SentinelOne Singularity Cloud Security Reviews

We use SentinelOne Singularity Cloud Security as a Cloud Native Application Protection tool to identify anomalies or deviations from best practices in our cloud environment.

We chose SentinelOne Singularity Cloud Security because it meets our compliance requirements.

We have integrated SentinelOne Singularity Cloud Security with all of our AWS accounts. By default, when SentinelOne Singularity Cloud Security identifies an issue, it automatically creates a Jira ticket. Our Security Operations Center team then investigates all these Jira tickets and takes appropriate action.

SentinelOne Singularity Cloud Security is user-friendly.

SentinelOne Singularity Cloud Security's evidence reporting is valuable for prioritizing and resolving the most critical cloud security issues. Any issue it identifies, whether it warrants a Jira ticket or not, can be directly accessed through a provided link. The SentinelOne Singularity Cloud Security dashboard then displays all vulnerabilities, including how the issue was identified, the type of scan used, and the affected code location. This can include details from secret scanning, pinpointing the specific repository, file, and location where a secret was leaked within GitHub. This level of detail makes it very easy to verify and prioritize remediation efforts.

We leverage IaC scanning because our infrastructure is defined using Terraform. This allows our DevOps team to proactively identify potential security vulnerabilities. These vulnerabilities can include accidentally embedding secrets directly in the IaC code, such as committing them to the GitHub repository. By utilizing IaC scanning, we can detect such issues and promptly notify the responsible DevOps team member for remediation.

SentinelOne Singularity Cloud Security helps identify issues in container configuration files early in the development process.

In the past, we relied on multiple tools for latency scanning and Kubernetes security scanning. This meant using separate portals and logging tickets manually in Jira. Now, with SentinelOne Singularity Cloud Security, we have a centralized solution. It provides a single point of access for everything, from security issues to the latest threat intelligence reports. This makes it user-friendly and saves our team significant time. We can investigate issues more efficiently and even create Jira tickets directly within SentinelOne Singularity Cloud Security, eliminating the need for manual logging. Overall, SentinelOne Singularity Cloud Security offers both time savings and improved accuracy.

The real-time detection offered by SentinelOne Singularity Cloud Security is crucial because we manage all our data using Kubernetes. This makes it critical to identify any vulnerabilities within the running dependencies.

We rely on SentinelOne Singularity Cloud Security's comprehensive compliance monitoring to maintain regulatory compliance. We utilize all its features to maximize its effectiveness.

SentinelOne Singularity Cloud Security has a user-friendly interface. It provides a visual flow diagram that makes it easy to navigate between different AWS accounts and services. When we receive an alert, we can quickly see which account and service it's related to. Overall, it's a well-designed tool.

SentinelOne Singularity Cloud Security has removed 80 percent of our false positives.

SentinelOne Singularity Cloud Security has improved our mean time to detection by 100 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 70 percent. This is because we can now quickly obtain a list of all issue tickets logged in Jira, allowing our SoC team to take action on them promptly.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud developers and AppSec teams.

Having a system that can identify and alert us to misconfigurations in our 3 data storage buckets is helpful for our organization's penetration testers. Since all our company data resides on cloud platforms, SentinelOne Singularity Cloud Security allows the AppSec team to automatically detect vulnerabilities before manual penetration testing begins. While this automation might seem to reduce the AppSec team's workload for cloud security specifically, it would ultimately benefit both teams. The security operations team would be relieved of the burden of manually logging and ticketing every issue identified within AWS services.

SentinelOne Singularity Cloud Security has helped save 90 percent of the engineering team's time.

We have successfully integrated SentinelOne Singularity Cloud Security with AWS and have also integrated the GitHub organization. These integrations were implemented to identify potential issues on our cloud platform. SentinelOne Singularity Cloud Security is also used for IaC and secret scanning within our organization. Fortunately, these integrations have been running smoothly and haven't caused any problems.

SentinelOne Singularity Cloud Security's graph explorer is a valuable tool that lets us visualize all connected services. For instance, we can see all running Kubernetes clusters, including their components and nodes. If there are any problems with cluster components or nodes, the graph explorer will highlight them, allowing us to easily address the issues.

The threat intelligence section also focuses on identifying new vulnerabilities emerging in the market. SentinelOne Singularity Cloud Security scans our existing infrastructure to pinpoint all affected resources. This allows us to easily identify any at-risk resources with a single click.

SentinelOne Singularity Cloud Security can improve by eliminating 100 percent of the false positives.

Another area of improvement is for SentinelOne Singularity Cloud Security to auto-remediate the alerts. 

I have been using SentinelOne Singularity Cloud Security for 6 months.

I would rate the stability of SentinelOne Singularity Cloud Security 10 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 10 out of 10.

We connect with the SentinelOne Singularity Cloud Security technical support on Slack and they are always helpful and knowledgable. They can help with any of our questions and issues.

In the past, we relied on open-source tools like Terraform scanning and Gitleaks to scan our infrastructure as code and identify secrets. However, this approach demanded significant manpower and time investment, and we were inundated with false positives. To address these challenges, we transitioned to SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security 9 out of 10.

For our organization, SentinelOne Singularity Cloud Security must include evidence of exploitability in its evidence-based reporting and it does.

We have 6 people in our organization that utilize SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others because it offers several advantages. One key benefit is that it saves a significant amount of manpower. This frees up our security engineers to focus on other assigned tasks. SentinelOne Singularity Cloud Security is a valuable tool for automating tasks.

We use SentinelOne Singularity Cloud Security as a cloud-native application protection platform. It scans all our accounts to identify any loopholes or vulnerabilities. We get the results and recommended resolutions. It provides reports with all the minute details. For example, it might tell us there is an admin user with access that might increase the risk. SentinelOne Singularity Cloud Security gives a comprehensive overview of anything about our cloud posture. 

We scan an Azure or AWS account, and SentinelOne Singularity Cloud Security tells us the particular route an attacker might take and the risks. We use it extensively because it provides information on everything that could lead to a disaster. We're scanning 20 to 25 database accounts, with no more than 20 users.

SentinelOne Singularity Cloud Security helped us close the loopholes in most of the services, improve our cloud security posture, and lock down who has access. The solution's reporting helps with auditing and compliance. When we started, our posture rating was around 77 percent. It's now at around 98 percent after we closed the loopholes.

The false positive rate is low. It's accurate 99 percent of the time. If we are doing a continuous scan, we sometimes get false positives, and we used to get much more in the early days of our deployment, but now it's quite effective and efficient.

SentinelOne Singularity Cloud Security has reduced detection and remediation time by 10 to 20 percent. It has also improved collaboration among our security and application teams. We now get reports every 10 days, which has improved our teams' productivity because they don't need to go back and forth. It has made the DevOps and security teams' work about 20 to 30 percent more efficient. 

With SentinelOne Singularity Cloud Security, it's easy to onboard new accounts. When there's a major acquisition, we have dozens of new accounts that we need to onboard quickly. It's very easy to use. The proof of exploitability is critical because we must present the results to a developer. Without evidence, they won't understand the problem.

The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects. 

I have used SentinelOne Singularity Cloud Security for nearly 2 years. 

I rate SentinelOne Singularity Cloud Security 9 out of 10 for scalability. 

Deploying is straightforward and only takes a couple of days. One person did the initial setup, and whoever needs to use it can access it through the portal. It doesn't require any maintenance. 

We've seen a return in the form of time saved. It gives us timely reports, and time is money. 

In some markets, SentinelOne Singularity Cloud Security is a little on the higher side, but it's just right for us. It's a good value for the money.

I rate SentinelOne Singularity Cloud Security 9 out of 10 and would recommend it to others. It's easy to use. 

My company uses Cloud Native Security as our CSPM solution to discover vulnerabilities in cloud-based configurations. We take alerts from Cloud Native Security and forward them to the DevOps team to remediate them manually. 

Cloud Native Security helps reduce the number of false positives we receive. We receive notifications and alerts from various channels, such as AWS CloudTrail and Microsoft Defender. These products generate alerts based on their policies. I can feel confident that Cloud Native Security isn't giving any false positives. We get a few, but they are rare, and I can immediately alert the team to redefine their policies. 

Cloud Native Security's most valuable feature is its offensive security engine. I have worked with many CSPM solutions. What sets Cloud Native Security apart is the security engine's ability to provide evidence about the potential for vulnerabilities to be exploited or endpoints exposed with credentials.  

The evidence-based reporting is helpful. It shows us all these details that help us do more research. We are working with various stakeholders to remediate those misconfigurations immediately. No other solutions provide this feature. We can research other resources affected by the same kind of vulnerabilities or misconfigurations. We can prioritize fixing them and work on them immediately. That's beneficial to everyone on the team, and they are learning a lot with this feature from Cloud Native Security itself.

While Cloud Native Security is mostly easy to use, the interface has a few trouble areas. We have faced some challenges with filtering. The Cloud Native Security team is working on that, and they're fixing it immediately. They take feedback seriously. There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature. 

We have been using Cloud Native Security for one year.

Cloud Native Security is stable. 

I rate Cloud Native Security 9 out of 10 for scalability. There is no lag, and the application doesn't break down. 

I rate Cloud Native Security support 8 out of 10. We contacted them about adding some policies and creating plugins based on our requirements. 

Positive

We previously used Prisma Cloud. Each has its own feature set. Prisma is on a higher level, and Cloud Native Security is a startup that's building its feature set and taking feedback from all the customers. That's one advantage Cloud Native Security has. They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away.

Deploying Cloud Native Security wasn't too easy or difficult. It was manageable. I did the deployment by myself. I'm the Cloud Native Security admin for my organization responsible for onboarding all the cloud accounts for AWS, GCP, and Azure. 

We also looked at Orca Security. Like Prisma, Orca is one of the top solutions on the market. Most of the CSPM solutions have the same features. Cloud Native Security stood out for two reasons: One is the offensive security engine. That is the main thing. The second thing Cloud Native Security offers is evidence-based reporting. That helps us a lot. These two features are unique, which is why we chose Cloud Native Security. 

I rate Cloud Native Security 7 out of 10. 

We're managing our cloud environment on AWS, and SentinelOne Singularity Cloud Security is assisting us as a CSPM tool. It identifies vulnerabilities in our configuration and helps prevent malicious attacks.

Our current cloud environment allows independent resource deployment by our six to eight-person team, which increases the risk of misconfiguration. To mitigate this, we implemented SentinelOne Singularity Cloud Security. This security tool generates alerts for misconfigurations, allowing us to promptly address them and maintain a strong cloud security posture.

Having too many resources with platform access made misconfigurations more likely. SentinelOne Singularity Cloud Security addressed this by helping us configure everything according to best practices, helping improve our security posture.

SentinelOne Singularity Cloud Security is easy to use.

Evidence-based alerts help us mitigate the priority issues that are detected.

The proof of exploitability in evidence-based reporting is helpful.

The offensive security engine strengthens our organization's security posture by validating potential attacker paths and prioritizing vulnerabilities with the highest likelihood of being exploited in a breach.

Infrastructure as Code facilitates the identification of pre-production issues within our Cloud Formation Templates and Terraform configurations.

SentinelOne Singularity Cloud Security has been instrumental in ensuring our strong cloud security posture, effectively helping us manage and mitigate risks. SentinelOne Singularity Cloud Security helped our team reduce the number of false positives.

SentinelOne Singularity Cloud Security plays a key role in strengthening our risk posture. By providing alerts, it assists both our information security and security assessment teams in identifying and mitigating potential threats, ultimately improving our overall security position.

It has improved our mean time to detection by 30 percent and effectively reduces our average time to resolve incidents. By providing valuable information, SentinelOne Singularity Cloud Security empowers our team to quickly diagnose and rectify problems.

It has improved the collaboration of our cloud security application developers and AppSec teams.

SentinelOne Singularity Cloud Security has helped save engineering time by 50 percent. 

SentinelOne Singularity Cloud Security offers security solutions for both Kubernetes and CI/CD pipelines. It helps with vulnerability remediation, ensuring timely alerts for misconfigured resources, so we can address security issues efficiently.

While SentinelOne Singularity Cloud Security offers real-time response, there is room for improvement in alert accuracy. We've encountered instances where misconfigurations created by teammates were not flagged promptly by SentinelOne Singularity Cloud Security, leading to downstream issues.

I have been using SentinelOne Singularity Cloud Security for one year.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security nine out of ten.

The technical support is helpful.

Positive

SentinelOne Singularity Cloud Security's team clearly explained the implementation process, which our team of three was then able to complete in just one week.

SentinelOne Singularity Cloud Security falls within the typical price range for cloud security platforms.

I would rate SentinelOne Singularity Cloud Security ten out of ten.

Our organization has over 35 members across various teams, each utilizing SentinelOne Singularity Cloud Security according to their specific needs.

No maintenance is required on our end.

I recommend SentinelOne Singularity Cloud Security to others. It has done a great job of improving our security posture.

We use SentinelOne Singularity Cloud Security to improve our security posture through evidence-based alerts by detecting and mitigating vulnerabilities.

We sought a CSPM solution that could be configured to adhere to the security policies of our required integrations. SentinelOne Singularity Cloud Security stood out as a strong candidate due to its compliance with industry standards like ISO and its ability to provide valuable security insights.

SentinelOne Singularity Cloud Security is a SaaS solution.

SentinelOne Singularity Cloud Security boasts a user-friendly interface that avoids information overload. The clean layout allows for easy navigation, even for new users, while still offering the ability to delve deeper into the data for a more granular view.

I would rate the evidence-based reporting of SentinelOne Singularity Cloud Security an eight out of ten.

SentinelOne Singularity Cloud Security's proof of exploitability is invaluable because it allows us to demonstrate the root cause of security issues to stakeholders clearly and concisely, streamlining the remediation process.

I would rate the offensive security engine's ability to assess and verify exploit paths and prioritize breach potential a nine out of ten.

The easy-to-use UI helps our security team review evidence from a single dashboard.

SentinelOne Singularity Cloud Security has broadened our viewpoint within our environment, allowing us to see things from multiple angles. This wider perspective provides greater assurance to our team and the entire enterprise.

It has helped reduce around ten percent of the false positives.

Thanks to SentinelOne Singularity Cloud Security, our cloud security posture has significantly improved. We've effectively mitigated critical and high vulnerabilities, achieving a strong security position from a CSPM perspective.

SentinelOne Singularity Cloud Security has impacted collaboration between our cloud security application developers and AppSec teams. To address this, we've granted controlled access to SentinelOne Singularity Cloud Security for all relevant teams. We've also encouraged its use by providing training on the tool itself.

SentinelOne Singularity Cloud Security stands out for its user-friendly interface and intuitive software, making it easy to navigate and use. It excels at presenting remediation steps in a clear and actionable way. Additionally, the reporting capabilities ensure we maintain compliance. However, the most valuable feature for us is the ability to conduct authentic security testing, providing real-world insights into our vulnerabilities.

The vulnerability scanner generates a high number of false positives that it flags as alerts, even though they're not actual threats. This suggests a configuration issue. We need to address this, especially since some of these flagged vulnerabilities have already been mitigated by other means.

The compliance monitoring dashboard, while helpful, doesn't integrate seamlessly with our entire system. This creates a disconnect: a high volume of alerts doesn't necessarily reflect a decline in compliance. For instance, I might have a thousand alerts on my ISO-related compliance dashboard, yet the compliance itself remains at 99.99 percent. This inconsistency makes it difficult to justify remediating every alert. In other words, I might give a clean bill of health from a compliance standpoint, yet still expect them to resolve the alert, which can be confusing. Therefore, we need to address either the way the dashboard generates alerts or the way we create them. Ideally, alerts should be directly tied to compliance standards and have a clear role in the overall compliance process. If they don't meet these criteria, perhaps they shouldn't be flagged as high or critical in severity.

Crafting customized policies can be tricky. Take creating our own, for instance. It requires a deep dive into the customization options, as the language used can be complex and demands a certain level of skill.

Since Sentinel's acquisition of SentinelOne Singularity Cloud Security, there has been a decline in both the frequency of new releases and the quality of support. Previously, SentinelOne Singularity Cloud Security was known for its proactive approach.

SentinelOne Singularity Cloud Security utilizes additional modules besides CSPN. Ideally, there should be a correlation between these systems. This would ensure that the assets we review for vulnerabilities within SentinelOne Singularity Cloud Security are consistent with those reviewed in CSPN. This consistency would simplify the process, allowing us to focus on a single review level. This level could be defined from a configuration perspective or by a compliance standard, such as the web application itself. If SentinelOne Singularity Cloud Security migrates data, this correlation between systems would be especially beneficial to ensure continued integration with all modules.

I have been using SentinelOne Singularity Cloud Security for six months.

The core modules of SentinelOne Singularity Cloud Security are stable but some of their new features had bugs in them.

I would rate the stability of SentinelOne Singularity Cloud Security seven out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

The technical support is good.

Positive

We've added SentinelOne Singularity Cloud Security to our existing Palo Alto Prisma Cloud environment. This will allow us to directly compare the results of the two tools.

The implementation is straightforward and takes a couple of days to complete.

We had five to ten people involved, excluding the SentinelOne Singularity Cloud Security developers.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

We have SentinelOne Singularity Cloud Security accessible in multiple departments with a total of 20 users.

There is no maintenance required from our end.

While SentinelOne Singularity Cloud Security advertises itself as a Cloud-Native Application Protection Platform solution, it offers some CNAPP functionalities but doesn't provide a fully comprehensive picture of your cloud security posture. In essence, it has some CNAPP capabilities, but it's not a complete CNAPP solution yet.

We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice.

By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. SentinelOne Singularity Cloud Security keeps updating its database and highlighting any issues.

We use agentless vulnerability scanning. It is cool. It operates on our cloud. All we need to do is authenticate and authorize our agents to read from our cloud infrastructure, which is cool.

SentinelOne Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. This is very important because it gives the entry point to the entire process.

We use SentinelOne Singularity Cloud Security's Infrastructure as Code (IaC) scanning. All of our Terraform code and Git repositories are checked in, identified, and scanned. It helps us identify any issues way before production.

SentinelOne Singularity Cloud Security has not reduced the number of false positives. We have very few false positives in our organization. We have a very specific structure.

SentinelOne Singularity Cloud Security has reduced our mean time to detect. It has helped us a lot. It is quite quick, and that is why we put it in our sprint at every agile site. In terms of its effect on the mean time to remediate, we have not crossed the remediation phase. Remediation is okay. I would want it to go a little bit more specific on remediation, but I understand that it is just an engine that can scan.

We were able to realize the benefits of SentinelOne Singularity Cloud Security in about a month.

SentinelOne Singularity Cloud Security has not affected the collaboration among our cloud security, application developers, and app sec teams. The access to SentinelOne Singularity Cloud Security is less. The number of roles that SentinelOne Singularity Cloud Security provides is very low. I cannot segregate a particular account or a particular user. It is difficult for a lot of people to get. It is just the development, operations, and infrastructure teams that are currently working with it.

It is pretty simple. It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job.

Its reporting is bad. I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved.

The graphical representation of different resources is super cool, but the problem is that you cannot do anything with it. For example, if you just take the subnets and VPN and put them in a diagram, it becomes so big. I pretty much cannot use it. There is no point. If I am drawing a graph or bringing up a graph, but I am not able to show it to a person, what is the use of that? It is pointless.

Its scalability can be improved.

In this organization, I have been using SentinelOne Singularity Cloud Security for 6  months. Overall, I have about 4.5 years of experience.

I have not had any issues. I have been lucky enough to not notice any issues.

We have a parent organization, and then we have child accounts, but they have to be configured separately in SentinelOne Singularity Cloud Security, which makes it difficult to add accounts. You have different pages, so a comparative study about account usage is not possible. I am not a fan of its scalability. Its scalability can be better. 

I have interacted with them a couple of times. They have been very helpful. Their speed is pretty good. They are faster than AWS support. They are quick. The support quality is good. I did not see any lack of quality. I do not have anything bad to say about them.

Positive

We have CloudFront, which is a security measure by AWS for a very specific purpose. I have used SonarQube. It is pretty decent. It is code-specific, whereas SentinelOne Singularity Cloud Security falls under code and IaC. I have used the Trivy scanning mechanism. Semgrep is an open-source tool. GitLab has its own set of static code analysis and static infrastructure analysis tools. These are some of the tools that I have used before.

SentinelOne Singularity Cloud Security is very specific to the cloud-native environment. It lets you plug in more than one cloud. My organization has a multi-cloud strategy. With SentinelOne Singularity Cloud Security, we can have Google Cloud and AWS under the same umbrella, which is cool. It has its own unique place, and I like it.

It was very easy. The only problem was getting the RBAC roles. After we had the roles, it was straightforward. It was very simple.

We have a 47-cluster environment. It took about 1.5 hours. It is quick enough. It is as good as CloudFormation.

It does not require any maintenance from our side. Because it is fully managed on the cloud SA, we do not have to do anything.

It was implemented in-house. We have a development and operations team with 5 people.

Its pricing is constant. It has been constant over the previous year, so I am happy with it. However, price distribution can be better explained. That is the only area I am worried about. Otherwise, the pricing is very reasonable. As the cloud vendors change their pricing, SentinelOne Singularity Cloud Security also has to change its pricing. I understand that. I am happy with it, but the split up can be better explained.

To those evaluating SentinelOne Singularity Cloud Security, I would advise understanding SentinelOne Singularity Cloud Security's licensing metrics. You should understand how SentinelOne Singularity Cloud Security calculates. That is very important because it is not straightforward. You should understand that, and you can talk to the support people. They are very good. They clearly explain it. The person who is dealing with it should have a technical background. He cannot be a business analyst.

Make sure that you put in all the configurations on day one. You will find it difficult to compare if you keep building on top of it.

Overall, I would rate SentinelOne Singularity Cloud Security a 7 out of 10.

Cloud Native Security helps us identify security issues related to cloud configuration and containers. We leverage cloud synchronization for real-time incident notification.

Cloud Native Security is easy to use. Its user-friendly features make integrating new tools a breeze. Everything can be connected through a simple API. The intuitive dashboard and effortless ticket submission further enhance the user experience.

One of Cloud Native Security's most valuable features is its offensive security engine. This engine excels at identifying vulnerabilities caused by misconfigurations, which could potentially be exploited by external attackers. In these cases, Cloud Native Security's offensive security engine findings are highly accurate, with a proven positive detection rate.

Cloud Native Security has helped reduce the false positive rate. The reduction in false positives has improved our operations.

As a small startup, implementing all security best practices across the organization can be challenging. Additionally, security awareness may not be widespread. However, Cloud Native Security, a cloud-based security tool, helps us address these limitations. Cloud Native Security acts as a vigilant watchdog, continuously monitoring our infrastructure for misconfigurations. This includes detecting unauthorized access attempts, such as someone opening a specific port or granting historical access from an external AWS account. By integrating Cloud Native Security with our Slack channel, we receive immediate alerts whenever such suspicious activity occurs. The notification will highlight the potential risk and provide details, allowing us to investigate and take prompt action. Previously, we unknowingly stored sensitive information, known as hard-coded secrets, in our public GitHub repository. Since integrating Cloud Native Security with GitHub, these secrets are identified immediately and flagged through Slack alerts. This enables us to address the issue swiftly and reduce our overall security exposure.

It is far more effective at reducing our meantime to detection compared to the open-source solution we used previously.

Cloud Native Security's findings have led to increased collaboration with our infrastructure team. While our application is a separate product and doesn't reside in the cloud, Cloud Native Security has still proven valuable in this way.

Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews. This helped my organization identify nearly 10,000 secrets added across our repositories, many of which had a significant security impact. Integrating Cloud Native Security with GitHub alone allowed us to identify all these secrets. This is a key feature that has been instrumental in improving our security posture through testing.

Secondly, Cloud Native Security's cloud SIEM feature has been essential in preventing our most critical security incidents.

We are experiencing problems with Cloud Native Security reporting. Our organization primarily uses Jira for issue tracking. While Cloud Native Security offers input options for reporting vulnerabilities, the "connect action" it provides to link issues isn't replicating information to Jira. This is happening for approximately half of the company and is causing difficulties for developers and stakeholders in fully understanding the reported issues.

Cloud Native Security's proof of exploitability is not that useful when it relates to container images. More detail should be included in the reporting.

Cloud Native Security can identify hard-coded secrets within our code and tell us if they're valid or not. However, in some cases, Cloud Native Security may flag a valid secret as hard-coded without specifying its exact location within the codebase. This lack of detail makes it difficult for developers to identify where the secret is used. Ideally, Cloud Native Security should provide the specific location of valid hard-coded secrets. This would significantly improve the developer experience by allowing them to easily locate and manage these secrets.

Cloud Native Security integrates with Jira and Slack through APIs, which is great. However, I would also like to see Cloud Native Security offer APIs that allow us to directly build dashboards within the platform. This would be incredibly helpful for visualizing vulnerabilities, security settings, and Cloud Native Security usage reports. Imagine if Cloud Native Security provided these APIs. We could create custom dashboards for specific purposes, like offensive security, cloud misconfiguration monitoring, or even integrating ISS scans. Essentially, any customer could easily build dashboards tailored to their needs. Unfortunately, Cloud Native Security doesn't currently offer this functionality. Other security products provide this level of customization. Adding this feature to Cloud Native Security would significantly improve its overall solution. 

I have been using Cloud Native Security for two years.

Cloud Native Security is extremely stable and we have not encountered any issues.

Cloud Native Security is scalable.

We contact technical support weekly. They are helpful and respond quickly. Additionally, there is a built-in chatbot that allows us to submit support tickets.

Positive

We also rely on AWS built-in features that alert us if there are any misconfigurations along with Cloud Native Security.

Regarding the license model, I believe their approach is appropriate based on the customer workload data we're tracking. It seems like an ideal way to proceed.

For pricing, it currently seems to be in line with market rates. However, I recall Cloud Native Security charging a slightly higher premium previously.

I would rate Cloud Native Security nine out of ten.

We receive notifications from Cloud Native Security whenever maintenance is required, and they provide instructions to complete the process.

New users should be prepared to have a dedicated staff member manage Cloud Native Security. This person will handle alerts, configurations, and integrations. You should continuously evaluate all the findings that Cloud Native Security provides, as it performs daily scans. However, it's possible to miss vulnerabilities that have already been fixed. Therefore, careful attention is needed when raising issues with developers. To optimize your use of Cloud Native Security and potentially reduce workload, consider providing feedback to improve the product. Additionally, try to utilize as many features as possible, as they can all have a positive impact on your organization's infrastructure.

In its all-in-one aspect, we started with Cloud Security Posture Management at the beginning and then added the Offensive Security Engine, Vulnerability Management of CDR. We also use it for compliance.

By implementing this solution, we wanted an alerting mechanism and detection of any deviation from our current configuration. We also wanted visibility into Kubernetes and AWS cloud. We wanted something that continuously monitors and gives us updates so that we can take action.

We have an overview of our compliance status. We check on a weekly or monthly basis where we are with respect to various compliance standards.

Its dashboard is quite good. We can select any resource and go to any details we want. We have a visual representation of our assets and how they are connected.

I like the granularity of access. We can give read-only, admin, or other types of access to team members based on their roles.

It provides an option for auto-remediation, but we are not leveraging that. However, we are using the exploit information to check what they saw versus what we are seeing. It helps to be able to see their evidence.

It includes proof of exploitability in its evidence-based reporting. This is very important for us. We can validate if something is false positive or not only if we have any evidence from the findings. Having the evidence for every issue helps us prioritize the findings.

Offensive Security Engine has helped to clear a lot of vulnerabilities in the past. Through the dashboard, we could see all the metrics related to public exposure and misconfigurations. We have a lot of services in our cloud, and they were very hard to track. It solves that problem for us. 

Our time to detect and respond has improved drastically. If a misconfiguration happens, we gain visibility quickly. Our mean time to detect and respond has reduced by about 50%.

It has enabled collaboration between multiple teams for implementing cloud detection and response and understanding vulnerabilities. It has saved 20% to 30% of our time.

It has been highly effective in risk mitigation. Slack and Jira integrations have been helpful for alerting and creating tickets. We also have Kubernetes integration for insights. 

The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable. I get to customize severities or rules. The flexibility to rate a finding or category of vulnerabilities is the most interesting. 

The cloud misconfiguration feature gave us almost zero false positives. We are happy with this feature.

In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of critical severity, whereas they are not critical or of high severity. There is a mismatch of severities. They need to work on severity management. 

Alert fatigue is an issue as well. We get many alerts because of severity mismanagement. In CDR, there is no option to rescan or recheck. In cloud security, if a resource is restarting multiple times and gets a new name, we get alerts each time, leading to alert fatigue. If restarted five times, we get five alerts, which is not favorable.

I have used the solution for two years.

It is a stable product. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We are using the Enterprise plan which is the maximum that one can leverage. We are paying for all the features, but we are currently not leveraging VCS. We want to increase the usage of that.

Their technical support is top-notch. I made friends there.

Positive

Previously, there was no product. We relied on in-house, independent ad-hoc automations. We now have a comprehensive and all-in-one solution.

Its deployment was easy. It was set up in less than a week.

There were a couple of people from PingSafe and a couple of people from our side.

We are based out of Indonesia and India. The deployment was done on the cloud. We use AWS. The PingSafe team was from Bangalore, India.

Its maintenance is taken care of by the SentinelOne team. There is nothing required from us.

On the resource side, we do not have to invest much money or time into developing our own automation or tools. It has saved us more than 50% of our time.

It is cost-effective compared to other solutions in the market.

I recommend looking at the exact requirements and exploring options for CSPM and Offensive Security Engine. These two are a must-have. I would recommend reviewing the use case first and seeing if any other features are required. 

I would recommend this solution to others. Overall, I would rate it a ten on ten for cloud security.