfied with the technical support.

We save a lot of time identifying vulnerabilities. The product gives us the issue and the solution. It reduces our time and workload.

The tool is cost-effective.

The product is easy to use. My colleague provided me with a KT of the tool. I could learn to use it in two to three days. I understood how to check and resolve issues and segregate them into different severities. The ease of use is very helpful.

Overall, I rate the tool a ten out of ten.

We use SentinelOne Singularity Cloud Security to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate SentinelOne Singularity Cloud Security with our GitHub repositories that store our hard-coded secrets.

We renewed our contract with SentinelOne Singularity Cloud Security for another year because it's extremely easy to use. The user-friendly UI, along with its integration with Jira and the ability to consume alerts through Slack, make it a valuable tool for our team.

Evidence-based reporting facilitates addressing complaints related to mandatory controls. SentinelOne Singularity Cloud Security offers an option for high-alert items to be kept publicly available if we're confident we have appropriate controls implemented.

SentinelOne Singularity Cloud Security's agentless vulnerability scanning has identified a significant number of vulnerabilities.

SentinelOne Singularity Cloud Security's evidence-based reporting, particularly its proof of exploitability, is highly valuable. For example, their recommendations significantly reduce investigation time and allow us to easily research vulnerabilities using tags. This targeted approach helps stakeholders prioritize and address critical vulnerabilities efficiently through the dashboard.

We utilize the offensive security engine, but fortunately, it doesn't detect many vulnerabilities. It primarily identifies publicly known patch versions and the exposure of the SMTP service. On the other hand, I would rate the ASM functionality an eight out of ten.

IaC scanning has been effective in identifying code-level issues whenever infrastructure as code is scanned.

SentinelOne Singularity Cloud Security automatically populates and maps our network, identifying any misconfigurations within the first two hours of deployment.

It has reduced false positives by around 90 percent.

Our mean time to detection has been improved, especially for critical areas. Our mean time to remediation has been improved as well.

SentinelOne Singularity Cloud Security has improved our risk posture by providing visibility into our cloud infrastructure.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud security application developers and the app security team.

It helped our developers save time.

SentinelOne Singularity Cloud Security offers an intuitive user interface that lets us navigate quickly and easily. Additionally, its identification feature allows us to customize rules and configurations in the cloud.

IaS scanning identifies misconfigured code within GitHub repositories. This represents a "shift left" approach to security.

Customized queries should be made easier to improve SentinelOne Singularity Cloud Security. 

I have been using SentinelOne Singularity Cloud Security for one and a half years.

While SentinelOne Singularity Cloud Security is stable for around 90 percent of the time, there are occasional glitches in the UI. However, as a security tool, our primary focus is on the results it delivers, rather than the aesthetics of the dashboards themselves.

Scaling SentinelOne Singularity Cloud Security is easy. We recently integrated with AWS and it went well.

We regularly contact the technical support team about some UI glitches. We provide them with feedback on these glitches regularly. Additionally, we would like to see some new features added to Jira when creating tickets. We've also been in touch with the technical support team about this.

The technical support team's responses are good and have been improving.

We've noticed a decline in their response times lately. This could be due to the recent acquisition of SentinelOne Singularity Cloud Security by SentinelOne. Previously, their response times were much faster.

Positive

The initial deployment was straightforward.

Deploying SentinelOne Singularity Cloud Security is a quick process that involves creating a dedicated service account, granting the necessary roles to the service account, and attaching the service account to SentinelOne Singularity Cloud Security.

The total deployment time took around 15 minutes.

The implementation was completed in-house.

The features included in SentinelOne Singularity Cloud Security justify its price point. The agent-level monitoring for Kubernetes clusters is particularly valuable and could support a modest price increase.

Our evaluation of Prisma Cloud and Trend Micro on an open-source platform for identifying misconfigurations yielded a high number of false positives, limiting its effectiveness. We chose SentinelOne Singularity Cloud Security based on the price and the ease of use.

The setup and cleanup need to be done first to get things organized. This makes SentinelOne Singularity Cloud Security a much easier option than the other products we evaluated, which were all very complex. So, we won't be jumping straight to CWP. Instead, we'll focus on securing our perimeter. We believe SentinelOne Singularity Cloud Security can solve this issue, and the support we received during the proof of concept was also very positive. Considering all these factors, we decided to go with SentinelOne Singularity Cloud Security. 

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security does not require maintenance.

It is easy to use, but it works best when you have established organizational practices in place. If you feel this is critical, don't hesitate to address it directly. Integrating SentinelOne Singularity Cloud Security is straightforward, so there's no need to worry about that. It's a ready-made solution that can be integrated with just a click. You can then address the specific issues you find most important. Ideally, integrate all your relevant sources during onboarding, such as GitHub or any cloud accounts you use. This ensures you capture everything from the start and get the best possible results.

We have AWS for most of our infrastructure, however, we don't have a dedicated security team. There are a lot of potential vulnerabilities which we are concerned about. We use SentinelOne Singularity Cloud Security for security. For example, if there are open ports or incorrect configurations, we would get alerted and could fix them.

They have dedicated cloud-based configurations, which are quite helpful. 

The product works well with AWS. It can help us manage AWS security. If there are any groups or details that are incorrect or unsafe, or even misconfigured, it helps protect us. 

The product offers ISE scanning, which basically scans all activities for issues. 

We can pick up on pre-production issues. It's very helpful. They've helped us by providing a lot of CI/CD tools. Everything gets scanned so that we can get a sign-off before a deployment.

The ease of use is very good. I'd rate the ease of use 8 out of 10. They have nice UI and templates and the docmentation is very helpful. It's very thorough. 

They also have a good support system for users. If something is not working, they have a good SLA, and within a day or so, they will reach out and help you with whatever you need. 

The agentless vulnerability scanning is great.

If a protocol is not being properly followed, we'll be alerted. This helps us react faster to any production issues. 

We do use the offensive security engine. It's good for verifying exploit paths and prioritizing items. We have recently started using this. It allows us to see which endpoints, for example, are publically accessible, or what code repositories have vulnerabilities in terms of libraries we are using that may be outdated. For example, if we've noted our NGINX server is very publically exposed we can change things. 

The benefits of the product were felt almost immediately as it allowed us to handle issues in the pre-production phase. We didn't have to make anything live before finding issues. Within an hour, we'd begin to see issues, and within 4 to 6 hours, we'd have a full survey of security vulnerabilities. We also get regular notifications when the system sees something is off. Based on the information we receive, we're able to react and fix things very quickly.

We're able to see both high and low-priority issues so that we can accurately prioritize what to do first. That helps us manage bandwidth in terms of resources. 

SentinelOne Singularity Cloud Security has helped us reduce the amount of false positives we see. We've reduced false positives by around one-third. 

Our mean time to detect has been reduced, as well as our mean time to respond. We used to rely on a third-party provider to find issues, and now we can do it in-house. This means we no longer have to sync our AWS information on a daily basis. Now, we have a direct integration with SentinelOne Singularity Cloud Security. We used to have a delay of 36 to 48 hours before we would recognize if there were any vulnerabilities. On top of that, there was a reaction time delay of 4 to 6 hours, meaning issues wouldn't be dealt with until maybe 50 or so hours after the vulnerability was detected. We've reduced all of this down to maybe 8 to 10 hours.

The collaboration between cloud security, application developers, and AppSec teams has been better. It's mostly been positive for us. 

They could improve on their UI.  Sometimes it's not clear where to look when seeking information. Support often can direct us by giving us the correct link to what we are looking for. 

I'd like to see better onboarding documentation. If we want to be able to integrate something new, such as new assets, it can be difficult. 

I've used the solution for more than 2 years now. We started using it around December 2021 or January 2022. 

I haven't faced any lagging or crashing. 

For our use case, it has been scalable. 

The support they provide is good. They give you very detailed information and documentation which they have created internally. They are very informative. They've even shared their own internal documentation in terms of AWS issues or questions. 

They are quick to respond, You can rely on them. 

Positive

We did use a different solution, however, it didn't offer direct AWS integration. Due to this, we had to wait up to 48 hours for information on vulnerability issues. We were already having security issues in that timeframe, so we needed something that could help us detect faster. 

The initial deployment was easy. However, having more initial onboarding documentation would have been better. However, we've created some internal docs that have helped us with our use case. How long it takes to deploy depends on the use case, however, we were able to have it up in 12 to 14 hours. We had 2 people working on the deployment. 

SentinelOne Singularity Cloud Security did offer some assistance with the setup.

I'm not sure of the exact pricing. However, my understanding is that it is very economical. 

We did explore Crowd Strike at some point. Crowd Strike was a very big platform and we were not sure how much support we'd get. We wanted to make sure we had priority support.

I'd rate the solution 9 out of 10. The usability is very good. Both their new and mature products are good in terms of their overall usability.

We are running the entire cloud base on AWS infrastructure. The major use case for this product is cloud misconfiguration because a lot of changes keep happening in our environment. There are multiple teams and multiple verticals within our organization. We have different verticals across different business units. They have their local IT infrastructure teams, and all these teams are making changes. 

We have IT admins at multiple locations. There is a team of 10 to 12 members. It was a challenge to manage cloud security when they made changes, spun up new servers, or created new instances for new projects. Cloud misconfiguration was one of the major areas where we saw issues because things were not getting created as per the process or security protocol. When they are creating instances, they are not aware of the implications and the security incidents that may happen by keeping certain ports open. They might not be aware of the security issues that may come up. So, cloud misconfiguration was one of the main reasons why we opted for this product.

Another reason was to have a dashboard for the management and for the centralized team. We are a part of the centralized team that is taking care of the entire platform. It is very necessary for us to keep track of the changes and see if any P1 or critical security incidents are open. They are a risk to our organization's security. We wanted to have such visibility. Manually keeping track of those changes and open issues was very difficult for us.

It highlights critical or high-priority incidents. That is helpful. When we have a lot of issues on the dashboard, we can at least prioritize them based on the severity. We target critical incidents first and then move to the high-priority incidents. We still have medium and low-priority incidents on the dashboard. We require some amount of time to fix them. From a reporting perspective, it helps us to prioritize accordingly. We know that at least from a high-impact point of view, we are secure.

We do generic vulnerability scanning whenever there are any new changes or we are building any new applications. We keep the generic vulnerability scanning on whenever any new instances are created, and we run the scan once a week for already created instances.

We have not explored evidence-based reporting much. It is a good feature, but we mostly look at the priority of the incidents. We fix them based on the criticality. The description of the issues and the categorization make it easy to utilize the reports.

It has affected our risk posture. All the critical incidents and high-priority issues have been resolved. We are in a better place now in terms of risk posture. The medium-severity issues still need to be fixed, but earlier, we used to have critical incidents as well. We did not have any visibility into those things. We are now quite confident that we do not have any major security issues. We keep running the scan every week. It helps us to detect any new changes or vulnerabilities in our environment.

We could see its benefits immediately in terms of visibility. Previously, we did not have any visibility into where we were in terms of the security landscape. That benefit was immediate, and then we started fixing the problems and reduced critical issues and high-priority issues. We became confident in our security, and we were able to secure the environment wherever we had an incident. Its benefits were immediate from a visibility point of view, and then it took two to three months to have a direct impact in terms of security.

Singularity Cloud Native Security helped us to reduce false positives. We also have a managed service provider. We took their help to reduce false alarms and other issues. It also helped us to implement some of the best practices while creating any instances or making any changes to any particular instances. We created best practices and standard operating procedures for the infrastructure team. They follow the standard operating procedures while making any changes or creating any instances. We are seeing a drop in the number of issues compared to two or three years ago.

Our remediation time is reduced. Initially, it took some time to identify the remediation steps and what had to be done to fix the problems, but now we know what needs to be done. From a prevention point of view, we now know what we should not do. That has helped with changes that we keep on doing in the environment.

Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues. We created a road map and prioritized the issues based on the criticality of the problem. We have reduced P1s. We have resolved any critical incidents that came up in the dashboard. We still get high-priority incidents, and we keep on prioritizing and fixing them. That is because we have visibility into the open issues that we have. Management is also happy. They are aware of the things that are coming up on the dashboard. They are aware of the impact and the risk. We did not have this visibility previously. All the teams that are a part of IT are aware of the importance of it. It has been included as part of our software development cycle.

It is very easy to use. The user interface or the dashboard is quite simple. It clearly shows you the type of issues that are there. It also breaks down and groups them into the types of issues. If I have 100 issues on the dashboard, it categorizes them. Out of these 100 issues, 50 of them might be related to the same category. If I choose one of the high-priority incidents and fix them, all 50 issues might get fixed. This way, it is a bit easier for us to target specific use cases and resolve a lot of underlying problems. The descriptions are helpful. It gives us information about how to resolve a particular problem. It is easier when the tool itself tells you what you have to do to fix an issue. You can then research more and get it done. It is quite simple. Even the leaders who are not very technical can understand what is the impact and what is causing the problem.

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing that a new type of risk has been identified.

We use Jira for pushing any changes. If any kind of integration is possible between Jira and the Singularity Cloud Native Security dashboard, it will be easier for us to track. Before approving in Jira, I can ensure that any issues in Singularity Cloud Native Security are closed. Such an integration will be helpful.

Its pricing model is a little bit inflexible. Different organizations have different structures. We have multiple business units. Based on the different verticals, we have to create different subscriptions for them. If I create a new subscription and add it to Singularity Cloud Native Security, as per the current licensing model, I have to pay more for that. It should not be like that. It should be based on the number of servers. This kind of flexibility would help customers like us.

It has been close to two years since we have been using this solution. Prior to this, we were working with CrowdStrike, and then we migrated to SentinelOne two years back.

I have not seen any issue with Singularity Cloud Native Security.

If any slowness is there, we will probably wait and run it after half an hour or one hour. Nothing major has been highlighted to me or has been a blocker as such. The pricing model is the only thing that would be a concern. 

We take help from our managed service provider. If we have to fix any particular problem that we are not aware of or do not have the expertise for, we get help from the managed service provider. They have a service team with experts. They get it done for us.

We did not directly use any other solution. We have a managed service provider. We have taken their help, but it was more of a tool that they used at their end, and then they shared a report with us. Based on that report, we took action. It was not a regular thing that we used to do. Once in a quarter, we would probably allow them to scan and send us a report. Based on that, we used to take action. That was the process that we used to follow earlier.

Its implementation was a little bit difficult because it was a new tool that we were using. It takes time to understand the issues, specifically in terms of what has to be done to fix them. Aligning all the teams was a little bit difficult for the initial two to three months, but once we understood the product and what needed to be done for the issues that were getting highlighted in the dashboard, it was easy.

Initially, we had to do a lot of sessions to bridge the gap. That was because this initiative was taken by the Cloud Security team and the DevOps team. We needed a lot of patience to collaborate with the engineering or development team. A lot of the issues required help from the engineering team in terms of making changes at the core level as well. It took one or two months of time to do sessions with the developers and create SOP within the development life cycle itself. Overall, the support from the leadership was quite good. All the leaders agreed that this is a very important change that we are bringing into the organization, and it will be an ongoing thing that we need to follow. We have also added it as part of the SDLC. We use Jira to manage changes and defects. We have added security as one of the flags over there. Someone from the InfoSec team has to give a sign-off for any changes that are happening. If a project is going live, he has to check any open issues in Singularity Cloud Native Security. He has to give a sign-off before the project goes live. That is one of the changes that we have pushed in terms of the product life cycle itself, and that has helped to align different things. Unless they get a sign-off from the InfoSec team, it cannot be deployed. Everyone knows the process now. It is a part of the cycle.

It took at least 45 days to deploy and utilize all the features. We did not do it in one go. We did it phase-wise. We opted for one subscription, and then we slowly deployed it across other subscriptions.

It does not require any maintenance from our side. We have a managed service provider, and they are keeping track of it. There is no additional maintenance as such. We just have to keep track of things. It is more of a process adherence and making sure that we keep a check before we push anything into production.

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native Security, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of Singularity Cloud Native Security was low. 

Singularity Cloud Native Security is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning. There should not be an extra charge for adding a subscription, and the pricing should be based on the number of servers that I am scanning.

We are not using Singularity Cloud Native Security's Offensive Security Engine. We used the Infrastructure as Code (IaC) Scanning initially. When the demo was given, we had to use that scanning, but it is not something that we keep running on a regular basis.

Overall, I would rate it a nine out of ten. I am quite happy with the service and the value that it provides. The one point that I am not giving is because of the pricing model. If it had a more flexible pricing model, I would rate it a ten out of ten.