SentinelOne Singularity Cloud Security Reviews

We mainly use PingSafe for cloud security. 

We like that it is cloud-native security. It gives us an overview of all cloud structures. For example, if I'm integrating with AWS or Azure and I'm not sure of all of the instances, it will scan the whole cloud and show us issues related to instances. It can help us uncover vulnerabilities. 

Of all the features we use, the cloud configuration and the offensive security engine are the most used. There is a secret scanning feature that I really like. It scans the public repositories, private repositories, and developer repositories. That way, we can see if any secret is added to the search engine or anywhere over the Internet. It detects this and then lets us know to which repository it was added. We can get it removed if we need to from repositories like GitHub.

The solution is good for verifying actual exploit paths. It helps us detect whether all the instances that are publicly available can be made private. We can see if anything is suspicious or harmful to us in the future or if any technical exploit has a specific port or something like that. If there is any vulnerability, such as if our Microsoft version is publicly exposed or if it is an older version, we can disable it, or we can upgrade to get the latest version of iOS to avoid exploitation.

The solution is easy to use. The interface is nice. Anyone can spend a day or two with the solution and they'll be able to understand the whole structure of the application, its features, and how to use it. 

The integration with other solutions is very good. We integrate it with Jira and it runs smoothly. There are also default integrations for various clouds, like Google and Azure. We can also get alerts in various ways, like through Jira or email.

The evidence-based reporting is useful. It provides evidence according to the issue. We get a proper overview of the issue. I can check the evidence panel to see if the issue is genuine or a false positive by looking at the evidence. 

We noted immediate benefits from using the solution. Within about a month, we had it integrated with Jira, and connected to all accounts and were able to easily find issues. 

With PingSafe, we are 96% to 97% compliant. It helps us judge and, as necessary, mitigate risks. 

We've noticed a drop in false positives. I haven't noticed any false positives in PingSafe, to be frank. Unless it's a glitch in the system, everything coming in is a positive.

Our mean time to detect has been reduced. 

It's helped us collaborate effectively between cloud security application developers and AppSec teams. Having a vulnerability management module gives good visibility to vulnerabilities that are highly exploitable. We can see exactly what's vulnerable or affected in order to troubleshoot.

We'd like the integration with Jira to be stronger in some areas. For example, we'd like to be able to create multiple tickets for multiple instances. Right now, we can only create one ticket and cannot be specific enough. There's no way to create multiple tickets. It's very difficult to assign multiple teams the same Jira ticket.

Scanning capabilities should be added for the dark web.

I've used the solution for the last two years. 

The stability is good. There's no lagging or crashing. There may be a downtime once a quarter. 

We haven't had any issues with scaling. 

Technical support is very good. We do have a monthly call with PingSafe whereby we run through and resolve any issues. They typically answer our queries within 24 hours. The team is good. They seem technical. 

Positive

This is the first cloud security tool we've used. 

The initial deployment was easy. The PingSafe team was very helpful. If we needed any help they were there to guide us. There's even a step-by-step guide. 

We had a member of the DevOps team provide us with all of the credentials and give permissions and another security team member to communicate to the PingSafe team in order to arrange all of the integrations. 

The tool is very efficient. There is no maintenance needed. 

We did not need any assistance from a reseller or consultant. 

While my understanding is there will be a price increase, so far, the pricing has been okay.

We evaluated Prisma Cloud and Crowd Strike. We used Crowd Strike for a while; however, now we are only using PingSafe. PingSafe is very good. It offers multiple modules, and no other tool provides vulnerability scanning, secret scanning, and container cloud security in one dashboard. 

We are a PingSafe customer. 

I'd rate the solution 9 out of 10. Overall, the tool is good. 

New users should be ready for a lot of issues that will come onto their dashboard. They'll need a team of three to four at the outset to analyze the dashboard and work through reported vulnerabilities. 

I use it to monitor and update my clients. We have about seventy users, which we run the client on, and we pretty much just monitor the activities and update the agents when possible. We use it to make sure that there are no viruses or malware on the user end, the endpoint machines. It's an antivirus.

We were looking for a solution that wasn't hard to manage and wasn't intrusive on the client end. We needed something users couldn't make changes to or take up too much CPU. We wanted to make sure that when we loaded this on the user machine it wasn't going to tax it. 

The ease of use is great.

The portal is great. It's not complicated. I can find what I need and it's straightforward. It's not over complicated. 

The real time detection and response capabilities are good. I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on. 

They have an automated remediation feature that I have used. You can resolve issues on the portal. 

The forensic visibility into the Linux kernel is very good. It helps to catch things early on. They've been able to remediate situations pretty quickly.

The historical record after the attacks is informative. It gives me the information I need. It's done really well.

The solution has helped me free up time. I go maybe once a week to see a status and if I get any alerts via email, I'll action something. My users are pretty educated and I haven't had to really worry too much. There's barely anything getting caught as the staff is all very diligent.

When it catches something, we're able to quickly get a handle on it. It's doing its job and we haven't had to worry about any attacks.

There isn't anything I don't like. It's really easy to use, for example. 

Their search feature could be better. When I go in and try to search for stuff, it could be a bit easier. It can be a little cumbersome. 

I've been using the solution for two years. We're going to be renewing our contract soon. 

I've had no stability issues at all.  

It's easy to scale. Scaling is straightforward.

We're a non-profit, so we won't grow too much. We don't really have use for the auto scaling feature. However, the feature does make scaling easy for those who need to grow.

I've barely contacted technical support. I've only spoken to sales in regard to demos. I had to call support once when an agent didn't install correctly. I had them get a cleaner to remove it from the machine. That only happened once. They were very helpful and it was easy to contact them. I was done in ten minutes. 

Positive

I did previously use McAfee. When we had to renew, we were looking for something simple on the client end and pretty light. McAfee tends to tax the machine a bit. It had a clunky client as well. The reputation of Sentinel was also better than McAfee's. 

I was involved with the initial deployment. The setup was straightforward. I had no issues with the setup.

Outside of occasionally upgrading the agents, there is no maintenance needed. 

I handled the setup myself and my boss. 

The pricing and licensing are competitive. 

We were evaluating McAfee and Symantec and a few other companies. I can't recall the others. Sentinel just stood out. 

To those who have a continuous monitoring solution in place, I'd advise them to have something running on their client end as well. Otherwise, you don't have full coverage. 

I haven't really integrated the solution with any third-party solutions.

I'd rate the solution ten out of ten. It's straightforward and not that hard to work with. You don't have to do too much prep work before jumping in. It's an easy solution to implement. 

In our organization, we use SentinelOne Singularity Cloud Security for infrastructure security purposes. It secures our infrastructure, data, and everything. That's the primary use case for this.

It is very useful and easy to use for beginners as well as pros. From a beginner's perspective, its dashboard is very convenient, and the UI/UX is very easy to understand.

Regarding proof of exploitability in SentinelOne Singularity Cloud Security, when a developer makes a repository public, it identifies issues in minutes. If the repository has some hardcoded secrets, they would cause problems for us because anybody on the internet could access it. Those keys could allow the exploitation of the systems. SentinelOne Singularity Cloud Security catches the issues quickly. The same applies to a public bucket. One of our DevOps engineers made it public which had many files in it. SentinelOne Singularity Cloud Security was on top of it. The solution has an automated workflow that blocks such misconfigurations.

We primarily use infrastructure as code scanning for cloud security posture management, but the solution also provides capabilities for identifying hardcoded secrets in the source code. It covers Kubernetes security with around 20 to 35 members from security and DevOps being users of this solution.

It has reduced our mean time to detect by 30% to 40%. Our mean time to remediate is also reduced by 20% to 30%.

The compliance monitoring feature of SentinelOne Singularity Cloud Security gives us a report with a compliance score to ensure we meet certain regulatory standards. We can show our compliance as a percentage, and we do this to demonstrate that we are serious about security and for audit purposes. That is the best feature I appreciate.

SentinelOne Singularity Cloud Security is an excellent CSPM tool, but its CWPP features need improvement, and there is scope for more application security posture management features. There aren't many ASPM solutions on the market, and the existing ones are costly. I would like to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM and CSPM, and the feature I'd like to see is runtime protection.

I have been using it for around two years.

We have experienced some dashboard lagging issues.

I contacted their technical support when we faced an issue on the dashboard. Sometimes it gets laggy, and we conversed with the customer support team. They informed us it was some network issue and guided us very informatively and usefully. I would rate the support a nine out of ten.

Positive

I personally did not use any alternative to SentinelOne Singularity Cloud Security.

The initial installation is easy. It takes around two to three days to fully deploy it.

We had seven to eight people.

It requires maintenance after deployment, but that is not handled by me. There is a separate team, the InfoSec team, which manages the maintenance.

I would rate SentinelOne Singularity Cloud Security a nine out of ten.

Our cloud security posture management is handled by PingSafe.

To prevent cloud misconfigurations and developer code errors, we implemented PingSafe as a safeguard.

PingSafe is deployed as a SaaS.

The UI is easy to navigate and user-friendly even for users with limited experience.

PingSafe is easy to use.

The evidence-based reporting is good for helping prioritize and solve important cloud security issues.

Agentless vulnerability scanning simplifies vulnerability discovery across our entire cloud infrastructure, even in multi-cloud environments. This means we can see all our scan results in a unified view.

PingSafe's proof of exploitability in evidence-based reporting is important because it helps us easily identify issues.

The offensive security engine is handy for verifying actual exploit paths and prioritizing breach potential. We can identify the issues easily and check with the developers to mitigate them.

The IaC scanning helps with identifying preproduction issues in templates and container configuration files.

PingSafe has improved our ability to see and understand our cloud environment. By adhering to compliance regulations, we were able to identify areas where we had blind spots.

PingSafe has helped reduce the number of false positives by 60 percent. We have a whitelisting option that makes it easy to avoid false positives.

PingSafe has strengthened our overall security posture by both enhancing our environment's security and proactively identifying misconfiguration.

PingSafe has reduced our mean time to detection by 90 percent.

PingSafe has reduced our mean time to remediation by 90 percent.

PingSafe has affected the collaboration among our cloud security, application developers, and AppSec teams.

The collaboration has saved engineering 80 percent of their time. 

The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning.

A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system.

I have been using PingSafe for two years.

I would rate the stability of PingSafe nine out of ten.

I would rate the scalability of PingSafe ten out of ten.

PingSafe's support is my favorite. They are easy to contact.

Positive

In the past, we relied on an open-source CSPM tool, but it lacked functionality beyond basic cloud misconfiguration detection. This necessitated using additional tools to address our broader security needs.

The deployment took two months and involved four people.

We have saved a lot of time and resources using PingSafe.

The cost for PingSafe is average when compared to other CSPM tools.

Having experience with both Prisma Cloud and PingSafe, I found PingSafe to be the superior solution.

I would rate PingSafe nine out of ten.

We have under 50 PingSafe users within our organization and it is deployed in one location.

No maintenance is required on our end.

I recommend PingSafe to others.

We leverage PingSafe for cloud security posture management, which continuously monitors our cloud configuration for vulnerabilities. When PingSafe detects an issue, we prioritize the alert from our cloud-native security solution and route it directly to the DevOps team for remediation.

We have PingSafe deployed on AWS, Azure, and GCP.

PingSafe has significantly reduced the number of false positives in our cloud-native security environment from 30 percent down to five percent. This is especially helpful since we receive notifications and alerts from various sources like AWS and Cloudflare, all with their own security policies. With PingSafe, I feel confident that these alerts are accurate, reducing the workload on our security team and giving us peace of mind for the past two years.

The threat detection capabilities have improved our overall security by safeguarding our cloud data transfers, and protecting both incoming and outgoing files.

With a large number of domains under our management, PingSafe's incident response feature is crucial for identifying and swiftly addressing any data corruption issues that may arise within them.

PingSafe has a user-friendly interface, making it a breeze to learn the fundamentals and navigate the dashboard.

Our Infrastructure as Code effectively identifies potential problems in templates and configuration files during the preproduction phase. This information is then relayed to our support team who can address these issues proactively.

Before implementing PingSafe, our cloud security was inadequate, resulting in inaccurate data visibility. To ensure complete data encryption and client invisibility, we adopted PingSafe, which successfully secured our cloud environment.

Reducing false positives has strengthened our security posture. While we transitioned from Prisma Cloud to PingSafe for our GCP and AWS environments, Prisma offered more advanced features. However, PingSafe prioritizes customer requests, addressing security needs faster than Prisma's release cycle, ultimately improving our security efficiency.

PingSafe has strengthened our risk posture by implementing access controls to ensure only authorized personnel can reach our data, and by safeguarding it to minimize security risks.

PingSafe has reduced our mean time to detection by 15 percent.

The implementation of PingSafe has improved collaboration between our cloud security application developers and AppSec teams. By granting those teams write access, PingSafe streamlines interaction and fosters a more efficient working environment.

Our engineering time has been saved thanks to the visibility that PingSafe provides.

The visibility PingSafe provides into the Cloud environment is a valuable feature.

The user interface is well-designed and easy to use, and retrieving data is smooth and effortless. 

PingSafe's cloud filtering has a limitation: implementing single sign-on requires a pre-class account feature, which is currently not available.

I have been using PingSafe for one year.

I would rate the stability of PingSafe seven out of ten. It is stable when it comes to securing our data.

I would rate the scalability of PingSafe eight out of ten. We have scaled many times.

The technical support team is both responsive and efficient, promptly resolving our issues.

Positive

While Prisma Cloud initially managed our cloud security, their slow feature implementation ultimately led us to switch to PingSafe. PingSafe's responsiveness in delivering the features we need has been a major improvement. Also, the visibility and dashboard of PingSafe are superior.

The deployment of PingSafe spanned several weeks as each cloud platform we deployed it on required one to two weeks for the process to complete.

PingSafe is affordable.

I would rate PingSafe seven out of ten.

We have around 20,000 users and have PingSafe deployed in multiple locations.

While PingSafe does require maintenance, our engineering team prioritizes keeping it up-to-date to ensure the accuracy and security of the data that underpins our cloud security posture.

I recommend PingSafe to others.

Our company relies on Cloud Native Security to fortify the security of our cloud accounts spanning various environments, such as AWS, AZURE and Google Cloud. Cloud Native Security provides timely alerts upon identifying vulnerabilities within our cloud infrastructure services, such as security groups and data encryption, empowering us to prioritize and address them promptly.

Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it. 

Since implementing Cloud Native Security, our security team has engaged in robust discussions on enhancing compliance with key regulatory standards such as SOC, ISO, and other pertinent IT infrastructure-related guidelines. As a result of these proactive measures, our security posture has seen a remarkable improvement, reflecting our commitment to maintaining a secure and compliant environment.

Cloud Native Security plays a major role in compliance. IT companies must maintain our company's security level to achieve ISO-based certifications. We are so proud of the changes we have made using Cloud Native Security. We've implemented many of the controls Cloud Native Security recommended, helping us maintain a high security standard. Fintech companies must maintain security best practices overall in our infrastructure. 

Cloud Native Security offers suggestions about best practices for security, and we've implemented them all. It's helpful for companies hosting their applications in the cloud configuration. This tool enables us to record unauthorized actors or security failures. Everything is reported in Cloud Native Security, allowing us to rectify mistakes and misconfigurations.

When security threats occur, Cloud Native Security immediately alerts us through various communication channels. It has several modules, including cloud misconfigurations, container security, Kubernetes, vulnerability management, infrastructure code scanning, and cloud detection and response. It also tells us when unauthorized API calls are occurring. Everything is recorded in Cloud Native Security, and it alerts us about what is happening in the account. The detection time for critical alerts is almost instant. We'll see it in under two minutes. 

The solution saves the company a lot of time. Responding to alerts can take up a lot of our team's bandwidth. But there is a feature of their remediate that helps the bandwidth of our engineering team to fix the issues when we used Cloud Native Security as a team member. They helped us fix the issues and saved a lot of bandwidth for our team.

My top preferences revolve around infrastructure-as-code scanning and Kubernetes security. With infrastructure-as-code scanning, we catch errors or inadvertent inclusion of sensitive data in our code prior to deploying infrastructure via Terraform. As we continue to leverage Terraform for infrastructure deployment, alongside embracing new technologies to stay aligned with industry advancements, these features play a pivotal role in maintaining our security standards and workflow efficiency.

Cloud Native Security helps us detect vulnerabilities when deploying infrastructure.  We use Cloud Native Security to monitor all our cloud infrastructure and accounts. It continuously scans whether or not we have the agent installed. It's something like a role. You can configure an IAM role that provides access to Cloud Native Security to scan. It enables seamless connectivity with any cloud environment.

The Offensive Security Engine has helped us to discover some breaches.
You can see across the cloud domain in Cloud Native Security. For example, the dot com map can cover multiple servers internally. Cloud Native Security flags all URLs exposed to the public and other vulnerabilities. When we get alerts from the Offensive Security Engine, it has some internal debugging tools the developers can use. 

The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud. 

I have used Cloud Native Security for three years.

Cloud Native Security is highly stable. 

Cloud Native Security is scalable. 

I rate Cloud Native Security support nine out of ten. They solve issues within the agreed-upon period. They're impressive. 

Positive

We previously used the native AWS tools like Inspector. Cloud Native Security is impressive compared to those. 

It's easy to integrate Cloud Native Security and onboard all our cloud accounts. Before implementing, we tried to have all the security best practices in place. If you do that, it's easier to fix the vulnerabilities when Cloud Native Security detects them. Deployment took about five or six minutes. 

We opted for Business Plan at an affordable rate, providing excellent value for your investment. While I'm not entirely certain, I believe the monthly cost is around 180,000 rupees.

We looked at Trend Micro and some other options.

I rate Cloud Native Security nine out of ten. Use this tool if you want to keep your cloud applications secure.

SentinelOne's Singularity Cloud Security streamlines our cloud security by minimizing false positives. Previously, we were inundated with alerts from various sources like AWS Cloud and Microsoft Defender, making it difficult to distinguish real threats. Now, with Singularity's cloud-native security, I can confidently address genuine threats and efficiently alert my team about relevant Defender policies.

We implemented Singularity Cloud Security to reduce the number of false positive alerts we were receiving.

I would rate the ease of use a seven out of ten.

The Proof of exploitability in evidence-based reporting helps us during our investigations.

The IaC scanning helps identify preproduction issues.

By analyzing alerts from various channels against our defined security policies, Singularity Cloud Security significantly reduces false positives. This allows our team to focus on real threats, and when a rare false positive does occur, we can quickly notify the security team to refine the relevant policy.

Our false positives have been reduced by over 80 percent.

It has improved our risk posture.

Singularity Cloud Security has improved our mean time to detect by 20 percent and has improved our remediation time by allowing us to see the details of the vulnerabilities in one place.

Singularity Cloud Security has saved our engineers around 25 minutes of time.

The key strength of Singularity Cloud Security lies in its ability to pinpoint vulnerabilities in our cloud accounts and identify suspicious activity that warrants further investigation.

Unlike Prisma, which schedules feature additions for its next roadmap release, Singularity prioritizes user feedback and strives to implement feature requests as quickly as possible.

Singularity Cloud Security currently lacks a break-glass account function, which is a critical component for implementing Single Sign-On as it allows for regaining access in emergencies.

I have been using Singularity Cloud Security by SentinelOne for one year.

I would rate the stability of Singularity Cloud Security six out of ten. There are times when I click on a topic and it freezes.

I would rate the scalability of Singularity Cloud Security seven out of ten.

The response time needs improvement.

Neutral

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

There are ten users in our organization.

No maintenance is required from our end.

I recommend Singularity Cloud Security. After using the solution for a year and a half, our organization has found it valuable in identifying vulnerabilities within our environment.

I am working as an application developer, and SentinelOne Singularity Cloud Security plays a role in the cloud infrastructure where my application is deployed. It provides me with alerts and ensures that I follow best practices in everything.

It gives us alerts and resolutions for anything that is missing or any vulnerabilities in our infrastructure in terms of security. If we have a firewall that is missing some rules that may expose us to attacks, it lets us know. It guides us through alerts, documentation, and other things.

It is very easy to use. The dashboard is very useful for beginners.

Its evidence-based reporting helps prioritize and solve the most important cloud security issues. It can automatically fix certain vulnerabilities or inform us to fix them on priority.

It alerts us on everything at the infrastructure level. Our application is deployed in the cloud. From the load balancer to the application level, there are many points. SentinelOne Singularity Cloud Security plays an important role in terms of security. 

Before SentinelOne Singularity Cloud Security, there was nothing I used as a best practice. It gives me much clarity in my daily work. Earlier, I would look into what kind of rules I needed to add, but there was no helpful reference or documentation. SentinelOne Singularity Cloud Security highlighted those things, helping me secure my cloud infrastructure.

SentinelOne Singularity Cloud Security has reduced our false alerts by 10%. It has improved our risk posture by 25%.

SentinelOne Singularity Cloud Security reduces our mean time to remediate. Previously, it would take me around 20 minutes to understand what was happening, but SentinelOne Singularity Cloud Security gives me clarity about what I have to do a lot quicker.

The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open. I get this data every month, so I do not need to check the dashboard. 

Furthermore, at every point, it provides documentation that offers overall information on how to resolve issues, what points to check, and more. It offers a checklist, which is very helpful. 

They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding.

I have used the solution for around two to three years.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. 

It is being used at multiple locations and regions. In my team, 14 users are there.

I would rate their support a ten out of ten.

Positive

I did not use any similar solution previously. 

We have a hybrid deployment model. The initial setup is very simple. It probably took two to three days.

Its maintenance is managed by SentinelOne. We do not have a look into maintenance.

It is a good product to get data from a security point of view. I would definitely recommend this product to others. It offers maximum security and scalability. It is easy. I can just open SentinelOne Singularity Cloud Security and get the data.

I would rate SentinelOne Singularity Cloud Security a ten out of ten.