SentinelOne Singularity Cloud Security Reviews

When we receive a ticket about a SentinelOne detection on a specific host, we will first go to the SentinelOne console and look up the endpoint and the case. If there are any threats related to the host, we will then review the activities that have taken place within a specific time frame. We can look at the processes that have run, and how they have propagated from one process to another. We can also look at the timeline of events, from the top down, to see what happened when each process was run. This will help us to determine if any malicious activity has taken place.

We use the cloud-based management console to install SentinelOne on each employee's or host's device. SentinelOne can be installed through the cloud.

Singularity Cloud Workload Security provides us with better security detection and more visibility. It is another resource that we can use to detect vulnerabilities in our company's systems. For example, it can help us detect new file processes that we are not familiar with, which could be used by attackers to exploit our systems. Singularity Cloud Workload Security can also help us diagnose and analyze data to determine whether it is malicious or not. Singularity Cloud Workload Security is like another pair of eyes that can help us protect our systems from cyberattacks.

The real-time detection and response capabilities of Singularity Cloud Workload Security are very helpful. When we receive alerts in real-time, we can take action immediately. Within Vigilance, they look at things for us in real-time and let us know if they detect something malicious. This allows us to investigate the incident and see what is happening. If it is a zero-day attack, we can take action immediately to try to mitigate the damage. Having real-time alerts helps us take action more quickly than waiting for a few days for something to happen.

The automated remediation feature works from a database. We upload anything that we have detected before or anything that we can filter into this database. For example, we would upload the known IP addresses of analysts who do penetration testing for us within the company. If one of these IP addresses comes in and is malicious to the company, the solution will detect it. Singularity Cloud Workload Security will check the IP address and automatically classify it as benign. This saves us time because we don't have to manually review the IP address or contact our colleagues. This frees up our time so that we can focus on other things, such as investigating more malicious threats. IP addresses are just one type of data that can be filtered. File processes can also be filtered. Any type of automated filtering helps us reduce the time it takes to investigate a ticket so that we can focus on the most malicious threats.

The historical data record provided by SentinelOne after an attack is helpful in identifying what we can do to protect ourselves from future attacks. We can use this data to understand the cause of the attack and put in place preventive measures, such as educating employees about security best practices. SentinelOne allows us to access up to three or four months of historical data without a request. For data that goes back six months to one year, we need to submit a request. This data can be specific to a particular host, if necessary.

Singularity Cloud Workload Security is a great product. It is very robust and versatile. There are many things we can do with it, even things I have explored in the past two years. We can use different types of queries to narrow down our searches. It is a very powerful tool that has been very helpful to our SOC in analyzing specific incidents.

The solution has decreased our mean time to detect through the automated response process and visuals that give us time to focus on other important things. It definitely gives us the actual time to look at other things instead of focusing on one ticket that may take us 30 minutes to an hour to resolve. This could definitely decrease the coverage time.

The solution has decreased our mean time to remediate. We have many detection systems in our organization, and it takes a lot of manpower to focus on all of them. Integrating SentinelOne into our organization has given us more time to focus on other things, rather than having to look at minor incidents, such as low-severity incidents. SentinelOne detects and remediates these incidents for us, so we don't have to worry about them. This has been a great help, and we no longer need to dedicate as much manpower to these incidents.

The solution helps to free up our SOC staff time to work on other projects and tasks. Thousands of false positive tickets no longer have to be looked at by our SOC team, saving them a lot of time.

The solution has helped our organization become more productive by allowing us to focus on more severe issues instead of wasting time on minor ones.

The management console is the most valuable feature. It offers a variety of options for us to view. If a threat is detected, there is a specific area where we can view the different incidents that have occurred. This is the threat that is associated with that host.

We can also have deep visibility into the activities within the host within a specific time frame. This is very useful, especially when we can view the process tree. This allows us to see how one process propagates to another process, and so on. We can then look back to the beginning of the process to see where it came from. How was it downloaded? Which URL did it come from? Was it internal or external? This information has been very helpful when we are diagnosing a specific incident.

The File Fence feature is also useful. When we view a file within Singularity Cloud Workload Security, we can put it into our sandbox to see what type of file it is and whether it is malicious or not. There is also the scan feature, which is very helpful. When we scan a host remotely, it can return to us with information about the detections that were made on that host. This can help us to identify and alert others about any potential threats.

Whenever I view the processes and the process aspect, it takes a long time to load. I think this is because the dashboard or management console is slow, especially during downtime or when updates are being applied. Even when I search for a specific query, it takes a while to load. I believe that increasing the bandwidth for query processing would help.

I have been using SentinelOne Singularity Cloud for three years.

I think the stability is decent. However, if they fixed the bandwidth issue, it would be a top contender. Sometimes, when I need to look at the process timeline, it is very difficult to load and takes a long time. We don't always have the time to wait for it to load. I think the stability is okay, but it could be improved.

We used Carbon Black. Carbon Black's stability is pretty good. Its downtime is not as high as SentinelOne's. Carbon Black is a little bit easier to use than SentinelOne. Its user interface is a little bit easier than SentinelOne's. In terms of stability, I think SentinelOne is just a little bit behind Carbon Black. Not by much, but just a little bit.

The scalability is fine.

The technical support is very responsive, and courteous, and provides great customer service. If we need something right away, they will definitely put us on the priority list. We have a special chat channel or a specific team dedicated to our company. We can also email them, and they will usually respond quickly.

I previously used Carbon Black and Tanium for a short time. When I first started at my current organization, they were using both Carbon Black and SentinelOne. However, SentinelOne provides the same level of security as Carbon Black at a lower cost, so the organization stopped using Carbon Black.

If I were to compare SentinelOne to Carbon Black, I would say that they have the same functionality, but Carbon Black has a faster response time. If SentinelOne could improve its bandwidth in this area, it would be a more competitive product.

I would rate Singularity Cloud Workload Security a seven out of ten. I noticed some lagging, especially when loading a specific storyline. I also experienced some lag when I had too many windows open.

Based on the company's size and infrastructure, SentinelOne offers different tiers of service for small, medium, and large businesses. For a really small company that doesn't generate a lot of logs, a robust system like SentinelOne may not be necessary. However, for a medium-sized company, SentinelOne can be a valuable asset. It has helped us to reduce our response time, gain more visibility into our security posture, and receive alerts if any devices are lost or stolen. SentinelOne is also more versatile than other solutions in terms of the resources it uses to detect malicious activity. I would recommend that any company considering SentinelOne do their research and talk to other users to see if it is the right fit for their needs.

Singularity Cloud Workload Security is a cloud-based solution that does not require much maintenance. The only maintenance required is to keep the filtering list up to date. This can be done with the help of the SentinelOne team.

The interoperability of the solution is fine. I don't have any issue with it.

In my line of work, we innovate by detecting and analyzing specific incidents. Singularity Cloud Workload Security definitely helps us out a lot in terms of detection, creating new queries, and creating new filters.

I suggest they research the solution and test it out. I believe SentinelOne offers a trial version, so they can try it before they buy it. See how they like it. We love it and don't think we can live without it. It gives us so much free time to focus on other things. It's like a home security system. If we miss something, they contact us. If the doors unlock, they let us know. If the battery is dying, they let us know. It has helped us out a lot. It gave us the visibility we didn't have before and continues to give us the visibility we need. I don't know what we would do without it.

I am working as an application developer, and SentinelOne Singularity Cloud Security plays a role in the cloud infrastructure where my application is deployed. It provides me with alerts and ensures that I follow best practices in everything.

It gives us alerts and resolutions for anything that is missing or any vulnerabilities in our infrastructure in terms of security. If we have a firewall that is missing some rules that may expose us to attacks, it lets us know. It guides us through alerts, documentation, and other things.

It is very easy to use. The dashboard is very useful for beginners.

Its evidence-based reporting helps prioritize and solve the most important cloud security issues. It can automatically fix certain vulnerabilities or inform us to fix them on priority.

It alerts us on everything at the infrastructure level. Our application is deployed in the cloud. From the load balancer to the application level, there are many points. SentinelOne Singularity Cloud Security plays an important role in terms of security. 

Before SentinelOne Singularity Cloud Security, there was nothing I used as a best practice. It gives me much clarity in my daily work. Earlier, I would look into what kind of rules I needed to add, but there was no helpful reference or documentation. SentinelOne Singularity Cloud Security highlighted those things, helping me secure my cloud infrastructure.

SentinelOne Singularity Cloud Security has reduced our false alerts by 10%. It has improved our risk posture by 25%.

SentinelOne Singularity Cloud Security reduces our mean time to remediate. Previously, it would take me around 20 minutes to understand what was happening, but SentinelOne Singularity Cloud Security gives me clarity about what I have to do a lot quicker.

The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open. I get this data every month, so I do not need to check the dashboard. 

Furthermore, at every point, it provides documentation that offers overall information on how to resolve issues, what points to check, and more. It offers a checklist, which is very helpful. 

They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding.

I have used the solution for around two to three years.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. 

It is being used at multiple locations and regions. In my team, 14 users are there.

I would rate their support a ten out of ten.

Positive

I did not use any similar solution previously. 

We have a hybrid deployment model. The initial setup is very simple. It probably took two to three days.

Its maintenance is managed by SentinelOne. We do not have a look into maintenance.

It is a good product to get data from a security point of view. I would definitely recommend this product to others. It offers maximum security and scalability. It is easy. I can just open SentinelOne Singularity Cloud Security and get the data.

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

I use it for security purposes, and it is deployed on the cloud. It helps me look into potential threats and resolve issues.

For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes. It provides user-friendly privacy protection, 24/7 threat detection monitoring, and managed services for continuous monitoring and threat hunting. It also offers ransomware protection with excellent defense mechanisms, rollback features, and extended detection and response features.

The area of improvement is the cost, which is high compared to other traditional endpoint protections. Additionally, it has limited legacy system support and may not fully support older operating systems or legacy environments.

I have been using SentinelOne for one year.

I rate the stability nine out of ten, indicating strong stability with limited bugs, glitches, or downtime.

The solution is scalable, and I rate it nine out of ten.

I rate technical support eight out of ten, indicating satisfaction with the support provided.

Positive

I did not personally use any other solution before using SentinelOne, however, I have heard about multiple products compared to SentinelOne.

The initial setup was easy and completed in a couple of days, involving three people.

Three people were involved in the deployment, working together to ensure the setup was successful.

Meantime to remediation improved from seven to eight minutes to two to three minutes, reducing time and money by 40% to 45%. Overall, time to detect is now in milliseconds.

On a scale of one to ten, I would rate the pricing and setup costs an eight out of ten, indicating it leans towards the expensive side.

I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats.

I would rate the overall solution nine out of ten.

We have multiple applications in our AWS cloud environment. We have a private environment, and we do not disclose it to the Internet. We have configured multiple security alerts, such as for any incoming traffic from a public IP address.

We have also set up SentinelOne Singularity Cloud Security alerts for key rotation of security credentials for the accounts.

SentinelOne Singularity Cloud Security helps us to reduce the security overhead. We do not have to manage every small thing manually. They are taken care of by SentinelOne Singularity Cloud Security.

We use vulnerability scanners for our AWS servers. If there is any vulnerability, we get a report on that. We close those open security points. I do not know the exact name of the scanners, but they work great.

We rarely get false positives. We usually get real-time, accurate data. Sometimes there is a mismatch between the actual data and the data we get from SentinelOne Singularity Cloud Security, but that is negligible. It happens once in a thousand times.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It has saved about 60% of our time. It has helped us with that.

It has also reduced our mean time to detect. The time savings depend on the use case. On average, it saves ten to fifteen minutes per use case.

We do not use it at a large level for Infrastructure as Code scanning, but it saves us time. We do not have to click on the features in the GUI. We have set up some scripts with the Infrastructure as Code feature. We run them to generate reports and get the required output.

The Infrastructure as Code feature has helped us. We can integrate SentinelOne Singularity Cloud Security with our cloud tools. It helps with the development part. For example, Lambda is an AWS feature. It is a code environment. We can directly connect these two. It helps with the run time of the processes.

We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security's interface is quite good. It is beginner-friendly. If someone has even a little bit of idea about cloud security, they can learn it very easily.

I do not know if it is possible, but in AWS Cloud, there are multiple features or services, and if they can collaborate with them, it would be helpful. The Infrastructure as Code service available in SentinelOne Singularity Cloud Security and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in SentinelOne Singularity Cloud Security. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on SentinelOne Singularity Cloud Security, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great. It will be an amazing tool.

My organization has been using SentinelOne Singularity Cloud Security for one and a half years, but I have been using it for the past three to four months for cloud security.

I have not faced any downtime. If they have any kind of maintenance, they let us know via email a week or two before. The maintenance is usually done once a quarter, and it is done out of business hours, so we do not have any concerns about that.

I would rate it a seven out of ten for scalability. If they can collaborate with AWS services as well, it can be a 10 out of 10.

I have contacted them quite a few times. They are pretty good. They are within their SLAs. I have never raised a support case with a very high severity. For the cases I raised, they have an SLA of about 24 hours, and they always meet that SLA.

I always get a perfect answer in the reply. If I have some major issue and I am unable to understand that via email, they also come on a Teams or Webex call. They provide a good service. I would rate them a nine out of ten.

Positive

It is a cloud deployment. I believe they have an on-premise option as well,  but we are not using that. We are completely on the cloud.

I was not involved in its deployment. Its deployment was done by the organization about a year and a half ago. I only manage operations, and I have been here only for about three months.

It does not require any maintenance as such. In the infrastructure code part, we update the code, but I am not sure if that comes under maintenance.

You should be a little familiar with cloud security. Otherwise, you might face a few difficulties in accessing the SentinelOne Singularity Cloud Security console. If you are a little familiar, it will be very easy for you. A completely new user without a technical background can get a bit confused by the naming conventions in the GUI.

I would recommend SentinelOne Singularity Cloud Security to others. Overall, I would rate SentinelOne Singularity Cloud Security an eight out of ten.

Our infrastructure is on AWS and we integrate SentinelOne Singularity Cloud Security with our enterprise accounts to identify misconfiguration on the Cloud.

The offensive security engine helps us visualize any potential attacks.

SentinelOne Singularity Cloud Security helps us maintain and improve our security posture.

It has helped reduce the number of false positives.

We have improved our mean time to detection with SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security has improved our mean time to remediation. The alerts provided included details that help us address the issues quickly.

The most valuable aspects of SentinelOne Singularity Cloud Security are its alerting system and the remediation guidance it provides. This combination helps us identify misconfigurations and vulnerabilities in our systems and swiftly address them.

In addition to the console alerts, I would like SentinelOne Singularity Cloud Security to also send email notifications.

I have been using SentinelOne Singularity Cloud Security for one and a half years.

SentinelOne Singularity Cloud Security is stable.

SentinelOne Singularity Cloud Security is scalable.

The technical support is helpful and responds quickly to our requests.

Positive

We previously used AWS Security but switched to SentinelOne Singularity Cloud Security because of its wider scanning range and centralized console for maintenance.

The initial deployment was straightforward and took one month to complete.

We completed the implementation in-house with the help of SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

I recommend SentinelOne Singularity Cloud Security to others.

We use the solution for monitoring the security of our infrastructure. It helps us identify all the vulnerabilities.

We had code and infrastructure, and we just weren't sure of all the vulnerabilities within them. This knowledge has helped protect us from security loopholes. 

It's integrated with all of our cloud services on our accounts. It automatically fetches all the resources, scans through the code, and reports back on our vulnerabilities. It helps with all of our overall security standards as per the industry, and it can give us a rating. If I go to the compliance section, it gives me an idea of how I'm performing with respect to compliance metrics.

There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring.

It's fairly easy to use. I'd rate the ease of use 7 out of 10. There is a learning curve around the initial issues. However, we can look at issue descriptions and what to do. It gives us a lot of details about an issue, so that helps. 

Evidence-based reporting helps prioritize and solve our cloud security issues.

PingSafe includes proof of exploitability in evidence-based reporting. It's really important. If we did have any proof, it would be harder to pinpoint false positives. I like that it gives proof.

The code scanning is helpful. Whenever somebody commits a recent code, it helps identify that immediately and check vulnerabilities. 

It has positively affected our exposure. Before we implemented it, we were having lots of issues, and now, with PingSafe, we're up to 87% compliance with respect to all security metrics. It's been a gradual process, however, we're getting better and better. 

We've been able to reduce mean time to detect. It's gotten a bit faster. If you have a solution like this, you can take a more proactive approach. When a vulnerability happens, you can act immediately. Our mean time to detect has improved by about 80%.

It's also helped us with our mean time to remediate. It shows recommended actions and helps tell us what could possibly remediate the issue. 

The product has positively affected collaboration among our cloud security, application developers, and AppSec teams. PingSafe, however, is more centered around our infrastructure security and doesn't impact developer productivity much.

The compliance monitoring capabilities are helpful. We're a venture product, so we need to be compliant with everything. When we get a report, we can see what we need to do for compliance, and it helps us identify issues and mitigate them effectively to increase compliance. 

There is a bit of a learning curve for new users. The ease of use could be better.

We've had an issue where we muted a false positive, however, when we made some changes to a cloud configuration, it popped up again. So it hasn't really reduced false positives; you just need to manually ignore them. 

I've used the solution for one year. 

The solution has been stable throughout. 

We have three to four users that are actively using PingSafe. They are admins and engineers. 

So far, we haven't had any scalability issues. 

They have great technical support.

Positive

We didn't use a different solution previously.

The initial deployment was pretty quick. When you integrate any of your cloud service providers, it doesn't take long. We had it implemented in a few days. One of our reps can just work with the team to get it ready.

It's not integrated with any other security tools, however, it is integrated within our infrastructure. 

No maintenance is required.

I don't have any visibility on the pricing of PingSafe. 

We have not evaluated other solutions. 

I'd recommend the solution to other users. Overall, I'd rate the product 8 out of 10. 

SentinelOne Singularity Cloud Security is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.

I would rate the ease of use of SentinelOne Singularity Cloud Security eight out of ten.

SentinelOne Singularity Cloud Security offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.

The evidence-based reporting is great and I appreciate the details the reports provide.

The IAC scanning picks everything up and is effective. The IAC scanning is proactive.

The two biggest benefits of SentinelOne Singularity Cloud Security are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.

SentinelOne Singularity Cloud Security has helped reduce the number of false positives we receive.

SentinelOne Singularity Cloud Security helps us manage our risk posture.

SentinelOne Singularity Cloud Security has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.

The most valuable feature of SentinelOne Singularity Cloud Security is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.

I wish SentinelOne Singularity Cloud Security provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.

I would appreciate the ability to customize the severity levels in SentinelOne Singularity Cloud Security as the current defaults do not meet my needs.

I have been using SentinelOne Singularity Cloud Security for one year.

SentinelOne Singularity Cloud Security is stable. I have not encountered any downtime.

SentinelOne Singularity Cloud Security is highly scalable.

Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.

Positive

The initial setup is easy. One person is required for the deployment.

The implementation was completed in-house.

I'm not familiar with SentinelOne Singularity Cloud Security's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security requires monthly updates.

Preparing for SentinelOne Singularity Cloud Security is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. SentinelOne Singularity Cloud Security will uncover security issues that manual efforts might miss.

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good.