SentinelOne Singularity Cloud Security Reviews

We utilize SentinelOne Singularity Cloud Security for Cloud Security Posture Management and real-time cloud configuration monitoring. SentinelOne Singularity Cloud Security identifies vulnerabilities at the resource level and generates reports. It also includes defense modules that investigate potential exposure of secrets in public or private repositories. Additionally, the scanning module can identify vulnerabilities and analyze how they correspond to and impact other modules.

We chose SentinelOne Singularity Cloud Security as our cloud security solution for its ability to identify misconfigurations, both intentional and unintentional, within our infrastructure. Additionally, SentinelOne Singularity Cloud Security generates reports that facilitate security compliance audits and help us identify inactive user accounts. It further integrates with our Jira instance, allowing for seamless data visualization on our security dashboard.

SentinelOne Singularity Cloud Security is user-friendly. The portal is well-designed and intuitive. SentinelOne Singularity Cloud Security boasts excellent customer engagement. They keep us informed with monthly updates on new features and upcoming releases, providing opportunities for learning and raising any challenges we encounter. Their approach is both proactive and professional.

It's evidence-based reporting system prioritizes and assigns reported issues to the appropriate teams based on their severity. This ensures that critical issues are addressed first. Reports are initially delivered to our CTO and then disseminated to the relevant teams for action.

Our agentless vulnerability scanner helps us discover vulnerabilities across our cloud infrastructure by analyzing cloud logs and log flows. It then provides detailed information and guidance on the identified vulnerabilities.

We find the offensive security engine that verifies actual exploit paths and prioritizes breach potentials to be very useful.

Using SentinelOne Singularity Cloud Security streamlines our cloud configuration validation process. We no longer need to spend excessive time and effort planning or using other tools to ensure our configurations meet industry standards. This reduces the training burden on our team, keeping them current with security best practices. Additionally, SentinelOne Singularity Cloud Security acts as a safety net, providing peace of mind and increased confidence when deploying updates, rolling out new policies, or making any security-related cloud configuration changes. Our experience and trust in SentinelOne Singularity Cloud Security are well-founded. Their support has consistently addressed any concerns we've raised throughout the year. This report demonstrates the value of maintaining a compliance center, and SentinelOne Singularity Cloud Security plays a critical role in making that possible.

SentinelOne Singularity Cloud Security has been instrumental in reducing false positives during login deployments. For example, when our server load balancer or cluster switches between servers. During this brief window of usually just a few seconds, the DNS isn't mapped to any background resources because it's being transferred from the old load balancer to the new one. While this is a minor, expected occurrence, it was previously flagged as a critical issue. Resolving these false positives took several hours. While SentinelOne Singularity Cloud Security likely detects these discrepancies in real time, it validates and corrects them based on a specific schedule. This delay in resolving the alerts prompted us to report the issue and request suppression of these expected findings. Highlighting this problem helped draw the attention of our executives and senior management.

SentinelOne Singularity Cloud Security has significantly improved our security posture. In the past, developers occasionally exposed credentials to the public unintentionally. SentinelOne Singularity Cloud Security effectively detects and reports these incidents to senior management, allowing us to address them promptly. Additionally, during infrastructure testing, security gateway code might be unintentionally exposed. However, SentinelOne Singularity Cloud Security helps us swiftly identify and mitigate these issues before any damage occurs.

Thanks to SentinelOne Singularity Cloud Security, we've significantly reduced our mean time to detection. It delivers the critical data we need, eliminating the need for dedicated full-time staff.

SentinelOne Singularity Cloud Security has helped us improve our mean time to remediation. Now, we can get prompt support from their team, allowing us to work together to mitigate issues quickly.

SentinelOne Singularity Cloud Security has improved collaboration between our cloud security team, application developers, and AppSec teams. Notably, secret configuration detection allows us to collaborate effectively with developers to swiftly resolve any emerging issues. Our DevOps team handles cloud security, and all teams are satisfied with SentinelOne Singularity Cloud Security's implementation. They actively participate in monthly meetings.

The collaboration has freed up some of our engineers' time. Once we enabled the module and it began identifying issues, engineers were able to plan their work more effectively. The analytical dashboard also helps them manage tasks efficiently, eliminating the need to hire additional staff.

SentinelOne Singularity Cloud Security offers comprehensive security posture management. Its success stems from its ability to analyze DNS mappings. While we may have access to the DNS record itself, the underlying infrastructure associated with that domain might be decommissioned. This creates a potential risk, as the domain could be remapped to a malicious website, leading to data breaches or credential theft. However, SentinelOne Singularity Cloud Security proactively detects and alerts us to such accidental exposures of sensitive information, including SaaS credentials. These are some of SentinelOne Singularity Cloud Security's most valuable features.

There is room for improvement in the current active licensing model for SentinelOne Singularity Cloud Security. As both a customer and service provider, I believe a more comprehensive package could be developed that would be mutually beneficial.

I recommend including endpoint monitoring functionality in a future release of SentinelOne Singularity Cloud Security. While we currently scan our endpoints manually through an external vendor, integrating this capability within SentinelOne Singularity Cloud Security would offer significant advantages. Additionally having real-time detection of malicious activity in our network would be beneficial. 

I have been using SentinelOne Singularity Cloud Security for 2.5 years.

SentinelOne Singularity Cloud Security is stable.

SentinelOne Singularity Cloud Security is scalable.

The technical support is responsive and they stay in contact with us.

Positive

As an energy company, SentinelOne Singularity Cloud Security helps us ensure compliance across our many providers, which is essential for our business expansion.

The pricing for SentinelOne Singularity Cloud Security in India was more reasonable than other competitors.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

We have 15 people in our organization that use it. SentinelOne Singularity Cloud Security is responsible for the maintenance.

It is a sophisticated and fast-growing product with great services. 

We have AWS for most of our infrastructure, however, we don't have a dedicated security team. There are a lot of potential vulnerabilities which we are concerned about. We use SentinelOne Singularity Cloud Security for security. For example, if there are open ports or incorrect configurations, we would get alerted and could fix them.

They have dedicated cloud-based configurations, which are quite helpful. 

The product works well with AWS. It can help us manage AWS security. If there are any groups or details that are incorrect or unsafe, or even misconfigured, it helps protect us. 

The product offers ISE scanning, which basically scans all activities for issues. 

We can pick up on pre-production issues. It's very helpful. They've helped us by providing a lot of CI/CD tools. Everything gets scanned so that we can get a sign-off before a deployment.

The ease of use is very good. I'd rate the ease of use 8 out of 10. They have nice UI and templates and the docmentation is very helpful. It's very thorough. 

They also have a good support system for users. If something is not working, they have a good SLA, and within a day or so, they will reach out and help you with whatever you need. 

The agentless vulnerability scanning is great.

If a protocol is not being properly followed, we'll be alerted. This helps us react faster to any production issues. 

We do use the offensive security engine. It's good for verifying exploit paths and prioritizing items. We have recently started using this. It allows us to see which endpoints, for example, are publically accessible, or what code repositories have vulnerabilities in terms of libraries we are using that may be outdated. For example, if we've noted our NGINX server is very publically exposed we can change things. 

The benefits of the product were felt almost immediately as it allowed us to handle issues in the pre-production phase. We didn't have to make anything live before finding issues. Within an hour, we'd begin to see issues, and within 4 to 6 hours, we'd have a full survey of security vulnerabilities. We also get regular notifications when the system sees something is off. Based on the information we receive, we're able to react and fix things very quickly.

We're able to see both high and low-priority issues so that we can accurately prioritize what to do first. That helps us manage bandwidth in terms of resources. 

SentinelOne Singularity Cloud Security has helped us reduce the amount of false positives we see. We've reduced false positives by around one-third. 

Our mean time to detect has been reduced, as well as our mean time to respond. We used to rely on a third-party provider to find issues, and now we can do it in-house. This means we no longer have to sync our AWS information on a daily basis. Now, we have a direct integration with SentinelOne Singularity Cloud Security. We used to have a delay of 36 to 48 hours before we would recognize if there were any vulnerabilities. On top of that, there was a reaction time delay of 4 to 6 hours, meaning issues wouldn't be dealt with until maybe 50 or so hours after the vulnerability was detected. We've reduced all of this down to maybe 8 to 10 hours.

The collaboration between cloud security, application developers, and AppSec teams has been better. It's mostly been positive for us. 

They could improve on their UI.  Sometimes it's not clear where to look when seeking information. Support often can direct us by giving us the correct link to what we are looking for. 

I'd like to see better onboarding documentation. If we want to be able to integrate something new, such as new assets, it can be difficult. 

I've used the solution for more than 2 years now. We started using it around December 2021 or January 2022. 

I haven't faced any lagging or crashing. 

For our use case, it has been scalable. 

The support they provide is good. They give you very detailed information and documentation which they have created internally. They are very informative. They've even shared their own internal documentation in terms of AWS issues or questions. 

They are quick to respond, You can rely on them. 

Positive

We did use a different solution, however, it didn't offer direct AWS integration. Due to this, we had to wait up to 48 hours for information on vulnerability issues. We were already having security issues in that timeframe, so we needed something that could help us detect faster. 

The initial deployment was easy. However, having more initial onboarding documentation would have been better. However, we've created some internal docs that have helped us with our use case. How long it takes to deploy depends on the use case, however, we were able to have it up in 12 to 14 hours. We had 2 people working on the deployment. 

SentinelOne Singularity Cloud Security did offer some assistance with the setup.

I'm not sure of the exact pricing. However, my understanding is that it is very economical. 

We did explore Crowd Strike at some point. Crowd Strike was a very big platform and we were not sure how much support we'd get. We wanted to make sure we had priority support.

I'd rate the solution 9 out of 10. The usability is very good. Both their new and mature products are good in terms of their overall usability.

We adopted Cloud Native Security for its offensive security engine, which no other tools provide. It checks to see if any file or domain has public access. We also use it for cloud configuration scanning. Now, we are integrating it with cloud detection and response and plan to integrate it with CloudTrail and logs. Multiple team members use the solution. Our cloud security team has more than 10 members. We sometimes forward issues to the application team.

When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks. 

Compliance management is critical for every organization. Our compliance score was pretty low when we started using Cloud Native Security. Now, we've started seeing improvement every quarter.  We're around 85 to 95 percent compliant. When we see any alerts related to configuration, we raise a ticket with our follow-up team unless the issue is resolved automatically. We eliminate false positives and identify and work on any problems with our policies or other issues. 

Cloud Native Security has reduced our detection time by 15 to 20 percent through automation. The solution makes it easier by showing every impacted resource on a single dashboard. If we didn't have an automated tool to show us all the affected assets, we wouldn't know what's happening on every server or the resources we have created. Without this solution, we had to go to the documentation page for every cloud provider and implement the change. Now, we can check a single dashboard to get an overall idea of how something impacts our resources, and it helps us to automate. 

The solution has improved collaboration between our teams regarding security posture. We can say to the cloud security team that they need to follow a particular posture-related practice or adopt a network configuration, like blocking public access to a resource. We give these requirements to the network development and application teams.

Cloud Native Security has reduced our vulnerabilities and misconfigurations, improving our security posture. We had about 10,000 alerts when we started, but we brought that down to around 500. That was a considerable improvement in six months. 

I have worked on most of the tools in the market, and every product has distinctive features. Cloud Native Security's standout feature is offensive security. That's something no other product offers. All the other products have the same core features, such as vulnerability scanning. 

The UI is user-friendly, and the recommendations are easy for everyone to understand. If any misconfiguration happens, all four teams can read the options and understand how to implement them. To achieve these goals, we can also create an automated template according to cloud security best practices

SecOps plays a crucial role in our deployment and testing in the software lifecycle. In the course of building and deploying our applications, we need to look at our vulnerabilities and configurations. It's easy to identify these things and fix them before deployment by integrating Cloud Native Security.

The solution's evidence-based reporting is helpful because it provides real-time information. If a file has been opened and we haven't provided access, it gives us the evidence. It tells us the domain, and we try to investigate by going to the team that owns the file. We require them to make the file private, so it can't be accessed from the internet.

Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email. 

We started using Cloud Native Security last year.

Cloud Native Security doesn't have any bugs or glitches. It's fairly stable.

I rate Cloud Native Security nine out of ten for scalability. 

I rate Cloud Native Security support nine out of ten. They have email support, but there is no option to raise tickets from within the portal. Now, they have Intercom, and we raise tickets through that. 

Positive

We previously used Prisma Cloud, which has many of the same features, such as cloud-based configuration, Kubernetes scanning, vulnerability assessment, etc., but Cloud Native Security has the Offensive Security Engine. That is the main reason we switched.

Our organization started with a POC for a month and a half before presenting Cloud Native Security to our VP and senior leadership. They gave us the go-ahead, and we finalized the product. It took us less than a week to implement, but the deployment time depends on the organization. It might take time if they need to get approval from leaders. 

I rate Cloud Native Security seven out of ten for pricing. It's cheaper than many other products. 

I rate Cloud Native Security nine out of ten. It's a mature solution that includes all the features found in other products on the market. 

We use the product across all of our entities for EDR, threat detection, and response methods.

We wanted a solution for protection. We had a number of entities with various EDR solutions. We wanted to centralize under one EDR solution, and we wanted one that was efficient and easy to manage with a small team.

The biggest thing for us was getting to a single platform. A single pane of glass has been nice. The ability to segment various sites out. The R-Back involved is super helpful for us as we are a multi-company organization. In general, the time has been greatly reduced for incidents.

The ease of use of the platform is very nice. The console provides excellent visibility into events that occur and, in general, the wide range of tools that are built into the agent itself.

My impression of the product's real-time detection and response capabilities is good. It definitely is a little bit different. It takes a little bit more time to learn than some of the other solutions that we have worked with in the past. Once you do understand it and once you're capable of running through the GUI and you understand what the logs and various windows they're trying to tell you, it's fairly straightforward.

The solution's automated remediation is good. I like that you can segment it into four options. You can choose to kill it at any time in the kill chain, so you can choose to quarantine it, you can choose to remediate, you can choose to roll back, you can choose to let it run. Being able to choose how far along you want those events to get is pretty nice.

The historical data record provided by the solution after an attack is decent. It gives you a flowchart of the attack. All along the processes you get good visibility and see all that were detected. Definitely, from a post-incident analysis perspective, it's very strong.

The solution has helped reduce our organization's mean time to detect by 20% to 30%. Given that extra 20% to 30%, it frees us up to focus on other items. 

The solution's impact on our organization's productivity is good. It provides robust whitelisting capabilities and improves our productivity. 

Agent releases need to be more stable before being pushed out. 

Bugs need to be disclosed quickly.

The reporting, and the logging visibility, are not there. It's very, very crude and simple. It needs to be drastically expanded. 

They need to expand their third-party integrations with SIM tools, and sites need to be given the option to expire at the end of the contract as well.

They could expand their integration with Kubernetes. They are trying to build out their third-party integrations. It does work well on Windows and Mac. 

I've used the product for three and a half years. 

Agent stability and communication with the console and agents going offline can be an issue. It can be time-consuming to coordinate and fix. However, the cloud console is very resilient. It's mostly the agent releases where we might have issues. CrowdStrike agents seem a little more stable. 

We have about 3,000 users using the solution.

Scaling is no issue. 

Technical support is hit or miss. We have worked with some good agents and some less knowledgeable. 

Positive

We have used different solutions, including the fact that we still CrowdStrike at a couple of companies. We are now moving more fully towards SentinelOne.

The simplicity and ease of use were big and where SentinelOne stands out. It's a set-and-forget policy. Based on what we saw in testing, it was the best option. 

In terms of telemetry data, we were all over the board.

The initial setup was a little more complex when we first started. However, they've smoothed a lot of their implementation out and so it's gotten easier over time. It took us a couple of weeks to a month to deploy. About 20 were involved in the deployment. We have 30 to 40 companies around the world and it's across every company and every department. 

The solution does require maintenance. You need to have agents up to date and cases closed properly. It does require you to be invested. 

We have witnessed ROI. It's comprehensive in its detection capabilities and has saved us from multiple attacks. We've likely saved 30% based on prevented attacks. 

The solution is relatively cheaper and is willing to work with companies on pricing. 

We are customers.

For those who believe they already have a continuous monitoring solution in place, I'd advise that SentinelOne knows its own product. They can provide that extra confidence that nothing gets missed. And if you see a high number of alerts, they're able to really help you discern those and get down to the ones that matter most.

The solution doesn't affect our ability to innovate one way or another. It doesn't hold us back.

I'd recommend the solution and advise running a POC in your environment. It's good to run against CRowdStrike. They are seriously contending against CrowdStrike.

I'd rate the solution eight out of ten. 

I'm taking a look and digging into applications. I use it for general analysis. 

The visibility is very good. It allows me to go deeper into my investigations. It gives me the information I need. 

I do use the vulnerability scanning every day. It's excellent. I have no complaints. 

We do get false positives, however, it can be from downloading from dodgy sites or whatever the case may be. 

The mean time to detect is good. It's very fast.

It's good as is. From a beginner's perspective, while it's not necessarily complicated, it can be confusing. However, once you get the gist of it, it's pretty clear. For example, when you first go on it, you don't know what's going on. A few YouTube videos could be helpful. There isn't a lot of information out there to look at. 

I've been using the solution for roughly six to seven months. 

The stability of the solution is good. There is no lagging, crashing or downtime. This year we haven't had any downtime with the solution. 

The solution is very scalable. 

I've never contacted technical support. 

I did not previously use a different solution. 

When I joined the company, it was already being used; I did not set up the solution.

It doesn't need ongoing maintenance, although there are occasional agent updates. 

I don't know about the pricing or licensing. 

I'm an end-user.

I've never used the evidence-based reporting or the offensive or infrastructure-as-code scanning yet. 

I'd rate the solution nine out of ten. 

Our infrastructure is on AWS and we integrate SentinelOne Singularity Cloud Security with our enterprise accounts to identify misconfiguration on the Cloud.

The offensive security engine helps us visualize any potential attacks.

SentinelOne Singularity Cloud Security helps us maintain and improve our security posture.

It has helped reduce the number of false positives.

We have improved our mean time to detection with SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security has improved our mean time to remediation. The alerts provided included details that help us address the issues quickly.

The most valuable aspects of SentinelOne Singularity Cloud Security are its alerting system and the remediation guidance it provides. This combination helps us identify misconfigurations and vulnerabilities in our systems and swiftly address them.

In addition to the console alerts, I would like SentinelOne Singularity Cloud Security to also send email notifications.

I have been using SentinelOne Singularity Cloud Security for one and a half years.

SentinelOne Singularity Cloud Security is stable.

SentinelOne Singularity Cloud Security is scalable.

The technical support is helpful and responds quickly to our requests.

Positive

We previously used AWS Security but switched to SentinelOne Singularity Cloud Security because of its wider scanning range and centralized console for maintenance.

The initial deployment was straightforward and took one month to complete.

We completed the implementation in-house with the help of SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

I recommend SentinelOne Singularity Cloud Security to others.

My company has around ten AWS accounts, and we use SentinelOne to monitor and see if any risks are there or not in any security groups for VPC endpoints or any other resources that come under severe risk or medium risk, so my company uses the product for calculations concerning the aforementioned area. The tool also creates tickets for our company, which helps us monitor the resources and change them according to the standards applicable to the organization.

The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator. It creates a ticket automatically, so you get to know the things in the tool that you need to attend to immediately, making it a core feature of the solution.

I am unsure as to what kind of subscriptions my company has taken from PingSafe. I am not sure about what other things are there in the product that can help our company. Based on whatever subscriptions related to the product my company has taken, I can say that though one of the security groups is open to my company's premises, it still stays that it is open, which, for my company, makes it secure, but for PingSafe, it is not secure, so I am not pretty sure about how it can check and update it. I am not sure if a feature to deal with the aforementioned area already exists in the solution and if my company has not taken a subscription to use it.

Let us assume that there is a ticket that states that one port is vulnerable in the security groups from AWS since it is exposed to the public. When the tool states that it is exposed to the public, it means that it is exposed to the IPs in the company premises and not the public.

Let us assume that there is a database that is exposed to all the IPs in an office. If I have 10 to 12 sets of IPs, I can use them for 10 to 12 Wi-Fi or VPN connections, and it is exposed on the company premises, but the tool states that it is exposed to the public and that the company needs to shut it down. My organization needs to expose the database so that our development team can access it over our office IPs. If you do not expose the database to office IPs, the development team cannot access DBs to manipulate or check data. In general, the database is exposed to the office IPs, not to the public, but the tool states that it is exposed to the public since it cannot identify whether the IP is a public IP or office IP. I am not very sure if there is a setting in the product that allows the office to give its set of IPs to the tool, and scanning can be done through them so that the tool can identify if the resources are inside or outside of the IP range, according to which can state whether it is safe or not. In general, the tool should offer users the ability to mark IPs as public and private ones so that the product can identify them. It would be good if a customer could provide the tool with a set of ten IPs and state that it will be okay and secure if any of the resources are exposed to them since they are inside the office premises.

One of the issues with the product stems from the fact that it clubs different resources under one ticket. If I have 10 resources in 10 accounts, there might be a problem if, from those 10 accounts, 5 resources have the same issues and they get clubbed together under a single ticket, which makes it somehow a difficult process since I have to get inside the ticket to get the resources and the account details.

I have been using PingSafe for 6 months. My company is a customer of the solution.

I never found any stability issues in PingSafe.

In terms of scalability, I have not used the application to its full extent. Right now, I cannot comment on the scalability part of the product.

PingSafe helps identify the resources that are vulnerable to attacks, and if I can fix them up, then my application will be safe at that particular point in time. The tool's aforementioned area has no relation to the product's deployment since it is used to secure my company's resources, applications, and infrastructure.

Though the solution can be deployed with the help of my team, consisting of three people, I can handle it by myself. With PingSafe, the reports come to me, after which I can give or segregate them for different applications while having two different individuals working under me.

I take care of the installation part of the product by myself.

The solution is very user-friendly in terms of ease of use.

I do not use the product's reporting feature because another team in my company handles it. I know that my company uses the product's reporting feature to extract reports on a weekly, bi-weekly, and monthly basis, but I don't deal with it.

I don't use the product's agentless vulnerability scanning. I check the reports that come to me, as I need to further check the resource tests attached to them, especially whatever resources are affected as per the reports. In general, I just go with the report and complete the task.

I have not used Pingsafe's Offensive Security Engine.

Pingsafe's IaC Scanning is a great functionality that is built into the product. It is one of the major functionalities that my company's team uses. With Pingsafe's IaC Scanning, it is easy to monitor and observe areas in a good way.

Pingsafe's IaC Scanning role in identifying pre-production issues in IaC templates or container configuration files is helpful because when in my company, we configure IaC Scanning in our production environment, it gives a brief detail about what the resources and security groups or whatever resources are the most vulnerable, after which they get sorted into four categories, namely, low, medium, high and severe. The tool sorts out the resources into four categories before you go to the production phase, ensuring that they are good and secure.

The main benefit of the use of the product in our company stems from the fact that it provides a vulnerability scanning report, which helps us to maintain the resources mainly, an area for which my team and organization use it.

I experienced the benefits attached to the solution from the first day of using it, and before its use, I was not able to identify the issues in the resources. PingSafe gave me the value and the reports that helped me to identify the issues in resources.

PingSafe's use has helped reduce the false positive rate. In the initial stages, my company had more than 100 severe cases, but within a month, we were able to reduce that to below 10 percent.

With PingSafe, the mean time to detect has reduced because initially, for detection, I had to observe resources end to end. Now, the tool provides me with a regular report because of which I don't need to observe everything inside the resources. I just need to go to a particular resource and check what is stated in the ticket to see which ports are vulnerable, after which it can be changed, so I can directly go and check it, owing to which the tool definitely reduces the mean time to detect vulnerabilities.

With PingSafe, the mean time to remediate is a maximum of twenty-four hours. Initially, in my company, we had to identify the problem and then proceed with remediation, but now we can do it directly since the report is already available.

PingSafe has affected and helped me a bit to deal with the collaboration between cloud security application developers and AppSec teams because it helps me to keep my resources and tell the developers that we cannot expose them to the extent where the application will become vulnerable to attacks. In general, the tool is helpful since it reduces the time needed to connect DevOps and developers.

I found the product to be pretty useful. I directly onboarded the product and started to use it. I did not find any difficulties with the tool.

I rate the tool an 8 out of 10.

We use SentinelOne Singularity Cloud Security as a Cloud Native Application Protection tool to identify anomalies or deviations from best practices in our cloud environment.

We chose SentinelOne Singularity Cloud Security because it meets our compliance requirements.

We have integrated SentinelOne Singularity Cloud Security with all of our AWS accounts. By default, when SentinelOne Singularity Cloud Security identifies an issue, it automatically creates a Jira ticket. Our Security Operations Center team then investigates all these Jira tickets and takes appropriate action.

SentinelOne Singularity Cloud Security is user-friendly.

SentinelOne Singularity Cloud Security's evidence reporting is valuable for prioritizing and resolving the most critical cloud security issues. Any issue it identifies, whether it warrants a Jira ticket or not, can be directly accessed through a provided link. The SentinelOne Singularity Cloud Security dashboard then displays all vulnerabilities, including how the issue was identified, the type of scan used, and the affected code location. This can include details from secret scanning, pinpointing the specific repository, file, and location where a secret was leaked within GitHub. This level of detail makes it very easy to verify and prioritize remediation efforts.

We leverage IaC scanning because our infrastructure is defined using Terraform. This allows our DevOps team to proactively identify potential security vulnerabilities. These vulnerabilities can include accidentally embedding secrets directly in the IaC code, such as committing them to the GitHub repository. By utilizing IaC scanning, we can detect such issues and promptly notify the responsible DevOps team member for remediation.

SentinelOne Singularity Cloud Security helps identify issues in container configuration files early in the development process.

In the past, we relied on multiple tools for latency scanning and Kubernetes security scanning. This meant using separate portals and logging tickets manually in Jira. Now, with SentinelOne Singularity Cloud Security, we have a centralized solution. It provides a single point of access for everything, from security issues to the latest threat intelligence reports. This makes it user-friendly and saves our team significant time. We can investigate issues more efficiently and even create Jira tickets directly within SentinelOne Singularity Cloud Security, eliminating the need for manual logging. Overall, SentinelOne Singularity Cloud Security offers both time savings and improved accuracy.

The real-time detection offered by SentinelOne Singularity Cloud Security is crucial because we manage all our data using Kubernetes. This makes it critical to identify any vulnerabilities within the running dependencies.

We rely on SentinelOne Singularity Cloud Security's comprehensive compliance monitoring to maintain regulatory compliance. We utilize all its features to maximize its effectiveness.

SentinelOne Singularity Cloud Security has a user-friendly interface. It provides a visual flow diagram that makes it easy to navigate between different AWS accounts and services. When we receive an alert, we can quickly see which account and service it's related to. Overall, it's a well-designed tool.

SentinelOne Singularity Cloud Security has removed 80 percent of our false positives.

SentinelOne Singularity Cloud Security has improved our mean time to detection by 100 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 70 percent. This is because we can now quickly obtain a list of all issue tickets logged in Jira, allowing our SoC team to take action on them promptly.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud developers and AppSec teams.

Having a system that can identify and alert us to misconfigurations in our 3 data storage buckets is helpful for our organization's penetration testers. Since all our company data resides on cloud platforms, SentinelOne Singularity Cloud Security allows the AppSec team to automatically detect vulnerabilities before manual penetration testing begins. While this automation might seem to reduce the AppSec team's workload for cloud security specifically, it would ultimately benefit both teams. The security operations team would be relieved of the burden of manually logging and ticketing every issue identified within AWS services.

SentinelOne Singularity Cloud Security has helped save 90 percent of the engineering team's time.

We have successfully integrated SentinelOne Singularity Cloud Security with AWS and have also integrated the GitHub organization. These integrations were implemented to identify potential issues on our cloud platform. SentinelOne Singularity Cloud Security is also used for IaC and secret scanning within our organization. Fortunately, these integrations have been running smoothly and haven't caused any problems.

SentinelOne Singularity Cloud Security's graph explorer is a valuable tool that lets us visualize all connected services. For instance, we can see all running Kubernetes clusters, including their components and nodes. If there are any problems with cluster components or nodes, the graph explorer will highlight them, allowing us to easily address the issues.

The threat intelligence section also focuses on identifying new vulnerabilities emerging in the market. SentinelOne Singularity Cloud Security scans our existing infrastructure to pinpoint all affected resources. This allows us to easily identify any at-risk resources with a single click.

SentinelOne Singularity Cloud Security can improve by eliminating 100 percent of the false positives.

Another area of improvement is for SentinelOne Singularity Cloud Security to auto-remediate the alerts. 

I have been using SentinelOne Singularity Cloud Security for 6 months.

I would rate the stability of SentinelOne Singularity Cloud Security 10 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 10 out of 10.

We connect with the SentinelOne Singularity Cloud Security technical support on Slack and they are always helpful and knowledgable. They can help with any of our questions and issues.

Positive

In the past, we relied on open-source tools like Terraform scanning and Gitleaks to scan our infrastructure as code and identify secrets. However, this approach demanded significant manpower and time investment, and we were inundated with false positives. To address these challenges, we transitioned to SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security 9 out of 10.

For our organization, SentinelOne Singularity Cloud Security must include evidence of exploitability in its evidence-based reporting and it does.

We have 6 people in our organization that utilize SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others because it offers several advantages. One key benefit is that it saves a significant amount of manpower. This frees up our security engineers to focus on other assigned tasks. SentinelOne Singularity Cloud Security is a valuable tool for automating tasks.