External reviews are not included in the AWS star rating for the product.
The company purchased SentinelOne Singularity Cloud Security primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well.
We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline.
SentinelOne Singularity Cloud Security has improved the organization's Docker container security, and we can mitigate many of the issues to avoid serious vulnerabilities or attacks. We start to see these benefits within 2 or 3 months of deployment. The tool took almost a month to learn the structure of our organization and environment. After that, it started detecting issues and vulnerabilities.
We don't get many false positives because we eliminated many of them in the early stages. SentinelOne Singularity Cloud Security can mark detections as false positives, so they won't appear in the future.
SentinelOne Singularity Cloud Security has reduced our detection time. Before implementing SentinelOne Singularity Cloud Security, it took us around 7 or 8 hours to determine whether an issue was inside our organization. Now that we have deployed SentinelOne Singularity Cloud Security, we have an agent list running on our Docker containers, and SentinelOne Singularity Cloud Security is identifying the issues inside the Docker containers. When it scans periodically, we can detect the issues within 2 or 3 seconds. It has reduced 7 hours of work to a few seconds.
While it hasn't reduced our remediation time on mid-level or low-level issues, it has drastically improved our remediation time for critical Docker issues and high-priority problems in our environment. We can handle them before they make it into production.
SentinelOne Singularity Cloud Security has improved collaboration between our developers and security teams. The tool has a feature where we can send issues to developers, but it requires them to reply with recommendations.
SentinelOne Singularity Cloud Security's integration is smooth. They are highly customer-oriented, and the integration went well for us. SentinelOne Singularity Cloud Security is also responsive to our feature requests. The interface isn't difficult to understand for a layperson, and we're familiar with it. There's also built-in support, so we can get help when we have a problem.
The evidence-based reporting is a critical feature because we can correlate to the issues in the system. We have compared it with free tools that are on the market, and SentinelOne Singularity Cloud Security gets better results. From the perspective of remediation, resources, and security, SentinelOne Singularity Cloud Security is the best option.
The agentless vulnerability scanning has worked well for us. Removing agents from the equation takes about half the work out of it, and the agentless scan fetches the details every millisecond. SentinelOne Singularity Cloud Security's agentless mechanism is monitoring everything that happens on the system.
Proof of exploitability is an important aspect of SentinelOne Singularity Cloud Securitys evidence-based reporting. When we ask a developer to fix an issue, they ask for evidence of its exploitability and whether it's a critical issue. If SentinelOne Singularity Cloud Security didn't provide this information, we couldn't convince the developer to fix it. SentinelOne Singularity Cloud Security provides the expertise to convince the developer by finding the vulnerabilities and providing explanations.
The infrastructure-as-code scanning helps identify container configuration issues and other problems before they go into production. We used a script, and we needed to enable everything before going to production, so we have it enabled on the production and pre-production side. We can check the issues and block them before going to production. Before it becomes publicly accessible via the internet, we want it to be safer than it was in pre-production.
I would like SentinelOne Singularity Cloud Security's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool.
We have one feature request that we've already discussed with SentinelOne Singularity Cloud Security. We want a category feature for exceptions that developers have already accepted. We don't want SentinelOne Singularity Cloud Security to identify the issue next time because the developer has already done the risk assessment.
We have used SentinelOne Singularity Cloud Security for nearly a year.
SentinelOne Singularity Cloud Security is stable.
SentinelOne Singularity Cloud Security is scalable.
I rate SentinelOne Singularity Cloud Security support 9 out of 10.
Positive
We previously worked with many open-source solutions and Prisma, one of its competitors. Ultimately, budget issues made us come back to SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is a budget-friendly and user-friendly tool. A layperson can start using the system and understand it within 1 or 2 days. It also has more capabilities than the other tools.
Deploying SentinelOne Singularity Cloud Security was straightforward. It took 3 or 4 people to deploy. We are currently enrolled on 2 clouds. We had it on AWS, but now it's on GCP and Azure. It's more than 2,000 endpoints and around 2,000 APIs.
It doesn't require much maintenance because the updates are automatically happening on the cloud. When new features are released, we connect to the SentinelOne Singularity Cloud Security team to understand how it will impact our environment.
SentinelOne Singularity Cloud Security is reasonably priced, considering the value it offers to our organization. We had a few conversations with them, and they understood our posture. Initially, they offered one amount, but we got them to offer a discount that would meet their expectations. Their customer team is excellent and understanding.
I rate SentinelOne Singularity Cloud Security 8 out of 10. SentinelOne Singularity Cloud Security will meet all your requirements if you're looking for a cloud tool that covers IoC scanning, cloud misconfiguration, secret scanning, integration into the DevOps pipeline, and cloud-image scanning. It's a one-stop solution for all these requirements. It's a user-friendly tool that's easy to handle, and the support is excellent.
SentinelOne Singularity Cloud Security is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.
I would rate the ease of use of SentinelOne Singularity Cloud Security eight out of ten.
SentinelOne Singularity Cloud Security offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.
The evidence-based reporting is great and I appreciate the details the reports provide.
The IAC scanning picks everything up and is effective. The IAC scanning is proactive.
The two biggest benefits of SentinelOne Singularity Cloud Security are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.
SentinelOne Singularity Cloud Security has helped reduce the number of false positives we receive.
SentinelOne Singularity Cloud Security helps us manage our risk posture.
SentinelOne Singularity Cloud Security has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.
The most valuable feature of SentinelOne Singularity Cloud Security is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.
I wish SentinelOne Singularity Cloud Security provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.
I would appreciate the ability to customize the severity levels in SentinelOne Singularity Cloud Security as the current defaults do not meet my needs.
I have been using SentinelOne Singularity Cloud Security for one year.
SentinelOne Singularity Cloud Security is stable. I have not encountered any downtime.
SentinelOne Singularity Cloud Security is highly scalable.
Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.
Positive
The initial setup is easy. One person is required for the deployment.
The implementation was completed in-house.
I'm not familiar with SentinelOne Singularity Cloud Security's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.
I would rate SentinelOne Singularity Cloud Security nine out of ten.
SentinelOne Singularity Cloud Security requires monthly updates.
Preparing for SentinelOne Singularity Cloud Security is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. SentinelOne Singularity Cloud Security will uncover security issues that manual efforts might miss.
We use SentinelOne Singularity Cloud Security as our Cloud Security Posture Management tool.
SentinelOne Singularity Cloud Security is easy to use. While some features, like advanced graphics and custom drag-and-drop filters, might have a learning curve, most functionalities are intuitive. Clicking on "Asset Inventory" provides a clear list of all our assets. The filters are logically organized by resource type, account ID, and other relevant categories. In short, most of the platform is straightforward, allowing users to become comfortable within 15 minutes. However, advanced capabilities like custom visualizations and automated filtering through drag-and-drop may require additional time to master.
SentinelOne Singularity Cloud Security creates a comprehensive inventory of all resources within our cloud infrastructure. It automatically identifies any misconfigurations for each of these resources. The easy-to-track capabilities are further enhanced by automatic integration with Jira. Additionally, SentinelOne Singularity Cloud Security serves as the primary source of evidence for audits and compliance purposes. It documents the resources we identified with misconfigurations and demonstrates that we have rectified them. This functionality simplifies the process of providing evidence to auditors.
We experienced the benefits of SentinelOne Singularity Cloud Security immediately after onboarding our entire Cisco setup. However, there was likely a waiting period of up to six hours for the platform to fully populate with information about our infrastructure, resources, and so on. Despite this wait, some immediate benefits were gained. SentinelOne Singularity Cloud Security likely identified a list of potential misconfigurations across our accounts. This provided a starting point for further investigation and remediation. Of course, to fully leverage SentinelOne Singularity Cloud Security's capabilities, we might need to integrate it with our existing external tools. However, the initial onboarding process itself yielded some valuable insights.
SentinelOne Singularity Cloud Security reduces the number of false positives we encounter. Initially, we relied heavily on custom engineering, which created a lot of noise. The code might not have been scalable, or it might have only triggered under specific conditions. We struggled to manage this custom tooling as our environment grew. When we considered scaling our operations, we realized this approach wouldn't be sustainable. SentinelOne Singularity Cloud Security provided a well-designed system that addressed these challenges. Even during configuration, SentinelOne Singularity Cloud Security can determine if something is misconfigured or not. However, SentinelOne Singularity Cloud Security also allows us to suppress findings that might be flagged as security vulnerabilities in a traditional sense, but are expected behavior in our specific context. For example, we might have developed a custom way to handle a specific situation like a three-bucket container for a site. SentinelOne Singularity Cloud Security allows us to suppress these findings, resulting in a significant reduction in false positives. Integration with SentinelOne Singularity Cloud Security was very straightforward. Furthermore, suppression occurs at the source where misconfigurations are generated. This eliminates the need for an additional filtering layer. Imagine having 100 issues to address, and needing to manually filter out the ones that are not genuine issues. SentinelOne Singularity Cloud Security takes care of this filtering within the platform itself.
SentinelOne Singularity Cloud Security has improved our risk posture by giving us greater visibility into our infrastructure. This includes niche resources and misconfigurations that we weren't previously tracking or aware of. Unlike traditional tools that focus on specific resources or make assumptions, SentinelOne Singularity Cloud Security performs a holistic scan of our entire account. This has given us a much better understanding of our current attack surface. Once these vulnerabilities were identified, we were able to prioritize and remediate them, leading to a long-term improvement in our overall security posture.
SentinelOne Singularity Cloud Security has reduced our mean time to remediation. It's slightly better than our previous approach because we were also scanning daily. However, SentinelOne Singularity Cloud Security also includes scanning for many more resources than we were managing ourselves. So, while the time to fix individual problems might be similar, perhaps slightly less, the reports generated by SentinelOne Singularity Cloud Security are more comprehensive and complete than what we had before. Additionally, SentinelOne Singularity Cloud Security helped us identify a number of additional resources that need fixing, which we weren't adequately tracking in the first place. Once a problem is identified and confirmed as a true positive, it takes no more than 15 minutes to fix it.
SentinelOne Singularity Cloud Security facilitates collaboration between our teams. We have three main groups: application security, infrastructure security, and compliance. The infrastructure team handles the entire SentinelOne Singularity Cloud Security process, from generating reports and onboarding resources to acting on them. This has streamlined our workflow by consolidating everything into a single view. I now have all the information I need in one place. However, it's important to note that our application security team doesn't currently interact with SentinelOne Singularity Cloud Security.
The most valuable features of SentinelOne Singularity Cloud Security are the asset inventory and issue indexing. Once I've onboarded all the cloud accounts I want to manage with SentinelOne Singularity Cloud Security, it can automatically create an inventory of all resource types across AWS. Additionally, it can identify misconfigurations for those specific resources.
Another key feature we appreciate is the ability to create custom rules for up to ten users. This functionality is useful because SentinelOne Singularity Cloud Security also collects generic information and metadata about each resource. This allows for granular filtering. For example, we can easily query to find only servers with a specific tag. This filtering capability is valuable for investigations, ad-hoc queries, and data gathering.
Finally, the integration module deserves mention as well. We use Jira internally to track all our tools, security reviews, and bugs. SentinelOne Singularity Cloud Security can directly push issues to Jira, making it very easy for us to track them. This eliminates the need to constantly return to the SentinelOne Singularity Cloud Security platform to see which issues were generated.
SentinelOne Singularity Cloud Security can be improved by developing a comprehensive set of features that allow for automated workflows. While the current dashboard is functional, it could be made more actionable by incorporating additional functionalities. For instance, drag-and-drop functionality would simplify the creation of integrations. Additionally, valuable data can be retrieved from the platform using APIs and displayed on the dashboard, potentially using tools like Tableau for visualization. This is just one example, but it highlights the potential for expanding SentinelOne Singularity Cloud Security's capabilities by enabling greater integration with other tools, even those not currently supported.
I have been using SentinelOne Singularity Cloud Security for six months.
There was a phase where we built a proof of concept using the SentinelOne Singularity Cloud Security platform to understand if it could directly address the problems we're currently facing. After finalizing the POC, we conducted testing and identified a baseline for future comparisons. Then, we moved into the implementation phase, and now the system is fully operational.
SentinelOne Singularity Cloud Security is stable.
SentinelOne Singularity Cloud Security is scalable. We have not encountered any issues with the number of accounts and services we are using.
Previously, we managed our cloud security posture with in-house solutions built using open-source tools and custom code. However, as the number of accounts grew, this approach became difficult to scale and maintain. Additionally, the reporting capabilities of our custom tools didn't meet the increasingly stringent compliance requirements. To address these challenges, we sought an external, vendor-managed Cloud Security Posture Management tool.
The initial deployment of SentinelOne Singularity Cloud Security was easy because their implementation team collaborated closely with one of our cloud security engineers. Since there were no agents or software to install, onboarding accounts simply involved creating a role for them. This role grants the platform read-only access to our infrastructure. The process is very streamlined; our team can onboard an entire account within minutes. However, the first time an account is onboarded, it takes some time to ingest all of its resources and information.
The entire deployment took less than a week. This included not only onboarding accounts but also gaining a holistic understanding of the platform and its capabilities. SentinelOne Singularity Cloud Security also came to our office to showcase the modules we could leverage and how we could use them effectively. Since this was our first time working with SentinelOne Singularity Cloud Security, our team actively collaborated with them to resolve any issues we encountered.
One engineer from our organization worked with a team from SentinelOne Singularity Cloud Security to implement the solution.
Pricing is based on modules, which was ideal for us. We weren't interested in the platform's full capability at first. Our priority was to establish foundational practices like maintaining an asset inventory and identifying misconfigurations. We then aimed to streamline these processes. Thankfully, SentinelOne Singularity Cloud Security's modular pricing allowed us to pay for only the features we needed, unlike Wiz. With Wiz, we would have paid for the entire platform upfront, potentially leaving us with unused features. This would have been a poor return on investment, especially considering Wiz's high cost. In essence, their pricing model wouldn't have suited our needs. Even if we had eventually used all of SentinelOne Singularity Cloud Security's features, the initial cost would still have been lower than Wiz in the long run.
After evaluating several options, including SentinelOne Singularity Cloud Security and Wiz, we determined that SentinelOne Singularity Cloud Security was the best fit for our needs, particularly in terms of cost. SentinelOne Singularity Cloud Security provides a comprehensive view of potential security issues in our cloud infrastructure, allowing us to map them to relevant compliance frameworks, custom security requirements, or internal engineering standards. This enables us to effectively track and remediate these issues, ensuring a more secure cloud environment.
The Wiz platform offered a wide range of features that weren't essential for our current needs. For instance, they provided data security and AI-powered security posture management. However, our current security maturity level wouldn't allow us to fully utilize these capabilities. Additionally, Wiz is a comprehensive platform, and individual modules aren't available separately. In contrast, SentinelOne Singularity Cloud Security allowed for closer collaboration. They could customize the platform's functionalities to meet our specific requirements. Moreover, SentinelOne Singularity Cloud Security was significantly more cost-effective. While I can't recall the exact price difference, it was a substantial saving. Furthermore, SentinelOne Singularity Cloud Security's support team was incredibly responsive. They were receptive to our suggestions for features that might be beneficial in the future. This flexibility, along with the platform's affordability, ultimately led us to choose SentinelOne Singularity Cloud Security.
I would rate SentinelOne Singularity Cloud Security eight out of ten.
We initially considered the agentless vulnerability scanning as a cloud security management tool, not a host-based security solution. Therefore, we opted against installing agents. Instead, we simply connected our AWS accounts through IAM, allowing the scanner to comprehensively scan all necessary resources and gather the required information.
The maintenance is taken care of by SentinelOne Singularity Cloud Security directly.
Before deploying SentinelOne Singularity Cloud Security, it's important to fully understand all its capabilities. While we're currently using one specific feature, SentinelOne Singularity Cloud Security offers a wide range of functionalities. Gaining a clear internal understanding of your specific needs for SentinelOne Singularity Cloud Security will help you determine the optimal model. Focusing solely on features without a defined purpose can lead to unnecessary costs. It's more efficient to obtain a quote for the model that aligns with your current needs. As your requirements evolve, you can then expand functionality by integrating additional modules.
We utilize SentinelOne Singularity Cloud Security for Cloud Security Posture Management and real-time cloud configuration monitoring. SentinelOne Singularity Cloud Security identifies vulnerabilities at the resource level and generates reports. It also includes defense modules that investigate potential exposure of secrets in public or private repositories. Additionally, the scanning module can identify vulnerabilities and analyze how they correspond to and impact other modules.
We chose SentinelOne Singularity Cloud Security as our cloud security solution for its ability to identify misconfigurations, both intentional and unintentional, within our infrastructure. Additionally, SentinelOne Singularity Cloud Security generates reports that facilitate security compliance audits and help us identify inactive user accounts. It further integrates with our Jira instance, allowing for seamless data visualization on our security dashboard.
SentinelOne Singularity Cloud Security is user-friendly. The portal is well-designed and intuitive. SentinelOne Singularity Cloud Security boasts excellent customer engagement. They keep us informed with monthly updates on new features and upcoming releases, providing opportunities for learning and raising any challenges we encounter. Their approach is both proactive and professional.
It's evidence-based reporting system prioritizes and assigns reported issues to the appropriate teams based on their severity. This ensures that critical issues are addressed first. Reports are initially delivered to our CTO and then disseminated to the relevant teams for action.
Our agentless vulnerability scanner helps us discover vulnerabilities across our cloud infrastructure by analyzing cloud logs and log flows. It then provides detailed information and guidance on the identified vulnerabilities.
We find the offensive security engine that verifies actual exploit paths and prioritizes breach potentials to be very useful.
Using SentinelOne Singularity Cloud Security streamlines our cloud configuration validation process. We no longer need to spend excessive time and effort planning or using other tools to ensure our configurations meet industry standards. This reduces the training burden on our team, keeping them current with security best practices. Additionally, SentinelOne Singularity Cloud Security acts as a safety net, providing peace of mind and increased confidence when deploying updates, rolling out new policies, or making any security-related cloud configuration changes. Our experience and trust in SentinelOne Singularity Cloud Security are well-founded. Their support has consistently addressed any concerns we've raised throughout the year. This report demonstrates the value of maintaining a compliance center, and SentinelOne Singularity Cloud Security plays a critical role in making that possible.
SentinelOne Singularity Cloud Security has been instrumental in reducing false positives during login deployments. For example, when our server load balancer or cluster switches between servers. During this brief window of usually just a few seconds, the DNS isn't mapped to any background resources because it's being transferred from the old load balancer to the new one. While this is a minor, expected occurrence, it was previously flagged as a critical issue. Resolving these false positives took several hours. While SentinelOne Singularity Cloud Security likely detects these discrepancies in real time, it validates and corrects them based on a specific schedule. This delay in resolving the alerts prompted us to report the issue and request suppression of these expected findings. Highlighting this problem helped draw the attention of our executives and senior management.
SentinelOne Singularity Cloud Security has significantly improved our security posture. In the past, developers occasionally exposed credentials to the public unintentionally. SentinelOne Singularity Cloud Security effectively detects and reports these incidents to senior management, allowing us to address them promptly. Additionally, during infrastructure testing, security gateway code might be unintentionally exposed. However, SentinelOne Singularity Cloud Security helps us swiftly identify and mitigate these issues before any damage occurs.
Thanks to SentinelOne Singularity Cloud Security, we've significantly reduced our mean time to detection. It delivers the critical data we need, eliminating the need for dedicated full-time staff.
SentinelOne Singularity Cloud Security has helped us improve our mean time to remediation. Now, we can get prompt support from their team, allowing us to work together to mitigate issues quickly.
SentinelOne Singularity Cloud Security has improved collaboration between our cloud security team, application developers, and AppSec teams. Notably, secret configuration detection allows us to collaborate effectively with developers to swiftly resolve any emerging issues. Our DevOps team handles cloud security, and all teams are satisfied with SentinelOne Singularity Cloud Security's implementation. They actively participate in monthly meetings.
The collaboration has freed up some of our engineers' time. Once we enabled the module and it began identifying issues, engineers were able to plan their work more effectively. The analytical dashboard also helps them manage tasks efficiently, eliminating the need to hire additional staff.
SentinelOne Singularity Cloud Security offers comprehensive security posture management. Its success stems from its ability to analyze DNS mappings. While we may have access to the DNS record itself, the underlying infrastructure associated with that domain might be decommissioned. This creates a potential risk, as the domain could be remapped to a malicious website, leading to data breaches or credential theft. However, SentinelOne Singularity Cloud Security proactively detects and alerts us to such accidental exposures of sensitive information, including SaaS credentials. These are some of SentinelOne Singularity Cloud Security's most valuable features.
There is room for improvement in the current active licensing model for SentinelOne Singularity Cloud Security. As both a customer and service provider, I believe a more comprehensive package could be developed that would be mutually beneficial.
I recommend including endpoint monitoring functionality in a future release of SentinelOne Singularity Cloud Security. While we currently scan our endpoints manually through an external vendor, integrating this capability within SentinelOne Singularity Cloud Security would offer significant advantages. Additionally having real-time detection of malicious activity in our network would be beneficial.
I have been using SentinelOne Singularity Cloud Security for 2.5 years.
SentinelOne Singularity Cloud Security is stable.
SentinelOne Singularity Cloud Security is scalable.
The technical support is responsive and they stay in contact with us.
Positive
As an energy company, SentinelOne Singularity Cloud Security helps us ensure compliance across our many providers, which is essential for our business expansion.
The pricing for SentinelOne Singularity Cloud Security in India was more reasonable than other competitors.
I would rate SentinelOne Singularity Cloud Security eight out of ten.
We have 15 people in our organization that use it. SentinelOne Singularity Cloud Security is responsible for the maintenance.
It is a sophisticated and fast-growing product with great services.
We use SentinelOne Singularity Cloud Security to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate SentinelOne Singularity Cloud Security with our GitHub repositories that store our hard-coded secrets.
We renewed our contract with SentinelOne Singularity Cloud Security for another year because it's extremely easy to use. The user-friendly UI, along with its integration with Jira and the ability to consume alerts through Slack, make it a valuable tool for our team.
Evidence-based reporting facilitates addressing complaints related to mandatory controls. SentinelOne Singularity Cloud Security offers an option for high-alert items to be kept publicly available if we're confident we have appropriate controls implemented.
SentinelOne Singularity Cloud Security's agentless vulnerability scanning has identified a significant number of vulnerabilities.
SentinelOne Singularity Cloud Security's evidence-based reporting, particularly its proof of exploitability, is highly valuable. For example, their recommendations significantly reduce investigation time and allow us to easily research vulnerabilities using tags. This targeted approach helps stakeholders prioritize and address critical vulnerabilities efficiently through the dashboard.
We utilize the offensive security engine, but fortunately, it doesn't detect many vulnerabilities. It primarily identifies publicly known patch versions and the exposure of the SMTP service. On the other hand, I would rate the ASM functionality an eight out of ten.
IaC scanning has been effective in identifying code-level issues whenever infrastructure as code is scanned.
SentinelOne Singularity Cloud Security automatically populates and maps our network, identifying any misconfigurations within the first two hours of deployment.
It has reduced false positives by around 90 percent.
Our mean time to detection has been improved, especially for critical areas. Our mean time to remediation has been improved as well.
SentinelOne Singularity Cloud Security has improved our risk posture by providing visibility into our cloud infrastructure.
SentinelOne Singularity Cloud Security improved the collaboration between the cloud security application developers and the app security team.
It helped our developers save time.
SentinelOne Singularity Cloud Security offers an intuitive user interface that lets us navigate quickly and easily. Additionally, its identification feature allows us to customize rules and configurations in the cloud.
IaS scanning identifies misconfigured code within GitHub repositories. This represents a "shift left" approach to security.
Customized queries should be made easier to improve SentinelOne Singularity Cloud Security.
I have been using SentinelOne Singularity Cloud Security for one and a half years.
While SentinelOne Singularity Cloud Security is stable for around 90 percent of the time, there are occasional glitches in the UI. However, as a security tool, our primary focus is on the results it delivers, rather than the aesthetics of the dashboards themselves.
Scaling SentinelOne Singularity Cloud Security is easy. We recently integrated with AWS and it went well.
We regularly contact the technical support team about some UI glitches. We provide them with feedback on these glitches regularly. Additionally, we would like to see some new features added to Jira when creating tickets. We've also been in touch with the technical support team about this.
The technical support team's responses are good and have been improving.
We've noticed a decline in their response times lately. This could be due to the recent acquisition of SentinelOne Singularity Cloud Security by SentinelOne. Previously, their response times were much faster.
Positive
The initial deployment was straightforward.
Deploying SentinelOne Singularity Cloud Security is a quick process that involves creating a dedicated service account, granting the necessary roles to the service account, and attaching the service account to SentinelOne Singularity Cloud Security.
The total deployment time took around 15 minutes.
The implementation was completed in-house.
The features included in SentinelOne Singularity Cloud Security justify its price point. The agent-level monitoring for Kubernetes clusters is particularly valuable and could support a modest price increase.
Our evaluation of Prisma Cloud and Trend Micro on an open-source platform for identifying misconfigurations yielded a high number of false positives, limiting its effectiveness. We chose SentinelOne Singularity Cloud Security based on the price and the ease of use.
The setup and cleanup need to be done first to get things organized. This makes SentinelOne Singularity Cloud Security a much easier option than the other products we evaluated, which were all very complex. So, we won't be jumping straight to CWP. Instead, we'll focus on securing our perimeter. We believe SentinelOne Singularity Cloud Security can solve this issue, and the support we received during the proof of concept was also very positive. Considering all these factors, we decided to go with SentinelOne Singularity Cloud Security.
I would rate SentinelOne Singularity Cloud Security nine out of ten.
SentinelOne Singularity Cloud Security does not require maintenance.
It is easy to use, but it works best when you have established organizational practices in place. If you feel this is critical, don't hesitate to address it directly. Integrating SentinelOne Singularity Cloud Security is straightforward, so there's no need to worry about that. It's a ready-made solution that can be integrated with just a click. You can then address the specific issues you find most important. Ideally, integrate all your relevant sources during onboarding, such as GitHub or any cloud accounts you use. This ensures you capture everything from the start and get the best possible results.
The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.
The primary benefit for our company has been the reduction of false positives. It's saved us time and resources.
I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.
It brings in good security.
It is fairly simple. Anybody can use it.
The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it.
The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud.
While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.
It's very easy to integrate.
The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.
The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations.
It has helped us reduce false positives significantly. That's something I've been focused on.
The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues.
Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.
After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.
There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed.
They could separate or differentiate between different kinds of frameworks.
I've used the solution since I started working with my company - for about one year and three months.
I don't recall any stability issues.
The solution is scalable. The scalability is highly flexible.
We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.
Positive
I have not used any alternatives.
I was not initially involved in the deployment process.
There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything.
I'm not sure how the pricing for the solution works.
I'm an end-user.
I'd rate the solution 9 out of 10.
It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good.
In its all-in-one aspect, we started with Cloud Security Posture Management at the beginning and then added the Offensive Security Engine, Vulnerability Management of CDR. We also use it for compliance.
By implementing this solution, we wanted an alerting mechanism and detection of any deviation from our current configuration. We also wanted visibility into Kubernetes and AWS cloud. We wanted something that continuously monitors and gives us updates so that we can take action.
We have an overview of our compliance status. We check on a weekly or monthly basis where we are with respect to various compliance standards.
Its dashboard is quite good. We can select any resource and go to any details we want. We have a visual representation of our assets and how they are connected.
I like the granularity of access. We can give read-only, admin, or other types of access to team members based on their roles.
It provides an option for auto-remediation, but we are not leveraging that. However, we are using the exploit information to check what they saw versus what we are seeing. It helps to be able to see their evidence.
It includes proof of exploitability in its evidence-based reporting. This is very important for us. We can validate if something is false positive or not only if we have any evidence from the findings. Having the evidence for every issue helps us prioritize the findings.
Offensive Security Engine has helped to clear a lot of vulnerabilities in the past. Through the dashboard, we could see all the metrics related to public exposure and misconfigurations. We have a lot of services in our cloud, and they were very hard to track. It solves that problem for us.
Our time to detect and respond has improved drastically. If a misconfiguration happens, we gain visibility quickly. Our mean time to detect and respond has reduced by about 50%.
It has enabled collaboration between multiple teams for implementing cloud detection and response and understanding vulnerabilities. It has saved 20% to 30% of our time.
It has been highly effective in risk mitigation. Slack and Jira integrations have been helpful for alerting and creating tickets. We also have Kubernetes integration for insights.
The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable. I get to customize severities or rules. The flexibility to rate a finding or category of vulnerabilities is the most interesting.
The cloud misconfiguration feature gave us almost zero false positives. We are happy with this feature.
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of critical severity, whereas they are not critical or of high severity. There is a mismatch of severities. They need to work on severity management.
Alert fatigue is an issue as well. We get many alerts because of severity mismanagement. In CDR, there is no option to rescan or recheck. In cloud security, if a resource is restarting multiple times and gets a new name, we get alerts each time, leading to alert fatigue. If restarted five times, we get five alerts, which is not favorable.
I have used the solution for two years.
It is a stable product. I would rate it a ten out of ten for stability.
It is scalable. I would rate it a ten out of ten for scalability.
We are using the Enterprise plan which is the maximum that one can leverage. We are paying for all the features, but we are currently not leveraging VCS. We want to increase the usage of that.
Their technical support is top-notch. I made friends there.
Positive
Previously, there was no product. We relied on in-house, independent ad-hoc automations. We now have a comprehensive and all-in-one solution.
Its deployment was easy. It was set up in less than a week.
There were a couple of people from PingSafe and a couple of people from our side.
We are based out of Indonesia and India. The deployment was done on the cloud. We use AWS. The PingSafe team was from Bangalore, India.
Its maintenance is taken care of by the SentinelOne team. There is nothing required from us.
On the resource side, we do not have to invest much money or time into developing our own automation or tools. It has saved us more than 50% of our time.
It is cost-effective compared to other solutions in the market.
I recommend looking at the exact requirements and exploring options for CSPM and Offensive Security Engine. These two are a must-have. I would recommend reviewing the use case first and seeing if any other features are required.
I would recommend this solution to others. Overall, I would rate it a ten on ten for cloud security.
SentinelOne Singularity Cloud Security offers a variety of functionalities, including cloud configuration assessment and detailed misconfiguration reports. It automates vulnerability scanning, saving us time and effort. Additionally, SentinelOne Singularity Cloud Security allows us to filter compliance-related findings and provides consolidated reports for a comprehensive view.
Furthermore, SentinelOne Singularity Cloud Security can conduct customized posture management research for Cloud Posture Management initiatives. This eliminates the need for complex, independent research. Finally, SentinelOne Singularity Cloud Security helps us understand our readiness for specific security certifications.
One of the key features of SentinelOne Singularity Cloud Security that we utilize is its cloud-based configuration. This helps with our cloud security monitoring processes. This allows for infrastructure automation and broader implementation access. To mitigate this risk, we have multiple personnel actively monitoring activity to safeguard against vulnerabilities, employing vulnerability scanning techniques.
SentinelOne Singularity Cloud Security simplifies managing compliance. It gives us a clear compliance report, allowing us to easily identify areas for improvement and achieve full compliance. This makes it a valuable resource.
SentinelOne Singularity Cloud Security is easy to use. I would rate the ease of use 9 out of 10 compared to our previous tool which had good features but was not as intuitive as SentinelOne Singularity Cloud Security and had bugs.
SentinelOne Singularity Cloud Security's dashboard provides a single place for managing everything, including reporting and prioritization. Previously, we relied on Jira, which required submitting and closing tickets. This meant we were juggling both Jira and separate ticket management. Now, SentinelOne Singularity Cloud Security consolidates everything into a single dashboard, allowing us to see all issue priorities and address them directly. As a result, our resolution times have significantly improved, going from 9 days down to 3.
SentinelOne Singularity Cloud Security's proof of exploitability in evidence-based reporting is important. We can see all the evidence and assess it to see why the vulnerability has come up. We are also able to edit the policies and create custom policies.
Identifying preproduction issues in the IAC template or container configuration files is helpful. SentinelOne Singularity Cloud Security notifies us if the public rate defined is different which should not happen. Sometimes we encounter false positives but not many.
SentinelOne Singularity Cloud Security improved our security through the cloud configuration feature. We receive notifications if someone makes changes and our mitigation time has gone from up to 30 days down to nine.
SentinelOne Singularity Cloud Security generates some alerts that we categorize as false positives. These can occur, for instance, when someone uses a publicly available open-source tool and SentinelOne Singularity Cloud Security flags it. While SentinelOne Singularity Cloud Security's detection is valid in itself, we consider it a false positive because our development doesn't rely on that particular tool.
Our recent security assessment revealed a positive change in our security posture. We've moved from a medium to a high rating, thanks in part to SentinelOne Singularity Cloud Security.
SentinelOne Singularity Cloud Security has reduced our mean time to detect by 40 percent.
It has reduced our mean time to remediate down to 9 days.
Using SentinelOne Singularity Cloud Security, our cloud security, application development, and AppSec teams have achieved a high level of collaboration. All work is automatically updated within SentinelOne Singularity Cloud Security, allowing each team to generate reports, review identified issues, and work towards resolving them.
Integrating AI with SentinelOne Singularity Cloud Security has strengthened our security posture.
It offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning.
We can customize security policies but lack auditing capabilities. Ideally, we should be able to review logs and track user access.
I have been using SentinelOne Singularity Cloud Security for 1.5 years.
I would rate the stability of SentinelOne Singularity Cloud Security 10 out of 10.
I would rate the scalability of SentinelOne Singularity Cloud Security 10 out of 10. We are using multiple clouds and have integrated them with SentinelOne Singularity Cloud Security allowing us to easily scale.
SentinelOne Singularity Cloud Security provides excellent technical support. In addition to monthly guidance, we also receive a comprehensive quarterly business review. We haven't needed to contact their support team outside of these scheduled interactions. We also have a customer support engineer readily available to assist us whenever we encounter any issues.
Positive
We switched to SentinelOne Singularity Cloud Security because of the price and user-friendly functionality.
The initial deployment was easy because it was cloud-based and handled by SentinelOne Singularity Cloud Security. The entire deployment process only took 1 day. We had a meeting beforehand, and the next day, they provided us with the steps to follow. We successfully integrated the system by following these instructions. 2 people from our organization were involved in the deployment.
SentinelOne Singularity Cloud Security has delivered a return on investment by enabling collaborating teams to save up to 50 percent of their time.
SentinelOne Singularity Cloud Security is fairly priced.
I would rate SentinelOne Singularity Cloud Security 9 out of 10.
10 people in our organization use SentinelOne Singularity Cloud Security.
I recommend SentinelOne Singularity Cloud Security to others.
Cloud Native Security is a tool that has good monitoring features. We get multiple misconfigurations from the monitoring on a daily basis. Cloud Native Security detects misconfigurations in real-time, like open ports.
If our team closes a particular alert triggered in Cloud Native Security, it should also be closed in Cloud Native Security. After closing an alert in Cloud Native Security, it still shows as unresolved.
I have been using Cloud Native Security for one and a half years.
We haven’t faced any issues with the solution’s stability.
The technical support of the solution is good.
Positive
Cloud Native Security is a user-friendly solution. If you log in to the console, you'll get all the misconfigurations, and the solution has recently integrated CI/CD. Sometimes, we get false positive alerts. Our team closely observes if there are any misconfigurations. If it is closed for a particular resource, it must also be closed from the monitoring dashboard, which is not happening. We have already raised this issue to the support team.
The solution's proof of exploitability gives complete data from the console regarding the issue, description, resolution, proof of concept, and closing of alerts. The main benefit of Cloud Native Security is that it detects multiple misconfigurations in our environment. If there are any unwanted port openings or any publicly accessible EC2, we will get to know about them easily from the monitoring tool.
Cloud Native Security is deployed on the cloud in our organization. Cloud Native Security has new monthly updates. We are continuously in touch with the Cloud Native Security team for anything that needs to be changed or modified or if there are any new requirements.
Overall, I rate the solution a 9 out of 10.
My company uses Cloud Native Security as our CSPM solution to discover vulnerabilities in cloud-based configurations. We take alerts from Cloud Native Security and forward them to the DevOps team to remediate them manually.
Cloud Native Security helps reduce the number of false positives we receive. We receive notifications and alerts from various channels, such as AWS CloudTrail and Microsoft Defender. These products generate alerts based on their policies. I can feel confident that Cloud Native Security isn't giving any false positives. We get a few, but they are rare, and I can immediately alert the team to redefine their policies.
Cloud Native Security's most valuable feature is its offensive security engine. I have worked with many CSPM solutions. What sets Cloud Native Security apart is the security engine's ability to provide evidence about the potential for vulnerabilities to be exploited or endpoints exposed with credentials.
The evidence-based reporting is helpful. It shows us all these details that help us do more research. We are working with various stakeholders to remediate those misconfigurations immediately. No other solutions provide this feature. We can research other resources affected by the same kind of vulnerabilities or misconfigurations. We can prioritize fixing them and work on them immediately. That's beneficial to everyone on the team, and they are learning a lot with this feature from Cloud Native Security itself.
While Cloud Native Security is mostly easy to use, the interface has a few trouble areas. We have faced some challenges with filtering. The Cloud Native Security team is working on that, and they're fixing it immediately. They take feedback seriously. There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature.
We have been using Cloud Native Security for one year.
Cloud Native Security is stable.
I rate Cloud Native Security 9 out of 10 for scalability. There is no lag, and the application doesn't break down.
I rate Cloud Native Security support 8 out of 10. We contacted them about adding some policies and creating plugins based on our requirements.
Positive
We previously used Prisma Cloud. Each has its own feature set. Prisma is on a higher level, and Cloud Native Security is a startup that's building its feature set and taking feedback from all the customers. That's one advantage Cloud Native Security has. They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away.
Deploying Cloud Native Security wasn't too easy or difficult. It was manageable. I did the deployment by myself. I'm the Cloud Native Security admin for my organization responsible for onboarding all the cloud accounts for AWS, GCP, and Azure.
We also looked at Orca Security. Like Prisma, Orca is one of the top solutions on the market. Most of the CSPM solutions have the same features. Cloud Native Security stood out for two reasons: One is the offensive security engine. That is the main thing. The second thing Cloud Native Security offers is evidence-based reporting. That helps us a lot. These two features are unique, which is why we chose Cloud Native Security.
I rate Cloud Native Security 7 out of 10.
