SentinelOne Singularity Cloud Security Reviews

PingSafe is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.

I would rate the ease of use of PingSafe eight out of ten.

PingSafe offers a variety of dashboards, but the issue dashboard is my favorite due to its clarity and simplicity.

The evidence-based reporting is great and I appreciate the details the reports provide.

The IAC scanning picks everything up and is effective. The IAC scanning is proactive.

The two biggest benefits of PingSafe are the centralized reporting dashboard for all my accounts and providers and the ability to track remediation progress.

PingSafe has helped reduce the number of false positives we receive.

PingSafe helps us manage our risk posture.

PingSafe has reduced our MTTD thanks to its comprehensive coverage and centralized reporting capabilities.

The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software.

I wish PingSafe provided clearer solutions or remediation steps. The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing.

I would appreciate the ability to customize the severity levels in PingSafe as the current defaults do not meet my needs.

I have been using PingSafe for one year.

PingSafe is stable. I have not encountered any downtime.

PingSafe is highly scalable.

Technical support is usually great. While it can sometimes be a bit curt or dismissive, for the most part, getting help is easy and responses are quick.

Positive

The initial setup is easy. One person is required for the deployment.

The implementation was completed in-house.

I'm not familiar with PingSafe's standard pricing. While it seemed like a good value, I'm on a partnership plan that offers a discount in exchange for feedback. Therefore, I can't speak to the typical pricing.

I would rate PingSafe nine out of ten.

PingSafe requires monthly updates.

Preparing for PingSafe is fairly straightforward, especially if you're familiar with cloud security posture management tools. However, if this is your first time using such a tool, be prepared for a significant number of findings. PingSafe will uncover security issues that manual efforts might miss.

We are using Cloud Native Security for cloud posture management and cloud workload protection. Apart from this, it also provides alerts from infrastructure as code. If the tool finds any misconfiguration, it triggers that as an alert, and that gets collected in Jira.

Previously, we were using AWS services, but we were not getting the alerts in Jira. When Cloud Native Security was introduced to us, we wanted it to automatically create Jira tickets, and we wanted custom alerts. These were the two areas that we shared with them, and they stood out in these aspects. We decided to take it ahead, and we have been using it for the last two years. I feel a lot of difference in the security posture development. When we share the tickets with the developers, they work on that, and we have tracking of them in Jira. We wanted to track alerts in Jira. We no longer have situations where we flag an issue and it does not get resolved on time. 

We use agentless vulnerability scanning. The process that Cloud Native Security follows is that you have to deploy the cloud permission template in your account, and then it creates a role that tracks or scans all the resources and finds if there is any misconfiguration. We have integrated Cloud Native Security with Jira. It triggers alerts on Jira. A person is assigned to an alert, and the concerned person is notified. As a security team, we collect those tickets and forward them to the respective team.

Previously, we were not able to track those tickets, whereas now, we are getting automated Jira tickets. It has solved our biggest problem. We are expecting the same from Cloud Native Security in the future. We expect that it will capture the triggers or alerts. If any new security vulnerability is found, it will also flag that to us.

It provides an overview of our security posture. If a metrics endpoint is public for any domain, that gets triggered. We get reports for different domains, such as Kubernetes security and vulnerabilities management, IaC scanning, or cloud detection and response. Cloud Native Security covers all of these. There is also a graphics tool where we can get all the details in a graph. All the Kubernetes microservices get scanned in the workload protection. The Cloud Workload Protection module detects all the cluster misconfigurations and other things. It also gives you alerts on the containers. We were looking for such a tool with all the cloud security modules.

We can also create our own custom policy. For example, if we do not want to enable the recommended Cloud Native Security policies for our company, we can create our own policies. This feature is very helpful.

We use Infrastructure as Code (IaC) scanning. It follows all the features for shift-left. We get all the alerts for IaC scanning. For example, if TerraForm is not performing any security checks in the template, that gets triggered. We also get information about any vulnerabilities related to IaC.

We have not got any false positives with Cloud Native Security so far.

Cloud Native Security has affected our risk posture. It shows us our risk areas. As an organization, we look for cloud security tools that can manage all the areas, and Cloud Native Security is doing a good job in managing all the things.

Cloud Native Security has reduced our mean time to detect. The detection time of Cloud Native Security is quite good. It takes half an hour for critical alerts and one hour for high alerts. These are the SLAs that we have. The detection time is quite good.

Cloud Native Security has also reduced our mean time to remediate. We have defined our SLAs as well. In our organization, we define the SLAs and share them with the developers or the DevOps team so that they can follow them. They work on the assigned issue, and if there is any issue, they come back to us.

I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us.

Apart from the posture management, I like the UI. It gives a holistic view of all the alerts and the accounts from where they are triggered.

Cloud Native Security is quite easy to use. It is user-friendly. As compared to other tools, it is more user-friendly, and its cost is also less than the other tools. It provides the same visibility that the other tools are providing in the market.

They can add additional modules to see scanning alerts. Adding additional modules will give us a better view. 

They can work on policies based on different compliance standards.

They can add more modules to the current subscription that we have. If they can merge some of the two modules, it would be great. For example, if they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.

It has been around two years since we have been using this product.

It is a stable product. I would rate it a 10 out of 10 for stability.

It is scalable. I would rate it a 10 out of 10 for scalability.

Our security team uses this solution. We have five to six people on the security team. Overall, we have 600 people. 

Previously, we were using AWS services, but there was no dashboard. That was where we had an issue. We wanted a cloud security tool that matches our requirements and provides the same thing in a holistic view and a better manner. That is why we went for Cloud Native Security. It has now been acquired by SentinelOne. We are getting the same product even after the acquisition.

It is deployed on the cloud. It took us about a week to implement all the features. It was very easy. They were very user-friendly.

In terms of maintenance, they do inform us when the maintenance will be going on.

We had two people involved in its deployment. 

It is not that expensive. There are some tools that are double the cost of Cloud Native Security. It is good on the pricing side.

We started doing POC with Cloud Native Security, and we liked it. We did not think of any other product. It also had better pricing than any other product.

I would recommend Cloud Native Security as a cloud security solution. They are doing an excellent job of providing the features that we require for cloud security posture management.

I would rate Cloud Native Security a 10 out of 10.

Our Cloud Native Security use cases depend on the type of SQL server we use. Currently, we need to check all cloud-based configurations directly. Cloud Native Security helps us identify SQL configurations on our local PCs.

Cloud Native Security has improved our cloud security monitoring processes. We can now capture all issues and misconfigurations in real-time, allowing us to respond quickly.

It streamlined compliance management for our organization. They schedule a meeting with us every month to discuss any requirements on our end, such as updating the Cloud Native Security version. For example, one time they informed us that we needed to update to Cloud Native Security version four. We inquired with their customer support team, who were very approachable and requested them to implement the cloud version of Cloud Native Security version four into our Cloud Native Security dashboard. They implemented it within five to six days. We were happy to adopt the enhanced security controls of Cloud Native Security version four. The customer success team and the customer-facing teams were very helpful and provided us with the best solution. This is why we chose Cloud Native Security. They are a well-established CSPM company in India with a proven track record of assisting businesses with compliance requirements. By onboarding Cloud Native Security, we gained a cloud-based configuration management system for our workloads.

It's easy to use.

Our cloud security issues are already automated using a common subscription ticketing tool to capture them. Reports are then sent to both the internal DevOps team to identify potential false positives and the business team to assess if resolving the issue aligns with business requirements.

Cloud Native Security's event-based evidence reporting should include proof of exploitability. This would allow users to easily identify misconfigured areas in the graph and click on a provided link to conveniently be redirected to the cloud service provider management console page for more details.

Cloud Native Security's offensive security engine proved valuable recently. When an endpoint was mistakenly exposed, it automatically captured the unauthorized request in the cloud and sent an alert to our email address. This notification allowed us to take swift action and restrict access to the URL on our network.

The AI helps us handle the hundreds of audits each year helping to enhance our security posture.

Cloud Native Security's access to the IIM role in the cloud formation template significantly reduces false positives, thereby maximizing the number of true positives.

Cloud Native Security helps us improve our risk posture, failover capabilities, and compliance levels.

Cloud Native Security reduces our MTTD. We are alerted within seconds on the dashboard and email of the detection.

To assess our MTTR, we need to consult with the DevOps team and conduct an impact analysis. If the impact analysis reveals no disruption to the production application within the AWS network architecture, we can proceed with remediation immediately. However, if the analysis identifies a potential impact, obtaining management approval will add to the resolution timeframe.

Cloud Native Security improves collaboration between our cloud security application developers and AppSec teams. It's particularly helpful for AppSec because we can leverage cloud security controls directly from Cloud Native Security. This also allows us to mitigate cloud misconfigurations.

Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities.

In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams. 

I have been using Cloud Native Security for six months.

Cloud Native Security is stable.

The scalability of Cloud Native Security is good.

The technical support is the best. They can integrate our suggestions for security control into Cloud Native Security within three days.

Positive

The deployment took one week. The deployment was completed by one person from our team along with a tech team from Cloud Native Security.

Cloud Native Security is priced reasonably for our workload.

I would rate Cloud Native Security ten out of ten.

We have a large number of users of Cloud Native Security in our organization.

I recommend Cloud Native Security to others.

We are using it for endpoint detection on all of our EC2 instances and hosts in the cloud. Along with it, we are also going to be using it for AV.

We do not have any EDR protection on our host. We would like to utilize it for AV to put some protection on our host. The pricing for the tool that we are using for AV has gone up, and they are not giving us a lot of things we need. Also, to use their EDR tool, we have to install a secondary agent, whereas, with SentinelOne, everything is included in the same agent.

Singularity Cloud Workload Security helps with forensics and extra protection on our host. We have not had any incidents where we had to fully use it or fully go into action with it, but we are hoping that it will provide the extra protection that we need to help resolve some blind spots that we have specifically on our hosts.

Singularity Cloud Workload Security has forensic visibility or deep visibility into the Linux kernel, but we have not used it. It is something that we will work on and use with our SOC team and the implementation team if an incident were to ever happen.

The historical data record provided by Singularity Cloud Workload Security after an attack will be useful if an incident happens. It will help us build a timeline of historical reference. It is easy to have it all in one place to build a timeline. We can see from start to finish where the incident started and where it occurred versus having to go in and do things manually by sifting through logs. The fact that SentinelOne is able to have that information or data and a single pane of glass is something that we like about the tool.

Singularity Cloud Workload Security helps to cut down the mean time to detect by having the historical reference and by being able to stop the incident with the hit of a switch. We can see from where it started, which is helpful. When you are an organization managing hundreds of accounts, it is hard to sieve through logs and get that information together, which increases our mean time to detect, whereas with SentinelOne, from the things we have seen and tested out, it seems simple and easy, and we are hoping that it will help us cut down on that time.

We are also hoping that it will reduce our mean time to remediate. We have not come across any actual incident to be able to fully know, but based on what we have seen so far in the tool, it seems it would.

Singularity Cloud Workload Security has not necessarily freed up staff to work on other projects, but it does reduce some time. It helps cut down on things. It does provide an easier capability. We have come from the old-school way of looking at logs. It seems that this tool will provide something much sleeker and easier for our SOC team to use.

Singularity Cloud Workload Security has not yet had much effect on our productivity. We have only had it for two months, but we like what we are seeing. We like implementing it. We like that it has a single agent and we can use it as AV. It seems to make things easy. It seems to be a more productive tool for us, but until we have an incident, I would not be able to say for sure. As of now, it looks like it has the capability.

Its interoperability with third-party solutions, such as Kubernetes, seems top-notch. We have integrated it with a couple of our solutions here, such as Kubernetes and containers, and we have not had any incidents or any problems to follow up or dig deep into. So far, the ability to look at our containers and to see into those clusters is something that puts Singularity above all others. With CrowdStrike or Trend Micro, we were not able to do that. We were not able to have the same visibility. SentinelOne Singularity made that easier for us.

Singularity Cloud Workload Security supports our ability to innovate from a standpoint where we know that our application teams and developers will be protected. When new applications are created, we will have some sense of security and some sense of safeguard for our teams. We did not have the visibility and the tools to protect us in the manner we would like, but with Singularity Cloud Workload Security, it looks like we can just put it on our endpoints and tell the teams to go and do as they wish because we know at least on this end, they will be protected.

From our tests and the things that we have done, we find Singularity Cloud Workload Security’s real-time threat detection and response capabilities attractive. We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek. Those are the things that are attractive to us.

We like the automated remediation feature. It is not something that we are going to use for automated remediation, but we do like the fact that it is there and can be utilized.

If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have.

We have been using it for two or three months. We went through a test trial, and we are finalizing the official purchase request to purchase it and start using it fully.

We have not experienced any issues so far.

We have not interacted with their support. We have only contacted our customer manager and our onboarding specialist. We have not had to submit any tickets.

We have not used any other similar solution previously.

It is a cloud deployment. I was involved in its initial setup. Its deployment was straightforward. There were a couple of questions that we had. Some of the documentation was not written in the best way. There were some hurdles when moving to the tool and understanding it, but for the most part, it was straightforward. We got all the instructions on how to deploy or install it. We were presented with a customer service rep who was an onboarding specialist. This customer service rep specialized in deployment for us, so everything was a simple setup.

We mainly did it ourselves, but we also had an integrator consultant from SentinelOne who was on the site. They answered all of our questions for anything that came up. For anything we needed, they were there to help us. We had three individuals full-time, and then we had a contractor.

In terms of maintenance, there is nothing required from the SentinelOne side. Once we onboard a lot of our hosts, we just need to organize it in a way that is easy for us, but from the SentinelOne or Singularity folks, nothing is required.

The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost.

We did evaluate other options. We tried Trend Micro Vision One. We also looked at CrowdStrike.

We went for Singularity Cloud Workload Security because it was built and made for the cloud. That was a big thing. The second big thing was that they utilize all of these different features with one agent.

The CrowdStrike solution is not built for the cloud. They have a cloud add-on, so it did not translate for us. The Trend Micro solution is somewhat built for the cloud. It is more of an on-prem tool that is moved to the cloud, but we have to utilize at least two agents to get all of the coverage, meaning AV and endpoint detection. With Singularity Cloud Workload Security, it is all covered in one agent. There is no need to put multiple agents on our host and go through that with our customers. It also allows us to place that agent using AWS Systems Manager, so the implementation in the cloud and launching of the agent is intuitive and easy. It was a no-brainer once we started looking at the tools in terms of how to implement them and what we would like in our organization. Singularity Cloud Workload Security took the top place.

It has a single agent to cover all aspects. You can save money and costs with data ingestion by using the Security DataLake from Singularity. There is also the ease of use of its console. There is also the ease of deployment by it being cloud-based. If you are looking for a tool that is perfect for cloud solutions and protects your cloud host, Singularity Cloud Workload Security would be at the top of my list.

To someone who does not think that they need a Singularity Cloud Workload Protection Platform (CWPP) because they have a continuous security monitoring (CSM) solution in place, I would recommend looking again at Singularity because there is one agent and the ease of transitioning and deploying into the cloud. Another big thing about Singularity is the holding of the data. We utilize Splunk. However, with Singularity, we do not need to ingest all the data because we can also utilize their data lake. The query or the information that we can look up at Splunk can also be looked up in Singularity, so there is no need to take all that data from Singularity and ingest it into our Splunk and increase our license. We can utilize our license and capabilities. We can just use the data lake that comes with Singularity and utilize logs in that manner. In the end, it is saving us costs when it comes to our SIEM tool ingestion, so I would recommend looking at these top aspects. It is easy in the cloud. It helps save data on your SIEM tool. It saves the ingestion costs. There is also a single agent.

I would rate Singularity Cloud Workload Security a nine out of ten.

We use SentinelOne's Singularity Cloud Security as our Cloud Security Posture Management solution, to proactively identify vulnerabilities within our cloud configurations. Security alerts generated by the platform are then forwarded to our mitigation team for prompt remediation.

The solution is easy to use.

The evidence-based reporting is helpful to our DevOps team who manually mitigate the vulnerabilities.

Singularity Cloud Security offers a flexible agentless vulnerability scanning solution that allows me to receive alerts directly to my personal email, a feature missing from AWS GuardDuty.

Evidence-based reporting that demonstrates how a vulnerability can be exploited is crucial because it allows me to prioritize alerts based on their severity level. This ensures I focus on the most critical issues first.

Singularity Cloud Security has improved our organization's security by proactively identifying vulnerabilities that could have significant detrimental effects.

It has decreased the number of false positives.

Before implementing Singularity Cloud Security our mean time to detection was three to four days.

Singularity Cloud Security has significantly improved our mean time to remediation from one hour to just 15 minutes.

SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security. This means they can adapt the product to our specific needs, whereas Prisma Cloud forces us to wait for their pre-determined release schedule.

SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On. SentinelOne should prioritize the development of a break glass account feature.

We've encountered some filtering difficulties, resulting in a few areas of the interface needing improvement.

I have been using Singularity Cloud Security by SentinelOne for one year.

Singularity Cloud Security by SentinelOne is stable.

I would rate the scalability of Singularity Cloud Security nine out of ten.

The technical support is good. They've assisted us on multiple occasions with implementing new policies and creating custom plug-ins to meet our specific needs.

Positive

I successfully deployed the solution in collaboration with a cloud-native administrator. The deployment process went smoothly and we encountered no complications.

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

We have over 400 users in our organization.

We have one client, and we need a portal to manage security. We use Singularity to provide security information and identify vulnerabilities or malicious scripts that need to be fixed. It also provides recommendations about each of the vulnerabilities that are helpful.

We provide cloud services on our site using AWS. Singularity detects flaws that we must close for security reasons. We use Singularity to observe those findings and fix things based on the customer's requirements. Previously, we used to segregate issues and look after them. Singularity helped us secure our infrastructure. We've significantly reduced our potential security breaches to a minimum. 

It has improved how we operate on a larger scale. We set up the platform, onboarded the info, and then gradually moved further. Over time, it helped us slowly resolve those issues. We were using the cloud platforms' native security tools, but those were unhelpful. Now, we rely on this more than those services. 

Singularity reduced our false positive rate by about 60 percent. We've had even better results in terms of our risk posture. We can rely on this tool to improve our security conditions on a broader scale. If I gave our security posture a percent rating, I would give it 89 percent.

The solution saves time by giving us everything in one place. You don't need to manually check every account. It tells us a lot. Singularity reduces our detection time by about 60 percent. 

Singularity has improved collaboration among cloud security, application developers, and AppSec teams. Previously, it would take around a week for engineers to address issues. Now that we use this tool, we resolve issues in one or two days.

We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues. Singularity is easy and convenient to use. It is extremely easy for a novice to understand what the dashboard is trying to say and the terminology's meanings.

Evidence-based reporting is excellent for auditing. It shows all the findings and severity: low, high, medium, or critical. We solve the low-level and medium issues. Next, we resolve high-level and critical problems. It's easy to fix the security breaches.

We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating. 

We have used Singularity Cloud Security for about six months.

I rate Singularity nine out of 10 for stability. 

I rate Singularity eight out of 10 for scalability. 

I rate SentinelOne support nine out of 10. 

Positive

Singularity took about a week to deploy. A team of 40 to 50 people was involved. 

I rate SentinelOne Singularity Cloud Security nine out of 10. I would recommend the tool to others. It's a convenient and cost-effective tool for identifying security breaches. You get everything in one place, saving you time and costs.

We use the solution for monitoring the security of our infrastructure. It helps us identify all the vulnerabilities.

We had code and infrastructure, and we just weren't sure of all the vulnerabilities within them. This knowledge has helped protect us from security loopholes. 

It's integrated with all of our cloud services on our accounts. It automatically fetches all the resources, scans through the code, and reports back on our vulnerabilities. It helps with all of our overall security standards as per the industry, and it can give us a rating. If I go to the compliance section, it gives me an idea of how I'm performing with respect to compliance metrics.

There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring.

It's fairly easy to use. I'd rate the ease of use 7 out of 10. There is a learning curve around the initial issues. However, we can look at issue descriptions and what to do. It gives us a lot of details about an issue, so that helps. 

Evidence-based reporting helps prioritize and solve our cloud security issues.

PingSafe includes proof of exploitability in evidence-based reporting. It's really important. If we did have any proof, it would be harder to pinpoint false positives. I like that it gives proof.

The code scanning is helpful. Whenever somebody commits a recent code, it helps identify that immediately and check vulnerabilities. 

It has positively affected our exposure. Before we implemented it, we were having lots of issues, and now, with PingSafe, we're up to 87% compliance with respect to all security metrics. It's been a gradual process, however, we're getting better and better. 

We've been able to reduce mean time to detect. It's gotten a bit faster. If you have a solution like this, you can take a more proactive approach. When a vulnerability happens, you can act immediately. Our mean time to detect has improved by about 80%.

It's also helped us with our mean time to remediate. It shows recommended actions and helps tell us what could possibly remediate the issue. 

The product has positively affected collaboration among our cloud security, application developers, and AppSec teams. PingSafe, however, is more centered around our infrastructure security and doesn't impact developer productivity much.

The compliance monitoring capabilities are helpful. We're a venture product, so we need to be compliant with everything. When we get a report, we can see what we need to do for compliance, and it helps us identify issues and mitigate them effectively to increase compliance. 

There is a bit of a learning curve for new users. The ease of use could be better.

We've had an issue where we muted a false positive, however, when we made some changes to a cloud configuration, it popped up again. So it hasn't really reduced false positives; you just need to manually ignore them. 

I've used the solution for one year. 

The solution has been stable throughout. 

We have three to four users that are actively using PingSafe. They are admins and engineers. 

So far, we haven't had any scalability issues. 

They have great technical support.

Positive

We didn't use a different solution previously.

The initial deployment was pretty quick. When you integrate any of your cloud service providers, it doesn't take long. We had it implemented in a few days. One of our reps can just work with the team to get it ready.

It's not integrated with any other security tools, however, it is integrated within our infrastructure. 

No maintenance is required.

I don't have any visibility on the pricing of PingSafe. 

We have not evaluated other solutions. 

I'd recommend the solution to other users. Overall, I'd rate the product 8 out of 10. 

We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by PingSafe for best practices and good security. In the past, we've had code exposed to the internet, and PingSafe has been able to catch such instances. Basically, it is for security and monitoring purposes. 

We've been able to integrate PingSafe with out AWS and deployed their agents to Kubernetes. For production and compliance purposes, it allows us to monitor actively for issues from one place. 

The solution reduces notifications.

We mainly use it for monitoring and security guidelines only. It's been really useful for us in terms of the developer accounts. If any have been exposed, we get notified and we can take care of issues before anything happens. 

We haven't seen any server downtime. It's always been available when we've needed it. 

The UI is very nice, and feature-wise, it's very good.

It has very good documentation. 

Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful. 

The solution is very easy to use. We have not had to spend much time customizing or integrating items. We were able to integrate all four AWS accounts in order to centrally monitor everything.

There is evidence-based reporting which can help prioritize and solve cloud security issues. We haven't actively used it or set it up.

We use the infrastructure as code scanning feature. It's good for identifying pre-production issues. 

About six months ago, there was a major upgrade. We can see the containers running and which vulnerabilities appear, et cetera. 

We haven't seen any increase in false positives since using the solution. 

It's helped us improve our risk posture. We're more confident now that things aren't happening and getting missed. We're on the right track to adapting proper security rules.

More than saving engineering time, this solution has helped promote confidence is the security of our cloud accounts. We're more sure of our configurations and security posture. Since we don't have a cloud expertise team that might identify issues, it has helped us gain confidence in SQL deployments. 

There should be more documentation about the product. Sometimes we have to go to customer support to get clarification.

I've been using the solution for 1.5 years. 

The solution is stable. I have not seen any downtime.

We have around 15 users leveraging PingSafe. They are mainly admins and engineers.

Technical support is very helpful. However, the documentation needs to be better.

They tend to resolve issues within an hour or so. With most issues, they are very helpful 

We have a different pipeline product working in parallel to this solution that is also helping us reduce vulnerabilities. Something else, for example, monitors compliance for us. PingSafe is more of an additional tool than our main solution. We have been using open-source tools for scanning.

The development was just one configuration, and we were able to implement PingSafe in about an hour.

The solution does not require any maintenance. 

We have noted an ROI based on the amount of confidence we've gained having visibility into our vulnerabilities. I do not have specific metrics on hand to illustrate that, however. 

The pricing is reasonable.

We're a customer and end-user. I'm a DevOps engineer.

I'd recommend the solution to others. I would rate it 10 out of 10 as it currently meets all of our requirements. I can't speak to other companies that may have different requirements.