SentinelOne Singularity Cloud Security Reviews

The company purchased SentinelOne Singularity Cloud Security primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well. 

We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline. 

SentinelOne Singularity Cloud Security has improved the organization's Docker container security, and we can mitigate many of the issues to avoid serious vulnerabilities or attacks. We start to see these benefits within 2 or 3 months of deployment. The tool took almost a month to learn the structure of our organization and environment. After that, it started detecting issues and vulnerabilities. 

We don't get many false positives because we eliminated many of them in the early stages. SentinelOne Singularity Cloud Security can mark detections as false positives, so they won't appear in the future. 

SentinelOne Singularity Cloud Security has reduced our detection time. Before implementing SentinelOne Singularity Cloud Security, it took us around 7 or 8 hours to determine whether an issue was inside our organization. Now that we have deployed SentinelOne Singularity Cloud Security, we have an agent list running on our Docker containers, and SentinelOne Singularity Cloud Security is identifying the issues inside the Docker containers. When it scans periodically, we can detect the issues within 2 or 3 seconds. It has reduced 7 hours of work to a few seconds. 

While it hasn't reduced our remediation time on mid-level or low-level issues, it has drastically improved our remediation time for critical Docker issues and high-priority problems in our environment. We can handle them before they make it into production. 

SentinelOne Singularity Cloud Security has improved collaboration between our developers and security teams. The tool has a feature where we can send issues to developers, but it requires them to reply with recommendations.

SentinelOne Singularity Cloud Security's integration is smooth. They are highly customer-oriented, and the integration went well for us. SentinelOne Singularity Cloud Security is also responsive to our feature requests. The interface isn't difficult to understand for a layperson, and we're familiar with it. There's also built-in support, so we can get help when we have a problem. 

The evidence-based reporting is a critical feature because we can correlate to the issues in the system. We have compared it with free tools that are on the market, and SentinelOne Singularity Cloud Security gets better results. From the perspective of remediation, resources, and security, SentinelOne Singularity Cloud Security is the best option. 

The agentless vulnerability scanning has worked well for us. Removing agents from the equation takes about half the work out of it, and the agentless scan fetches the details every millisecond. SentinelOne Singularity Cloud Security's agentless mechanism is monitoring everything that happens on the system.

Proof of exploitability is an important aspect of SentinelOne Singularity Cloud Securitys evidence-based reporting. When we ask a developer to fix an issue, they ask for evidence of its exploitability and whether it's a critical issue. If SentinelOne Singularity Cloud Security didn't provide this information, we couldn't convince the developer to fix it. SentinelOne Singularity Cloud Security provides the expertise to convince the developer by finding the vulnerabilities and providing explanations.  

The infrastructure-as-code scanning helps identify container configuration issues and other problems before they go into production. We used a script, and we needed to enable everything before going to production, so we have it enabled on the production and pre-production side. We can check the issues and block them before going to production. Before it becomes publicly accessible via the internet, we want it to be safer than it was in pre-production.

I would like SentinelOne Singularity Cloud Security's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool. 

We have one feature request that we've already discussed with SentinelOne Singularity Cloud Security. We want a category feature for exceptions that developers have already accepted. We don't want SentinelOne Singularity Cloud Security to identify the issue next time because the developer has already done the risk assessment. 

We have used SentinelOne Singularity Cloud Security for nearly a year.

SentinelOne Singularity Cloud Security is stable. 

SentinelOne Singularity Cloud Security is scalable.

I rate SentinelOne Singularity Cloud Security support 9 out of 10. 

We previously worked with many open-source solutions and Prisma, one of its competitors. Ultimately, budget issues made us come back to SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is a budget-friendly and user-friendly tool. A layperson can start using the system and understand it within 1 or 2 days. It also has more capabilities than the other tools.

Deploying SentinelOne Singularity Cloud Security was straightforward. It took 3 or 4 people to deploy. We are currently enrolled on 2 clouds. We had it on AWS, but now it's on GCP and Azure. It's more than 2,000 endpoints and around 2,000 APIs.

It doesn't require much maintenance because the updates are automatically happening on the cloud. When new features are released, we connect to the SentinelOne Singularity Cloud Security team to understand how it will impact our environment. 

SentinelOne Singularity Cloud Security is reasonably priced, considering the value it offers to our organization. We had a few conversations with them, and they understood our posture. Initially, they offered one amount, but we got them to offer a discount that would meet their expectations. Their customer team is excellent and understanding.

I rate SentinelOne Singularity Cloud Security 8 out of 10. SentinelOne Singularity Cloud Security will meet all your requirements if you're looking for a cloud tool that covers IoC scanning, cloud misconfiguration, secret scanning, integration into the DevOps pipeline, and cloud-image scanning. It's a one-stop solution for all these requirements. It's a user-friendly tool that's easy to handle, and the support is excellent. 

We use Singularity Cloud Workload Security for our production and build workloads.

We implemented the solution to simplify the deployment of forensic tools, including EDR, into our cloud infrastructure, where it may be difficult to install an agent.

We have a hybrid deployment, with an estimated 8,000 to 70,000 cloud workloads. We serve a customer base of nearly one billion people, including 700 million current EA subscribers. Handling this workload is no small feat. The estimate is so broad because we do not own or control every AWS, Azure, or GCP account; studios use this infrastructure without our help. We are still in the discovery phase of trying to determine the exact number of workloads. There are thousands of Kubernetes clusters.

Singularity Cloud Workload Security's real-time threat detection capabilities are good. We recompeted SentinelOne against fifteen or twenty different AV vendors over the course of 2018 and 2019 and found SentinelOne to be superior in virtually every possible way.

Forensic capabilities are now excellent. When we started, we had a contractual agreement with SentinelOne to improve deep visibility to match our current toolset, Carbon Black Response. Over the course of two years, they delivered everything we could get from Carbon Black and even more.

The visibility of workload telemetry is excellent, and the hunting capabilities are second to none.

When no human intervention is required Singularity Cloud Workload Security detects and remediates nearly instantaneously.

Our MTTD is sub 30 days.

Our MTTR is seven days after detection for most instances.

The interoperability with third-party solutions is great.

The most valuable feature is the ability to gain deep visibility into the workloads inside containers.

Sometimes the Storyline ID is a bit wacky. It's not that the data is inaccurate, but the threat item that's flagged can sometimes point to a storyline that's not relevant to the hunting object we're looking for. In short, Singularity Cloud Workload Security can sometimes take us on a roundabout way to get to where we want to be when using Storyline ID.

I would like a public repository for CWPP. Having to request a script from SentinelOne to deploy CWPP is not ideal, and this is true for all of the tools, including the Linux agent. Without a public repository, when a deployment team needs something like a GPG key to validate the image, we have to request a signed copy of the software. This is not ideal because it removes our ability to self-serve. Therefore, if I had to ask for anything to make it easier, it would be signed images that are GPG signed and a public repository where we can get the bits from.

I have been using Singularity Cloud Workload Security for over four years.

Singularity Cloud Workload Security is stable. No lag, no crashing, no downtime. The joy of running as a container is that it doesn't break the other parts. 

The Singularity Cloud Workload Security auto-scaling feature is great.

Technical support is excellent. One of the selling points of SentinelOne is the incredibly good support.

Positive

The initial deployment was straightforward, but only because I had to obtain a script from SentinelOne. I completed the deployment myself.

Our three-year renewal with SentinelOne this year was shockingly expensive. In fact, covering our 50,000 endpoints would have nearly bankrupted most security programs, even well-funded ones like ours. The sticker shock is real. I understand that SentinelOne is a market leader, but the bill we received was astronomical.

We evaluated a few application security tools, but CWBB is only a software opportunity. SentinelOne has become our primary solution for all aspects of endpoint security. Therefore, when we considered adding detections for cloud workloads, it made sense to choose SentinelOne as the ideal solution.

I would rate Singularity Cloud Workload Security nine out of ten.

To someone who doesn't think they need CWPP because they already have a continuous security monitoring solution in place, I would say, Consider the old security adage that they are not currently free of malicious items. They have them, but they just don't know where they are.

We have an upgrade policy for maintenance purposes. We need to implement the upgrade policy, but we do this through Chef automation. Writing Chef automation for this can be a bit complex, but it is not impossible.

SentinelOne Cloud Workload Security's ability to be innovative is excellent. I'm a big fan of SentinelOne's API, which has allowed me to develop some creative solutions. I'm actually the only SentinelOne administrator at my organization, so in terms of innovation, it's probably the best tool I've ever used. I've been able to create an automated "one-man army" using SentinelOne.

I recommend deploying a test environment. Do not try to deploy this into an existing environment and test there. It's a bad idea. Not from a SentinelOne perspective, but I'm not much of a Kubernetes expert. I know it can be dangerous, and we tried to do this in a test environment of a live production environment and had a lot of trouble. Not because of SentinelOne, but because of our Kubernetes deployment. Having to complete a bad Kubernetes environment with little knowledge of CWPP basically made getting it working very difficult. So my advice would be to build a clean, industry-standard test environment that can be broken with no risk.

We use Singularity Cloud Workload Security to protect all our servers from malware, both present and future. We also use it to protect our user endpoints, such as workstations and employee laptops.

We recently switched from Windows Defender to SentinelOne endpoint protection after a few of our laptops were infected with malware. SentinelOne has been protecting our laptops, endpoints, and servers for two years now, and it has performed well in internal and external audits.

We currently have a hybrid Active Directory environment. SentinelOne itself is a SaaS-based product, so it is fully cloud-based. However, we need to install agents on all of our endpoints and cloud services.

Singularity Cloud Workload Security has real-time threat detection capabilities. We have tested it with multiple clients and ourselves, and it has detected malware every time we have been attacked. Compared to other major security vendors, Singularity Cloud Workload Security had the best detection rates for all the malware we threw at it during our proof of concept.

Automated remediation is policy-based, which makes it very useful. The SentinelOne platform gathers all information about how the threat played out and all the changes that were affected on our system. Using this information makes it very easy to remediate all the damage because we know what happened. Automated remediation is amazing and a key differentiator from other competitors.

For Linux kernels, the agent supports almost all platforms, including legacy Windows, macOS, and Linux. We have a few Linux servers, and the mitigation and all the other features work just as well as on the other operating systems.

Using the Deep Visibility Console, we can thoroughly investigate everything that was called or changed on a computer. This gives us visibility into virtually everything that happens on all of our endpoints at all times, in real-time. This has allowed us to find threats that other vendors would have missed. We can also use the Deep Visibility Console to perform threat hunting. For example, if a threat has been moving around our network, we can track it down to see exactly where it is moving to and how it is working.

The historical data record provided by Singularity Cloud Workload Security after an attack is good. For data retention in terms of threats, we have a one-year retention period. This is a long time, and it is very useful for our insurance policies, as we often need to comply with them. For compliance purposes, the one-year retention period is perfect for us. For visibility logs, for example, we are ingesting some logs, and I believe the retention rate is actually fourteen days.

Singularity Cloud Workload Security has reduced our MTTD. Previously, with Defender, it would sometimes fail to detect threats. Now, we detect and remediate many more threats automatically, almost instantaneously. For example, if we download a malware file, we usually cannot even open it because Singularity Cloud Workload Security detects it automatically with a super-fast response time.

Our MTTR is automatic. As soon as a threat is detected, remediation is performed automatically, according to our policy. We can even generate a report of the remediation and all affected files. This allows us to see everything and ensures that remediation is performed quickly.

Singularity Cloud Workload Security has freed up our SOC staff's time to work on other projects. Before, we were considering hiring a 24/7 SOC team, but with SentinelOne's vigilance package, they take care of almost everything for us. We no longer need an employee to monitor logs and threats 24/7.

Since we are freeing up some time from the operations side, our IT administrators and security personnel do not have to constantly monitor the console to see what is happening. Because we trust the product to take care of malware for us, our productivity has definitely increased. We only check the logs once a week.

Singularity Cloud Workload Security works well with other vendors, so we can even have two EDR solutions if we want to. The exclusions can be done through the console, which is very easy to use. It gives us a list of all the applications that we have installed on all our systems and makes it easy to create different types of exclusions. For example, we can create exclusions for performance reasons or to suppress alerts. There are a lot of options, and they are all very easy to use.

My favorite feature is Storyline. It creates a neat graph that shows us how any threat played out, in real time. We can see all the information about what was modified or changed on our system, such as files that were modified, created, or deleted, and register keys that were created or edited. For a SOC analyst, this information is super useful. We can deep dive into all the information and see exactly what happened on each computer individually.

The second feature is actually part of the SDR platform, and it provides native integrations with other security software vendors, such as Okta or Azure AD. This allows us to ingest all of our audit logs for security events and to take action on them. For example, we can set up an automation alert so that if a threat is detected on an endpoint, we can automatically take action on our Okta or AD environment, such as locking the account that was signed in or forcing a password reset.

I know that SentinelOne is working on additional integrations for their XDR platform, and I would definitely prefer more integrations. I understand that many more integrations are coming soon but by the end of the year. I would like additional integrations. Currently, we have integrations with Azure AD, Okta, Mimecast, and Netscope. Many of our clients and we also use firewalls from Cisco, Juniper, and so on. It would be helpful to be able to retrieve audit logs or actionable items from these firewalls.

I have been using Singularity Cloud Workload Security for two years.

Singularity Cloud Workload Security is stable, and we have not experienced any downtime. 

The stability of Singularity Cloud Workload Security is similar to that of Microsoft Defender.

Singularity Cloud Workload Security is infinitely scalable, with a multi-tenancy feature that allows us to have multiple sites, such as physical sites. For example, if we have two locations, we can easily create admins who have access to only one site or to all sites. It scales really well, regardless of our environment.

The auto-scaling feature is user-friendly. As we install more endpoints, they will simply show up in the console, allowing us to create our own physical sites with their own admins and different policies.

My interaction with technical support was pleasant. They gave me a few tips on how to integrate the new system. They also sent me some documentation, which was already available to me, but they saved me the time of searching for it. They even offered to schedule a team call to discuss the integration and have a team member help us directly. The only downside is that the entire interaction was text-based, so it could be difficult to get a definitive answer to some questions.

Positive

We previously used Microsoft Defender, but some of our laptops were infected with malware anyway. Because of this, we had to redeploy all of our laptops. We therefore concluded that the solution was not working as well as it should in terms of detection and response so we switched to Singularity Cloud Workload Security.

Deployment was straightforward. The agent is simple to deploy, and we only need to deploy it to all of our endpoints. It is a simple installation that requires our site token. We can deploy it through group policies, Intune, or any mass deployment software. I completed the deployment myself.

We evaluated CrowdStrike, Carbon Black, and Bitdefender, and found that Singularity Cloud Workload Security had a much better remediation process. This is because Singularity Cloud Workload Security uses AI-powered detection and remediation, instead of relying on human analysts. This means that threats can be detected and remediated much faster than with traditional security solutions. Another factor that influenced our decision was pricing. SentinelOne is not too expensive compared to other providers, and it offers a wide range of integrations with other security products.

I would rate Singularity Cloud Workload Security nine out of ten.

Maintenance is minimal, requiring only occasional updates. When a major update is available, we receive an email notification. We then accept and deploy the update to all eligible endpoints through the console.

Singularity Cloud Workload Security is very easy to deploy and has one of the best detection rates among vendors. It has a very user-friendly UI that provides a high-level overview of current threats and system status, as well as the ability to drill down into analytics and threat indicators using the visibility console. It is so user-friendly that anyone can use it, regardless of their expertise level. However, for more experienced users, there is also the option to dig deeper into the data.

Singularity Cloud Workload Security helps us spend less time on threats and more time on our core competency, which is consulting work. This definitely improves our productivity and innovation.

We use the tool for cloud security management. We check the vulnerabilities in the cloud during the configuration phase using SentinelOne Singularity Cloud Security. We check how many cloud assets are being covered and how many issues have been identified from multiple cloud assets. We check different types of issues. We look into cloud network configuration, Offensive Security, Kubernetes security, and vulnerabilities. We also use the ThreatWatch option to check for active attacks happening worldwide. We can also check compliance, analytics, and asset inventory. We use the tool in multiple locations.

Without the product, we cannot know the configurations and the issues that are present in the cloud assets. SentinelOne Singularity Cloud Security helps us to know such details easily. It guides us and shows the flaws or vulnerabilities present in the cloud assets. It also provides good remediation processes with screenshots. It is easy to tackle and remediate the issues present in the cloud assets.

The solution provides detailed visibility into the security state of the assets and workloads across all the platforms. The remediation process is good. It clearly provides every step required in the resolution with screenshot links. I like it very much. The product helps us identify the misconfigurations and flaws present in our organization. We meet with the concerned teams and resolve the issues. It helps us a lot by finding all the issues in the cloud assets.

We use the solution's agentless vulnerability scanning. There are different categories in the product. It is useful for us that SentinelOne Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. It is required for every company that uses clouds. SentinelOne Singularity Cloud Security has helped reduce the number of false positives we deal with. Most of the time, we do not get false positives. It is usually below 10%.

The product has improved our risk posture by 50%. We can detect vulnerabilities faster. SentinelOne Singularity Cloud Security has sped up the process by 80% to 90%. SentinelOne Singularity Cloud Security provides us with the remediation process. It has reduced the mean time to remediate. Without the tool, we wouldn't know the process to remediate. We can get some things on Google, but the product provides the exact process we need to follow. The solution improves the mean time to remediate by 70%. It is a very helpful tool for remediation.

SentinelOne Singularity Cloud Security is a collaborative tool. It is very easy to use. Anyone can easily use it. We can easily check the flaws and collaborate with other teams. SentinelOne Singularity Cloud Security has helped us save engineering time by 50%. We use other tools for compliance. We have endpoint security solutions and antivirus products for normal assets. Similarly, we need a tool for the cloud assets. I will recommend SentinelOne Singularity Cloud Security to everyone who uses the cloud.

Under the containers section, we have a cluster. It is a link between the organization and SentinelOne Singularity Cloud Security. We don't get any notifications from SentinelOne Singularity Cloud Security when the clusters are down. The SentinelOne Singularity Cloud Security database doesn't receive any updates. It doesn't trigger any alerts. We must check things manually. It must be improved in future releases. If notifications are available, then it will be more helpful, easy, and time-saving. We can easily contact the team, check why the cluster is down, and restart things.

I have been using the solution for one and a half years.

The solution is stable. I rate the stability an eight out of ten.

We have eight users in our organization. The solution does not need any maintenance. I rate the scalability a nine out of ten.

The technical support is good. The team responds within 24 hours and resolves all the issues we raise. The team also arranges monthly meetings for updates. The support team educates us about the upcoming updates in the tool. The team helps us if an individual or a team has issues with SentinelOne Singularity Cloud Security. The support people also help us with the remediation process if we are stuck at any stage.

Positive

The tool is deployed on the cloud. The deployment can be done in a day. One or two people from our organization and two to three people from the development team of SentinelOne Singularity Cloud Security were involved in the deployment. The solution was easy to deploy. It was not complicated.

The product has saved us time, money, and resources. We have saved 80% of time, 20% of resources, and 80% of money.

The tool is cost-effective. It is neither cheap nor expensive.

The tool is easy to use. Compared to other products, SentinelOne Singularity Cloud Security is the most easy to use. There are different severity categories, such as critical, high, medium, and low. We get notifications for critical things. Critical issues have the highest priority. The ability to prioritize the issues is helpful for us.

Overall, I rate the product an eight out of ten.

We use SentinelOne Singularity Cloud Security to identify threats and vulnerabilities in our AWS accounts and the compute resources that are hosted on those cloud accounts.

We implemented SentinelOne Singularity Cloud Security to address network-related issues, such as communication between individual components (part-to-part or node communication). SentinelOne Singularity Cloud Security's Graph Explorer feature also helped us understand the overall network landscape, including the attack surface. This feature allows us to discover and explore various components within our AWS environment. In essence, SentinelOne Singularity Cloud Security helped us identify how different networks connect and how microservices within our system interact with each other.

We've implemented SentinelOne Singularity Cloud Security across all our core companies, including acquisitions. Previously, managing separate AWS accounts for each company with dedicated DevOps and security teams was a significant challenge. SentinelOne Singularity Cloud Security helped us consolidate these accounts into a single platform, simplifying the process. Now, we can easily track key security metrics. For instance, SentinelOne Singularity Cloud Security provides frequent alerts for critical events such as publicly exposed instances or security groups with significant traffic changes from any source. Monitoring these elements across multiple accounts and security groups was previously difficult without a centralized platform. SentinelOne Singularity Cloud Security has been instrumental in streamlining this process.

We recently made some changes to our information systems. SentinelOne Singularity Cloud Security helped identify instances that were inadvertently made public. This identification is important for compliance purposes, as it allows us to track how well these public instances adhere to regulatory frameworks.

SentinelOne Singularity Cloud Security's compliance monitoring capabilities have provided us with some benefits, particularly in understanding our overall security posture. However, it's important to note that SentinelOne Singularity Cloud Security only monitors our cloud infrastructure. There might be internal deployments with compensating controls that address missing controls identified by SentinelOne Singularity Cloud Security (e.g., control X is missing but mitigated by internal control Y). These internal controls wouldn't be visible to SentinelOne Singularity Cloud Security. Therefore, while SentinelOne Singularity Cloud Security provides a valuable starting point at the surface level, manual review is necessary to ensure complete compliance coverage.

SentinelOne Singularity Cloud Security is easy to navigate. Its menus are straightforward and intuitive, making the overall user experience smooth.

One of the key benefits of the evidence-based reporting is its proof of exploitability. This feature allows us to prioritize vulnerabilities that have been demonstrably compromised and take immediate action to mitigate the risks.

The offensive security engine feature constantly scans and lets us know if any vulnerabilities in our environment can be exploited. While the offensive security engine for verifying exploit paths and prioritizing breach control is valuable, it lacks context awareness. For instance, it might flag something we intentionally made public, like a new website for an upcoming event. In those cases, we can safely ignore the alert. Overall, the engine is a useful tool. We extract the information it provides and prioritize it. A dedicated team reviews the alerts and, if necessary, escalates them to our DevOps team for further action.

By centralizing cloud infrastructure monitoring with SentinelOne Singularity Cloud Security, our security team's productivity, and MTTR have been significantly improved.

Over time SentinelOne Singularity Cloud Security has reduced the number of false positives by 40 percent.

SentinelOne Singularity Cloud Security has significantly improved our organization's risk posture. Since implementing it, we've been able to assess the risk associated with recently discovered CVEs much faster than before. This efficiency is due to the proactive identification and scanning capabilities. Now, we start each day with a clear summary of potential risks, allowing us to prioritize effectively.

SentinelOne Singularity Cloud Security has reduced our mean time to detection by 90 percent. This is because it scans every day and sends us real-time email alerts, allowing us to take immediate action.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 40 percent.

We have a dedicated channel where we collaborate with SentinelOne Singularity Cloud Security and our internal teams.

The collaboration helped save our engineering time by 60 percent.

The user interface and ease of use have had a positive impact on our security operations. For example, we recently needed a list of assets deployed in a specific GN in a cloud account for a particular incident. We went straight to SentinelOne Singularity Cloud Security and were able to quickly obtain the assets along with a map of the security groups linked to them. The UI's simplicity helped us save significant time by eliminating the need to search for information manually.

Notifications about the latest vulnerabilities are a valuable feature. SentinelOne Singularity Cloud Security automatically updates itself with the newest threats and scans our infrastructure across all integrated data accounts for them. This is helpful because it's difficult to keep up with the volume of CVEs, especially the critical ones.

The UI is responsive and user-friendly.

There's room for improvement in the graphic explorer. We'd like something that helps us visualize traffic between different ports and containers. Currently, we can see host networking, like communication between instances or perhaps within Kubernetes. However, we're looking for a tool that can also visualize port-to-port communication and display it as a graph. This would give us a clearer picture of our network traffic and help strengthen our network security.

The dashboard currently displays CVEs, but it would be beneficial to receive proactive email notifications in addition to this.

I would also like to have runtime security in SentinelOne Singularity Cloud Security.

I have been using SentinelOne Singularity Cloud Security for 7 months.

I would rate the stability of SentinelOne Singularity Cloud Security 9 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 8 out of 10. We can easily add new cloud accounts.

The technical support response time is good. For feature requests, they can be a little slow.

Positive

The time invested in security operations for threat detection and monitoring has yielded a return on investment of 70 percent. We've also seen a financial benefit by avoiding the need for additional staff to monitor and correlate all database accounts individually by 40 percent. SentinelOne Singularity Cloud Security automates these tasks efficiently.

SentinelOne Singularity Cloud Security is less expensive than other options.

I would rate SentinelOne Singularity Cloud Security 8 out of 10.

We're planning to integrate SentinelOne Singularity Cloud Security with our CI/CD pipeline and Slack. Currently, our only integration is with an email system, which means we receive alerts and notifications via email. We're evaluating the effectiveness of this approach. Integrating with tools like Jira or Slack could help manage the issue of false positives and notification overload, which currently requires the manual closing of alerts. We're still assessing the best course of action, but integration with Jira is a strong possibility.

Around 15 people from our security and DevOps teams use SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is a SaaS that is integrated with our main company and all our acquisitions.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others for its cloud security capabilities. I particularly appreciate its offensive security approach. Coming from an offensive security background, I find PingSentinelOne Singularity Cloud Securityafe excels at identifying real threats that we can address immediately. This proactive approach is a major advantage of SentinelOne Singularity Cloud Security. While the defensive side might involve some assumptions and possibilities, I believe the offensive capabilities are the key reason we use SentinelOne Singularity Cloud Security.

When we receive a ticket about a SentinelOne detection on a specific host, we will first go to the SentinelOne console and look up the endpoint and the case. If there are any threats related to the host, we will then review the activities that have taken place within a specific time frame. We can look at the processes that have run, and how they have propagated from one process to another. We can also look at the timeline of events, from the top down, to see what happened when each process was run. This will help us to determine if any malicious activity has taken place.

We use the cloud-based management console to install SentinelOne on each employee's or host's device. SentinelOne can be installed through the cloud.

Singularity Cloud Workload Security provides us with better security detection and more visibility. It is another resource that we can use to detect vulnerabilities in our company's systems. For example, it can help us detect new file processes that we are not familiar with, which could be used by attackers to exploit our systems. Singularity Cloud Workload Security can also help us diagnose and analyze data to determine whether it is malicious or not. Singularity Cloud Workload Security is like another pair of eyes that can help us protect our systems from cyberattacks.

The real-time detection and response capabilities of Singularity Cloud Workload Security are very helpful. When we receive alerts in real-time, we can take action immediately. Within Vigilance, they look at things for us in real-time and let us know if they detect something malicious. This allows us to investigate the incident and see what is happening. If it is a zero-day attack, we can take action immediately to try to mitigate the damage. Having real-time alerts helps us take action more quickly than waiting for a few days for something to happen.

The automated remediation feature works from a database. We upload anything that we have detected before or anything that we can filter into this database. For example, we would upload the known IP addresses of analysts who do penetration testing for us within the company. If one of these IP addresses comes in and is malicious to the company, the solution will detect it. Singularity Cloud Workload Security will check the IP address and automatically classify it as benign. This saves us time because we don't have to manually review the IP address or contact our colleagues. This frees up our time so that we can focus on other things, such as investigating more malicious threats. IP addresses are just one type of data that can be filtered. File processes can also be filtered. Any type of automated filtering helps us reduce the time it takes to investigate a ticket so that we can focus on the most malicious threats.

The historical data record provided by SentinelOne after an attack is helpful in identifying what we can do to protect ourselves from future attacks. We can use this data to understand the cause of the attack and put in place preventive measures, such as educating employees about security best practices. SentinelOne allows us to access up to three or four months of historical data without a request. For data that goes back six months to one year, we need to submit a request. This data can be specific to a particular host, if necessary.

Singularity Cloud Workload Security is a great product. It is very robust and versatile. There are many things we can do with it, even things I have explored in the past two years. We can use different types of queries to narrow down our searches. It is a very powerful tool that has been very helpful to our SOC in analyzing specific incidents.

The solution has decreased our mean time to detect through the automated response process and visuals that give us time to focus on other important things. It definitely gives us the actual time to look at other things instead of focusing on one ticket that may take us 30 minutes to an hour to resolve. This could definitely decrease the coverage time.

The solution has decreased our mean time to remediate. We have many detection systems in our organization, and it takes a lot of manpower to focus on all of them. Integrating SentinelOne into our organization has given us more time to focus on other things, rather than having to look at minor incidents, such as low-severity incidents. SentinelOne detects and remediates these incidents for us, so we don't have to worry about them. This has been a great help, and we no longer need to dedicate as much manpower to these incidents.

The solution helps to free up our SOC staff time to work on other projects and tasks. Thousands of false positive tickets no longer have to be looked at by our SOC team, saving them a lot of time.

The solution has helped our organization become more productive by allowing us to focus on more severe issues instead of wasting time on minor ones.

The management console is the most valuable feature. It offers a variety of options for us to view. If a threat is detected, there is a specific area where we can view the different incidents that have occurred. This is the threat that is associated with that host.

We can also have deep visibility into the activities within the host within a specific time frame. This is very useful, especially when we can view the process tree. This allows us to see how one process propagates to another process, and so on. We can then look back to the beginning of the process to see where it came from. How was it downloaded? Which URL did it come from? Was it internal or external? This information has been very helpful when we are diagnosing a specific incident.

The File Fence feature is also useful. When we view a file within Singularity Cloud Workload Security, we can put it into our sandbox to see what type of file it is and whether it is malicious or not. There is also the scan feature, which is very helpful. When we scan a host remotely, it can return to us with information about the detections that were made on that host. This can help us to identify and alert others about any potential threats.

Whenever I view the processes and the process aspect, it takes a long time to load. I think this is because the dashboard or management console is slow, especially during downtime or when updates are being applied. Even when I search for a specific query, it takes a while to load. I believe that increasing the bandwidth for query processing would help.

I have been using SentinelOne Singularity Cloud for three years.

I think the stability is decent. However, if they fixed the bandwidth issue, it would be a top contender. Sometimes, when I need to look at the process timeline, it is very difficult to load and takes a long time. We don't always have the time to wait for it to load. I think the stability is okay, but it could be improved.

We used Carbon Black. Carbon Black's stability is pretty good. Its downtime is not as high as SentinelOne's. Carbon Black is a little bit easier to use than SentinelOne. Its user interface is a little bit easier than SentinelOne's. In terms of stability, I think SentinelOne is just a little bit behind Carbon Black. Not by much, but just a little bit.

The scalability is fine.

The technical support is very responsive, and courteous, and provides great customer service. If we need something right away, they will definitely put us on the priority list. We have a special chat channel or a specific team dedicated to our company. We can also email them, and they will usually respond quickly.

Positive

I previously used Carbon Black and Tanium for a short time. When I first started at my current organization, they were using both Carbon Black and SentinelOne. However, SentinelOne provides the same level of security as Carbon Black at a lower cost, so the organization stopped using Carbon Black.

If I were to compare SentinelOne to Carbon Black, I would say that they have the same functionality, but Carbon Black has a faster response time. If SentinelOne could improve its bandwidth in this area, it would be a more competitive product.

I would rate Singularity Cloud Workload Security a seven out of ten. I noticed some lagging, especially when loading a specific storyline. I also experienced some lag when I had too many windows open.

Based on the company's size and infrastructure, SentinelOne offers different tiers of service for small, medium, and large businesses. For a really small company that doesn't generate a lot of logs, a robust system like SentinelOne may not be necessary. However, for a medium-sized company, SentinelOne can be a valuable asset. It has helped us to reduce our response time, gain more visibility into our security posture, and receive alerts if any devices are lost or stolen. SentinelOne is also more versatile than other solutions in terms of the resources it uses to detect malicious activity. I would recommend that any company considering SentinelOne do their research and talk to other users to see if it is the right fit for their needs.

Singularity Cloud Workload Security is a cloud-based solution that does not require much maintenance. The only maintenance required is to keep the filtering list up to date. This can be done with the help of the SentinelOne team.

The interoperability of the solution is fine. I don't have any issue with it.

In my line of work, we innovate by detecting and analyzing specific incidents. Singularity Cloud Workload Security definitely helps us out a lot in terms of detection, creating new queries, and creating new filters.

I suggest they research the solution and test it out. I believe SentinelOne offers a trial version, so they can try it before they buy it. See how they like it. We love it and don't think we can live without it. It gives us so much free time to focus on other things. It's like a home security system. If we miss something, they contact us. If the doors unlock, they let us know. If the battery is dying, they let us know. It has helped us out a lot. It gave us the visibility we didn't have before and continues to give us the visibility we need. I don't know what we would do without it.

As a Security Engineer, I use the SentinelOne Singularity Cloud Security primarily for cloud security posture management. Additionally, I benefit from features such as attack visualization and evidence-based reporting, which help proactively mitigate vulnerabilities, reducing compliance risk and audit pressures.

Infrastructure as code scanning is a valuable capability, and while we primarily use the SentinelOne Singularity Cloud Security for cloud security posture management, we also leverage its infrastructure as code scanning, which is vital given the implications of hard-coded secrets in our source code.

I personally use the SentinelOne Singularity Cloud Security daily, and I have noticed that the dashboard occasionally gets stuck, potentially due to internet issues, suggesting it could benefit from enhancements to be more robust and smoother.

The SentinelOne Singularity Cloud Security has improved our ability to protect containers, Kubernetes, and other systems, especially since we have integrated it with all CWPP and CSPM application security and container scanning features into Jira for more effective vulnerability management.

The monitoring tool has comprehensive monitoring features. They also provide reports with a compliance score that shows how well we meet certain regulatory standards and allows us to present our compliance as a percentage, demonstrating our serious approach to security. My company is fundamentally focused on security, so this solution is a significant part of it.

The ease of use of the SentinelOne Singularity Cloud Security is evident, as the dashboard is very simple, allowing even beginners to understand the product and its purpose without confusion.

The evidence-based reporting proves crucial for prioritizing issues, as when I receive alerts about any DDoS attacks or incidents affecting my infrastructure, the SentinelOne Singularity Cloud Security plays a very important role in alerting me quickly.

The proof of exploitability in the evidence-based reporting is significantly important to us, as it allows the SentinelOne Singularity Cloud Security to identify issues quickly, especially when a developer accidentally makes a repository public, catching problems before they escalate.

The SentinelOne Singularity Cloud Security has substantially affected my risk posture, as it was the first tool that notified me of the public exposure of a repository by a developer, allowing me to resolve the issue within minutes.

The SentinelOne Singularity Cloud Security helps us reduce the number of false positives significantly, as it provides context to alerts, allowing us to manage public-facing resources without overwhelming alerts when exceptions are necessary.

My mean time to remediate has reduced by about 30% to 40% since using the SentinelOne Singularity Cloud Security.

The mean time to detect has also decreased by 20% with the SentinelOne Singularity Cloud Security.

The SentinelOne Singularity Cloud Security facilitates collaboration between cloud security, application developers, and application security teams, centralizing the reporting and communication of flagged vulnerabilities for remediation through dashboards.

I personally use the SentinelOne Singularity Cloud Security daily, and I have noticed that the dashboard occasionally gets stuck, potentially due to internet issues. It could benefit from enhancements to be more robust and smoother.

I have been using the SentinelOne Singularity Cloud Security for around 1.5 years.

Sometimes, we do expereince lagging. 

The solution is very scalable. 

Technical support is knowledgable. 

Positive

I did not use an alternative solution. 

It's easy to deploy. It took us two to three days. 

We did have the customer support team on call during the implementation. 

We're just a customer and end-user.  

I do not personally use the agentless vulnerability scanning feature, however, my team utilizes it. I do not have extensive insight into its specific workings.

I do not use the offensive security engine feature.

I rate the SentinelOne Singularity Cloud Security nine out of ten.

I use it for security purposes, and it is deployed on the cloud. It helps me look into potential threats and resolve issues.

For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes. It provides user-friendly privacy protection, 24/7 threat detection monitoring, and managed services for continuous monitoring and threat hunting. It also offers ransomware protection with excellent defense mechanisms, rollback features, and extended detection and response features.

The area of improvement is the cost, which is high compared to other traditional endpoint protections. Additionally, it has limited legacy system support and may not fully support older operating systems or legacy environments.

I have been using SentinelOne for one year.

I rate the stability nine out of ten, indicating strong stability with limited bugs, glitches, or downtime.

The solution is scalable, and I rate it nine out of ten.

I rate technical support eight out of ten, indicating satisfaction with the support provided.

Positive

I did not personally use any other solution before using SentinelOne, however, I have heard about multiple products compared to SentinelOne.

The initial setup was easy and completed in a couple of days, involving three people.

Three people were involved in the deployment, working together to ensure the setup was successful.

Meantime to remediation improved from seven to eight minutes to two to three minutes, reducing time and money by 40% to 45%. Overall, time to detect is now in milliseconds.

On a scale of one to ten, I would rate the pricing and setup costs an eight out of ten, indicating it leans towards the expensive side.

I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats.

I would rate the overall solution nine out of ten.

We use SentinelOne Singularity Cloud Security for our AWS cloud used in my project and to check the account's vulnerabilities.

SentinelOne Singularity Cloud Security has improved our organization a lot. Before using SentinelOne Singularity Cloud Security, we had not covered many points according to vulnerabilities. We have used the solution's dashboard, which shows the criticality of issues, and we have rectified and resolved many issues according to their severity.

SentinelOne Singularity Cloud Security has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability. If it is not a critical problem, we can try to solve it within 4-5 hours. If it's very critical, then we can take action immediately.

SentinelOne Singularity Cloud Security takes 4-5 hours to detect and highlight an issue, and that time should be reduced. Sometimes, the solution shows false alerts. The comments section has also been turned off for the last 10 to 15 days. These are the two issues I'm facing right now in SentinelOne Singularity Cloud Security.

I have been using SentinelOne Singularity Cloud Security for the last three months.

SentinelOne Singularity Cloud Security is a stable solution, and I haven’t come across any bugs or glitches.

I rate the solution an 8 out of 10 for stability.

The solution has good scalability. Around 10 users in my team use the solution.

I rate SentinelOne Singularity Cloud Security's scalability an 8-10 out of 10.

SentinelOne Singularity Cloud Security's pricing is good because it provides us with a solution.

Suppose we find a volume not attached to any EC2 instance during scanning. SentinelOne Singularity Cloud Security detects such vulnerabilities, and we try to resolve them. SentinelOne Singularity Cloud Security is an easy-to-use solution. Everybody in my team works with SentinelOne Singularity Cloud Security to monitor any vulnerabilities it detects.

SentinelOne Singularity Cloud Security is a good tool for security and vulnerability detection for me and my team. The solution is easy to use, and we are very familiar with the dashboard, which shows the criticality of particular problems. It also shows the link to a particular vulnerability or problem so that we can directly go to that particular problem.

Through the solution's dashboard, we can see problems and detect vulnerabilities. Then, we assign each problem to another and try to resolve it. In the pre production environment, we used to try a blue/green deployment. If we try to get any alerts from that particular dashboard, SentinelOne Singularity Cloud Security will detect them.

SentinelOne Singularity Cloud Security has improved our risk posture by 50% to 60%. Earlier, we couldn't identify the things created by mistake during production. If something is created by mistake or if we are unable to detect mistakes in the production environment, SentinelOne Singularity Cloud Security scans and alerts us of any vulnerabilities.

SentinelOne Singularity Cloud Security takes approximately 4-5 hours to detect an issue. We conducted a test by creating one issue, which was highlighted in the SentinelOne Singularity Cloud Security dashboard within four to five hours. The issue was still present in the SentinelOne Singularity Cloud Security scan after we resolved it, and it was removed after four to five hours.

SentinelOne Singularity Cloud Security has helped reduce our mean time to remediate, and we immediately take action on the issue. In my opinion, SentinelOne Singularity Cloud Security is really collaborative, and other teams use it at the utmost level. The solution is really helpful for us regarding system security.

SentinelOne Singularity Cloud Security has helped us save around 30% to 40% of engineering time. We just see the SentinelOne Singularity Cloud Security dashboard for issues it has detected and try to resolve them as soon as possible. SentinelOne Singularity Cloud Security has helped us save approximately 30% to 40% of our resources, time, and money.

SentinelOne Singularity Cloud Security is integrated with the AWS tool our team uses to detect vulnerabilities. SentinelOne Singularity Cloud Security is a SaaS (Software as a service) solution. We have five to six accounts on SentinelOne Singularity Cloud Security and use them in multiple locations. The solution does not require any maintenance. I would recommend the solution to other users.

Overall, I rate SentinelOne Singularity Cloud Security a 9 out of 10.

We use SentinelOne Singularity Cloud Security to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. SentinelOne Singularity Cloud Security finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. 

SentinelOne Singularity Cloud Security is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack. 

When I joined the organization, we didn't have this kind of security tool in our infrastructure. SentinelOne Singularity Cloud Security helps us secure any resources that were mistakenly made public and other vulnerabilities. Initially, we were primarily focused on projects, not on the security side, but we were dealing with some system vulnerabilities that hackers could exploit, like publicly accessible resources. The detection is highly granular. It gives you small vulnerabilities and very new types. 

The SentinelOne Singularity Cloud Security team will help you reduce false positives quickly. When we first used SentinelOne Singularity Cloud Security, false positives were high, so we contacted the team. They did some testing and modifications, and the problem was solved in one or two days. 

The mean detection time has drastically reduced. The detection time varies depending on what we're scanning. When we're scanning GitHub, it takes 7 to 10 minutes. On the cloud platforms, it depends on resource availability. It takes 10 minutes on the high end, but the mean is about 1 or 2. Overall, it has been reduced by about 10 percent. 

The remediation time is up to us. SentinelOne Singularity Cloud Security just detects it, but it gives us an assessment and recommendations, making it easier to resolve. When we fix a vulnerability for a particular resource, the issue will not occur again. 

SentinelOne Singularity Cloud Security can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub. Using SentinelOne Singularity Cloud Security's evidence-based reporting, we can rank the severity of issues as critical, high, medium, etc. Having the ability to prioritize security issues is crucial for any organization. 

One good thing about SentinelOne Singularity Cloud Security is that it gives you a consolidated view of compliance and vulnerabilities. We can follow SentinelOne Singularity Cloud Security's guidance and comply with those use cases. When you get an alert, they explain how to resolve those issues. 

The user interface is excellent because we see everything in a single panel and can manage all the operations from one portal. It's integrated with Slack, so we can coordinate on the open tickets. We can also mute notifications. The interface is straightforward and easy to use. Anyone can use it.

The offensive security engine is a helpful feature in cases like when a developer leaves some API element exposed, and we can view the potential exploit path. It's helpful when we are deploying any AWS account or service because all our systems depend on AWS.  When the service is initially deployed, we can see what happens and get all the details about anything that depends on it. 

When you find a vulnerability and resolve it, the same issue will not occur again. I want SentinelOne Singularity Cloud Security to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again. 

We have used SentinelOne Singularity Cloud Security for more than 2 years.

I rate SentinelOne Singularity Cloud Security 9 out of 10 for stability. We've never had any glitches. 

We've had no issues with scalability. We've onboarded about 6 or 7. There is no digital investment. You can integrate multiple accounts from various providers. 

The support team was valuable during the initial stages. SentinelOne Singularity Cloud Security contacted us every three weeks. They checked our infrastructure and reviewed all the issues that we were incorporating into the system. They took direct responsibility for the system and could solve queries quickly.

Positive

Previously, we were using the native tools of each cloud provider. For example, we used GuardDuty on the AWS.

Deploying SentinelOne Singularity Cloud Security is straightforward. You can onboard new AWS accounts in five to 10 minutes, and it will start scanning very quickly. They give you a script to run on AWS. You can enroll your accounts based on the template, and it starts collecting data. We onboarded six or seven accounts. It hardly took any time. It's a SaaS solution so we don't need to maintain it. We only need to do the onboarding. 

I rate SentinelOne Singularity Cloud Security 7 out of 10. SentinelOne Singularity Cloud Security isn't a unique solution. Other solutions have the same features, but I like SentinelOne Singularity Cloud Security because it's simpler to use. It doesn't require any maintenance and the scalability is good. However, I think other solutions can give the same level of detail and insight.