SentinelOne Singularity Cloud Security Reviews

We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.

The solution is very good at tracing issues. 

The dashboard is quite helpful. It's easy to use. The product is flexible and can be used in multi-cloud setups.

It's an easy solution for a beginner. 

We've taken advantage of the reporting, which is quite good. It provides us with all the information we need. They have proof of exploitability capabilities, which is important to use. 

The solution has agentless vulnerability scanning, which we use. You can look at extra ports. It's a great feature. 

Its infrastructure of code scanning is useful. I can see it in the container configuration file. It's good for identifying preproduction issues in the container configuration files. It's working well. However, it's not dynamic. It's static.

We were able to witness the benefits after some time had passed. Within a month or two had passed, we began to really witness change. Previously, we were running blind, and now we can see where things might go wrong. 

Our risk posture has improved. Both time to detect and time to remediate have improved.

It's positively affected the communication between cloud security, application developers, and AppSec teams. 

They could have more comprehensive reporting. I'd like to see more details. 

We've found a lot of false positives. It has not helped us reduce our level of false positives. 

We'd like them to work on integration between networks. If I deployed the solution with another layer of security, they can't talk to each other. PinGSafe basically needs to integrate with more tools, especially on the security side. 

I've used the solution for 1.5-2 years. 

The stability is good. I haven't noticed any lagging or crashing. 

The solution can scale fast. The dependency is on the API side, however. 

I've contacted technical support in the past. The quality is good. However, sometimes their staff don't know the details. The speed of response is good.

Positive

I have used other solutions, including Prisma and Datadog. 

I was involved in the initial deployment of PingSafe. It was very easy to implement. We had two to three people working on the set up process. 

There is no maintenance needed for the solution once it is up and running. 

I'm a PingSafe customer. 

I'd rate the solution 8 out of 10. If someone is looking for a CPSM tool, they should look into PingSafe's capabilities to see if they match what a company needs. 

I am working with AWS. I'm a junior cloud engineer and on the client side, we use this software for security. We use this just for scanning all across the AWS environment for any bug, vulnerability, or high risk security issues, and we have to resolve these issues. The solution offers us low to critical alerts and our work depends on these alerts. If it is a critical alert, we have to resolve things as soon as possible. 

The scanning is very good. We have an AWS environment and we can scan our whole account very quickly. Once the alerts get analyzed, we can automatically start removing issues. 

It's easy to use. It comes with preconfigured settings. I haven't had to really change anything for months. 

We have used evidence-based reporting. We're able to give reports on AWS, for example, how many data centers are used, et cetera. We can collect all of the information from PingSafe and share all kinds of data which we can share with the database team for analysis. 

The IaC scanning has been good. It's very interesting. 

When I create a stack for any services in AWS, I can scan everything in a robust environment. This enables me to understand the level of protection.

PingSafe can also scan code and provide alerts of there are vulnerabilities.

It's helped us reduce the number of false positives. I've been on the project for 6 months, and it was only until 3 or 4 months in that I received a false alert. Out of 20 alerts coming in, maybe only one or two are wrong. 

The mean time to detect has been reduced. We check PingSafe every day for a project happening 24/7. We check it frequently to ensure issues are being addressed quickly. We try to be consistent, however, the alerts don't come in at a certain time. They come in at varying times; we just work to keep on top of them.

We've had a glitch in PingSafe where it has fed us false positives in the past.

Sometimes, it takes a few hours to detect a misconfiguration. It would be ideal if that happened faster. Detections should happen in minutes, not hours. 

I've been using the solution for 6 months.

I have not noticed any lagging or crashing. The stability seems to be good. 

We have dealt with support in the past. They were helpful.

Neutral

We did not previously use a different product.

We had senior members of the team manage the installation since they had expertise. I'm not sure how long the process itself took. 

I don't have any visibility on the pricing. 

I'd rate the solution 8 out of 10. 

There are a lot of options. It's a good idea to have a team member arrange on at least a quarterly basis, a review so that new team members can get up to speed on the product and everyone stays on the same page. This will help new team members understand the product. 

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

We have deployed SentinelOne Singularity Cloud Workload Security to our servers and clients. 

Singularity's real-time detection and response capabilities so far have been great.

I like the way we have options in how we set up the automated remediation. We can set it up to automatically take action, or we can set it up to just flag or let us know that there is something that needs to be investigated. It has been really good in that regard. There are many, many options in how we can configure it, and I have liked that quite a lot.

Compared to my previous solution, I am more comfortable with SentinelOne Singularity Cloud Workload Security. I was always concerned that the previous solution was not catching everything. There were a lot of false positives, and there were several cases where it did not catch everything. Even when it did catch something, the logging and forensic details were very limited. SentinelOne Singularity Cloud Workload Security is the opposite of that. It gives us deep visibility into what is going on and what has happened. The mediation is great, and the logging is much more detailed. It has been a huge improvement over what I was using before. Singularity Cloud Workload Security has given me peace of mind.

To date, all threats detected were false positives or test threats. No actual threats have been encountered, but test threats were detected quickly.

One thing I particularly like about Singularity Cloud Workload Security is that it supports older legacy operating systems that we have been unable to eliminate. This is a valuable feature that other clients do not offer.

The visibility is the best part of the solution. To see exactly what's going on in all the clients, and processes that are running, I have got a few false positives, but those are relatively easy to investigate and remedy, and flag them as false positives.

We use Singularity Cloud Workload Security with Citrix and a non-persistent VDI. It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear. We eventually got it sorted out with the help of support, and I give credit to SentinelOne for that.

I have been using SentinelOne Singularity Cloud Workload Security for ten months.

I have not experienced any stability issues, client issues, or rogue agents causing problems. I have also not had any crashes. Overall, it has been great.

We have a relatively small environment, with fewer than a hundred endpoints deployed. So, scalability is easy for us. I don't know how it would work with thousands or even tens of thousands of clients, but I haven't had any issues so far.

The technical support is helpful.

Positive

Our previous solution, Trend Micro Worry-Free, in comparison, is quite poor. It did not give me very good visibility into what was happening with my clients, on the network, or what processes were running. If something happened, I was very limited in my ability to figure out what happened. In other words, the forensic capabilities of my previous solution were lacking.

There is no way to compare the turnaround time of obtaining telemetry data between the two solutions because Trend Micro Worry-Free did not provide any telemetry data. We would receive an email about a possible virus, but when we logged into the system to view the logs, there would be nothing there. Or, it would tell us that there was a virus, but it would not tell us which client was infected until we logged into the console. It was lacking in so many areas.

During the deployment, we conducted a test case. One of SentinelOne's sales engineers assisted us in setting up the software, configuring everything, and setting up notifications. They walked us through the process of setting everything up to my liking and how they would recommend setting up the software. They were instrumental in helping us deploy the system, and all of their assistance was included in the price of the system. We did not have to pay any additional fees. I found their assistance to be very helpful.

Without SentinelOne's help, the initial setup would likely be very complex. There are many options for configuring the product, which can be both beneficial and detrimental. On the one hand, it is beneficial if we are familiar with the software and know how to best configure it. This flexibility is a great advantage. On the other hand, if we are coming from a different product and do not know SentinelOne's software, it would be very helpful to have their assistance in walking us through the setup process and recommending a configuration.

I was the only person from our organization involved in the deployment.

I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought.

I also evaluated Carbon Black. I read a lot of reviews, both official and user-generated, to learn what people were saying about the product. What really drew me to SentinelOne was its legacy software support. This was a key factor for me, and it helped me eliminate some of the other options.

I would rate Singularity Cloud Workload Security eight out of ten.

The software itself is very good. Singularity Cloud Workload Security provides deep visibility and support. I have found the support team to be very responsive and helpful whenever I have engaged with them.

One of our requirements was that the solution was simple enough for me to maintain myself without spending a lot of time managing the software. There are software agent packages that become available, and I need to go in and approve them and push them out. There are occasional false positives, but overall, it's not a lot of work.

For straightforward clients on a PC or laptop, Singularity Cloud Workload Security works well. However, in edge-case scenarios like ours with Citrix and non-persistent VDI, we need to test it out to see if it works well enough in our environment. We had some initial problems getting it started, but we were able to resolve them. So, my advice is that if the scenario is straightforward, there should be no problems.

We use PingSafe as our CSPM. Integrated with our environment, PingSafe scans for vulnerabilities and recommends remediation.

We implemented PingSafe to monitor our cloud security for vulnerabilities in the configuration.

PingSafe is easy to use.

The evidence-based reporting provides details of the vulnerability and the steps we need to take to resolve it.

The PingSafe scanning engine provides valuable evidence by identifying and reporting vulnerabilities that could be attacker targets. This evidence of exploitability is crucial because it allows us to prioritize and patch vulnerabilities effectively. Without this information, we might not be able to address critical vulnerabilities promptly.

Thanks to PingSafe, our security posture has improved significantly. Our team has been able to effectively address all critical and high vulnerabilities identified by the platform.

PingSafe has improved our mean time to detection. Without a CSPM tool, we would not be able to identify vulnerabilities.

PingSafe facilitated collaboration between our cloud security, application development, and AppSec teams. The evidence provided by PingSafe streamlines collaboration and vulnerability resolution across these teams.

The collaboration has saved engineering time by up to 40 percent.

PingSafe's improved compliance monitoring capabilities have helped us achieve a more secure posture.

All the features we use are equal and get the job done.

We encountered issues with some of the configured security rules. The vulnerability recommendations provided by PingSafe were inaccurate. In some cases, the rules are strictly enforced but do not align with real-world use cases. To address this, I recommend revising the security rule definitions to better reflect practical scenarios and provide clearer explanations.

We encountered a problem with PingSafe. They required a broad security policy, but we requested that they implement least privileged access and grant fewer permissions than they initially required. It took them over six months to respond to our request.

I have been using PingSafe for 1.5 years.

I would rate the stability of PingSafe 8 out of 10.

I would rate the scalability of PingSafe 9 out of 10.

The technical support teams' response time was good but they were lacking a deep understanding of the different environments which caused delays in resolving our issues. 

Neutral

The initial deployment was straightforward and took 2 days to complete.

Two people from our team were involved in the deployment.

I would rate PingSafe 7 out of 10.

Four people in our organization utilize PingSafe.

No maintenance is required from our end.

I recommend PingSafe to others for CSPM. 

We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. 

We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.

We are a services company. We are working for multiple clients from the banking sector or the finance sector. They have to follow the rules and regulations of their country. Each country has multiple compliance requirements, and PingSafe helps with the compliance standards that need to be followed. We get reports on the basis of that. We get to know our compliance level. It helps organizations to achieve a high level of compliance.

Its reporting is very good. We do not have to go to the portal and see things again and again. All the required reports go to the respective teams. We have created multiple reports on the basis of applications and cloud accounts. The reports directly go to the application team or the cloud team. They are working on the security posture.

Offensive security is my favorite feature. It gives a lot of things with evidence. It also provides the severity levels, such as critical, high, and medium.

PingSafe has reduced false alerts. We are using PingSafe every day, and we are able to see every configuration. If we find anything different, we work with PingSafe's support team. We create a support ticket as a bug or as a false positive. We are able to close an issue on the basis of priority.

PingSafe is protecting our overall infrastructure. It protects our configuration, network, and IM configuration-related things. We trust PingSafe. We are getting good results, and we hope to keep getting good results in the future as well.

PingSafe has reduced the mean time to detect. If needed, we can also run a scan, and the results are reflected in the PingSafe portal.

PingSafe has reduced our mean time to remediate. It also has auto-remediation capability, but we are not using that. As of now, we are following the information given for closing an alert. This information makes it quite easy. It is very helpful. We do not have to search on the web to find a way to fix the issue. The description it provides is good enough.

PingSafe has affected the collaboration among our cloud security, application developers, and app sec teams. All the teams are on the same platform. They are able to communicate with each other.  

The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well.

Its UI is quite easy. The recommendation part is also quite easy to understand. Users can read the description, and they get to know which action to perform. It is quite easy to use it and onboard things. I would rate it a 9 out of 10 for the ease of use.

For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue. This is a feature request that we have. We are trying to get that done as soon as possible.

We have been using PingSafe for the last year. We are implementing it for customers. We are also trying to be a partner of PingSafe or SentinelOne.

It is stable. I would rate it a 10 out of 10 for stability. We have not faced any downtime. The platform is working well.

Its scalability is very good. We can onboard multiple accounts, Kubernetes clusters, or ECS services on a single platform.

I have contacted them. We also have a Customer Success Manager whom we can contact via email. Whenever required, we raise a support ticket with them. We get a call from them, and it gets resolved every time.

We also have biweekly calls with the PingSafe team. We discuss any issue that we have with them. They let us know about the things they can do. They provide us with updates. This is how we are working with the SentinelOne team or the PingSafe team.

Positive

PingSafe is a SaaS solution. It is easy to deploy it for a customer. If we have all the permissions on the infrastructure, we can onboard any cloud within an hour. However, in an organization, some approvals might be required. In such a case, it can take a week.

It does not require any maintenance. Whatever they are doing is quite good, and the application is working fine. They let us know about their maintenance plans via email. We get to know that downtime is at a specific time. So far, we have not had any issues. It has been pretty good.

We have not used PingSafe's agentless vulnerability scanning. We are trying to onboard all the features and enable them in our tenant. Currently, there are a few features that we have not enabled because we have onboarded some of the accounts as a single account. We are trying to onboard all the accounts at the org level, but we are facing some issues. We are communicating with the SentinelOne team. We are trying to get it done as soon as possible.

We have done a PoC of IaC for some of the projects. In a couple of months, we will start with this feature. It is quite a good feature because we get to the issues in our code before deploying it. It is very good for developers and the Infra team. They do not have to worry after the deployment of the application.

Overall, I would rate PingSafe a 10 out of 10. It is helpful. It is easy to use and easy to understand. It makes it easy to explain things to the customers.

PingSafe is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.

I would rate the ease of use of PingSafe eight out of ten.

PingSafe offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.

The evidence-based reporting is great and I appreciate the details the reports provide.

The IAC scanning picks everything up and is effective. The IAC scanning is proactive.

The two biggest benefits of PingSafe are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.

PingSafe has helped reduce the number of false positives we receive.

PingSafe helps us manage our risk posture.

PingSafe has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.

The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.

I wish PingSafe provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.

I would appreciate the ability to customize the severity levels in PingSafe as the current defaults do not meet my needs.

I have been using PingSafe for one year.

PingSafe is stable. I have not encountered any downtime.

PingSafe is highly scalable.

Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.

Positive

The initial setup is easy. One person is required for the deployment.

The implementation was completed in-house.

I'm not familiar with PingSafe's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.

I would rate PingSafe nine out of ten.

PingSafe requires monthly updates.

Preparing for PingSafe is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. PingSafe will uncover security issues that manual efforts might miss.

We are using Cloud Native Security for cloud posture management and cloud workload protection. Apart from this, it also provides alerts from infrastructure as code. If the tool finds any misconfiguration, it triggers that as an alert, and that gets collected in Jira.

Previously, we were using AWS services, but we were not getting the alerts in Jira. When Cloud Native Security was introduced to us, we wanted it to automatically create Jira tickets, and we wanted custom alerts. These were the two areas that we shared with them, and they stood out in these aspects. We decided to take it ahead, and we have been using it for the last two years. I feel a lot of difference in the security posture development. When we share the tickets with the developers, they work on that, and we have tracking of them in Jira. We wanted to track alerts in Jira. We no longer have situations where we flag an issue and it does not get resolved on time. 

We use agentless vulnerability scanning. The process that Cloud Native Security follows is that you have to deploy the cloud permission template in your account, and then it creates a role that tracks or scans all the resources and finds if there is any misconfiguration. We have integrated Cloud Native Security with Jira. It triggers alerts on Jira. A person is assigned to an alert, and the concerned person is notified. As a security team, we collect those tickets and forward them to the respective team.

Previously, we were not able to track those tickets, whereas now, we are getting automated Jira tickets. It has solved our biggest problem. We are expecting the same from Cloud Native Security in the future. We expect that it will capture the triggers or alerts. If any new security vulnerability is found, it will also flag that to us.

It provides an overview of our security posture. If a metrics endpoint is public for any domain, that gets triggered. We get reports for different domains, such as Kubernetes security and vulnerabilities management, IaC scanning, or cloud detection and response. Cloud Native Security covers all of these. There is also a graphics tool where we can get all the details in a graph. All the Kubernetes microservices get scanned in the workload protection. The Cloud Workload Protection module detects all the cluster misconfigurations and other things. It also gives you alerts on the containers. We were looking for such a tool with all the cloud security modules.

We can also create our own custom policy. For example, if we do not want to enable the recommended Cloud Native Security policies for our company, we can create our own policies. This feature is very helpful.

We use Infrastructure as Code (IaC) scanning. It follows all the features for shift-left. We get all the alerts for IaC scanning. For example, if TerraForm is not performing any security checks in the template, that gets triggered. We also get information about any vulnerabilities related to IaC.

We have not got any false positives with Cloud Native Security so far.

Cloud Native Security has affected our risk posture. It shows us our risk areas. As an organization, we look for cloud security tools that can manage all the areas, and Cloud Native Security is doing a good job in managing all the things.

Cloud Native Security has reduced our mean time to detect. The detection time of Cloud Native Security is quite good. It takes half an hour for critical alerts and one hour for high alerts. These are the SLAs that we have. The detection time is quite good.

Cloud Native Security has also reduced our mean time to remediate. We have defined our SLAs as well. In our organization, we define the SLAs and share them with the developers or the DevOps team so that they can follow them. They work on the assigned issue, and if there is any issue, they come back to us.

I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us.

Apart from the posture management, I like the UI. It gives a holistic view of all the alerts and the accounts from where they are triggered.

Cloud Native Security is quite easy to use. It is user-friendly. As compared to other tools, it is more user-friendly, and its cost is also less than the other tools. It provides the same visibility that the other tools are providing in the market.

They can add additional modules to see scanning alerts. Adding additional modules will give us a better view. 

They can work on policies based on different compliance standards.

They can add more modules to the current subscription that we have. If they can merge some of the two modules, it would be great. For example, if they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.

It has been around two years since we have been using this product.

It is a stable product. I would rate it a 10 out of 10 for stability.

It is scalable. I would rate it a 10 out of 10 for scalability.

Our security team uses this solution. We have five to six people on the security team. Overall, we have 600 people. 

Previously, we were using AWS services, but there was no dashboard. That was where we had an issue. We wanted a cloud security tool that matches our requirements and provides the same thing in a holistic view and a better manner. That is why we went for Cloud Native Security. It has now been acquired by SentinelOne. We are getting the same product even after the acquisition.

It is deployed on the cloud. It took us about a week to implement all the features. It was very easy. They were very user-friendly.

In terms of maintenance, they do inform us when the maintenance will be going on.

We had two people involved in its deployment. 

It is not that expensive. There are some tools that are double the cost of Cloud Native Security. It is good on the pricing side.

We started doing POC with Cloud Native Security, and we liked it. We did not think of any other product. It also had better pricing than any other product.

I would recommend Cloud Native Security as a cloud security solution. They are doing an excellent job of providing the features that we require for cloud security posture management.

I would rate Cloud Native Security a 10 out of 10.