SentinelOne Singularity Cloud Security Reviews

We use PingSafe to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. PingSafe finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. 

PingSafe is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack. 

When I joined the organization, we didn't have this kind of security tool in our infrastructure. PingSafe helps us secure any resources that were mistakenly made public and other vulnerabilities. Initially, we were primarily focused on projects, not on the security side, but we were dealing with some system vulnerabilities that hackers could exploit, like publicly accessible resources. The detection is highly granular. It gives you small vulnerabilities and very new types. 

The PingSafe team will help you reduce false positives quickly. When we first used PingSafe, false positives were high, so we contacted the team. They did some testing and modifications, and the problem was solved in one or two days. 

The mean detection time has drastically reduced. The detection time varies depending on what we're scanning. When we're scanning GitHub, it takes 7 to 10 minutes. On the cloud platforms, it depends on resource availability. It takes 10 minutes on the high end, but the mean is about 1 or 2. Overall, it has been reduced by about 10 percent. 

The remediation time is up to us. PingSafe just detects it, but it gives us an assessment and recommendations, making it easier to resolve. When we fix a vulnerability for a particular resource, the issue will not occur again. 

PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub. Using PingSafe's evidence-based reporting, we can rank the severity of issues as critical, high, medium, etc. Having the ability to prioritize security issues is crucial for any organization. 

One good thing about PingSafe is that it gives you a consolidated view of compliance and vulnerabilities. We can follow PingSafe's guidance and comply with those use cases. When you get an alert, they explain how to resolve those issues. 

The user interface is excellent because we see everything in a single panel and can manage all the operations from one portal. It's integrated with Slack, so we can coordinate on the open tickets. We can also mute notifications. The interface is straightforward and easy to use. Anyone can use it.

The offensive security engine is a helpful feature in cases like when a developer leaves some API element exposed, and we can view the potential exploit path. It's helpful when we are deploying any AWS account or service because all our systems depend on AWS.  When the service is initially deployed, we can see what happens and get all the details about anything that depends on it. 

When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again. 

We have used PingSafe for more than 2 years.

I rate PingSafe 9 out of 10 for stability. We've never had any glitches. 

We've had no issues with scalability. We've onboarded about 6 or 7. There is no digital investment. You can integrate multiple accounts from various providers. 

The support team was valuable during the initial stages. PingSafe contacted us every three weeks. They checked our infrastructure and reviewed all the issues that we were incorporating into the system. They took direct responsibility for the system and could solve queries quickly.

Previously, we were using the native tools of each cloud provider. For example, we used GuardDuty on the AWS.

Deploying PingSafe is straightforward. You can onboard new AWS accounts in five to 10 minutes, and it will start scanning very quickly. They give you a script to run on AWS. You can enroll your accounts based on the template, and it starts collecting data. We onboarded six or seven accounts. It hardly took any time. It's a SaaS solution so we don't need to maintain it. We only need to do the onboarding. 

I rate PingSafe 7 out of 10. PingSafe isn't a unique solution. Other solutions have the same features, but I like PingSafe because it's simpler to use. It doesn't require any maintenance and the scalability is good. However, I think other solutions can give the same level of detail and insight. 

We use PingSafe to check for misconfigurations and vulnerabilities in new infrastructure or applications we deploy on AWS. All of our accounts are integrated. When we deploy new services, it highlights any misconfiguration or lack of encryption. We return to our applications and try to fix the issues immediately. The company has about 25 PingSafe users across three teams and five cloud environments, including production. PingSafe covers all five. 

PingSafe saves us time finding misconfigurations and encryption issues. It helps us troubleshoot why data is not encrypted or why it's sitting idle for a long time. We previously had a separate team investigate the environment for security issues, like public IPs or anything like that. PingSafe saves us time equivalent to a whole team. It reduces the time spent on these tasks by about 30 percent. It has reduced our remediation time by around 10 percent.

Another benefit is security compliance. It gives us the security reports, and we implement the recommendations according to best practices provided by the team. We were around 60 percent compliant when we started. Our PingSafe security compliance score is now 99.4 percent. 

Recently, we were migrating a database from on-prem to AWS. After we successfully migrated it, PingSafe discovered that it was using default ports and that no audit or error logs were enabled. It highlighted that issue within 30 minutes. Before we went live, we reconfigured all the databases, and PingSafe helped us. 

The most valuable feature is PingSafe's feedback about the severity and impact of a misconfiguration and the best practices for resolving it. It's helpful to anyone who's using the tool. Even if you're unfamiliar with the issue, PingSafe will give you a detailed description of everything that went wrong and how to fix it. 

If your account is integrated, PingSafe's evidence-based reporting gives you an alert with the severity. Before you go live or pass it off to the other teams, so you know all the issues and misconfiguration in your infrastructure. You can fix it before passing it to the other team, and you are confident you are using the best practices. It reports weekly on the number of issues discovered and how many tickets we've closed. 

The proof of exploitability is critical. There are a few scenarios where I need to explain the misconfiguration to the team. Before PingSafe, I had to provide the evidence and screenshots to demonstrate the misconfiguration on our end, but now PingSafe takes care of all that, saving me time. As someone leading a team, I spend half as much time on these tasks.  

It separates the issues, dividing cloud-based misconfigurations from container-based or web-based ones, so we can forward them to the appropriate team. This separation is required for organizations that have multiple teams.

PingSafe is easy to use. After one login, you can understand everything. The console UI is very user-friendly.

When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report.

We have used PingSafe for nearly 3 years. 

I rate PingSafe 9 out of 10 for stability. 

I rate PingSafe 9 out of 10 for scalability. 

I rate PingSafe support 8 out of 10. 

Positive

Before PingSafe, we were using AWS GuardDuty. We adopted PingSafe because we established a dedicated team for security compliance. 

PingSafe is a cloud-based platform, and the setup was pretty straightforward. They provided all the necessary documentation, and we had a call with the PingSafe team to help us get started. The deployment was fast—it took less than 20 minutes. Four people were involved, including the PingSafe team. After deployment, it requires no maintenance. It's good to go once you set it up. 

You can expect a decent return on investment from PingSafe. It's better to use tools like PingSafe to improve security and compliance. I estimate the ROI is around 25 percent. 

I rate PingSafe 9 out of 10. I would recommend PingSafe to anyone. It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security.

We use PingSafe to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate PingSafe with our GitHub repositories that store our hard-coded secrets.

We renewed our contract with PingSafe for another year because it's extremely easy to use. The user-friendly UI, along with its integration with Jira and the ability to consume alerts through Slack, make it a valuable tool for our team.

Evidence-based reporting facilitates addressing complaints related to mandatory controls. PingSafe offers an option for high-alert items to be kept publicly available if we're confident we have appropriate controls implemented.

PingSafe's agentless vulnerability scanning has identified a significant number of vulnerabilities.

PingSafe's evidence-based reporting, particularly its proof of exploitability, is highly valuable. For example, their recommendations significantly reduce investigation time and allow us to easily research vulnerabilities using tags. This targeted approach helps stakeholders prioritize and address critical vulnerabilities efficiently through the dashboard.

We utilize the offensive security engine, but fortunately, it doesn't detect many vulnerabilities. It primarily identifies publicly known patch versions and the exposure of the SMTP service. On the other hand, I would rate the ASM functionality an eight out of ten.

IaC scanning has been effective in identifying code-level issues whenever infrastructure as code is scanned.

PingSafe automatically populates and maps our network, identifying any misconfigurations within the first two hours of deployment.

It has reduced false positives by around 90 percent.

Our mean time to detection has been improved, especially for critical areas. Our mean time to remediation has been improved as well.

PingSafe has improved our risk posture by providing visibility into our cloud infrastructure.

PingSafe improved the collaboration between the cloud security application developers and the app security team.

It helped our developers save time.

PingSafe offers an intuitive user interface that lets us navigate quickly and easily. Additionally, its identification feature allows us to customize rules and configurations in the cloud.

IaS scanning identifies misconfigured code within GitHub repositories. This represents a "shift left" approach to security.

Customized queries should be made easier to improve PingSafe. 

I have been using PingSafe for one and a half years.

While PingSafe is stable for around 90 percent of the time, there are occasional glitches in the UI. However, as a security tool, our primary focus is on the results it delivers, rather than the aesthetics of the dashboards themselves.

Scaling PingSafe is easy. We recently integrated with AWS and it went well.

We regularly contact the technical support team about some UI glitches. We provide them with feedback on these glitches regularly. Additionally, we would like to see some new features added to Jira when creating tickets. We've also been in touch with the technical support team about this.

The technical support team's responses are good and have been improving.

We've noticed a decline in their response times lately. This could be due to the recent acquisition of PingSafe by SentinelOne. Previously, their response times were much faster.

Positive

The initial deployment was straightforward.

Deploying PingSafe is a quick process that involves creating a dedicated service account, granting the necessary roles to the service account, and attaching the service account to PingSafe.

The total deployment time took around 15 minutes.

The implementation was completed in-house.

The features included in PingSafe justify its price point. The agent-level monitoring for Kubernetes clusters is particularly valuable and could support a modest price increase.

Our evaluation of Prisma Cloud and Trend Micro on an open-source platform for identifying misconfigurations yielded a high number of false positives, limiting its effectiveness. We chose PingSafe based on the price and the ease of use.

The setup and cleanup need to be done first to get things organized. This makes PingSafe a much easier option than the other products we evaluated, which were all very complex. So, we won't be jumping straight to CWP. Instead, we'll focus on securing our perimeter. We believe PingSafe can solve this issue, and the support we received during the proof of concept was also very positive. Considering all these factors, we decided to go with PingSafe. 

I would rate PingSafe nine out of ten.

PingSafe does not require maintenance.

It is easy to use, but it works best when you have established organizational practices in place. If you feel this is critical, don't hesitate to address it directly. Integrating PingSafe is straightforward, so there's no need to worry about that. It's a ready-made solution that can be integrated with just a click. You can then address the specific issues you find most important. Ideally, integrate all your relevant sources during onboarding, such as GitHub or any cloud accounts you use. This ensures you capture everything from the start and get the best possible results.

I personally use this for infrastructure security purposes because it provides alerts for any threat detection or vulnerability detection in my infrastructure. This ensures that these issues are addressed promptly.

It has helped us a lot with security practices which are supported by the industry benchmarks. The security tools and policies are regularly updated based on new evidence or changing threat landscapes.

Furthermore, after SentinelOne Singularity Cloud Security was deployed in our system, it provided quick alerts. Previously, tools did not offer fast notifications in case of incidents. SentinelOne Singularity Cloud Security delivers alerts in seconds or milliseconds. It connects directly with my dashboard. I can see the issue. They also provide critical documentation, helping me address issues. 

It has improved our risk posture significantly. The risk posture improved from 60% to 70% to 90% to 95%. We have better control over the risk posture.

It has reduced our mean time to detect. Previously, it took me around ten to fifteen minutes, but with SentinelOne Singularity Cloud Security, it takes around seven to eight minutes to resolve an issue. There is often a 60% to 70% reduction. It has also reduced our mean time to remediate by about 45%.

Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions.

Another valuable feature is the excellent defense mechanism against ransomware, including rollback features. Their managed service for 24/7 monitoring of the infrastructure for any threats and risks is also valuable.

It is easy to use. A new person can easily understand what SentinelOne does by checking the dashboard. It has an intuitive dashboard and streamlined processes, making it user-friendly for security teams like us.

From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the alert appears on the dashboard, but I have to log in to the dashboard and refresh it. I would prefer it to provide better alerting and notifications so that I can resolve issues on priority.

I have been using the solution for 1.5 years.

I personally did not find any lagging issues or other issues. It is perfect.

It is scalable. I would rate it a nine out of ten for scalability.

They provide excellent customer service, coming to calls very quickly. Their information and technical knowledge are excellent with no comparison to other products I have used.

Positive

We previously used an antivirus product.

The initial setup is quite easy. Their customer support team was also there during deployment. They were knowledgeable, and it took about three to four days to complete deployment and testing.

Its maintenance is handled by SentinelOne. They update it regularly.

We only took help from the PingSafe customer support team for deployment, mostly to address any issues. Four people were more than enough.

I have not found any other solution to be this helpful. After its deployment, I feel totally secure. Everything works smoothly, and I do not need to look into any part. I am tension-free. 

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

We were looking for an XDR solution that we could deploy to all of our computers since all of our users are mostly remote, and we previously had firewalls at branch locations. When workers went somewhere else, it wouldn't provide any protection. We wanted to make sure that they had protection no matter where they went. 

We were trying to cover as many security bases as possible, mostly around malware. A lot of people focus on antivirus, and most of the problems that businesses face are ransomware or malware. I wanted to make sure we had something that was competitive against that.

It's improved the organization in the sense that it's taken a lot off of our plate as far as having to track down trace vulnerabilities and remediate different threats against our end users, especially when they're in different locations all the time. The product gives us peace of mind no matter where our users are. They're always going to be protected if they have the endpoint installed on their computers.

The automation is great. Not having to focus on it is helpful. The portal itself is very easy to use. The amount of granularity that can be configured is really wonderful. There are a lot of things that it can do, however, since we're a small IT team, having it able to automate and remediate different flaws and things like that is very, very helpful.

The real-time detection and response capabilities are excellent. That's pretty much what sold us on it. We had that done in the demo, and we were shown how ransomware can be immediately stopped in real-time. That was huge.

Its automated remediation is useful for us. As a small IT team, that's something that we needed. We don't have time to be able to go in and track down and investigate every time there's a vulnerability. Being able to have it auto-remediate for us and being able to see what's going on is extremely helpful.

The historical data record provided by the product is good. We've seen a few vulnerabilities come through, and it has shown us everything we need to see. I have a somewhat limited experience with the small amount of vulnerabilities we've seen. That said, it seemed to show us everything that we needed to see. It was very good.

It has helped to reduce our organization's mean time to detect by four or five hours. It could be even more, depending on what the vulnerability is. It's at least several hours at this point. The same is true with our organization's mean time to remediate. 

It's helped free up staff time so that they can work on other projects. We're a very small IT team and most of us do everything and it's helped reduce our workload. On average it has likely saved two to three hours a day.

It's also positively affected productivity. Most security solutions can sometimes hold up files from being downloaded and things like that. So far, it's been great. It's been completely transparent to our end users as far as I know. And that those things that it has remediated have been done on the back end and it alerted us admins so as to not affect end users.

The interoperability with third-party solutions has been fine so far. 

Some of the navigation and some aspects of the portal may be a little bit confusing. That could honestly be just due to the fact that we're not used to it yet. 

We just have the cloud-based version. The complete version has some extra deep-dive stuff. There are some features that we don't have or that I would like to have in there, however, we just aren't able to afford that at this point.

I've used the solution for probably two months at this point. We are fairly new to it.

The solution has been nothing but stable. 

The product is deployed across our company and we have 450 users coast to coast. Most of our remote workers are based out of Houston.

It is scalable. As soon as we need to add somebody, we just add them to NinjaOne, and then we have a script set up where it automatically deploys and adds them to whichever group we need. 

We're in a high-turnover industry. It's easy to add or remove people, especially with NinjaOne.

I have yet to use technical support. 

We didn't use an XDR solution. We used SonicWall firewalls and we had a Check Point antivirus for a short time, however, Check Point was very intrusive, and it was difficult to work with.

With this product, everything is centralized. We don't have to go to more than one place to detect or figure out what's going on.

I was involved in the deployment. It was straightforward. We actually used another platform called NinjaOne. The process was very smooth.

We beta-tested the solution with about ten to 15 of our users and made sure it wasn't going to interfere with anything before we pushed it out completely. After testing for a week we pushed it out to the rest of the company.

We had three staff members who managed the deployment. 

It does not require any maintenance. 

We did not use any third parties. We simply used NinjaOne to help with the deployment. 

We have witnessed an ROI. So far, we've saved tons of time having to remediate and detect - things of that nature.

The pricing was competitive. The price was very, very important to us, and it came down to the price when we were doing our evaluations WatchGuard and SentinelOne. They were similarly priced. SentinelOne seems like it's more mature. It was close enough to where it was worth it to go with the SentinelOne.

We also evaluated WatchGuard and a few other options. With this product and WatchGuard, there were not a lot of differences. That said, we did not use both in our production environment. This product seemed to be easier to navigate and was a little more user-friendly as far as finding remediation options, and vulnerabilities. We also had an easy experience with the licensing. WatchGuard's licensing seemed unnecessarily complicated. 

We haven't had to look into the forensic side yet. I did again see that in the demo, yet we haven't in the real world had to do that. Hopefully, we won't have to for a very long time. Therefore, I don't have much experience with that yet.

I'd ask someone who doesn't think that they need a workload protection platform if they have a continuous security monitoring solution in place if whatever they have detects and remediates in real-time. I'd be surprised if there was something else out there that can do what this solution does for cheaper. 

It supports our ability to innovate. We don't have to worry about security aspects. We really get a chance to focus on other things. That's nice for a small department like ours. 

I'd rate the solution nine out of ten. It's been a great fit for our company. There are other solutions out there. This solution, however, is hard to beat.

I have experience in both cloud and developer roles. In my cloud infrastructure role, I focused on the infrastructure itself, not the application level. We deployed SentinelOne Singularity Cloud Security across our cloud and data center environments for security purposes. This tool provided alerts and best practice recommendations, including vulnerability notifications. I would then use the Singularity console to address any issues promptly, which significantly reduced our mean time to resolution.

SentinelOne Singularity Cloud Security has an intuitive dashboard and streamlined setup process, making it user-friendly for security teams.

It categorizes alerts into four levels: critical, high, medium, and low. Singularity Cloud Security automatically prioritizes security concerns, such as ransomware attacks or best practices, eliminating the need for manual intervention and presenting the most urgent alerts.

SentinelOne Singularity Cloud Security is important because its reporting includes proof of exploitability. This is very helpful for engineers as it provides alerts, identifies areas needing attention, and directs us to the relevant documentation.

The benefits of SentinelOne Singularity Cloud Security were immediately apparent after deployment in our data center and cloud environment.

SentinelOne Singularity Cloud Security helps reduce false positives and improves system accuracy through machine learning. The detailed alerts aid in investigating potential threats, enhancing our security posture.

SentinelOne Singularity Cloud Security reduces our mean time to detect.

SentinelOne Singularity Cloud Security offers valuable scalability suitable for organizations of all sizes, from small businesses to large enterprises. Its comprehensive ransomware protection includes rollback features and 24/7 threat monitoring, with managed services providing continuous monitoring and threat hunting.

While SentinelOne Singularity Cloud Security offers robust protection, its cost could be a barrier for some users. Additionally, compatibility issues may arise with older operating systems and legacy environments. Organizations with limited internet connectivity might also face challenges due to the cloud-based nature of the platform.

The Singularity Cloud Security console is experiencing delays in clearing resolved issues, which can take over an hour to be removed from the display.

I have been using SentinelOne Singularity Cloud Security for about two years.

Sometimes, I experience lag issues with SentinelOne Singularity Cloud Security, which might be related to my laptop or Internet connection.

SentinelOne Singularity Cloud Security scales well, making it suitable for organizations of all sizes, from small enterprises to large businesses.

Customer support is knowledgeable about the company's software and operating systems, responding quickly within two to four minutes.

Positive

While GuardDuty and CloudTrail offer some overlapping functionalities with SentinelOne Singularity Cloud Security in cloud environments, SentinelOne provides a more comprehensive and integrated approach to cloud security.

The initial setup was somewhat straightforward but took about three to four days due to the extensive infrastructure involved. Testing added more time to the process.

Our team of six or seven collaborated with a third-party installer and SentinelOne's technical support team.

While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses.

I rate SentinelOne Singularity Cloud Security ten out of ten.

SentinelOne manages the maintenance of Singularity Cloud Security.

We are running the entire cloud base on AWS infrastructure. The major use case for this product is cloud misconfiguration because a lot of changes keep happening in our environment. There are multiple teams and multiple verticals within our organization. We have different verticals across different business units. They have their local IT infrastructure teams, and all these teams are making changes. 

We have IT admins at multiple locations. There is a team of 10 to 12 members. It was a challenge to manage cloud security when they made changes, spun up new servers, or created new instances for new projects. Cloud misconfiguration was one of the major areas where we saw issues because things were not getting created as per the process or security protocol. When they are creating instances, they are not aware of the implications and the security incidents that may happen by keeping certain ports open. They might not be aware of the security issues that may come up. So, cloud misconfiguration was one of the main reasons why we opted for this product.

Another reason was to have a dashboard for the management and for the centralized team. We are a part of the centralized team that is taking care of the entire platform. It is very necessary for us to keep track of the changes and see if any P1 or critical security incidents are open. They are a risk to our organization's security. We wanted to have such visibility. Manually keeping track of those changes and open issues was very difficult for us.

It highlights critical or high-priority incidents. That is helpful. When we have a lot of issues on the dashboard, we can at least prioritize them based on the severity. We target critical incidents first and then move to the high-priority incidents. We still have medium and low-priority incidents on the dashboard. We require some amount of time to fix them. From a reporting perspective, it helps us to prioritize accordingly. We know that at least from a high-impact point of view, we are secure.

We do generic vulnerability scanning whenever there are any new changes or we are building any new applications. We keep the generic vulnerability scanning on whenever any new instances are created, and we run the scan once a week for already created instances.

We have not explored evidence-based reporting much. It is a good feature, but we mostly look at the priority of the incidents. We fix them based on the criticality. The description of the issues and the categorization make it easy to utilize the reports.

It has affected our risk posture. All the critical incidents and high-priority issues have been resolved. We are in a better place now in terms of risk posture. The medium-severity issues still need to be fixed, but earlier, we used to have critical incidents as well. We did not have any visibility into those things. We are now quite confident that we do not have any major security issues. We keep running the scan every week. It helps us to detect any new changes or vulnerabilities in our environment.

We could see its benefits immediately in terms of visibility. Previously, we did not have any visibility into where we were in terms of the security landscape. That benefit was immediate, and then we started fixing the problems and reduced critical issues and high-priority issues. We became confident in our security, and we were able to secure the environment wherever we had an incident. Its benefits were immediate from a visibility point of view, and then it took two to three months to have a direct impact in terms of security.

Singularity Cloud Native Security helped us to reduce false positives. We also have a managed service provider. We took their help to reduce false alarms and other issues. It also helped us to implement some of the best practices while creating any instances or making any changes to any particular instances. We created best practices and standard operating procedures for the infrastructure team. They follow the standard operating procedures while making any changes or creating any instances. We are seeing a drop in the number of issues compared to two or three years ago.

Our remediation time is reduced. Initially, it took some time to identify the remediation steps and what had to be done to fix the problems, but now we know what needs to be done. From a prevention point of view, we now know what we should not do. That has helped with changes that we keep on doing in the environment.

Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues. We created a road map and prioritized the issues based on the criticality of the problem. We have reduced P1s. We have resolved any critical incidents that came up in the dashboard. We still get high-priority incidents, and we keep on prioritizing and fixing them. That is because we have visibility into the open issues that we have. Management is also happy. They are aware of the things that are coming up on the dashboard. They are aware of the impact and the risk. We did not have this visibility previously. All the teams that are a part of IT are aware of the importance of it. It has been included as part of our software development cycle.

It is very easy to use. The user interface or the dashboard is quite simple. It clearly shows you the type of issues that are there. It also breaks down and groups them into the types of issues. If I have 100 issues on the dashboard, it categorizes them. Out of these 100 issues, 50 of them might be related to the same category. If I choose one of the high-priority incidents and fix them, all 50 issues might get fixed. This way, it is a bit easier for us to target specific use cases and resolve a lot of underlying problems. The descriptions are helpful. It gives us information about how to resolve a particular problem. It is easier when the tool itself tells you what you have to do to fix an issue. You can then research more and get it done. It is quite simple. Even the leaders who are not very technical can understand what is the impact and what is causing the problem.

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing that a new type of risk has been identified.

We use Jira for pushing any changes. If any kind of integration is possible between Jira and the Singularity Cloud Native Security dashboard, it will be easier for us to track. Before approving in Jira, I can ensure that any issues in Singularity Cloud Native Security are closed. Such an integration will be helpful.

Its pricing model is a little bit inflexible. Different organizations have different structures. We have multiple business units. Based on the different verticals, we have to create different subscriptions for them. If I create a new subscription and add it to Singularity Cloud Native Security, as per the current licensing model, I have to pay more for that. It should not be like that. It should be based on the number of servers. This kind of flexibility would help customers like us.

It has been close to two years since we have been using this solution. Prior to this, we were working with CrowdStrike, and then we migrated to SentinelOne two years back.

I have not seen any issue with Singularity Cloud Native Security.

If any slowness is there, we will probably wait and run it after half an hour or one hour. Nothing major has been highlighted to me or has been a blocker as such. The pricing model is the only thing that would be a concern. 

We take help from our managed service provider. If we have to fix any particular problem that we are not aware of or do not have the expertise for, we get help from the managed service provider. They have a service team with experts. They get it done for us.

We did not directly use any other solution. We have a managed service provider. We have taken their help, but it was more of a tool that they used at their end, and then they shared a report with us. Based on that report, we took action. It was not a regular thing that we used to do. Once in a quarter, we would probably allow them to scan and send us a report. Based on that, we used to take action. That was the process that we used to follow earlier.

Its implementation was a little bit difficult because it was a new tool that we were using. It takes time to understand the issues, specifically in terms of what has to be done to fix them. Aligning all the teams was a little bit difficult for the initial two to three months, but once we understood the product and what needed to be done for the issues that were getting highlighted in the dashboard, it was easy.

Initially, we had to do a lot of sessions to bridge the gap. That was because this initiative was taken by the Cloud Security team and the DevOps team. We needed a lot of patience to collaborate with the engineering or development team. A lot of the issues required help from the engineering team in terms of making changes at the core level as well. It took one or two months of time to do sessions with the developers and create SOP within the development life cycle itself. Overall, the support from the leadership was quite good. All the leaders agreed that this is a very important change that we are bringing into the organization, and it will be an ongoing thing that we need to follow. We have also added it as part of the SDLC. We use Jira to manage changes and defects. We have added security as one of the flags over there. Someone from the InfoSec team has to give a sign-off for any changes that are happening. If a project is going live, he has to check any open issues in Singularity Cloud Native Security. He has to give a sign-off before the project goes live. That is one of the changes that we have pushed in terms of the product life cycle itself, and that has helped to align different things. Unless they get a sign-off from the InfoSec team, it cannot be deployed. Everyone knows the process now. It is a part of the cycle.

It took at least 45 days to deploy and utilize all the features. We did not do it in one go. We did it phase-wise. We opted for one subscription, and then we slowly deployed it across other subscriptions.

It does not require any maintenance from our side. We have a managed service provider, and they are keeping track of it. There is no additional maintenance as such. We just have to keep track of things. It is more of a process adherence and making sure that we keep a check before we push anything into production.

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native Security, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of Singularity Cloud Native Security was low. 

Singularity Cloud Native Security is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning. There should not be an extra charge for adding a subscription, and the pricing should be based on the number of servers that I am scanning.

We are not using Singularity Cloud Native Security's Offensive Security Engine. We used the Infrastructure as Code (IaC) Scanning initially. When the demo was given, we had to use that scanning, but it is not something that we keep running on a regular basis.

Overall, I would rate it a nine out of ten. I am quite happy with the service and the value that it provides. The one point that I am not giving is because of the pricing model. If it had a more flexible pricing model, I would rate it a ten out of ten.

We currently use Cloud Native Security for cloud security posture management, leveraging both the CWP module and the authentication security tab. While we regularly utilize these features, we're planning to onboard the cloud detection and response module, along with the ISIS scanning functionality.

We implemented Cloud Native Security as a secondary control measure to complement our existing security posture. In our Prisma Cloud environment, we have a detection score threshold set at 70 or above. As Cloud Native Security was a new entrant in the market, we wanted to evaluate its capabilities. Fortunately, Cloud Native Security's unique features and policies proved valuable. For instance, Cloud Native Security detected an alert when a developer accidentally committed VS Code files to a public GitHub repository. This helped us promptly remove the VS code from GitHub.

Cloud Native Security is easy to use.

The feature that has been most effective in threat detection for our cloud environment has been the cloud visual attack tab.

Our cloud security is managed by Intel and Azure Entra. We download a report from them and send it to our team to address any identified issues.

I appreciate that Cloud Native Security incorporates evidence of exploitability into their reports, making them more reliable.

Cloud Native Security's offensive security engine excels at validating potential exploit paths and prioritizing the most critical vulnerabilities. This enables us to proactively identify and address these risks, ultimately strengthening our security posture.

Cloud Native Security has helped reduce our false positives. We can investigate and mute any false positives so they don't appear going forward.

Cloud Native Security helps us actively identify threats, ultimately improving our security posture.

Cloud Native Security has reduced our mean time to detect by 10 percent.

Cloud Native Security facilitates collaboration between our cloud security application developers and AppSec teams. This collaboration is further enhanced by a shared console that provides visibility into all active tickets. This transparency helps to reduce redundant requests, saving time.

Cloud Native Security offers a valuable tool called an offensive search engine. This tool has been helpful for us. It allows us to search for vulnerabilities and provides evidence directly on the screen. Additionally, Cloud Native Security offers a feature called Graph Explorer. This feature allows us to drill down into specific resources, search for them on the console, and view details such as open security rules and graph features.

While only 5 percent of our workload resides on the Google Cloud Platform, we would still like Cloud Native Security to be configured with automatic remediation capabilities for GCP.

In Prisma, there's a dedicated tab for managing high and medium-severity alerts. This allows us to easily enable or disable specific policies based on our current needs. With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case.

I have been using Cloud Native Security for six months.

I would rate the stability of Cloud Native Security 7 out of 10.

The only downtime we had was when switching from V1 to V2 but it was smooth.

I would rate the scalability of Cloud Native Security 8 out of 10.

The technical support is good.

Positive

For the past three years, Prisma Cloud has been our go-to security solution. Recently, we've added Cloud Native Security to our toolkit to further strengthen our security posture.

The initial deployment was straightforward. First, we onboarded the UAT account. Then, we added our product support account and other accounts. We then tested the UAT environment accounts. The entire deployment took one week to complete. Two people were involved in the deployment.   

I would rate Cloud Native Security 9 out of 10.

Our primary cloud security monitoring solution is Prisma Cloud by Palo Alto Networks, with Cloud Native Security as a secondary control measure.

We have 19 users overall in our cloud security team that utilize Cloud Native Security.

The only maintenance required is for updates.

I would recommend Cloud Native Security to others.