CISO at a computer software company with 201-500 employees
Real User
Top 20
2024-03-12T15:37:00Z
Mar 12, 2024
We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to: * Continuously monitor configurations 24/7. * Gain immediate visibility of all assets as they are deployed and ensure they are included in the system. * Identify underlying configuration issues. Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance. One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by PingSafe or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.
Cloud Security Specialist at a insurance company with 10,001+ employees
Real User
Top 20
2024-03-12T12:15:00Z
Mar 12, 2024
While only 5 percent of our workload resides on the Google Cloud Platform, we would still like PingSafe to be configured with automatic remediation capabilities for GCP. In Prisma, there's a dedicated tab for managing high and medium-severity alerts. This allows us to easily enable or disable specific policies based on our current needs. With PingSafe, we can't selectively enable or disable alerts based on our specific use case.
They can add additional modules to see scanning alerts. Adding additional modules will give us a better view. They can work on policies based on different compliance standards. They can add more modules to the current subscription that we have. If they can merge some of the two modules, it would be great. For example, if they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.
Maybe container runtime security could be improved. But with the acquisition by a bigger company, things might roll out faster, potentially including this feature.
Enterprise Account Manager at Ninth Dimension IT Solutions (P) Ltd
Reseller
Top 10
2023-11-08T09:03:00Z
Nov 8, 2023
There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security.
Learn what your peers think about Singularity Cloud Security by SentinelOne. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™....
We requested additional capabilities as we began deploying and scanning beyond the initial setup. Specifically, we wanted the ability to: * Continuously monitor configurations 24/7. * Gain immediate visibility of all assets as they are deployed and ensure they are included in the system. * Identify underlying configuration issues. Another valuable enhancement is compliance management for various standards like ISO, PCI, HIPAA, GDPR, etc. As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance. One area for improvement could be the internal analysis process, specifically the guidance provided for remediation. While the classification system itself might be industry standard, the remediation steps could be more specific. A vulnerability might be critical according to the scoring system, but its urgency depends on the context. For instance, a critical vulnerability signed by PingSafe or any other product might be less urgent if it affects a non-production development environment undergoing UAT compared to a production environment.
While only 5 percent of our workload resides on the Google Cloud Platform, we would still like PingSafe to be configured with automatic remediation capabilities for GCP. In Prisma, there's a dedicated tab for managing high and medium-severity alerts. This allows us to easily enable or disable specific policies based on our current needs. With PingSafe, we can't selectively enable or disable alerts based on our specific use case.
They can add additional modules to see scanning alerts. Adding additional modules will give us a better view. They can work on policies based on different compliance standards. They can add more modules to the current subscription that we have. If they can merge some of the two modules, it would be great. For example, if they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.
In addition to our telecom and Slack channels, it would be helpful to receive PingSafe security notifications in Microsoft Teams.
Maybe container runtime security could be improved. But with the acquisition by a bigger company, things might roll out faster, potentially including this feature.
There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security.