Try our new research platform with insights from 80,000+ expert users
Maurice Abrams - PeerSpot reviewer
Security Engineer at a tech vendor with 10,001+ employees
Real User
Top 10
Single agent, user-friendly console, and fair price
Pros and Cons
  • "We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek."
  • "If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."

What is our primary use case?

We are using it for endpoint detection on all of our EC2 instances and hosts in the cloud. Along with it, we are also going to be using it for AV.

We do not have any EDR protection on our host. We would like to utilize it for AV to put some protection on our host. The pricing for the tool that we are using for AV has gone up, and they are not giving us a lot of things we need. Also, to use their EDR tool, we have to install a secondary agent, whereas, with SentinelOne, everything is included in the same agent.

How has it helped my organization?

Singularity Cloud Workload Security helps with forensics and extra protection on our host. We have not had any incidents where we had to fully use it or fully go into action with it, but we are hoping that it will provide the extra protection that we need to help resolve some blind spots that we have specifically on our hosts.

Singularity Cloud Workload Security has forensic visibility or deep visibility into the Linux kernel, but we have not used it. It is something that we will work on and use with our SOC team and the implementation team if an incident were to ever happen.

The historical data record provided by Singularity Cloud Workload Security after an attack will be useful if an incident happens. It will help us build a timeline of historical reference. It is easy to have it all in one place to build a timeline. We can see from start to finish where the incident started and where it occurred versus having to go in and do things manually by sifting through logs. The fact that SentinelOne is able to have that information or data and a single pane of glass is something that we like about the tool.

Singularity Cloud Workload Security helps to cut down the mean time to detect by having the historical reference and by being able to stop the incident with the hit of a switch. We can see from where it started, which is helpful. When you are an organization managing hundreds of accounts, it is hard to sieve through logs and get that information together, which increases our mean time to detect, whereas with SentinelOne, from the things we have seen and tested out, it seems simple and easy, and we are hoping that it will help us cut down on that time.

We are also hoping that it will reduce our mean time to remediate. We have not come across any actual incident to be able to fully know, but based on what we have seen so far in the tool, it seems it would.

Singularity Cloud Workload Security has not necessarily freed up staff to work on other projects, but it does reduce some time. It helps cut down on things. It does provide an easier capability. We have come from the old-school way of looking at logs. It seems that this tool will provide something much sleeker and easier for our SOC team to use.

Singularity Cloud Workload Security has not yet had much effect on our productivity. We have only had it for two months, but we like what we are seeing. We like implementing it. We like that it has a single agent and we can use it as AV. It seems to make things easy. It seems to be a more productive tool for us, but until we have an incident, I would not be able to say for sure. As of now, it looks like it has the capability.

Its interoperability with third-party solutions, such as Kubernetes, seems top-notch. We have integrated it with a couple of our solutions here, such as Kubernetes and containers, and we have not had any incidents or any problems to follow up or dig deep into. So far, the ability to look at our containers and to see into those clusters is something that puts Singularity above all others. With CrowdStrike or Trend Micro, we were not able to do that. We were not able to have the same visibility. SentinelOne Singularity made that easier for us.

Singularity Cloud Workload Security supports our ability to innovate from a standpoint where we know that our application teams and developers will be protected. When new applications are created, we will have some sense of security and some sense of safeguard for our teams. We did not have the visibility and the tools to protect us in the manner we would like, but with Singularity Cloud Workload Security, it looks like we can just put it on our endpoints and tell the teams to go and do as they wish because we know at least on this end, they will be protected.

What is most valuable?

From our tests and the things that we have done, we find Singularity Cloud Workload Security’s real-time threat detection and response capabilities attractive. We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek. Those are the things that are attractive to us.

We like the automated remediation feature. It is not something that we are going to use for automated remediation, but we do like the fact that it is there and can be utilized.

What needs improvement?

If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have.

Buyer's Guide
SentinelOne Singularity Cloud Security
March 2025
Learn what your peers think about SentinelOne Singularity Cloud Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,651 professionals have used our research since 2012.

For how long have I used the solution?

We have been using it for two or three months. We went through a test trial, and we are finalizing the official purchase request to purchase it and start using it fully.

What do I think about the stability of the solution?

We have not experienced any issues so far.

How are customer service and support?

We have not interacted with their support. We have only contacted our customer manager and our onboarding specialist. We have not had to submit any tickets.

Which solution did I use previously and why did I switch?

We have not used any other similar solution previously.

How was the initial setup?

It is a cloud deployment. I was involved in its initial setup. Its deployment was straightforward. There were a couple of questions that we had. Some of the documentation was not written in the best way. There were some hurdles when moving to the tool and understanding it, but for the most part, it was straightforward. We got all the instructions on how to deploy or install it. We were presented with a customer service rep who was an onboarding specialist. This customer service rep specialized in deployment for us, so everything was a simple setup.

What about the implementation team?

We mainly did it ourselves, but we also had an integrator consultant from SentinelOne who was on the site. They answered all of our questions for anything that came up. For anything we needed, they were there to help us. We had three individuals full-time, and then we had a contractor.

In terms of maintenance, there is nothing required from the SentinelOne side. Once we onboard a lot of our hosts, we just need to organize it in a way that is easy for us, but from the SentinelOne or Singularity folks, nothing is required.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost.

Which other solutions did I evaluate?

We did evaluate other options. We tried Trend Micro Vision One. We also looked at CrowdStrike.

We went for Singularity Cloud Workload Security because it was built and made for the cloud. That was a big thing. The second big thing was that they utilize all of these different features with one agent.

The CrowdStrike solution is not built for the cloud. They have a cloud add-on, so it did not translate for us. The Trend Micro solution is somewhat built for the cloud. It is more of an on-prem tool that is moved to the cloud, but we have to utilize at least two agents to get all of the coverage, meaning AV and endpoint detection. With Singularity Cloud Workload Security, it is all covered in one agent. There is no need to put multiple agents on our host and go through that with our customers. It also allows us to place that agent using AWS Systems Manager, so the implementation in the cloud and launching of the agent is intuitive and easy. It was a no-brainer once we started looking at the tools in terms of how to implement them and what we would like in our organization. Singularity Cloud Workload Security took the top place.

What other advice do I have?

It has a single agent to cover all aspects. You can save money and costs with data ingestion by using the Security DataLake from Singularity. There is also the ease of use of its console. There is also the ease of deployment by it being cloud-based. If you are looking for a tool that is perfect for cloud solutions and protects your cloud host, Singularity Cloud Workload Security would be at the top of my list.

To someone who does not think that they need a Singularity Cloud Workload Protection Platform (CWPP) because they have a continuous security monitoring (CSM) solution in place, I would recommend looking again at Singularity because there is one agent and the ease of transitioning and deploying into the cloud. Another big thing about Singularity is the holding of the data. We utilize Splunk. However, with Singularity, we do not need to ingest all the data because we can also utilize their data lake. The query or the information that we can look up at Splunk can also be looked up in Singularity, so there is no need to take all that data from Singularity and ingest it into our Splunk and increase our license. We can utilize our license and capabilities. We can just use the data lake that comes with Singularity and utilize logs in that manner. In the end, it is saving us costs when it comes to our SIEM tool ingestion, so I would recommend looking at these top aspects. It is easy in the cloud. It helps save data on your SIEM tool. It saves the ingestion costs. There is also a single agent.

I would rate Singularity Cloud Workload Security a nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
AWS Cloud Engineer at ACC Ltd
Real User
Top 20
Improves our cloud security, is flexible, and user-friendly
Pros and Cons
  • "SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security."
  • "SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On."

What is our primary use case?

We use SentinelOne's Singularity Cloud Security as our Cloud Security Posture Management solution, to proactively identify vulnerabilities within our cloud configurations. Security alerts generated by the platform are then forwarded to our mitigation team for prompt remediation.

How has it helped my organization?

The solution is easy to use.

The evidence-based reporting is helpful to our DevOps team who manually mitigate the vulnerabilities.

Singularity Cloud Security offers a flexible agentless vulnerability scanning solution that allows me to receive alerts directly to my personal email, a feature missing from AWS GuardDuty.

Evidence-based reporting that demonstrates how a vulnerability can be exploited is crucial because it allows me to prioritize alerts based on their severity level. This ensures I focus on the most critical issues first.

Singularity Cloud Security has improved our organization's security by proactively identifying vulnerabilities that could have significant detrimental effects.

It has decreased the number of false positives.

Before implementing Singularity Cloud Security our mean time to detection was three to four days.

Singularity Cloud Security has significantly improved our mean time to remediation from one hour to just 15 minutes.

What is most valuable?

SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security. This means they can adapt the product to our specific needs, whereas Prisma Cloud forces us to wait for their pre-determined release schedule.

What needs improvement?

SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On. SentinelOne should prioritize the development of a break glass account feature.

We've encountered some filtering difficulties, resulting in a few areas of the interface needing improvement.

For how long have I used the solution?

I have been using Singularity Cloud Security by SentinelOne for one year.

What do I think about the stability of the solution?

Singularity Cloud Security by SentinelOne is stable.

What do I think about the scalability of the solution?

I would rate the scalability of Singularity Cloud Security nine out of ten.

How are customer service and support?

The technical support is good. They've assisted us on multiple occasions with implementing new policies and creating custom plug-ins to meet our specific needs.

How would you rate customer service and support?

Positive

How was the initial setup?

I successfully deployed the solution in collaboration with a cloud-native administrator. The deployment process went smoothly and we encountered no complications.

What other advice do I have?

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

We have over 400 users in our organization.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
SentinelOne Singularity Cloud Security
March 2025
Learn what your peers think about SentinelOne Singularity Cloud Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,651 professionals have used our research since 2012.
IT Engineer at a construction company with 5,001-10,000 employees
Real User
Top 20
Evidence-based reporting shows all the findings and severity, helping us to prioritize issues
Pros and Cons
  • "We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
  • "We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."

What is our primary use case?

We have one client, and we need a portal to manage security. We use Singularity to provide security information and identify vulnerabilities or malicious scripts that need to be fixed. It also provides recommendations about each of the vulnerabilities that are helpful.

How has it helped my organization?

We provide cloud services on our site using AWS. Singularity detects flaws that we must close for security reasons. We use Singularity to observe those findings and fix things based on the customer's requirements. Previously, we used to segregate issues and look after them. Singularity helped us secure our infrastructure. We've significantly reduced our potential security breaches to a minimum. 

It has improved how we operate on a larger scale. We set up the platform, onboarded the info, and then gradually moved further. Over time, it helped us slowly resolve those issues. We were using the cloud platforms' native security tools, but those were unhelpful. Now, we rely on this more than those services. 

Singularity reduced our false positive rate by about 60 percent. We've had even better results in terms of our risk posture. We can rely on this tool to improve our security conditions on a broader scale. If I gave our security posture a percent rating, I would give it 89 percent.

The solution saves time by giving us everything in one place. You don't need to manually check every account. It tells us a lot. Singularity reduces our detection time by about 60 percent. 

Singularity has improved collaboration among cloud security, application developers, and AppSec teams. Previously, it would take around a week for engineers to address issues. Now that we use this tool, we resolve issues in one or two days.

What is most valuable?

We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues. Singularity is easy and convenient to use. It is extremely easy for a novice to understand what the dashboard is trying to say and the terminology's meanings.

Evidence-based reporting is excellent for auditing. It shows all the findings and severity: low, high, medium, or critical. We solve the low-level and medium issues. Next, we resolve high-level and critical problems. It's easy to fix the security breaches.

What needs improvement?

We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating. 

For how long have I used the solution?

We have used Singularity Cloud Security for about six months.

What do I think about the stability of the solution?

I rate Singularity nine out of 10 for stability. 

What do I think about the scalability of the solution?

I rate Singularity eight out of 10 for scalability. 

How are customer service and support?

I rate SentinelOne support nine out of 10. 

How would you rate customer service and support?

Positive

How was the initial setup?

Singularity took about a week to deploy. A team of 40 to 50 people was involved. 

What other advice do I have?

I rate SentinelOne Singularity Cloud Security nine out of 10. I would recommend the tool to others. It's a convenient and cost-effective tool for identifying security breaches. You get everything in one place, saving you time and costs.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2390805 - PeerSpot reviewer
Software Developer at a tech services company with 11-50 employees
Real User
Top 20
Good code scanning and evidence reporting with helpful support services
Pros and Cons
  • "There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."
  • "There is a bit of a learning curve for new users."

What is our primary use case?

We use the solution for monitoring the security of our infrastructure. It helps us identify all the vulnerabilities.

How has it helped my organization?

We had code and infrastructure, and we just weren't sure of all the vulnerabilities within them. This knowledge has helped protect us from security loopholes. 

What is most valuable?

It's integrated with all of our cloud services on our accounts. It automatically fetches all the resources, scans through the code, and reports back on our vulnerabilities. It helps with all of our overall security standards as per the industry, and it can give us a rating. If I go to the compliance section, it gives me an idea of how I'm performing with respect to compliance metrics.

There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring.

It's fairly easy to use. I'd rate the ease of use 7 out of 10. There is a learning curve around the initial issues. However, we can look at issue descriptions and what to do. It gives us a lot of details about an issue, so that helps. 

Evidence-based reporting helps prioritize and solve our cloud security issues.

PingSafe includes proof of exploitability in evidence-based reporting. It's really important. If we did have any proof, it would be harder to pinpoint false positives. I like that it gives proof.

The code scanning is helpful. Whenever somebody commits a recent code, it helps identify that immediately and check vulnerabilities. 

It has positively affected our exposure. Before we implemented it, we were having lots of issues, and now, with PingSafe, we're up to 87% compliance with respect to all security metrics. It's been a gradual process, however, we're getting better and better. 

We've been able to reduce mean time to detect. It's gotten a bit faster. If you have a solution like this, you can take a more proactive approach. When a vulnerability happens, you can act immediately. Our mean time to detect has improved by about 80%.

It's also helped us with our mean time to remediate. It shows recommended actions and helps tell us what could possibly remediate the issue. 

The product has positively affected collaboration among our cloud security, application developers, and AppSec teams. PingSafe, however, is more centered around our infrastructure security and doesn't impact developer productivity much.

The compliance monitoring capabilities are helpful. We're a venture product, so we need to be compliant with everything. When we get a report, we can see what we need to do for compliance, and it helps us identify issues and mitigate them effectively to increase compliance. 

What needs improvement?

There is a bit of a learning curve for new users. The ease of use could be better.

We've had an issue where we muted a false positive, however, when we made some changes to a cloud configuration, it popped up again. So it hasn't really reduced false positives; you just need to manually ignore them. 

For how long have I used the solution?

I've used the solution for one year. 

What do I think about the stability of the solution?

The solution has been stable throughout. 

What do I think about the scalability of the solution?

We have three to four users that are actively using PingSafe. They are admins and engineers. 

So far, we haven't had any scalability issues. 

How are customer service and support?

They have great technical support.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We didn't use a different solution previously.

How was the initial setup?

The initial deployment was pretty quick. When you integrate any of your cloud service providers, it doesn't take long. We had it implemented in a few days. One of our reps can just work with the team to get it ready.

It's not integrated with any other security tools, however, it is integrated within our infrastructure. 

No maintenance is required.

What's my experience with pricing, setup cost, and licensing?

I don't have any visibility on the pricing of PingSafe. 

Which other solutions did I evaluate?

We have not evaluated other solutions. 

What other advice do I have?

I'd recommend the solution to other users. Overall, I'd rate the product 8 out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Uday Shanbhag - PeerSpot reviewer
DevOps Engineer at a computer software company with 51-200 employees
Real User
Top 10
Nice UI and features with helpful support
Pros and Cons
  • "Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
  • "There should be more documentation about the product."

What is our primary use case?

We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by PingSafe for best practices and good security. In the past, we've had code exposed to the internet, and PingSafe has been able to catch such instances. Basically, it is for security and monitoring purposes. 

How has it helped my organization?

We've been able to integrate PingSafe with out AWS and deployed their agents to Kubernetes. For production and compliance purposes, it allows us to monitor actively for issues from one place. 

What is most valuable?

The solution reduces notifications.

We mainly use it for monitoring and security guidelines only. It's been really useful for us in terms of the developer accounts. If any have been exposed, we get notified and we can take care of issues before anything happens. 

We haven't seen any server downtime. It's always been available when we've needed it. 

The UI is very nice, and feature-wise, it's very good.

It has very good documentation. 

Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful. 

The solution is very easy to use. We have not had to spend much time customizing or integrating items. We were able to integrate all four AWS accounts in order to centrally monitor everything.

There is evidence-based reporting which can help prioritize and solve cloud security issues. We haven't actively used it or set it up.

We use the infrastructure as code scanning feature. It's good for identifying pre-production issues. 

About six months ago, there was a major upgrade. We can see the containers running and which vulnerabilities appear, et cetera. 

We haven't seen any increase in false positives since using the solution. 

It's helped us improve our risk posture. We're more confident now that things aren't happening and getting missed. We're on the right track to adapting proper security rules.

More than saving engineering time, this solution has helped promote confidence is the security of our cloud accounts. We're more sure of our configurations and security posture. Since we don't have a cloud expertise team that might identify issues, it has helped us gain confidence in SQL deployments. 

What needs improvement?

There should be more documentation about the product. Sometimes we have to go to customer support to get clarification.

For how long have I used the solution?

I've been using the solution for 1.5 years. 

What do I think about the stability of the solution?

The solution is stable. I have not seen any downtime.

What do I think about the scalability of the solution?

We have around 15 users leveraging PingSafe. They are mainly admins and engineers.

How are customer service and support?

Technical support is very helpful. However, the documentation needs to be better.

They tend to resolve issues within an hour or so. With most issues, they are very helpful 

Which solution did I use previously and why did I switch?

We have a different pipeline product working in parallel to this solution that is also helping us reduce vulnerabilities. Something else, for example, monitors compliance for us. PingSafe is more of an additional tool than our main solution. We have been using open-source tools for scanning.

How was the initial setup?

The development was just one configuration, and we were able to implement PingSafe in about an hour.

The solution does not require any maintenance. 

What was our ROI?

We have noted an ROI based on the amount of confidence we've gained having visibility into our vulnerabilities. I do not have specific metrics on hand to illustrate that, however. 

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable.

What other advice do I have?

We're a customer and end-user. I'm a DevOps engineer.

I'd recommend the solution to others. I would rate it 10 out of 10 as it currently meets all of our requirements. I can't speak to other companies that may have different requirements. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT Developer at a construction company with 5,001-10,000 employees
Real User
Achieve enhanced threat detection and protection with continuous monitoring
Pros and Cons
  • "For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes."
  • "I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats."
  • "The area of improvement is the cost, which is high compared to other traditional endpoint protections."
  • "The area of improvement is the cost, which is high compared to other traditional endpoint protections."

What is our primary use case?

I use it for security purposes, and it is deployed on the cloud. It helps me look into potential threats and resolve issues.

What is most valuable?

For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes. It provides user-friendly privacy protection, 24/7 threat detection monitoring, and managed services for continuous monitoring and threat hunting. It also offers ransomware protection with excellent defense mechanisms, rollback features, and extended detection and response features.

What needs improvement?

The area of improvement is the cost, which is high compared to other traditional endpoint protections. Additionally, it has limited legacy system support and may not fully support older operating systems or legacy environments.

For how long have I used the solution?

I have been using SentinelOne for one year.

What do I think about the stability of the solution?

I rate the stability nine out of ten, indicating strong stability with limited bugs, glitches, or downtime.

What do I think about the scalability of the solution?

The solution is scalable, and I rate it nine out of ten.

How are customer service and support?

I rate technical support eight out of ten, indicating satisfaction with the support provided.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I did not personally use any other solution before using SentinelOne, however, I have heard about multiple products compared to SentinelOne.

How was the initial setup?

The initial setup was easy and completed in a couple of days, involving three people.

What about the implementation team?

Three people were involved in the deployment, working together to ensure the setup was successful.

What was our ROI?

Meantime to remediation improved from seven to eight minutes to two to three minutes, reducing time and money by 40% to 45%. Overall, time to detect is now in milliseconds.

What's my experience with pricing, setup cost, and licensing?

On a scale of one to ten, I would rate the pricing and setup costs an eight out of ten, indicating it leans towards the expensive side.

What other advice do I have?

I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats.

I would rate the overall solution nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Security Administrator at a retailer with 10,001+ employees
Real User
It is user-friendly and helps reduce false positives, but the log search is limited to 14 days
Pros and Cons
  • "The user-friendliness is the most valuable feature."
  • "A two-month grace period for extended searches would be a valuable improvement."

What is our primary use case?

SentinelOne Singularity Cloud Security is deployed on all our servers except for user machines. When Singularity identifies a downloaded application as malicious, it triggers an alert sent to our SIEM console. We can then investigate the alert details, including associated logs, to determine if the malware is static or actively malicious. We can also investigate suspicious IP addresses or domains. Additionally, Singularity monitors process creation and can provide forensic data on security incidents, including information about backdoor connections and the applications involved, like Chrome or other browsers.

How has it helped my organization?

SentinelOne Singularity Cloud Security stands out for its user-friendliness compared to competitors like CrowdStrike, FireEye HX, and Microsoft Defender. Unlike these tools, which can be cumbersome for tasks like running queries or searching for logs, Singularity offers intuitive interfaces and delivers results in seconds, even for complex searches across various hash formats, like MD5, SHA256, etc., without needing conversion.

Our existing SIEM console allows us to analyze alerts triggered by the SOC team. We can investigate potential false positives or conduct tests directly within the console. Additionally, the console facilitates quick searches for IOCs to identify malicious communications. Furthermore, Singularity Cloud Security offers a central management console for automated machine reboots, containment, and even self-maintenance in response to high-severity security alerts. This eliminates the need for manual intervention.

We saw the benefits of SentinelOne Singularity Cloud Security within the first two months of transitioning from FireEye HX. Singularity was easy to manage, and we were able to identify vulnerabilities.

SentinelOne Singularity Cloud Security has helped reduce the false positives we receive by 15 percent compared to FireEye HX.

Singularity has helped reduce our mean time to detect. The automatic containment of the infected machine is done within the first ten seconds of detection.

Singularity has helped reduce our mean time to remediate. 

What is most valuable?

The user-friendliness is the most valuable feature.

What needs improvement?

SentinelOne Singularity Cloud Security offers a custom search function with a default 14-day limit. Extending this period to 30 days requires an additional license. A two-month grace period for extended searches would be a valuable improvement. Additionally, enhancements to the threat-hunting capabilities of the hunter module are recommended.

For how long have I used the solution?

I have been using SentinelOne Singularity Cloud Security for two years.

How are customer service and support?

We had an incident in which they pushed a patch without notifying us and without testing, damaging all of our security controls. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used FireEye HX but shifted to Singularity because we saw the potential while the POC was going on. The top three endpoint security solutions are SentinelOne Singularity, Microsoft Defender, and CrowdStrike. FireEye HX is not one of them.

How was the initial setup?

The initial deployment's complexity was moderate. The entire deployment took six months to complete.

What about the implementation team?

The implementation was completed with the help of the vendor.

What other advice do I have?

I would rate SentinelOne Singularity Cloud Security seven out of ten. The lack of a 60-day search option for the log source lowers the overall score.

The endpoint security team does the maintenance.

SentinelOne Singularity Cloud Security is a good product that is easy to use. 

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Aman Mishra - PeerSpot reviewer
Cloud Engineer at a tech services company with 201-500 employees
Real User
Top 20
Good interface, helpful alerts, and timely support
Pros and Cons
  • "We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use PingSafe."
  • "The Infrastructure as Code service available in PingSafe and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in PingSafe. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on PingSafe, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great."

What is our primary use case?

We have multiple applications in our AWS cloud environment. We have a private environment, and we do not disclose it to the Internet. We have configured multiple security alerts, such as for any incoming traffic from a public IP address.

We have also set up PingSafe alerts for key rotation of security credentials for the accounts.

How has it helped my organization?

PingSafe helps us to reduce the security overhead. We do not have to manage every small thing manually. They are taken care of by PingSafe.

We use vulnerability scanners for our AWS servers. If there is any vulnerability, we get a report on that. We close those open security points. I do not know the exact name of the scanners, but they work great.

We rarely get false positives. We usually get real-time, accurate data. Sometimes there is a mismatch between the actual data and the data we get from PingSafe, but that is negligible. It happens once in a thousand times.

PingSafe has reduced our mean time to remediate. It has saved about 60% of our time. It has helped us with that.

It has also reduced our mean time to detect. The time savings depend on the use case. On average, it saves ten to fifteen minutes per use case.

We do not use it at a large level for Infrastructure as Code scanning, but it saves us time. We do not have to click on the features in the GUI. We have set up some scripts with the Infrastructure as Code feature. We run them to generate reports and get the required output.

The Infrastructure as Code feature has helped us. We can integrate PingSafe with our cloud tools. It helps with the development part. For example, Lambda is an AWS feature. It is a code environment. We can directly connect these two. It helps with the run time of the processes.

What is most valuable?

We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use PingSafe.

PingSafe's interface is quite good. It is beginner-friendly. If someone has even a little bit of idea about cloud security, they can learn it very easily.

What needs improvement?

I do not know if it is possible, but in AWS Cloud, there are multiple features or services, and if they can collaborate with them, it would be helpful. The Infrastructure as Code service available in PingSafe and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in PingSafe. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on PingSafe, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great. It will be an amazing tool.

For how long have I used the solution?

My organization has been using PingSafe for one and a half years, but I have been using it for the past three to four months for cloud security.

What do I think about the stability of the solution?

I have not faced any downtime. If they have any kind of maintenance, they let us know via email a week or two before. The maintenance is usually done once a quarter, and it is done out of business hours, so we do not have any concerns about that.

What do I think about the scalability of the solution?

I would rate it a seven out of ten for scalability. If they can collaborate with AWS services as well, it can be a 10 out of 10.

How are customer service and support?

I have contacted them quite a few times. They are pretty good. They are within their SLAs. I have never raised a support case with a very high severity. For the cases I raised, they have an SLA of about 24 hours, and they always meet that SLA.

I always get a perfect answer in the reply. If I have some major issue and I am unable to understand that via email, they also come on a Teams or Webex call. They provide a good service. I would rate them a nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

It is a cloud deployment. I believe they have an on-premise option as well,  but we are not using that. We are completely on the cloud.

I was not involved in its deployment. Its deployment was done by the organization about a year and a half ago. I only manage operations, and I have been here only for about three months.

It does not require any maintenance as such. In the infrastructure code part, we update the code, but I am not sure if that comes under maintenance.

What other advice do I have?

You should be a little familiar with cloud security. Otherwise, you might face a few difficulties in accessing the PingSafe console. If you are a little familiar, it will be very easy for you. A completely new user without a technical background can get a bit confused by the naming conventions in the GUI.

I would recommend PingSafe to others. Overall, I would rate PingSafe an eight out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free SentinelOne Singularity Cloud Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free SentinelOne Singularity Cloud Security Report and get advice and tips from experienced pros sharing their opinions.