SentinelOne Singularity Cloud Security Reviews

Our cloud security posture is managed with PingSafe, a tool that identifies and highlights potential security weaknesses in our systems.

It is user-friendly.

PingSafe helps reduce the number of false positives by 20 percent.

In evidence-based reporting, demonstrating that a vulnerability can be exploited is crucial. This information allows us to directly address the issue through manual remediation.

PingSafe has improved our risk posture and has reduced our mean time to detection by 50 percent.

PingSafe has reduced our mean time to remediation by 30 percent.

The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats.

PingSafe filtering has some areas that cause problems, and to achieve single sign-on functionality, a break-glass feature, which is currently unavailable, is necessary.

I have been using PingSafe for one year.

I would rate the stability of PingSafe nine out of ten.

PingSafe is scalable.

The technical support is good.

Positive

We previously used Prisma Cloud but when we would request a feature we had to wait until the next release. That is the advantage of PingSafe.

The deployment took a few weeks to complete.

PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive.

I would rate PingSafe nine out of ten.

We have around five people working with PingSafe.

No maintenance is required for PingSafe.

We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.

The solution is very good at tracing issues. 

The dashboard is quite helpful. It's easy to use. The product is flexible and can be used in multi-cloud setups.

It's an easy solution for a beginner. 

We've taken advantage of the reporting, which is quite good. It provides us with all the information we need. They have proof of exploitability capabilities, which is important to use. 

The solution has agentless vulnerability scanning, which we use. You can look at extra ports. It's a great feature. 

Its infrastructure of code scanning is useful. I can see it in the container configuration file. It's good for identifying preproduction issues in the container configuration files. It's working well. However, it's not dynamic. It's static.

We were able to witness the benefits after some time had passed. Within a month or two had passed, we began to really witness change. Previously, we were running blind, and now we can see where things might go wrong. 

Our risk posture has improved. Both time to detect and time to remediate have improved.

It's positively affected the communication between cloud security, application developers, and AppSec teams. 

They could have more comprehensive reporting. I'd like to see more details. 

We've found a lot of false positives. It has not helped us reduce our level of false positives. 

We'd like them to work on integration between networks. If I deployed the solution with another layer of security, they can't talk to each other. PinGSafe basically needs to integrate with more tools, especially on the security side. 

I've used the solution for 1.5-2 years. 

The stability is good. I haven't noticed any lagging or crashing. 

The solution can scale fast. The dependency is on the API side, however. 

I've contacted technical support in the past. The quality is good. However, sometimes their staff don't know the details. The speed of response is good.

Positive

I have used other solutions, including Prisma and Datadog. 

I was involved in the initial deployment of PingSafe. It was very easy to implement. We had two to three people working on the set up process. 

There is no maintenance needed for the solution once it is up and running. 

I'm a PingSafe customer. 

I'd rate the solution 8 out of 10. If someone is looking for a CPSM tool, they should look into PingSafe's capabilities to see if they match what a company needs. 

I am working with AWS. I'm a junior cloud engineer and on the client side, we use this software for security. We use this just for scanning all across the AWS environment for any bug, vulnerability, or high risk security issues, and we have to resolve these issues. The solution offers us low to critical alerts and our work depends on these alerts. If it is a critical alert, we have to resolve things as soon as possible. 

The scanning is very good. We have an AWS environment and we can scan our whole account very quickly. Once the alerts get analyzed, we can automatically start removing issues. 

It's easy to use. It comes with preconfigured settings. I haven't had to really change anything for months. 

We have used evidence-based reporting. We're able to give reports on AWS, for example, how many data centers are used, et cetera. We can collect all of the information from PingSafe and share all kinds of data which we can share with the database team for analysis. 

The IaC scanning has been good. It's very interesting. 

When I create a stack for any services in AWS, I can scan everything in a robust environment. This enables me to understand the level of protection.

PingSafe can also scan code and provide alerts of there are vulnerabilities.

It's helped us reduce the number of false positives. I've been on the project for 6 months, and it was only until 3 or 4 months in that I received a false alert. Out of 20 alerts coming in, maybe only one or two are wrong. 

The mean time to detect has been reduced. We check PingSafe every day for a project happening 24/7. We check it frequently to ensure issues are being addressed quickly. We try to be consistent, however, the alerts don't come in at a certain time. They come in at varying times; we just work to keep on top of them.

We've had a glitch in PingSafe where it has fed us false positives in the past.

Sometimes, it takes a few hours to detect a misconfiguration. It would be ideal if that happened faster. Detections should happen in minutes, not hours. 

I've been using the solution for 6 months.

I have not noticed any lagging or crashing. The stability seems to be good. 

We have dealt with support in the past. They were helpful.

Neutral

We did not previously use a different product.

We had senior members of the team manage the installation since they had expertise. I'm not sure how long the process itself took. 

I don't have any visibility on the pricing. 

I'd rate the solution 8 out of 10. 

There are a lot of options. It's a good idea to have a team member arrange on at least a quarterly basis, a review so that new team members can get up to speed on the product and everyone stays on the same page. This will help new team members understand the product. 

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

Cloud Native Security is a CSPM platform we use for cloud security. It checks for vulnerabilities in our web applications and cloud configurations. It also detects infrastructure-as-code issues. Additionally, it scans to find secrets in our code before it goes live. 

Cloud Native Security identifies vulnerabilities before any bad actor can exploit them. We know if there's a misconfiguration in the cloud or vulnerabilities in our cloud-hosted applications. Kubernetes security is also a component. It also has multiple benchmarks for compliance with security regulations.

Since implementing Cloud Native Security, our risk posture has greatly improved. We are more compliant now. It has built-in compliance benchmarks for various regulatory standards. We were around 60 percent compliant when we started, and now we're at more than 95 percent. 

Cloud Native Security has reduced our mean detection time by continuously scanning and sorting issues into high, medium, and low priority. We can easily detect things before the wrong person finds them. The solution reduces our remediation time, but it varies depending on the team. We address critical issues immediately. Cloud Native Security's rescan capability is good because we can rescan in a few minutes to know whether the issue has been fixed. 

Cloud Native Security enables more collaboration between the security team and developers. The solution allows everyone to view the dashboard, so we can integrate more users and project teams. Everyone can look at the Cloud Native Security dashboard and see which issues are in their repositories or buckets. It's easier for everyone to work together to address issues. 

It saves a lot of time because we would need to look for secrets manually without Cloud Native Security. Searching for cloud misconfiguration issues is also time-consuming and hard to do correctly because our infrastructure is huge. It's inconvenient for the security team to check manually and do penetration testing of every component

When we initially integrated Cloud Native Security, we used to get some false positives, but it was manageable. Now, I rarely see any false positives because Cloud Native Security has improved its tool. We've given them a lot of feedback to help them differentiate between false positives and hits. It was a lot of manual work, but that has gotten better. 

Cloud Native Security is user-friendly. Everything in Cloud Native Security is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features. Recently, they added evidence-based reporting abilities. It tells us exactly where the issue is and gives us links to the endpoint and screenshots.

It allows us to scan for vulnerabilities and rate limits without deploying agents. Cloud Native Security allows us to set those values according to our server capabilities and preferences. We can also decide how many cluster images to scan.

The infrastructure-as-code feature is helpful for discovering open ports in some of the modules. It will tell us precisely where the port is open, including the repository and source code. Thus, we know that a port is open on that particular line. After integrating Cloud Native Security into our organization's system, we identified many thousands of secrets that are pushed into the source code.

We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization. 

The offensive security engine is pretty good, but I can't say it's complete. I rate it seven out of ten. Cloud Native Security's specialty is cloud security, so the offensive security does lack a few things. We cannot rip reports like Tenable, Qualys, and all those vulnerability scanners, but it identifies some sensitive issues like exposed APIs. Some other issues are not identified, like access, but it does detect sensitive information exposure. 

We have used Cloud Native Security for two or three years. 

I haven't had any issues with Cloud Native Security's stability. However, we once saw a spike in CPU consumption when they implemented a new feature.  We contacted Cloud Native Security, and they addressed it in a day. 

Cloud Native Security is highly scalable. 

I rate Cloud Native Security support nine out of ten. Their tech support is excellent. We have a dedicated person that we can contact directly. They recently introduced a new tool where we can chat with support directly from within the tool. 

Positive

Cloud Native Security is a SaaS solution, and the onboarding is straightforward. They have a good knowledge base, and it's easy to integrate it. You can get it up and running in under a day or two.

Cloud Native Security does offer ROI. We have used Cloud Native Security for more than three years, and we are stoked about the value the solution offers to our organization. 

Cloud Native Security doesn't cost much, so it's worth what you're paying, and the ROI is excellent. 

I rate Cloud Native Security nine out of ten. I would recommend it because many of the solutions that provide capabilities like secret scanning, cloud configurations, and offensive security charge by module, and the costs are pretty high. Cloud Native Security is more cost-effective, so I would recommend it. Also, the amount of issues Cloud Native Security detects is good.

We have deployed SentinelOne Singularity Cloud Workload Security to our servers and clients. 

Singularity's real-time detection and response capabilities so far have been great.

I like the way we have options in how we set up the automated remediation. We can set it up to automatically take action, or we can set it up to just flag or let us know that there is something that needs to be investigated. It has been really good in that regard. There are many, many options in how we can configure it, and I have liked that quite a lot.

Compared to my previous solution, I am more comfortable with SentinelOne Singularity Cloud Workload Security. I was always concerned that the previous solution was not catching everything. There were a lot of false positives, and there were several cases where it did not catch everything. Even when it did catch something, the logging and forensic details were very limited. SentinelOne Singularity Cloud Workload Security is the opposite of that. It gives us deep visibility into what is going on and what has happened. The mediation is great, and the logging is much more detailed. It has been a huge improvement over what I was using before. Singularity Cloud Workload Security has given me peace of mind.

To date, all threats detected were false positives or test threats. No actual threats have been encountered, but test threats were detected quickly.

One thing I particularly like about Singularity Cloud Workload Security is that it supports older legacy operating systems that we have been unable to eliminate. This is a valuable feature that other clients do not offer.

The visibility is the best part of the solution. To see exactly what's going on in all the clients, and processes that are running, I have got a few false positives, but those are relatively easy to investigate and remedy, and flag them as false positives.

We use Singularity Cloud Workload Security with Citrix and a non-persistent VDI. It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear. We eventually got it sorted out with the help of support, and I give credit to SentinelOne for that.

I have been using SentinelOne Singularity Cloud Workload Security for ten months.

I have not experienced any stability issues, client issues, or rogue agents causing problems. I have also not had any crashes. Overall, it has been great.

We have a relatively small environment, with fewer than a hundred endpoints deployed. So, scalability is easy for us. I don't know how it would work with thousands or even tens of thousands of clients, but I haven't had any issues so far.

The technical support is helpful.

Positive

Our previous solution, Trend Micro Worry-Free, in comparison, is quite poor. It did not give me very good visibility into what was happening with my clients, on the network, or what processes were running. If something happened, I was very limited in my ability to figure out what happened. In other words, the forensic capabilities of my previous solution were lacking.

There is no way to compare the turnaround time of obtaining telemetry data between the two solutions because Trend Micro Worry-Free did not provide any telemetry data. We would receive an email about a possible virus, but when we logged into the system to view the logs, there would be nothing there. Or, it would tell us that there was a virus, but it would not tell us which client was infected until we logged into the console. It was lacking in so many areas.

During the deployment, we conducted a test case. One of SentinelOne's sales engineers assisted us in setting up the software, configuring everything, and setting up notifications. They walked us through the process of setting everything up to my liking and how they would recommend setting up the software. They were instrumental in helping us deploy the system, and all of their assistance was included in the price of the system. We did not have to pay any additional fees. I found their assistance to be very helpful.

Without SentinelOne's help, the initial setup would likely be very complex. There are many options for configuring the product, which can be both beneficial and detrimental. On the one hand, it is beneficial if we are familiar with the software and know how to best configure it. This flexibility is a great advantage. On the other hand, if we are coming from a different product and do not know SentinelOne's software, it would be very helpful to have their assistance in walking us through the setup process and recommending a configuration.

I was the only person from our organization involved in the deployment.

I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought.

I also evaluated Carbon Black. I read a lot of reviews, both official and user-generated, to learn what people were saying about the product. What really drew me to SentinelOne was its legacy software support. This was a key factor for me, and it helped me eliminate some of the other options.

I would rate Singularity Cloud Workload Security eight out of ten.

The software itself is very good. Singularity Cloud Workload Security provides deep visibility and support. I have found the support team to be very responsive and helpful whenever I have engaged with them.

One of our requirements was that the solution was simple enough for me to maintain myself without spending a lot of time managing the software. There are software agent packages that become available, and I need to go in and approve them and push them out. There are occasional false positives, but overall, it's not a lot of work.

For straightforward clients on a PC or laptop, Singularity Cloud Workload Security works well. However, in edge-case scenarios like ours with Citrix and non-persistent VDI, we need to test it out to see if it works well enough in our environment. We had some initial problems getting it started, but we were able to resolve them. So, my advice is that if the scenario is straightforward, there should be no problems.

We use PingSafe as our CSPM. Integrated with our environment, PingSafe scans for vulnerabilities and recommends remediation.

We implemented PingSafe to monitor our cloud security for vulnerabilities in the configuration.

PingSafe is easy to use.

The evidence-based reporting provides details of the vulnerability and the steps we need to take to resolve it.

The PingSafe scanning engine provides valuable evidence by identifying and reporting vulnerabilities that could be attacker targets. This evidence of exploitability is crucial because it allows us to prioritize and patch vulnerabilities effectively. Without this information, we might not be able to address critical vulnerabilities promptly.

Thanks to PingSafe, our security posture has improved significantly. Our team has been able to effectively address all critical and high vulnerabilities identified by the platform.

PingSafe has improved our mean time to detection. Without a CSPM tool, we would not be able to identify vulnerabilities.

PingSafe facilitated collaboration between our cloud security, application development, and AppSec teams. The evidence provided by PingSafe streamlines collaboration and vulnerability resolution across these teams.

The collaboration has saved engineering time by up to 40 percent.

PingSafe's improved compliance monitoring capabilities have helped us achieve a more secure posture.

All the features we use are equal and get the job done.

We encountered issues with some of the configured security rules. The vulnerability recommendations provided by PingSafe were inaccurate. In some cases, the rules are strictly enforced but do not align with real-world use cases. To address this, I recommend revising the security rule definitions to better reflect practical scenarios and provide clearer explanations.

We encountered a problem with PingSafe. They required a broad security policy, but we requested that they implement least privileged access and grant fewer permissions than they initially required. It took them over six months to respond to our request.

I have been using PingSafe for 1.5 years.

I would rate the stability of PingSafe 8 out of 10.

I would rate the scalability of PingSafe 9 out of 10.

The technical support teams' response time was good but they were lacking a deep understanding of the different environments which caused delays in resolving our issues. 

Neutral

The initial deployment was straightforward and took 2 days to complete.

Two people from our team were involved in the deployment.

I would rate PingSafe 7 out of 10.

Four people in our organization utilize PingSafe.

No maintenance is required from our end.

I recommend PingSafe to others for CSPM. 

We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. 

We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.

We are a services company. We are working for multiple clients from the banking sector or the finance sector. They have to follow the rules and regulations of their country. Each country has multiple compliance requirements, and PingSafe helps with the compliance standards that need to be followed. We get reports on the basis of that. We get to know our compliance level. It helps organizations to achieve a high level of compliance.

Its reporting is very good. We do not have to go to the portal and see things again and again. All the required reports go to the respective teams. We have created multiple reports on the basis of applications and cloud accounts. The reports directly go to the application team or the cloud team. They are working on the security posture.

Offensive security is my favorite feature. It gives a lot of things with evidence. It also provides the severity levels, such as critical, high, and medium.

PingSafe has reduced false alerts. We are using PingSafe every day, and we are able to see every configuration. If we find anything different, we work with PingSafe's support team. We create a support ticket as a bug or as a false positive. We are able to close an issue on the basis of priority.

PingSafe is protecting our overall infrastructure. It protects our configuration, network, and IM configuration-related things. We trust PingSafe. We are getting good results, and we hope to keep getting good results in the future as well.

PingSafe has reduced the mean time to detect. If needed, we can also run a scan, and the results are reflected in the PingSafe portal.

PingSafe has reduced our mean time to remediate. It also has auto-remediation capability, but we are not using that. As of now, we are following the information given for closing an alert. This information makes it quite easy. It is very helpful. We do not have to search on the web to find a way to fix the issue. The description it provides is good enough.

PingSafe has affected the collaboration among our cloud security, application developers, and app sec teams. All the teams are on the same platform. They are able to communicate with each other.  

The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well.

Its UI is quite easy. The recommendation part is also quite easy to understand. Users can read the description, and they get to know which action to perform. It is quite easy to use it and onboard things. I would rate it a 9 out of 10 for the ease of use.

For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue. This is a feature request that we have. We are trying to get that done as soon as possible.

We have been using PingSafe for the last year. We are implementing it for customers. We are also trying to be a partner of PingSafe or SentinelOne.

It is stable. I would rate it a 10 out of 10 for stability. We have not faced any downtime. The platform is working well.

Its scalability is very good. We can onboard multiple accounts, Kubernetes clusters, or ECS services on a single platform.

I have contacted them. We also have a Customer Success Manager whom we can contact via email. Whenever required, we raise a support ticket with them. We get a call from them, and it gets resolved every time.

We also have biweekly calls with the PingSafe team. We discuss any issue that we have with them. They let us know about the things they can do. They provide us with updates. This is how we are working with the SentinelOne team or the PingSafe team.

Positive

PingSafe is a SaaS solution. It is easy to deploy it for a customer. If we have all the permissions on the infrastructure, we can onboard any cloud within an hour. However, in an organization, some approvals might be required. In such a case, it can take a week.

It does not require any maintenance. Whatever they are doing is quite good, and the application is working fine. They let us know about their maintenance plans via email. We get to know that downtime is at a specific time. So far, we have not had any issues. It has been pretty good.

We have not used PingSafe's agentless vulnerability scanning. We are trying to onboard all the features and enable them in our tenant. Currently, there are a few features that we have not enabled because we have onboarded some of the accounts as a single account. We are trying to onboard all the accounts at the org level, but we are facing some issues. We are communicating with the SentinelOne team. We are trying to get it done as soon as possible.

We have done a PoC of IaC for some of the projects. In a couple of months, we will start with this feature. It is quite a good feature because we get to the issues in our code before deploying it. It is very good for developers and the Infra team. They do not have to worry after the deployment of the application.

Overall, I would rate PingSafe a 10 out of 10. It is helpful. It is easy to use and easy to understand. It makes it easy to explain things to the customers.