SentinelOne Singularity Cloud Security Reviews

We adopted Cloud Native Security for its offensive security engine, which no other tools provide. It checks to see if any file or domain has public access. We also use it for cloud configuration scanning. Now, we are integrating it with cloud detection and response and plan to integrate it with CloudTrail and logs. Multiple team members use the solution. Our cloud security team has more than 10 members. We sometimes forward issues to the application team.

When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks. 

Compliance management is critical for every organization. Our compliance score was pretty low when we started using Cloud Native Security. Now, we've started seeing improvement every quarter.  We're around 85 to 95 percent compliant. When we see any alerts related to configuration, we raise a ticket with our follow-up team unless the issue is resolved automatically. We eliminate false positives and identify and work on any problems with our policies or other issues. 

Cloud Native Security has reduced our detection time by 15 to 20 percent through automation. The solution makes it easier by showing every impacted resource on a single dashboard. If we didn't have an automated tool to show us all the affected assets, we wouldn't know what's happening on every server or the resources we have created. Without this solution, we had to go to the documentation page for every cloud provider and implement the change. Now, we can check a single dashboard to get an overall idea of how something impacts our resources, and it helps us to automate. 

The solution has improved collaboration between our teams regarding security posture. We can say to the cloud security team that they need to follow a particular posture-related practice or adopt a network configuration, like blocking public access to a resource. We give these requirements to the network development and application teams.

Cloud Native Security has reduced our vulnerabilities and misconfigurations, improving our security posture. We had about 10,000 alerts when we started, but we brought that down to around 500. That was a considerable improvement in six months. 

I have worked on most of the tools in the market, and every product has distinctive features. Cloud Native Security's standout feature is offensive security. That's something no other product offers. All the other products have the same core features, such as vulnerability scanning. 

The UI is user-friendly, and the recommendations are easy for everyone to understand. If any misconfiguration happens, all four teams can read the options and understand how to implement them. To achieve these goals, we can also create an automated template according to cloud security best practices

SecOps plays a crucial role in our deployment and testing in the software lifecycle. In the course of building and deploying our applications, we need to look at our vulnerabilities and configurations. It's easy to identify these things and fix them before deployment by integrating Cloud Native Security.

The solution's evidence-based reporting is helpful because it provides real-time information. If a file has been opened and we haven't provided access, it gives us the evidence. It tells us the domain, and we try to investigate by going to the team that owns the file. We require them to make the file private, so it can't be accessed from the internet.

Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email. 

We started using Cloud Native Security last year.

Cloud Native Security doesn't have any bugs or glitches. It's fairly stable.

I rate Cloud Native Security nine out of ten for scalability. 

I rate Cloud Native Security support nine out of ten. They have email support, but there is no option to raise tickets from within the portal. Now, they have Intercom, and we raise tickets through that. 

Positive

We previously used Prisma Cloud, which has many of the same features, such as cloud-based configuration, Kubernetes scanning, vulnerability assessment, etc., but Cloud Native Security has the Offensive Security Engine. That is the main reason we switched.

Our organization started with a POC for a month and a half before presenting Cloud Native Security to our VP and senior leadership. They gave us the go-ahead, and we finalized the product. It took us less than a week to implement, but the deployment time depends on the organization. It might take time if they need to get approval from leaders. 

I rate Cloud Native Security seven out of ten for pricing. It's cheaper than many other products. 

I rate Cloud Native Security nine out of ten. It's a mature solution that includes all the features found in other products on the market. 

My company has around ten AWS accounts, and we use SentinelOne to monitor and see if any risks are there or not in any security groups for VPC endpoints or any other resources that come under severe risk or medium risk, so my company uses the product for calculations concerning the aforementioned area. The tool also creates tickets for our company, which helps us monitor the resources and change them according to the standards applicable to the organization.

The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator. It creates a ticket automatically, so you get to know the things in the tool that you need to attend to immediately, making it a core feature of the solution.

I am unsure as to what kind of subscriptions my company has taken from PingSafe. I am not sure about what other things are there in the product that can help our company. Based on whatever subscriptions related to the product my company has taken, I can say that though one of the security groups is open to my company's premises, it still stays that it is open, which, for my company, makes it secure, but for PingSafe, it is not secure, so I am not pretty sure about how it can check and update it. I am not sure if a feature to deal with the aforementioned area already exists in the solution and if my company has not taken a subscription to use it.

Let us assume that there is a ticket that states that one port is vulnerable in the security groups from AWS since it is exposed to the public. When the tool states that it is exposed to the public, it means that it is exposed to the IPs in the company premises and not the public.

Let us assume that there is a database that is exposed to all the IPs in an office. If I have 10 to 12 sets of IPs, I can use them for 10 to 12 Wi-Fi or VPN connections, and it is exposed on the company premises, but the tool states that it is exposed to the public and that the company needs to shut it down. My organization needs to expose the database so that our development team can access it over our office IPs. If you do not expose the database to office IPs, the development team cannot access DBs to manipulate or check data. In general, the database is exposed to the office IPs, not to the public, but the tool states that it is exposed to the public since it cannot identify whether the IP is a public IP or office IP. I am not very sure if there is a setting in the product that allows the office to give its set of IPs to the tool, and scanning can be done through them so that the tool can identify if the resources are inside or outside of the IP range, according to which can state whether it is safe or not. In general, the tool should offer users the ability to mark IPs as public and private ones so that the product can identify them. It would be good if a customer could provide the tool with a set of ten IPs and state that it will be okay and secure if any of the resources are exposed to them since they are inside the office premises.

One of the issues with the product stems from the fact that it clubs different resources under one ticket. If I have 10 resources in 10 accounts, there might be a problem if, from those 10 accounts, 5 resources have the same issues and they get clubbed together under a single ticket, which makes it somehow a difficult process since I have to get inside the ticket to get the resources and the account details.

I have been using PingSafe for 6 months. My company is a customer of the solution.

I never found any stability issues in PingSafe.

In terms of scalability, I have not used the application to its full extent. Right now, I cannot comment on the scalability part of the product.

PingSafe helps identify the resources that are vulnerable to attacks, and if I can fix them up, then my application will be safe at that particular point in time. The tool's aforementioned area has no relation to the product's deployment since it is used to secure my company's resources, applications, and infrastructure.

Though the solution can be deployed with the help of my team, consisting of three people, I can handle it by myself. With PingSafe, the reports come to me, after which I can give or segregate them for different applications while having two different individuals working under me.

I take care of the installation part of the product by myself.

The solution is very user-friendly in terms of ease of use.

I do not use the product's reporting feature because another team in my company handles it. I know that my company uses the product's reporting feature to extract reports on a weekly, bi-weekly, and monthly basis, but I don't deal with it.

I don't use the product's agentless vulnerability scanning. I check the reports that come to me, as I need to further check the resource tests attached to them, especially whatever resources are affected as per the reports. In general, I just go with the report and complete the task.

I have not used Pingsafe's Offensive Security Engine.

Pingsafe's IaC Scanning is a great functionality that is built into the product. It is one of the major functionalities that my company's team uses. With Pingsafe's IaC Scanning, it is easy to monitor and observe areas in a good way.

Pingsafe's IaC Scanning role in identifying pre-production issues in IaC templates or container configuration files is helpful because when in my company, we configure IaC Scanning in our production environment, it gives a brief detail about what the resources and security groups or whatever resources are the most vulnerable, after which they get sorted into four categories, namely, low, medium, high and severe. The tool sorts out the resources into four categories before you go to the production phase, ensuring that they are good and secure.

The main benefit of the use of the product in our company stems from the fact that it provides a vulnerability scanning report, which helps us to maintain the resources mainly, an area for which my team and organization use it.

I experienced the benefits attached to the solution from the first day of using it, and before its use, I was not able to identify the issues in the resources. PingSafe gave me the value and the reports that helped me to identify the issues in resources.

PingSafe's use has helped reduce the false positive rate. In the initial stages, my company had more than 100 severe cases, but within a month, we were able to reduce that to below 10 percent.

With PingSafe, the mean time to detect has reduced because initially, for detection, I had to observe resources end to end. Now, the tool provides me with a regular report because of which I don't need to observe everything inside the resources. I just need to go to a particular resource and check what is stated in the ticket to see which ports are vulnerable, after which it can be changed, so I can directly go and check it, owing to which the tool definitely reduces the mean time to detect vulnerabilities.

With PingSafe, the mean time to remediate is a maximum of twenty-four hours. Initially, in my company, we had to identify the problem and then proceed with remediation, but now we can do it directly since the report is already available.

PingSafe has affected and helped me a bit to deal with the collaboration between cloud security application developers and AppSec teams because it helps me to keep my resources and tell the developers that we cannot expose them to the extent where the application will become vulnerable to attacks. In general, the tool is helpful since it reduces the time needed to connect DevOps and developers.

I found the product to be pretty useful. I directly onboarded the product and started to use it. I did not find any difficulties with the tool.

I rate the tool an 8 out of 10.

We use SentinelOne Singularity Cloud Security as a Cloud Native Application Protection tool to identify anomalies or deviations from best practices in our cloud environment.

We chose SentinelOne Singularity Cloud Security because it meets our compliance requirements.

We have integrated SentinelOne Singularity Cloud Security with all of our AWS accounts. By default, when SentinelOne Singularity Cloud Security identifies an issue, it automatically creates a Jira ticket. Our Security Operations Center team then investigates all these Jira tickets and takes appropriate action.

SentinelOne Singularity Cloud Security is user-friendly.

SentinelOne Singularity Cloud Security's evidence reporting is valuable for prioritizing and resolving the most critical cloud security issues. Any issue it identifies, whether it warrants a Jira ticket or not, can be directly accessed through a provided link. The SentinelOne Singularity Cloud Security dashboard then displays all vulnerabilities, including how the issue was identified, the type of scan used, and the affected code location. This can include details from secret scanning, pinpointing the specific repository, file, and location where a secret was leaked within GitHub. This level of detail makes it very easy to verify and prioritize remediation efforts.

We leverage IaC scanning because our infrastructure is defined using Terraform. This allows our DevOps team to proactively identify potential security vulnerabilities. These vulnerabilities can include accidentally embedding secrets directly in the IaC code, such as committing them to the GitHub repository. By utilizing IaC scanning, we can detect such issues and promptly notify the responsible DevOps team member for remediation.

SentinelOne Singularity Cloud Security helps identify issues in container configuration files early in the development process.

In the past, we relied on multiple tools for latency scanning and Kubernetes security scanning. This meant using separate portals and logging tickets manually in Jira. Now, with SentinelOne Singularity Cloud Security, we have a centralized solution. It provides a single point of access for everything, from security issues to the latest threat intelligence reports. This makes it user-friendly and saves our team significant time. We can investigate issues more efficiently and even create Jira tickets directly within SentinelOne Singularity Cloud Security, eliminating the need for manual logging. Overall, SentinelOne Singularity Cloud Security offers both time savings and improved accuracy.

The real-time detection offered by SentinelOne Singularity Cloud Security is crucial because we manage all our data using Kubernetes. This makes it critical to identify any vulnerabilities within the running dependencies.

We rely on SentinelOne Singularity Cloud Security's comprehensive compliance monitoring to maintain regulatory compliance. We utilize all its features to maximize its effectiveness.

SentinelOne Singularity Cloud Security has a user-friendly interface. It provides a visual flow diagram that makes it easy to navigate between different AWS accounts and services. When we receive an alert, we can quickly see which account and service it's related to. Overall, it's a well-designed tool.

SentinelOne Singularity Cloud Security has removed 80 percent of our false positives.

SentinelOne Singularity Cloud Security has improved our mean time to detection by 100 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 70 percent. This is because we can now quickly obtain a list of all issue tickets logged in Jira, allowing our SoC team to take action on them promptly.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud developers and AppSec teams.

Having a system that can identify and alert us to misconfigurations in our 3 data storage buckets is helpful for our organization's penetration testers. Since all our company data resides on cloud platforms, SentinelOne Singularity Cloud Security allows the AppSec team to automatically detect vulnerabilities before manual penetration testing begins. While this automation might seem to reduce the AppSec team's workload for cloud security specifically, it would ultimately benefit both teams. The security operations team would be relieved of the burden of manually logging and ticketing every issue identified within AWS services.

SentinelOne Singularity Cloud Security has helped save 90 percent of the engineering team's time.

We have successfully integrated SentinelOne Singularity Cloud Security with AWS and have also integrated the GitHub organization. These integrations were implemented to identify potential issues on our cloud platform. SentinelOne Singularity Cloud Security is also used for IaC and secret scanning within our organization. Fortunately, these integrations have been running smoothly and haven't caused any problems.

SentinelOne Singularity Cloud Security's graph explorer is a valuable tool that lets us visualize all connected services. For instance, we can see all running Kubernetes clusters, including their components and nodes. If there are any problems with cluster components or nodes, the graph explorer will highlight them, allowing us to easily address the issues.

The threat intelligence section also focuses on identifying new vulnerabilities emerging in the market. SentinelOne Singularity Cloud Security scans our existing infrastructure to pinpoint all affected resources. This allows us to easily identify any at-risk resources with a single click.

SentinelOne Singularity Cloud Security can improve by eliminating 100 percent of the false positives.

Another area of improvement is for SentinelOne Singularity Cloud Security to auto-remediate the alerts. 

I have been using SentinelOne Singularity Cloud Security for 6 months.

I would rate the stability of SentinelOne Singularity Cloud Security 10 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 10 out of 10.

We connect with the SentinelOne Singularity Cloud Security technical support on Slack and they are always helpful and knowledgable. They can help with any of our questions and issues.

Positive

In the past, we relied on open-source tools like Terraform scanning and Gitleaks to scan our infrastructure as code and identify secrets. However, this approach demanded significant manpower and time investment, and we were inundated with false positives. To address these challenges, we transitioned to SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security 9 out of 10.

For our organization, SentinelOne Singularity Cloud Security must include evidence of exploitability in its evidence-based reporting and it does.

We have 6 people in our organization that utilize SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others because it offers several advantages. One key benefit is that it saves a significant amount of manpower. This frees up our security engineers to focus on other assigned tasks. SentinelOne Singularity Cloud Security is a valuable tool for automating tasks.

We use SentinelOne Singularity Cloud Security as a cloud-native application protection platform. It scans all our accounts to identify any loopholes or vulnerabilities. We get the results and recommended resolutions. It provides reports with all the minute details. For example, it might tell us there is an admin user with access that might increase the risk. SentinelOne Singularity Cloud Security gives a comprehensive overview of anything about our cloud posture. 

We scan an Azure or AWS account, and SentinelOne Singularity Cloud Security tells us the particular route an attacker might take and the risks. We use it extensively because it provides information on everything that could lead to a disaster. We're scanning 20 to 25 database accounts, with no more than 20 users.

SentinelOne Singularity Cloud Security helped us close the loopholes in most of the services, improve our cloud security posture, and lock down who has access. The solution's reporting helps with auditing and compliance. When we started, our posture rating was around 77 percent. It's now at around 98 percent after we closed the loopholes.

The false positive rate is low. It's accurate 99 percent of the time. If we are doing a continuous scan, we sometimes get false positives, and we used to get much more in the early days of our deployment, but now it's quite effective and efficient.

SentinelOne Singularity Cloud Security has reduced detection and remediation time by 10 to 20 percent. It has also improved collaboration among our security and application teams. We now get reports every 10 days, which has improved our teams' productivity because they don't need to go back and forth. It has made the DevOps and security teams' work about 20 to 30 percent more efficient. 

With SentinelOne Singularity Cloud Security, it's easy to onboard new accounts. When there's a major acquisition, we have dozens of new accounts that we need to onboard quickly. It's very easy to use. The proof of exploitability is critical because we must present the results to a developer. Without evidence, they won't understand the problem.

The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects. 

I have used SentinelOne Singularity Cloud Security for nearly 2 years. 

I rate SentinelOne Singularity Cloud Security 9 out of 10 for scalability. 

Deploying is straightforward and only takes a couple of days. One person did the initial setup, and whoever needs to use it can access it through the portal. It doesn't require any maintenance. 

We've seen a return in the form of time saved. It gives us timely reports, and time is money. 

In some markets, SentinelOne Singularity Cloud Security is a little on the higher side, but it's just right for us. It's a good value for the money.

I rate SentinelOne Singularity Cloud Security 9 out of 10 and would recommend it to others. It's easy to use. 

My company uses Cloud Native Security as our CSPM solution to discover vulnerabilities in cloud-based configurations. We take alerts from Cloud Native Security and forward them to the DevOps team to remediate them manually. 

Cloud Native Security helps reduce the number of false positives we receive. We receive notifications and alerts from various channels, such as AWS CloudTrail and Microsoft Defender. These products generate alerts based on their policies. I can feel confident that Cloud Native Security isn't giving any false positives. We get a few, but they are rare, and I can immediately alert the team to redefine their policies. 

Cloud Native Security's most valuable feature is its offensive security engine. I have worked with many CSPM solutions. What sets Cloud Native Security apart is the security engine's ability to provide evidence about the potential for vulnerabilities to be exploited or endpoints exposed with credentials.  

The evidence-based reporting is helpful. It shows us all these details that help us do more research. We are working with various stakeholders to remediate those misconfigurations immediately. No other solutions provide this feature. We can research other resources affected by the same kind of vulnerabilities or misconfigurations. We can prioritize fixing them and work on them immediately. That's beneficial to everyone on the team, and they are learning a lot with this feature from Cloud Native Security itself.

While Cloud Native Security is mostly easy to use, the interface has a few trouble areas. We have faced some challenges with filtering. The Cloud Native Security team is working on that, and they're fixing it immediately. They take feedback seriously. There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature. 

We have been using Cloud Native Security for one year.

Cloud Native Security is stable. 

I rate Cloud Native Security 9 out of 10 for scalability. There is no lag, and the application doesn't break down. 

I rate Cloud Native Security support 8 out of 10. We contacted them about adding some policies and creating plugins based on our requirements. 

Positive

We previously used Prisma Cloud. Each has its own feature set. Prisma is on a higher level, and Cloud Native Security is a startup that's building its feature set and taking feedback from all the customers. That's one advantage Cloud Native Security has. They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away.

Deploying Cloud Native Security wasn't too easy or difficult. It was manageable. I did the deployment by myself. I'm the Cloud Native Security admin for my organization responsible for onboarding all the cloud accounts for AWS, GCP, and Azure. 

We also looked at Orca Security. Like Prisma, Orca is one of the top solutions on the market. Most of the CSPM solutions have the same features. Cloud Native Security stood out for two reasons: One is the offensive security engine. That is the main thing. The second thing Cloud Native Security offers is evidence-based reporting. That helps us a lot. These two features are unique, which is why we chose Cloud Native Security. 

I rate Cloud Native Security 7 out of 10. 

We're managing our cloud environment on AWS, and SentinelOne Singularity Cloud Security is assisting us as a CSPM tool. It identifies vulnerabilities in our configuration and helps prevent malicious attacks.

Our current cloud environment allows independent resource deployment by our six to eight-person team, which increases the risk of misconfiguration. To mitigate this, we implemented SentinelOne Singularity Cloud Security. This security tool generates alerts for misconfigurations, allowing us to promptly address them and maintain a strong cloud security posture.

Having too many resources with platform access made misconfigurations more likely. SentinelOne Singularity Cloud Security addressed this by helping us configure everything according to best practices, helping improve our security posture.

SentinelOne Singularity Cloud Security is easy to use.

Evidence-based alerts help us mitigate the priority issues that are detected.

The proof of exploitability in evidence-based reporting is helpful.

The offensive security engine strengthens our organization's security posture by validating potential attacker paths and prioritizing vulnerabilities with the highest likelihood of being exploited in a breach.

Infrastructure as Code facilitates the identification of pre-production issues within our Cloud Formation Templates and Terraform configurations.

SentinelOne Singularity Cloud Security has been instrumental in ensuring our strong cloud security posture, effectively helping us manage and mitigate risks. SentinelOne Singularity Cloud Security helped our team reduce the number of false positives.

SentinelOne Singularity Cloud Security plays a key role in strengthening our risk posture. By providing alerts, it assists both our information security and security assessment teams in identifying and mitigating potential threats, ultimately improving our overall security position.

It has improved our mean time to detection by 30 percent and effectively reduces our average time to resolve incidents. By providing valuable information, SentinelOne Singularity Cloud Security empowers our team to quickly diagnose and rectify problems.

It has improved the collaboration of our cloud security application developers and AppSec teams.

SentinelOne Singularity Cloud Security has helped save engineering time by 50 percent. 

SentinelOne Singularity Cloud Security offers security solutions for both Kubernetes and CI/CD pipelines. It helps with vulnerability remediation, ensuring timely alerts for misconfigured resources, so we can address security issues efficiently.

While SentinelOne Singularity Cloud Security offers real-time response, there is room for improvement in alert accuracy. We've encountered instances where misconfigurations created by teammates were not flagged promptly by SentinelOne Singularity Cloud Security, leading to downstream issues.

I have been using SentinelOne Singularity Cloud Security for one year.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security nine out of ten.

The technical support is helpful.

Positive

SentinelOne Singularity Cloud Security's team clearly explained the implementation process, which our team of three was then able to complete in just one week.

SentinelOne Singularity Cloud Security falls within the typical price range for cloud security platforms.

I would rate SentinelOne Singularity Cloud Security ten out of ten.

Our organization has over 35 members across various teams, each utilizing SentinelOne Singularity Cloud Security according to their specific needs.

No maintenance is required on our end.

I recommend SentinelOne Singularity Cloud Security to others. It has done a great job of improving our security posture.

We use SentinelOne Singularity Cloud Security to improve our security posture through evidence-based alerts by detecting and mitigating vulnerabilities.

We sought a CSPM solution that could be configured to adhere to the security policies of our required integrations. SentinelOne Singularity Cloud Security stood out as a strong candidate due to its compliance with industry standards like ISO and its ability to provide valuable security insights.

SentinelOne Singularity Cloud Security is a SaaS solution.

SentinelOne Singularity Cloud Security boasts a user-friendly interface that avoids information overload. The clean layout allows for easy navigation, even for new users, while still offering the ability to delve deeper into the data for a more granular view.

I would rate the evidence-based reporting of SentinelOne Singularity Cloud Security an eight out of ten.

SentinelOne Singularity Cloud Security's proof of exploitability is invaluable because it allows us to demonstrate the root cause of security issues to stakeholders clearly and concisely, streamlining the remediation process.

I would rate the offensive security engine's ability to assess and verify exploit paths and prioritize breach potential a nine out of ten.

The easy-to-use UI helps our security team review evidence from a single dashboard.

SentinelOne Singularity Cloud Security has broadened our viewpoint within our environment, allowing us to see things from multiple angles. This wider perspective provides greater assurance to our team and the entire enterprise.

It has helped reduce around ten percent of the false positives.

Thanks to SentinelOne Singularity Cloud Security, our cloud security posture has significantly improved. We've effectively mitigated critical and high vulnerabilities, achieving a strong security position from a CSPM perspective.

SentinelOne Singularity Cloud Security has impacted collaboration between our cloud security application developers and AppSec teams. To address this, we've granted controlled access to SentinelOne Singularity Cloud Security for all relevant teams. We've also encouraged its use by providing training on the tool itself.

SentinelOne Singularity Cloud Security stands out for its user-friendly interface and intuitive software, making it easy to navigate and use. It excels at presenting remediation steps in a clear and actionable way. Additionally, the reporting capabilities ensure we maintain compliance. However, the most valuable feature for us is the ability to conduct authentic security testing, providing real-world insights into our vulnerabilities.

The vulnerability scanner generates a high number of false positives that it flags as alerts, even though they're not actual threats. This suggests a configuration issue. We need to address this, especially since some of these flagged vulnerabilities have already been mitigated by other means.

The compliance monitoring dashboard, while helpful, doesn't integrate seamlessly with our entire system. This creates a disconnect: a high volume of alerts doesn't necessarily reflect a decline in compliance. For instance, I might have a thousand alerts on my ISO-related compliance dashboard, yet the compliance itself remains at 99.99 percent. This inconsistency makes it difficult to justify remediating every alert. In other words, I might give a clean bill of health from a compliance standpoint, yet still expect them to resolve the alert, which can be confusing. Therefore, we need to address either the way the dashboard generates alerts or the way we create them. Ideally, alerts should be directly tied to compliance standards and have a clear role in the overall compliance process. If they don't meet these criteria, perhaps they shouldn't be flagged as high or critical in severity.

Crafting customized policies can be tricky. Take creating our own, for instance. It requires a deep dive into the customization options, as the language used can be complex and demands a certain level of skill.

Since Sentinel's acquisition of SentinelOne Singularity Cloud Security, there has been a decline in both the frequency of new releases and the quality of support. Previously, SentinelOne Singularity Cloud Security was known for its proactive approach.

SentinelOne Singularity Cloud Security utilizes additional modules besides CSPN. Ideally, there should be a correlation between these systems. This would ensure that the assets we review for vulnerabilities within SentinelOne Singularity Cloud Security are consistent with those reviewed in CSPN. This consistency would simplify the process, allowing us to focus on a single review level. This level could be defined from a configuration perspective or by a compliance standard, such as the web application itself. If SentinelOne Singularity Cloud Security migrates data, this correlation between systems would be especially beneficial to ensure continued integration with all modules.

I have been using SentinelOne Singularity Cloud Security for six months.

The core modules of SentinelOne Singularity Cloud Security are stable but some of their new features had bugs in them.

I would rate the stability of SentinelOne Singularity Cloud Security seven out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

The technical support is good.

Positive

We've added SentinelOne Singularity Cloud Security to our existing Palo Alto Prisma Cloud environment. This will allow us to directly compare the results of the two tools.

The implementation is straightforward and takes a couple of days to complete.

We had five to ten people involved, excluding the SentinelOne Singularity Cloud Security developers.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

We have SentinelOne Singularity Cloud Security accessible in multiple departments with a total of 20 users.

There is no maintenance required from our end.

While SentinelOne Singularity Cloud Security advertises itself as a Cloud-Native Application Protection Platform solution, it offers some CNAPP functionalities but doesn't provide a fully comprehensive picture of your cloud security posture. In essence, it has some CNAPP capabilities, but it's not a complete CNAPP solution yet.

We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice.

By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. SentinelOne Singularity Cloud Security keeps updating its database and highlighting any issues.

We use agentless vulnerability scanning. It is cool. It operates on our cloud. All we need to do is authenticate and authorize our agents to read from our cloud infrastructure, which is cool.

SentinelOne Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. This is very important because it gives the entry point to the entire process.

We use SentinelOne Singularity Cloud Security's Infrastructure as Code (IaC) scanning. All of our Terraform code and Git repositories are checked in, identified, and scanned. It helps us identify any issues way before production.

SentinelOne Singularity Cloud Security has not reduced the number of false positives. We have very few false positives in our organization. We have a very specific structure.

SentinelOne Singularity Cloud Security has reduced our mean time to detect. It has helped us a lot. It is quite quick, and that is why we put it in our sprint at every agile site. In terms of its effect on the mean time to remediate, we have not crossed the remediation phase. Remediation is okay. I would want it to go a little bit more specific on remediation, but I understand that it is just an engine that can scan.

We were able to realize the benefits of SentinelOne Singularity Cloud Security in about a month.

SentinelOne Singularity Cloud Security has not affected the collaboration among our cloud security, application developers, and app sec teams. The access to SentinelOne Singularity Cloud Security is less. The number of roles that SentinelOne Singularity Cloud Security provides is very low. I cannot segregate a particular account or a particular user. It is difficult for a lot of people to get. It is just the development, operations, and infrastructure teams that are currently working with it.

It is pretty simple. It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job.

Its reporting is bad. I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved.

The graphical representation of different resources is super cool, but the problem is that you cannot do anything with it. For example, if you just take the subnets and VPN and put them in a diagram, it becomes so big. I pretty much cannot use it. There is no point. If I am drawing a graph or bringing up a graph, but I am not able to show it to a person, what is the use of that? It is pointless.

Its scalability can be improved.

In this organization, I have been using SentinelOne Singularity Cloud Security for 6  months. Overall, I have about 4.5 years of experience.

I have not had any issues. I have been lucky enough to not notice any issues.

We have a parent organization, and then we have child accounts, but they have to be configured separately in SentinelOne Singularity Cloud Security, which makes it difficult to add accounts. You have different pages, so a comparative study about account usage is not possible. I am not a fan of its scalability. Its scalability can be better. 

I have interacted with them a couple of times. They have been very helpful. Their speed is pretty good. They are faster than AWS support. They are quick. The support quality is good. I did not see any lack of quality. I do not have anything bad to say about them.

Positive

We have CloudFront, which is a security measure by AWS for a very specific purpose. I have used SonarQube. It is pretty decent. It is code-specific, whereas SentinelOne Singularity Cloud Security falls under code and IaC. I have used the Trivy scanning mechanism. Semgrep is an open-source tool. GitLab has its own set of static code analysis and static infrastructure analysis tools. These are some of the tools that I have used before.

SentinelOne Singularity Cloud Security is very specific to the cloud-native environment. It lets you plug in more than one cloud. My organization has a multi-cloud strategy. With SentinelOne Singularity Cloud Security, we can have Google Cloud and AWS under the same umbrella, which is cool. It has its own unique place, and I like it.

It was very easy. The only problem was getting the RBAC roles. After we had the roles, it was straightforward. It was very simple.

We have a 47-cluster environment. It took about 1.5 hours. It is quick enough. It is as good as CloudFormation.

It does not require any maintenance from our side. Because it is fully managed on the cloud SA, we do not have to do anything.

It was implemented in-house. We have a development and operations team with 5 people.

Its pricing is constant. It has been constant over the previous year, so I am happy with it. However, price distribution can be better explained. That is the only area I am worried about. Otherwise, the pricing is very reasonable. As the cloud vendors change their pricing, SentinelOne Singularity Cloud Security also has to change its pricing. I understand that. I am happy with it, but the split up can be better explained.

To those evaluating SentinelOne Singularity Cloud Security, I would advise understanding SentinelOne Singularity Cloud Security's licensing metrics. You should understand how SentinelOne Singularity Cloud Security calculates. That is very important because it is not straightforward. You should understand that, and you can talk to the support people. They are very good. They clearly explain it. The person who is dealing with it should have a technical background. He cannot be a business analyst.

Make sure that you put in all the configurations on day one. You will find it difficult to compare if you keep building on top of it.

Overall, I would rate SentinelOne Singularity Cloud Security a 7 out of 10.