SentinelOne Singularity Cloud Security Reviews

We adopted Cloud Native Security for its offensive security engine, which no other tools provide. It checks to see if any file or domain has public access. We also use it for cloud configuration scanning. Now, we are integrating it with cloud detection and response and plan to integrate it with CloudTrail and logs. Multiple team members use the solution. Our cloud security team has more than 10 members. We sometimes forward issues to the application team.

When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks. 

Compliance management is critical for every organization. Our compliance score was pretty low when we started using Cloud Native Security. Now, we've started seeing improvement every quarter.  We're around 85 to 95 percent compliant. When we see any alerts related to configuration, we raise a ticket with our follow-up team unless the issue is resolved automatically. We eliminate false positives and identify and work on any problems with our policies or other issues. 

Cloud Native Security has reduced our detection time by 15 to 20 percent through automation. The solution makes it easier by showing every impacted resource on a single dashboard. If we didn't have an automated tool to show us all the affected assets, we wouldn't know what's happening on every server or the resources we have created. Without this solution, we had to go to the documentation page for every cloud provider and implement the change. Now, we can check a single dashboard to get an overall idea of how something impacts our resources, and it helps us to automate. 

The solution has improved collaboration between our teams regarding security posture. We can say to the cloud security team that they need to follow a particular posture-related practice or adopt a network configuration, like blocking public access to a resource. We give these requirements to the network development and application teams.

Cloud Native Security has reduced our vulnerabilities and misconfigurations, improving our security posture. We had about 10,000 alerts when we started, but we brought that down to around 500. That was a considerable improvement in six months. 

I have worked on most of the tools in the market, and every product has distinctive features. Cloud Native Security's standout feature is offensive security. That's something no other product offers. All the other products have the same core features, such as vulnerability scanning. 

The UI is user-friendly, and the recommendations are easy for everyone to understand. If any misconfiguration happens, all four teams can read the options and understand how to implement them. To achieve these goals, we can also create an automated template according to cloud security best practices

SecOps plays a crucial role in our deployment and testing in the software lifecycle. In the course of building and deploying our applications, we need to look at our vulnerabilities and configurations. It's easy to identify these things and fix them before deployment by integrating Cloud Native Security.

The solution's evidence-based reporting is helpful because it provides real-time information. If a file has been opened and we haven't provided access, it gives us the evidence. It tells us the domain, and we try to investigate by going to the team that owns the file. We require them to make the file private, so it can't be accessed from the internet.

Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email. 

We started using Cloud Native Security last year.

Cloud Native Security doesn't have any bugs or glitches. It's fairly stable.

I rate Cloud Native Security nine out of ten for scalability. 

I rate Cloud Native Security support nine out of ten. They have email support, but there is no option to raise tickets from within the portal. Now, they have Intercom, and we raise tickets through that. 

Positive

We previously used Prisma Cloud, which has many of the same features, such as cloud-based configuration, Kubernetes scanning, vulnerability assessment, etc., but Cloud Native Security has the Offensive Security Engine. That is the main reason we switched.

Our organization started with a POC for a month and a half before presenting Cloud Native Security to our VP and senior leadership. They gave us the go-ahead, and we finalized the product. It took us less than a week to implement, but the deployment time depends on the organization. It might take time if they need to get approval from leaders. 

I rate Cloud Native Security seven out of ten for pricing. It's cheaper than many other products. 

I rate Cloud Native Security nine out of ten. It's a mature solution that includes all the features found in other products on the market. 

The company purchased PingSafe primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well. 

We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline. 

PingSafe has improved the organization's Docker container security, and we can mitigate many of the issues to avoid serious vulnerabilities or attacks. We start to see these benefits within 2 or 3 months of deployment. The tool took almost a month to learn the structure of our organization and environment. After that, it started detecting issues and vulnerabilities. 

We don't get many false positives because we eliminated many of them in the early stages. PingSafe can mark detections as false positives, so they won't appear in the future. 

PingSafe has reduced our detection time. Before implementing PingSafe, it took us around 7 or 8 hours to determine whether an issue was inside our organization. Now that we have deployed PingSafe, we have an agent list running on our Docker containers, and PingSafe is identifying the issues inside the Docker containers. When it scans periodically, we can detect the issues within 2 or 3 seconds. It has reduced 7 hours of work to a few seconds. 

While it hasn't reduced our remediation time on mid-level or low-level issues, it has drastically improved our remediation time for critical Docker issues and high-priority problems in our environment. We can handle them before they make it into production. 

PingSafe has improved collaboration between our developers and security teams. The tool has a feature where we can send issues to developers, but it requires them to reply with recommendations.

PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us. PingSafe is also responsive to our feature requests. The interface isn't difficult to understand for a layperson, and we're familiar with it. There's also built-in support, so we can get help when we have a problem. 

The evidence-based reporting is a critical feature because we can correlate to the issues in the system. We have compared it with free tools that are on the market, and PingSafe gets better results. From the perspective of remediation, resources, and security, PingSafe is the best option. 

The agentless vulnerability scanning has worked well for us. Removing agents from the equation takes about half the work out of it, and the agentless scan fetches the details every millisecond. PingSafe's agentless mechanism is monitoring everything that happens on the system.

Proof of exploitability is an important aspect of PingSafe's evidence-based reporting. When we ask a developer to fix an issue, they ask for evidence of its exploitability and whether it's a critical issue. If PingSafe didn't provide this information, we couldn't convince the developer to fix it. PingSafe provides the expertise to convince the developer by finding the vulnerabilities and providing explanations.  

The infrastructure-as-code scanning helps identify container configuration issues and other problems before they go into production. We used a script, and we needed to enable everything before going to production, so we have it enabled on the production and pre-production side. We can check the issues and block them before going to production. Before it becomes publicly accessible via the internet, we want it to be safer than it was in pre-production.

I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool. 

We have one feature request that we've already discussed with PingSafe. We want a category feature for exceptions that developers have already accepted. We don't want PingSafe to identify the issue next time because the developer has already done the risk assessment. 

We have used PingSafe for nearly a year.

PingSafe is stable. 

PingSafe is scalable.

I rate PingSafe support 9 out of 10. 

Positive

We previously worked with many open-source solutions and Prisma, one of PingSafe's competitors. Ultimately, budget issues made us come back to PingSafe. PingSafe is a budget-friendly and user-friendly tool. A layperson can start using the system and understand it within 1 or 2 days. It also has more capabilities than the other tools.

Deploying PingSafe was straightforward. It took 3 or 4 people to deploy. We are currently enrolled on 2 clouds. We had it on AWS, but now it's on GCP and Azure. It's more than 2,000 endpoints and around 2,000 APIs.

It doesn't require much maintenance because the updates are automatically happening on the cloud. When new features are released, we connect to the PingSafe team to understand how it will impact our environment. 

PingSafe is reasonably priced, considering the value it offers to our organization. We had a few conversations with them, and they understood our posture. Initially, they offered one amount, but we got them to offer a discount that would meet their expectations. Their customer team is excellent and understanding.

I rate PingSafe 8 out of 10. PingSafe will meet all your requirements if you're looking for a cloud tool that covers IoC scanning, cloud misconfiguration, secret scanning, integration into the DevOps pipeline, and cloud-image scanning. It's a one-stop solution for all these requirements. It's a user-friendly tool that's easy to handle, and the support is excellent. 

We are using it for endpoint detection on all of our EC2 instances and hosts in the cloud. Along with it, we are also going to be using it for AV.

We do not have any EDR protection on our host. We would like to utilize it for AV to put some protection on our host. The pricing for the tool that we are using for AV has gone up, and they are not giving us a lot of things we need. Also, to use their EDR tool, we have to install a secondary agent, whereas, with SentinelOne, everything is included in the same agent.

Singularity Cloud Workload Security helps with forensics and extra protection on our host. We have not had any incidents where we had to fully use it or fully go into action with it, but we are hoping that it will provide the extra protection that we need to help resolve some blind spots that we have specifically on our hosts.

Singularity Cloud Workload Security has forensic visibility or deep visibility into the Linux kernel, but we have not used it. It is something that we will work on and use with our SOC team and the implementation team if an incident were to ever happen.

The historical data record provided by Singularity Cloud Workload Security after an attack will be useful if an incident happens. It will help us build a timeline of historical reference. It is easy to have it all in one place to build a timeline. We can see from start to finish where the incident started and where it occurred versus having to go in and do things manually by sifting through logs. The fact that SentinelOne is able to have that information or data and a single pane of glass is something that we like about the tool.

Singularity Cloud Workload Security helps to cut down the mean time to detect by having the historical reference and by being able to stop the incident with the hit of a switch. We can see from where it started, which is helpful. When you are an organization managing hundreds of accounts, it is hard to sieve through logs and get that information together, which increases our mean time to detect, whereas with SentinelOne, from the things we have seen and tested out, it seems simple and easy, and we are hoping that it will help us cut down on that time.

We are also hoping that it will reduce our mean time to remediate. We have not come across any actual incident to be able to fully know, but based on what we have seen so far in the tool, it seems it would.

Singularity Cloud Workload Security has not necessarily freed up staff to work on other projects, but it does reduce some time. It helps cut down on things. It does provide an easier capability. We have come from the old-school way of looking at logs. It seems that this tool will provide something much sleeker and easier for our SOC team to use.

Singularity Cloud Workload Security has not yet had much effect on our productivity. We have only had it for two months, but we like what we are seeing. We like implementing it. We like that it has a single agent and we can use it as AV. It seems to make things easy. It seems to be a more productive tool for us, but until we have an incident, I would not be able to say for sure. As of now, it looks like it has the capability.

Its interoperability with third-party solutions, such as Kubernetes, seems top-notch. We have integrated it with a couple of our solutions here, such as Kubernetes and containers, and we have not had any incidents or any problems to follow up or dig deep into. So far, the ability to look at our containers and to see into those clusters is something that puts Singularity above all others. With CrowdStrike or Trend Micro, we were not able to do that. We were not able to have the same visibility. SentinelOne Singularity made that easier for us.

Singularity Cloud Workload Security supports our ability to innovate from a standpoint where we know that our application teams and developers will be protected. When new applications are created, we will have some sense of security and some sense of safeguard for our teams. We did not have the visibility and the tools to protect us in the manner we would like, but with Singularity Cloud Workload Security, it looks like we can just put it on our endpoints and tell the teams to go and do as they wish because we know at least on this end, they will be protected.

From our tests and the things that we have done, we find Singularity Cloud Workload Security’s real-time threat detection and response capabilities attractive. We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek. Those are the things that are attractive to us.

We like the automated remediation feature. It is not something that we are going to use for automated remediation, but we do like the fact that it is there and can be utilized.

If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have.

We have been using it for two or three months. We went through a test trial, and we are finalizing the official purchase request to purchase it and start using it fully.

We have not experienced any issues so far.

We have not interacted with their support. We have only contacted our customer manager and our onboarding specialist. We have not had to submit any tickets.

We have not used any other similar solution previously.

It is a cloud deployment. I was involved in its initial setup. Its deployment was straightforward. There were a couple of questions that we had. Some of the documentation was not written in the best way. There were some hurdles when moving to the tool and understanding it, but for the most part, it was straightforward. We got all the instructions on how to deploy or install it. We were presented with a customer service rep who was an onboarding specialist. This customer service rep specialized in deployment for us, so everything was a simple setup.

We mainly did it ourselves, but we also had an integrator consultant from SentinelOne who was on the site. They answered all of our questions for anything that came up. For anything we needed, they were there to help us. We had three individuals full-time, and then we had a contractor.

In terms of maintenance, there is nothing required from the SentinelOne side. Once we onboard a lot of our hosts, we just need to organize it in a way that is easy for us, but from the SentinelOne or Singularity folks, nothing is required.

The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost.

We did evaluate other options. We tried Trend Micro Vision One. We also looked at CrowdStrike.

We went for Singularity Cloud Workload Security because it was built and made for the cloud. That was a big thing. The second big thing was that they utilize all of these different features with one agent.

The CrowdStrike solution is not built for the cloud. They have a cloud add-on, so it did not translate for us. The Trend Micro solution is somewhat built for the cloud. It is more of an on-prem tool that is moved to the cloud, but we have to utilize at least two agents to get all of the coverage, meaning AV and endpoint detection. With Singularity Cloud Workload Security, it is all covered in one agent. There is no need to put multiple agents on our host and go through that with our customers. It also allows us to place that agent using AWS Systems Manager, so the implementation in the cloud and launching of the agent is intuitive and easy. It was a no-brainer once we started looking at the tools in terms of how to implement them and what we would like in our organization. Singularity Cloud Workload Security took the top place.

It has a single agent to cover all aspects. You can save money and costs with data ingestion by using the Security DataLake from Singularity. There is also the ease of use of its console. There is also the ease of deployment by it being cloud-based. If you are looking for a tool that is perfect for cloud solutions and protects your cloud host, Singularity Cloud Workload Security would be at the top of my list.

To someone who does not think that they need a Singularity Cloud Workload Protection Platform (CWPP) because they have a continuous security monitoring (CSM) solution in place, I would recommend looking again at Singularity because there is one agent and the ease of transitioning and deploying into the cloud. Another big thing about Singularity is the holding of the data. We utilize Splunk. However, with Singularity, we do not need to ingest all the data because we can also utilize their data lake. The query or the information that we can look up at Splunk can also be looked up in Singularity, so there is no need to take all that data from Singularity and ingest it into our Splunk and increase our license. We can utilize our license and capabilities. We can just use the data lake that comes with Singularity and utilize logs in that manner. In the end, it is saving us costs when it comes to our SIEM tool ingestion, so I would recommend looking at these top aspects. It is easy in the cloud. It helps save data on your SIEM tool. It saves the ingestion costs. There is also a single agent.

I would rate Singularity Cloud Workload Security a nine out of ten.

Singularity Cloud Security helps my organization achieve its goals by providing protection and cloud security posture management for our AWS organization. It offers detailed visibility into any misconfigurations, threats, or other items that come through from the AWS services, and enables my engineers to easily find and get information on how to triage those items.

SentinelOne has enabled us to identify and address misconfigurations more efficiently by streamlining the research and remediation process.

Singularity Cloud Security has significantly improved our risk management by providing clear visualization of threats, validating their severity, and prioritizing them. This allows us to efficiently allocate resources, strengthen our security posture, and minimize risk.

Cloud security has significantly reduced irrelevant alerts by effectively analyzing potential threats and determining their validity, a capability unmatched by any other product we've used.

Singularity Cloud Security has significantly reduced false positives by filtering out thousands of alerts triggered by offensive security tests and application configuration validation, resulting in a more manageable number of alerts requiring attention.

Singularity Cloud Security has improved incident response by integrating directly with our notification and task management services. This allows us to receive immediate notifications of critical misconfigurations or vulnerabilities and automatically generate service tickets for remediation.

Singularity Cloud Security utilizes push-based notifications to instantly detect misconfigurations and provide immediate alerts through integrated services, significantly reducing the mean time to detection compared to traditional polling-based methods.

Singularity Cloud Security has reduced our mean time to respond because its direct integration with our notification services allows for immediate attention to issues.

SentinelOne has improved our organization's regulatory compliance by providing insights into misconfigurations and issues before they impact our production environment. This proactive approach ensures consistent compliance with both regulatory standards and client expectations.

Cloud Native Security's evidence-based reporting allows for issue prioritization by determining their impact, enabling efficient time allocation to resolve the most critical problems first.

Cloud Workload Security's real-time threat protection safeguards our workloads, providing visibility into anomalies and threats, and automatically remediating them at a speed unattainable through manual intervention. This automation frees my team from time-consuming investigations and remediation, allowing them to focus on other critical tasks while ensuring our services remain actively protected.

The introduction of Purple AI by SentinelOne enhances our cybersecurity strategy by empowering engineers to proactively address security issues. This distributed approach allows engineers to triage, identify, and resolve problems within their own teams, reducing reliance on the SecOps team for all security tasks. By shifting responsibility leftward to the engineers directly accountable for specific components, we foster a more efficient and responsive security posture.

Cloud Native Security's evidence-based reporting allows us to prioritize issues by understanding their impact, helping us resolve the most important problems first. AWS real-time threat protection protects our workloads and provides visibility into anomalies or threats, automatically remediating them at speeds beyond our manual capabilities.

SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors. Additionally, the platform would benefit from an enhanced ability to provide a deeper, holistic view of the entire application deployment cycle, extending beyond effective run times.

I have been using SentinelOne Singularity Cloud Security for three months.

The most important aspect of the evaluation process was the support and responsiveness of the SentinelOne team, because great products alone cannot meet all needs. Ultimately, having a reliable team ready and willing to assist with any issues is essential.

Positive

We had an existing CNAP solution for about three years. While functional, it generated a lot of false positives and required extensive manual review. Additionally, it lacked useful integration with our other vendors and partners, and overall, felt somewhat outdated.

SentinelOne offers excellent pricing and licensing options. I was able to consolidate two security vendors into one by switching to SentinelOne, and I now pay less than I did for either of them.

As a cloud-native application operating exclusively within AWS, we procured SentinelOne through the AWS Marketplace. This partnership, facilitated through an EDP purchasing agreement, streamlines our procurement process, consolidates purchase records, and provides a discount on our AWS spending.

We did a proof of value with SentinelOne, reviewing and validating all the products we are currently using to determine their viability compared to our current vendors and ultimately make the decision to move forward with SentinelOne as our new product vendor.

Prior to evaluating SentinelOne as a CNAP vendor, we faced significant challenges with our existing vendors, primarily large organizations that were slow to update their products and meet our needs. However, our partnership with SentinelOne has been markedly different. Their leadership team demonstrates a strong commitment to customer success, fostering a culture of direct collaboration and continuous innovation, which aligns perfectly with our requirements for a partner.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

The partnership between SentinelOne and AWS, particularly the Singularity Cloud integrations, provides streamlined access to actionable information from AWS.

I would tell anybody considering Singularity Cloud Security to absolutely proceed. SentinelOne has been phenomenal to work with, and I am looking forward to a continued partnership as they innovate and integrate AI, consistently rolling out new features.

To address our client's infrastructure vulnerabilities, we implemented Singularity Cloud Security by SentinelOne. This security solution effectively identifies and resolves security issues, streamlining the process of ensuring our clients' infrastructure remains secure.

For the past year and a half, we've been managing AWS infrastructure for a client, originally using basic AWS security tools. While these provided a workable solution, Singularity Cloud Security offered a significant advantage. It prioritizes vulnerabilities by severity, high, medium, or low, allowing us to focus on the most critical issues first. This centralized tool gathers information and displays all details on a single dashboard, significantly reducing manual work. The dashboard helps us identify problems, understand their meaning and potential impact, and follow clear resolution steps. This streamlined process enables us to address security concerns quickly and effectively, ultimately enhancing our client's infrastructure security.

Singularity Cloud Security was convenient and effective for threat management. In the past, we relied on daily information gathering and alerts, requiring us to manually address the findings. Now, Singularity Cloud Security provides continuous threat detection and simplifies our work, significantly improving our security posture.

The automated security responses have significantly improved our overall security posture.

Singularity Cloud Security is easy to use as it gives us the proper step-by-step methods to solve that vulnerability.

I would rate the evidence-based reporting for helping prioritize and solve important cloud security issues nine out of ten.

It is helpful that Singularity Cloud Security includes proof of exploitability in the evidence-based reporting. Although it isn't perfect, it gives us the right solution to mitigate vulnerability.

Our infrastructure configuration is defined using an Infrastructure as Code template. This template allows us to scan our entire infrastructure for potential issues, including pre-production problems within templates or container configuration files. Previously, we stored infrastructure details in a format that required manual data retrieval via CSV files. Now, with IaC, we have a centralized control system that manages multiple accounts and provides vulnerability listings based on severity for each account.

Our previous default AWS security tool wasn't sufficient, so we adopted Singularity Cloud Security based on a client recommendation. It's been a huge improvement. Whereas our old tool took three months to gather data, Singularity Cloud Security provides a daily updated dashboard with vulnerability information. This allows us to prioritize and address security risks based on criticality, saving us significant time and effort compared to the past.

Singularity Cloud Security has helped reduce the number of false positives by 70 percent.

Singularity Cloud Security streamlines manual work by providing insightful information on security vulnerabilities. It not only identifies issues we might miss but also offers in-depth analysis, including potential future costs and the severity of the threat. Additionally, it presents basic details tailored for users with less security expertise, empowering them to understand and address vulnerabilities effectively.

Singularity Cloud Security has improved our risk posture by 80 percent and has reduced our mean time to detection by 85 percent.

Singularity Cloud Security has reduced our mean time to remediation by 70 percent.

It has streamlined collaboration between our cloud security, application developers, and AppSec teams. This tool automates manual tasks, reducing our team size from ten to five. It provides us with the information we need to effectively identify and address vulnerabilities, making our cloud environment more secure.

It has been a huge time-saver for our engineering team, saving them weeks of work.

We have saved around 70 percent of our overall time with Singularity Cloud Security. 

Singularity Cloud Security has positively impacted our operational costs. The time saved by reducing manual work and resource requirements translates directly into cost savings.

Singularity Cloud Security's AI empowers us with improved security solutions. When faced with uncertainty, the tool can quickly provide insights to help us gain a clear understanding of the situation. 

The most valuable aspect of Singularity Cloud Security is its unified dashboard. This reduces manual work by centralizing all security information, allowing us to see vulnerabilities categorized by severity, low, medium, high, and critical. This clear prioritization streamlines the process of understanding, addressing, and resolving security issues, making threat mitigation significantly more efficient.

A recurring issue caused frustration: a vulnerability alert would appear, and we'd fix it, but then the same alert would return the next day. We reported this to both our internal team and SentinelOne for investigation and resolution. This needs improvement to prevent these repetitive alerts.

In a future update, it would be beneficial to have both an AI chat function and a more modern user interface.

I have been using Singularity Cloud Security by SentinelOne for eight months.

I would rate Singularity Cloud Security's stability nine out of ten.

I would rate Singularity Cloud Security's scalability eight out of ten.

In AWS, we previously relied on Amazon Inspector, a built-in service that automatically scans for vulnerabilities including VDF findings, a type of assessment finding in our resources. This not only provided a default security solution but also integrated with AWS Security Hub, allowing us to centrally address critical security issues. We migrated to Singularity Cloud Security by SentinelOne because our prior tools were labor-intensive and lacked a unified dashboard. Previously, identifying which accounts had vulnerabilities required manually checking each one. Now, Singularity offers a single pane of glass for all our accounts, displaying both account details and any security findings. This significantly reduces manual work and simplifies our security posture.

The deployment took weeks and involved ten people.

Singularity Cloud Security by SentinelOne is cost-efficient.

I would rate Singularity Cloud Security by SentinelOne nine out of ten.

Singularity Cloud Security is deployed in multiple departments and we have five users.

Singularity Cloud Security occasionally requires scheduled downtime for maintenance, which allows our technicians to identify and address any potential problems.

I recommend Singularity Cloud Security. It's streamlined our operations by reducing manual work and simplifying problem-solving. The user interface is intuitive, allowing even new hires to become proficient after just a few weeks of training.

My company is trying to get an ISO certification by the second quarter of 2024, so we have been resolving certain security issues for the past year.

I use the solution in my company, where we have alerts coming from PingSafe, especially if any security threats are there. Our company's primary concern in using the tool is to get the ISO certification. My company wants to get our infrastructure to meet ISO standards so that there won't be any issues while getting ISO certification.

With the product in my organization, I feel that we are more secure now, and our services have become better. My company gets to know if we are doing something right or wrong based on the scans that PingSafe deploys. My company doesn't have to care much about security because PingSafe takes care of it for us. My company also knows what all the best practices are there for each resource, which gives us a boundary of what we can do.

Most of the time, I have looked at the tool's dashboard to keep an eye on how much of my company is compliant regarding certain areas since we are eyeing ISO 22000 and ISO 22001. I just love the tool's dashboard, though I have not used it in depth. I like the dashboard mainly, and I know that all sections of ISO certification have been completed. I have not used the tool that much, but under that dashboard itself if I just click on the certification part, which states that 93 percent has been completed, it will show me the subcategories of what all things are still pending or how much percentage of it is still pending, and how many areas are yet to be resolved in relation to some of the resources. The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features.

When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting features and dashboard functionalities. Considering how much I used the product, I don't see any areas in it where improvements are required since everything seems fine.

Sometimes, there are alerts that don't have proper messaging attached. The tool can improve the alerting notifications. In PingSafe, the alerts also show the affected resource that has a particular issue, but sometimes, the account shows as not applicable, and it isn't very helpful since you need to know the account the tool aims to point out.

The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement.

I have been using PingSafe for more than a year. My company is a customer of the solution.

My company has not experienced bugs, downtime, or any other issues in the product.

Stability-wise, I rate the solution an 8 out of 10.

It is a scalable solution. Scalability-wise, I rate the solution a 7 out of 10.

My company's tech team consists of twelve people and around ten to twelve people use the product.

I rate the technical support an 8-9 out of 10.

Positive

The solution is deployed using the cloud services offered by AWS.

PingSafe regularly sends us messages on Slack for cloud security monitoring if it finds a certain security threat. If the area revolving around the security threat is something my company wants to look into, we just quickly check the product to see if there is a quick fix, and if there are no solutions, then we find a way to deal with it. A person from our company's team regularly tries to fix all the issues raised by PingSafe so that it is ISO compatible, and right now, my company is close to achieving it.

Speaking about the issues my company was trying to resolve by implementing PingSafe in our environment, I would say that whatever issues the tool has raised till now are related to certain policies that we might not have implemented in our IAM. There should only be certain roles that can access certain resources. The aforementioned area consists of the types of issues my company is currently trying to resolve so that we stay up to the mark. In my company, we don't have any regular threats that come up, but they are mainly used in regard to policies.

Considering how much I have used it to date, I can say that it is an easy-to-use product. However, I have not used the product in-depth, so I can't comment much about it.

If I assess the evidence-based reporting for helping prioritize and solve important cloud security issues, I would say that the concerns raised by the product are valid ones, and it is important to deal with them. Though I am not sure what the question entails, I feel that the issues raised by the product are proper, and they should be resolved before actually implementing its features.

I think it is very important for the solution to include proof of exploitability in evidence-based reporting. You have to know what things might go wrong if an issue is not resolved, and it makes it easier for us to assess key issues and to decide which areas should be taken into priority, considering what potential issues might crop up in the long run or short term. In general, PingSafe is a quite helpful tool.

The most valuable feature of the tool in terms of real-time threat detection stems from the alerts my company receives via Slack. I think the alert feature is something I have majorly looked into, but I haven't explored many of PingSafe's features.

Whether the compliance monitoring capabilities of the tool have benefited our organization or not is something that we will get to know soon via its results in the next two or three months. My company is very close to getting ISO certification with PingSafe's help. I think if it gave our company a demo compliance feature, it could be helpful.

The product's UI is good if I speak about the impact of its ease of use on security operations. The UI is very easy to navigate. Basically, I was able to navigate through the tool's dashboard. Overall, the tool's UI structure looks good.

My company has rarely had to deal with an incident involving a false positive with PingSafe in place, and I believe that it happened at the end of the previous year. After that, my company didn't need to deal with any false positives. With PingSafe, the chances of seeing a false positive are rare.

In terms of risk posture, after going through the recommendations provided by PingSafe during the implementation phase, I feel that my solution has helped my company get better and more secure because now we are less vulnerable to attacks. Overall, I think that the product is good for improving an organization's risk posture. In my company, we don't have any doubts about using the product since everything feels right with it.

The tool has reduced the mean time to detect risks since, with the use of the tool, it has become faster as it is now done automatically. In my company, I operate in a very small team where we don't have a specific person or department giving us insights about a particular tool. The tool has reduced the mean time to detect risks by more than 50 percent. My company never scanned our own infrastructure until PingSafe did. Until my company had it in mind that we wanted to get an ISO certification, we never scanned our infrastructure.

The mean time required to remediate is an area that has improved a lot. My company has never tried to resolve any issues since we have never detected any problems. The mean time to remediate has improved by more than 50 percent.

The product can make the collaboration between cloud security application developers and AppSec teams better. In my company, we only have one team, and we don't have a few departments.

The product has helped my company save a lot of engineering time because we don't have to put up physical resources to do many things, as they are managed automatically. In my company, we just have to employ one engineer to resolve everything. My company doesn't actually have to spend time detecting issues and then solving them as the tool solves them for us.

I have not integrated the tool with the existing solutions in my company's infrastructure or workflows. I use it as a standalone product in my company.

The product is used in just one location.

I don't think that the product requires any maintenance. I don't think that my company does any maintenance for PingSafe.

I recommend the product to those who plan to use it. I think the tool has a very good alerting system. The tool also gives a proper description of resources and alerts. I think that the tool is very good for meeting the certification compliance requirements.

I rate the overall tool a 9 out of 10.

We use PingSafe as a cloud security posture management tool. PingSafe is integrated with our GCP, Azure, and AWS accounts. It will identify all the misconfigurations and security issues on all these cloud platforms and alert us. In addition to the CSPM capabilities, PingSafe has several other features like vulnerability management, container security, Kubernetes security posture management, and secret scanning

All of these features are bundled inside PingSafe. It combines all the telemetry from the cloud, containers, and the Kubernetes platform. The vulnerability scanners are connected to the registries and give us a holistic picture of what else is vulnerable versus all the dummy data others would give.

Before PingSafe, we didn't have visibility into the security aspects of our cloud environment. PingSafe allows us to see all the misconfigurations and security vulnerabilities. Certain native tools from AWS are quite expensive and not as reliable, but PingSafe fixes that issue. Also, for highly regulated companies, having a cloud security posture management tool is a hard requirement.

Regarding risk posture, there are two kinds of risk: perceived and actual. PingSafe has helped us reduce the actual risk. Our compliance score went up from 70 percent to more than 95 percent now.

We realized PingSafe's benefits maybe 1 or 2 months after the deployment. We integrated the regional module, and the extra features were there. About 6 months in, we really scaled it up. 

PingSafe has helped reduce the number of false positives we deal with. They've been highly proactive. We have a Slack channel with their support team. We tell them the false positive you're seeing, and they get on a call with you in 30 minutes to solve that issue. 

The detection time is immediate. It finds vulnerabilities almost instantly, so the detection time has decreased considerably. In terms of remediation, it depends on how we are doing it. The remediation time has gone down, but not to the extent that we need it to. 

PingSafe has improved cooperation between the DevOps and security teams by helping identify critical issues that must be prioritized instead of just going through and fixing each one. 

PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue.  

For example, let's say you have a vulnerability in a public instance of AWS EC2, and there's a relationship between that instance and the Kubernetes platform. From there, Kubernetes is connected to a container with a misconfiguration or vulnerability. That attack path is the root cause of the issue in your environment. It doesn't simply tell you whether something is public. That is a feature AWS provides natively. Native AWS tools provide us binary results about whether the instance is open, but PingSafe can break down the data to identify the core issues. 

PingSafe is one of the easiest platforms to use. It's super intuitive. I have used CSPM tools in the past like CrowdStrike. This is much easier. With one click, you can deploy it in an hour. It automatically picks up a lot of the telemetry on its own. You don't need extra configuration steps because the scripts are all there. We can launch the cloud automation templates, and PingSafe just directly deploys.

Agentless scanning is convenient for us. It will automatically copy the registry details from AWS, Azure, or GCP without any additional configuration before. If you have registries saved outside of your cloud environment, you can input the client key and secret file, and PingSafe will integrate and scan it automatically. You don't need to deploy the agent because it does it on the back end. The best part is that they take this element and bring the cloud security posture management along with it. It will integrate the vulnerability scan into the containers, Kubernetes platform, and the entire cloud platform.

The offensive security engine isn't PingSafe's standout feature, but it's an add-on that gives you insight into vulnerabilities in your cloud environment and how attackers can exploit them. 

We have integrated PingSafe's infrastructure-as-code features into our GitHub platform, enabling us to scan all the TerraForm and Kubernetes YAML code for vulnerabilities. That is a nice feature that allows you to detect issues in your code before it is deployed. It's inside the pipeline. It will scan the code and block the deployment if it doesn't meet preset criteria.

I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement.

I have used PingSafe for a year.

I have not experienced any instability, yet. PingSafe is pretty solid. 

PingSafe is scalable if you have the licenses. 

I rate PingSafe support 8 out of 10. From the deployment until December of last year, PingSafe's support was stellar and proactive. The support hasn't been as good since PingSafe was acquired by another company. It's similar to what I've seen with other acquisitions. When it was a startup, you got more personalized support. You could even get the CTO to get on the call with you, which was nice. They have room to improve, but maybe they are undergoing a transition period after the acquisition. 

Positive

We used a different solution, but the correlation wasn't as good, and it was expensive. 

Deploying PingSafe is effortless because it's a cloud-based platform. It's pretty intuitive, and we had lots of support from PingSafe. If we had issues, we just got them on a call, and they fixed them. PingSafe requires no maintenance on our end after deployment. 

PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less. 

I rate PingSafe 9 out of 10. I recommend that new users onboard as many features as possible. Don't just stick to the cloud security part. Integrate the cloud security with your containers and GitHub or Bitbucket repositories. Perform all the integrations whether you need them or not, and it will take care of everything on the back end for you.

We use PingSafe as a cloud-native application protection platform. It scans all our accounts to identify any loopholes or vulnerabilities. We get the results and recommended resolutions. It provides reports with all the minute details. For example, it might tell us there is an admin user with access that might increase the risk. PingSafe gives a comprehensive overview of anything about our cloud posture. 

We scan an Azure or AWS account, and PingSafe tells us the particular route an attacker might take and the risks. We use it extensively because it provides information on everything that could lead to a disaster. We're scanning 20 to 25 database accounts, with no more than 20 users.

PingSafe helped us close the loopholes in most of the services, improve our cloud security posture, and lock down who has access. The solution's reporting helps with auditing and compliance. When we started, our posture rating was around 77 percent. It's now at around 98 percent after we closed the loopholes.

The false positive rate is low. It's accurate 99 percent of the time. If we are doing a continuous scan, we sometimes get false positives, and we used to get much more in the early days of our deployment, but now it's quite effective and efficient.

PingSafe has reduced detection and remediation time by 10 to 20 percent. It has also improved collaboration among our security and application teams. We now get reports every 10 days, which has improved our teams' productivity because they don't need to go back and forth. It has made the DevOps and security teams' work about 20 to 30 percent more efficient. 

With PingSafe, it's easy to onboard new accounts. When there's a major acquisition, we have dozens of new accounts that we need to onboard quickly. It's very easy to use. The proof of exploitability is critical because we must present the results to a developer. Without evidence, they won't understand the problem.

The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects. 

I have used PingSafe for nearly 2 years. 

I rate PingSafe 9 out of 10 for scalability. 

Deploying is straightforward and only takes a couple of days. One person did the initial setup, and whoever needs to use it can access it through the portal. It doesn't require any maintenance. 

We've seen a return in the form of time saved. It gives us timely reports, and time is money. 

In some markets, PingSafe is a little on the higher side, but it's just right for us. It's a good value for the money.

I rate PingSafe 9 out of 10 and would recommend it to others. It's easy to use.