SentinelOne Singularity Cloud Security Reviews

We use PingSafe to identify threats and vulnerabilities in our AWS accounts and the compute resources that are hosted on those cloud accounts.

We implemented PingSafe to address network-related issues, such as communication between individual components (part-to-part or node communication). PingSafe's Graph Explorer feature also helped us understand the overall network landscape, including the attack surface. This feature allows us to discover and explore various components within our AWS environment. In essence, PingSafe helped us identify how different networks connect and how microservices within our system interact with each other.

We've implemented PingSafe across all our core companies, including acquisitions. Previously, managing separate AWS accounts for each company with dedicated DevOps and security teams was a significant challenge. PingSafe helped us consolidate these accounts into a single platform, simplifying the process. Now, we can easily track key security metrics. For instance, PingSafe provides frequent alerts for critical events such as publicly exposed instances or security groups with significant traffic changes from any source. Monitoring these elements across multiple accounts and security groups was previously difficult without a centralized platform. PingSafe has been instrumental in streamlining this process.

We recently made some changes to our information systems. PingSafe helped identify instances that were inadvertently made public. This identification is important for compliance purposes, as it allows us to track how well these public instances adhere to regulatory frameworks.

PingSafe's compliance monitoring capabilities have provided us with some benefits, particularly in understanding our overall security posture. However, it's important to note that PingSafe only monitors our cloud infrastructure. There might be internal deployments with compensating controls that address missing controls identified by PingSafe (e.g., control X is missing but mitigated by internal control Y). These internal controls wouldn't be visible to PingSafe. Therefore, while PingSafe provides a valuable starting point at the surface level, manual review is necessary to ensure complete compliance coverage.

PingSafe is easy to navigate. Its menus are straightforward and intuitive, making the overall user experience smooth.

One of the key benefits of PingSafe's evidence-based reporting is its proof of exploitability. This feature allows us to prioritize vulnerabilities that have been demonstrably compromised and take immediate action to mitigate the risks.

The offensive security engine feature constantly scans and lets us know if any vulnerabilities in our environment can be exploited. While the offensive security engine for verifying exploit paths and prioritizing breach control is valuable, it lacks context awareness. For instance, it might flag something we intentionally made public, like a new website for an upcoming event. In those cases, we can safely ignore the alert. Overall, the engine is a useful tool. We extract the information it provides and prioritize it. A dedicated team reviews the alerts and, if necessary, escalates them to our DevOps team for further action.

By centralizing cloud infrastructure monitoring with PingSafe, our security team's productivity, and MTTR have been significantly improved.

Over time PingSafe has reduced the number of false positives by 40 percent.

PingSafe has significantly improved our organization's risk posture. Since implementing it, we've been able to assess the risk associated with recently discovered CVEs much faster than before. This efficiency is due to PingSafe's proactive identification and scanning capabilities. Now, we start each day with a clear summary of potential risks, allowing us to prioritize effectively.

PingSafe has reduced our mean time to detection by 90 percent. This is because it scans every day and sends us real-time email alerts, allowing us to take immediate action.

PingSafe has reduced our mean time to remediation by 40 percent.

We have a dedicated channel where we collaborate with PingSafe and our internal teams.

The collaboration helped save our engineering time by 60 percent.

PingSafe's user interface and ease of use have had a positive impact on our security operations. For example, we recently needed a list of assets deployed in a specific GN in a cloud account for a particular incident. We went straight to PingSafe and were able to quickly obtain the assets along with a map of the security groups linked to them. The UI's simplicity helped us save significant time by eliminating the need to search for information manually.

Notifications about the latest vulnerabilities are a valuable feature. PingSafe automatically updates itself with the newest threats and scans our infrastructure across all integrated data accounts for them. This is helpful because it's difficult to keep up with the volume of CVEs, especially the critical ones.

The UI is responsive and user-friendly.

There's room for improvement in the graphic explorer. We'd like something that helps us visualize traffic between different ports and containers. Currently, we can see host networking, like communication between instances or perhaps within Kubernetes. However, we're looking for a tool that can also visualize port-to-port communication and display it as a graph. This would give us a clearer picture of our network traffic and help strengthen our network security.

The dashboard currently displays CVEs, but it would be beneficial to receive proactive email notifications in addition to this.

I would also like to have runtime security in PingSafe.

I have been using PingSafe for 7 months.

I would rate the stability of PingSafe 9 out of 10.

I would rate the scalability of PingSafe 8 out of 10. We can easily add new cloud accounts.

The technical support response time is good. For feature requests, they can be a little slow.

Positive

The time invested in security operations for threat detection and monitoring has yielded a return on investment of 70 percent. We've also seen a financial benefit by avoiding the need for additional staff to monitor and correlate all database accounts individually by 40 percent. PingSafe automates these tasks efficiently.

PingSafe is less expensive than other options.

I would rate PingSafe 8 out of 10.

We're planning to integrate PingSafe with our CI/CD pipeline and Slack. Currently, our only integration is with an email system, which means we receive alerts and notifications via email. We're evaluating the effectiveness of this approach. Integrating with tools like Jira or Slack could help manage the issue of false positives and notification overload, which currently requires the manual closing of alerts. We're still assessing the best course of action, but integration with Jira is a strong possibility.

Around 15 people from our security and DevOps teams use PingSafe. PingSafe is a SaaS that is integrated with our main company and all our acquisitions.

PingSafe does not require maintenance from our end.

I recommend PingSafe to others for its cloud security capabilities. I particularly appreciate its offensive security approach. Coming from an offensive security background, I find PingSafe excels at identifying real threats that we can address immediately. This proactive approach is a major advantage of PingSafe. While the defensive side might involve some assumptions and possibilities, I believe the offensive capabilities are the key reason we use PingSafe.

As a financial institution, we rely on PingSafe as our single source of truth for both CSVM and CWPP data. PingSafe provides us with essential security benchmarks, including those for Kubernetes deployments and CSVMs. It also allows us to monitor our overall cloud security posture and identify vulnerabilities for remediation. PingSafe serves as a centralized platform for all our cloud security metrics.

We rely on PingSafe for all our reporting needs. It serves as a comprehensive tool for vulnerability management, ISC management, and reporting on hard-coded secrets. Additionally, it functions as a source for vulnerability identification.

The security engine provides a large vulnerability database. While it's not exhaustive, it's a valuable resource due to its significant size and well-organized data. This database allows for effective security management and vulnerability identification.

I would rate PingSafe's meant time to remediation abilities a 10 out of 10.

PingSafe helps the collaboration between our cloud security app developers and AppSec team.

The user interface is well-designed and easy to navigate. Our security team relies on it for several tasks. They can use it to retrieve Jira tickets and assign them to the appropriate teams for resolution. This functionality helps them identify and address vulnerabilities efficiently.

I'm not convinced that PingSafe's features offer significant value for our SecOps team. While it might be useful for stakeholders and management to have a tool that aligns with business goals and provides insights, we could potentially achieve this with open-source CSPM tools. In its current state, I don't see PingSafe directly addressing our specific needs.

While agentless vulnerability scanning is a positive feature, PingSafe lacks the ability to effectively group and customize the provided metrics. This creates a significant limitation, as we cannot easily create the specific metrics that are most useful for our needs. For example, if we want to group a specific set of metrics by a particular label or namespace, there is no straightforward way to do so within PingSafe. The UI offers visualizations for the provided metrics, but it lacks the functionality to segregate and customize them. This inability to create user-defined metrics is a major drawback of PingSafe.

PingSafe helped reduce the number of false positives in the previous version of PingSafe 1.0. Users reported a high volume of false positives with the newer version, and it wasn't clear how PingSafe 2.0 would address this issue. Additionally, users have to manually mute many false positives in PingSafe 2.0, which is a significant drawback.

I would rate PingSafe's mean time to detect ability a 6 out of 10.

While Cloud Security Posture Management tools offer valuable functionality, selling a product solely based on open-source CSPM solutions can be challenging. To differentiate themselves, PingSafe should focus on two key areas: security and workload protection within the CI/CD pipeline. Firstly, PingSafe needs to provide robust security features beyond basic CSPM capabilities. This could involve advanced threat detection and mitigation functionalities. Secondly, workload protection within the CI/CD pipeline is crucial. Here, PingSafe should offer insightful metrics that are well-organized and allow for user customization. This means providing granular control over metric segmentation. Users should be able to define their own metrics and choose how they want them aggregated. Ideally, PingSafe should allow users to import custom metrics and create custom segregations based on their specific needs, such as namespaces or custom levels. For example, if PingSafe gathers metrics from Kubernetes clusters, users should be able to define their own metrics alongside the pre-defined ones and organize them into relevant categories. This level of customization allows stakeholders to focus on the metrics that matter most to them, potentially reducing the overwhelming volume of data from thousands of records to a more manageable set of hundreds. In conclusion, PingSafe should prioritize UI improvements and offer advanced data segregation capabilities to truly stand out in the marketplace. This will empower users to tailor their security posture management experience to their specific needs.

PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process. Providing comprehensive documentation with clear and abundant examples would greatly enhance the user experience for new customers. This would empower them to set up their clusters efficiently and effectively.  

I have been using PingSafe for 1.5 years.

PingSafe seems to be stable, with no reported crashes. However, there's also not a lot of traffic going through the service. It's unclear exactly what PingSafe does internally.

There aren't many users who actively add technical details to run PingSafe's tools. Additionally, it seems we don't actively incorporate new features. Ideally, clients should share proper answer keys so we can identify if their app crashes.

If we could onboard more users, we could potentially gain access to more resources. However, a recurring issue is missing data. Clients sometimes provide extensions, but clicking on them reveals no information. This lack of data is a significant drawback, even though the system itself seems stable.

PingSafe is scalable and supports multiple tenancies with no drawbacks.

As a mature organization, we expect a higher level of service from our technical support providers. Unfortunately, we've found that the responses from PingSafe's technical support team have been repetitive and not particularly helpful, especially considering the cost of their services. 

Neutral

The initial deployment is straightforward.

It doesn't take more than 30 minutes to deploy PingSafe into an organization using any cloud platform.

One person can complete the deployment. 

PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price.

I would rate PingSafe 5 out of 10.

Our organization primarily relies on our internal scanning tool for IaC security. While many industry tools utilize open-source IaC scanning solutions under the hood, we haven't found significant value in adopting PingSafe's specific IaC offering. This solution might be more beneficial for organizations lacking dedicated SecOps teams, but its additional cost is a factor to consider.

It should transition from an agent-based system to an agentless one. This is crucial because many industry tools are moving in this direction, and PingSafe should follow suit. They should also introduce more features, improve security compliance, and place greater focus on Kubernetes, RBAC systems, and visualization. If they do choose to maintain an agent-based system, they should significantly improve their metric collection capabilities. This would be beneficial because currently, customer response times seem to be slow. By addressing these requirements, PingSafe can ensure continued growth.

We use Singularity Cloud Workload Security to protect all our servers from malware, both present and future. We also use it to protect our user endpoints, such as workstations and employee laptops.

We recently switched from Windows Defender to SentinelOne endpoint protection after a few of our laptops were infected with malware. SentinelOne has been protecting our laptops, endpoints, and servers for two years now, and it has performed well in internal and external audits.

We currently have a hybrid Active Directory environment. SentinelOne itself is a SaaS-based product, so it is fully cloud-based. However, we need to install agents on all of our endpoints and cloud services.

Singularity Cloud Workload Security has real-time threat detection capabilities. We have tested it with multiple clients and ourselves, and it has detected malware every time we have been attacked. Compared to other major security vendors, Singularity Cloud Workload Security had the best detection rates for all the malware we threw at it during our proof of concept.

Automated remediation is policy-based, which makes it very useful. The SentinelOne platform gathers all information about how the threat played out and all the changes that were affected on our system. Using this information makes it very easy to remediate all the damage because we know what happened. Automated remediation is amazing and a key differentiator from other competitors.

For Linux kernels, the agent supports almost all platforms, including legacy Windows, macOS, and Linux. We have a few Linux servers, and the mitigation and all the other features work just as well as on the other operating systems.

Using the Deep Visibility Console, we can thoroughly investigate everything that was called or changed on a computer. This gives us visibility into virtually everything that happens on all of our endpoints at all times, in real-time. This has allowed us to find threats that other vendors would have missed. We can also use the Deep Visibility Console to perform threat hunting. For example, if a threat has been moving around our network, we can track it down to see exactly where it is moving to and how it is working.

The historical data record provided by Singularity Cloud Workload Security after an attack is good. For data retention in terms of threats, we have a one-year retention period. This is a long time, and it is very useful for our insurance policies, as we often need to comply with them. For compliance purposes, the one-year retention period is perfect for us. For visibility logs, for example, we are ingesting some logs, and I believe the retention rate is actually fourteen days.

Singularity Cloud Workload Security has reduced our MTTD. Previously, with Defender, it would sometimes fail to detect threats. Now, we detect and remediate many more threats automatically, almost instantaneously. For example, if we download a malware file, we usually cannot even open it because Singularity Cloud Workload Security detects it automatically with a super-fast response time.

Our MTTR is automatic. As soon as a threat is detected, remediation is performed automatically, according to our policy. We can even generate a report of the remediation and all affected files. This allows us to see everything and ensures that remediation is performed quickly.

Singularity Cloud Workload Security has freed up our SOC staff's time to work on other projects. Before, we were considering hiring a 24/7 SOC team, but with SentinelOne's vigilance package, they take care of almost everything for us. We no longer need an employee to monitor logs and threats 24/7.

Since we are freeing up some time from the operations side, our IT administrators and security personnel do not have to constantly monitor the console to see what is happening. Because we trust the product to take care of malware for us, our productivity has definitely increased. We only check the logs once a week.

Singularity Cloud Workload Security works well with other vendors, so we can even have two EDR solutions if we want to. The exclusions can be done through the console, which is very easy to use. It gives us a list of all the applications that we have installed on all our systems and makes it easy to create different types of exclusions. For example, we can create exclusions for performance reasons or to suppress alerts. There are a lot of options, and they are all very easy to use.

My favorite feature is Storyline. It creates a neat graph that shows us how any threat played out, in real time. We can see all the information about what was modified or changed on our system, such as files that were modified, created, or deleted, and register keys that were created or edited. For a SOC analyst, this information is super useful. We can deep dive into all the information and see exactly what happened on each computer individually.

The second feature is actually part of the SDR platform, and it provides native integrations with other security software vendors, such as Okta or Azure AD. This allows us to ingest all of our audit logs for security events and to take action on them. For example, we can set up an automation alert so that if a threat is detected on an endpoint, we can automatically take action on our Okta or AD environment, such as locking the account that was signed in or forcing a password reset.

I know that SentinelOne is working on additional integrations for their XDR platform, and I would definitely prefer more integrations. I understand that many more integrations are coming soon but by the end of the year. I would like additional integrations. Currently, we have integrations with Azure AD, Okta, Mimecast, and Netscope. Many of our clients and we also use firewalls from Cisco, Juniper, and so on. It would be helpful to be able to retrieve audit logs or actionable items from these firewalls.

I have been using Singularity Cloud Workload Security for two years.

Singularity Cloud Workload Security is stable, and we have not experienced any downtime. 

The stability of Singularity Cloud Workload Security is similar to that of Microsoft Defender.

Singularity Cloud Workload Security is infinitely scalable, with a multi-tenancy feature that allows us to have multiple sites, such as physical sites. For example, if we have two locations, we can easily create admins who have access to only one site or to all sites. It scales really well, regardless of our environment.

The auto-scaling feature is user-friendly. As we install more endpoints, they will simply show up in the console, allowing us to create our own physical sites with their own admins and different policies.

My interaction with technical support was pleasant. They gave me a few tips on how to integrate the new system. They also sent me some documentation, which was already available to me, but they saved me the time of searching for it. They even offered to schedule a team call to discuss the integration and have a team member help us directly. The only downside is that the entire interaction was text-based, so it could be difficult to get a definitive answer to some questions.

Positive

We previously used Microsoft Defender, but some of our laptops were infected with malware anyway. Because of this, we had to redeploy all of our laptops. We therefore concluded that the solution was not working as well as it should in terms of detection and response so we switched to Singularity Cloud Workload Security.

Deployment was straightforward. The agent is simple to deploy, and we only need to deploy it to all of our endpoints. It is a simple installation that requires our site token. We can deploy it through group policies, Intune, or any mass deployment software. I completed the deployment myself.

We evaluated CrowdStrike, Carbon Black, and Bitdefender, and found that Singularity Cloud Workload Security had a much better remediation process. This is because Singularity Cloud Workload Security uses AI-powered detection and remediation, instead of relying on human analysts. This means that threats can be detected and remediated much faster than with traditional security solutions. Another factor that influenced our decision was pricing. SentinelOne is not too expensive compared to other providers, and it offers a wide range of integrations with other security products.

I would rate Singularity Cloud Workload Security nine out of ten.

Maintenance is minimal, requiring only occasional updates. When a major update is available, we receive an email notification. We then accept and deploy the update to all eligible endpoints through the console.

Singularity Cloud Workload Security is very easy to deploy and has one of the best detection rates among vendors. It has a very user-friendly UI that provides a high-level overview of current threats and system status, as well as the ability to drill down into analytics and threat indicators using the visibility console. It is so user-friendly that anyone can use it, regardless of their expertise level. However, for more experienced users, there is also the option to dig deeper into the data.

Singularity Cloud Workload Security helps us spend less time on threats and more time on our core competency, which is consulting work. This definitely improves our productivity and innovation.

We use SentinelOne Singularity Cloud Security for real-time alerts, enabling us to address potential threats proactively.

SentinelOne Singularity Cloud Security was implemented to enforce best practices, monitor runtime activity, and expedite troubleshooting.

SentinelOne Singularity Cloud Security provides easy-to-follow documentation on the steps required to resolve issues.

It offers a user-friendly experience with a centralized console for managing assets and delivering devices.

Singularity Cloud Security provides a real-time inspection for organizational growth, which makes it suitable for both small and large enterprises. It is interactive and easy to navigate, simplifying self-service.

Singularity Cloud Security's most valuable features are its ease of scalability and comprehensive security measures.

Singularity Cloud Security has a centralized console for managing assets and delivering devices.

Singularity Cloud security supports various cloud engines, such as Azure and AWS.

Once fine-tuned, Singularity Cloud Security reduces false positives by 80 percent.

Singularity Cloud security improves our risk posture. We have not had any security issues.

It has reduced our mean time to detect by up to 20 percent.

Our mean time to resolve has significantly improved with the implementation of Singularity Cloud security. Previously, our MTTR ranged from 15 to 20 minutes, but now it has been reduced to 5 to 7 minutes.

Singularity Cloud security has been a valuable asset to our application developers and AppSec team. Its support for various cloud platforms and user-friendly interface have greatly improved our security posture.

While SentinelOne offers robust security features, its higher cost may present a challenge for budget-conscious organizations. Additionally, some users have reported experiencing delays in issue resolution due to slower response times from the support team.

I have been using SentinelOne Singularity Cloud Security for around two years.

I would rate the stability of Singularity Cloud Security nine out of ten.

I would rate the scalability of Singularity Cloud Security ten out of ten.

Sometimes, the response time of the support team is lagging.

Neutral

The initial deployment was straightforward and took three days to complete.

Their customer service support team was on the call with us. Our team leads and technical people were there, and they jointly deployed Singularity Cloud Security on the data center as well as on the cloud.

Before SentinelOne, I used to take around 15 to 20 minutes to resolve an issue. After implementing SentinelOne, it takes about five to seven minutes.

SentinelOne is more expensive compared to other security solutions.

I would rate the cost a seven out of ten with ten being the most costly.

I rate SentinelOne Singularity Cloud Security a nine out of ten.

Singularity Cloud Security is deployed across our infrastructure, and we currently have 13 users.

I would recommend SentinelOne Singularity Cloud Security to other users for security purposes.

SentinelOne's Singularity Cloud Security streamlines our cloud security by minimizing false positives. Previously, we were inundated with alerts from various sources like AWS Cloud and Microsoft Defender, making it difficult to distinguish real threats. Now, with Singularity's cloud-native security, I can confidently address genuine threats and efficiently alert my team about relevant Defender policies.

We implemented Singularity Cloud Security to reduce the number of false positive alerts we were receiving.

I would rate the ease of use a seven out of ten.

The Proof of exploitability in evidence-based reporting helps us during our investigations.

The IaC scanning helps identify preproduction issues.

By analyzing alerts from various channels against our defined security policies, Singularity Cloud Security significantly reduces false positives. This allows our team to focus on real threats, and when a rare false positive does occur, we can quickly notify the security team to refine the relevant policy.

Our false positives have been reduced by over 80 percent.

It has improved our risk posture.

Singularity Cloud Security has improved our mean time to detect by 20 percent and has improved our remediation time by allowing us to see the details of the vulnerabilities in one place.

Singularity Cloud Security has saved our engineers around 25 minutes of time.

The key strength of Singularity Cloud Security lies in its ability to pinpoint vulnerabilities in our cloud accounts and identify suspicious activity that warrants further investigation.

Unlike Prisma, which schedules feature additions for its next roadmap release, Singularity prioritizes user feedback and strives to implement feature requests as quickly as possible.

Singularity Cloud Security currently lacks a break-glass account function, which is a critical component for implementing Single Sign-On as it allows for regaining access in emergencies.

I have been using Singularity Cloud Security by SentinelOne for one year.

I would rate the stability of Singularity Cloud Security six out of ten. There are times when I click on a topic and it freezes.

I would rate the scalability of Singularity Cloud Security seven out of ten.

The response time needs improvement.

Neutral

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

There are ten users in our organization.

No maintenance is required from our end.

I recommend Singularity Cloud Security. After using the solution for a year and a half, our organization has found it valuable in identifying vulnerabilities within our environment.

Our company relies on Cloud Native Security to fortify the security of our cloud accounts spanning various environments, such as AWS, AZURE and Google Cloud. Cloud Native Security provides timely alerts upon identifying vulnerabilities within our cloud infrastructure services, such as security groups and data encryption, empowering us to prioritize and address them promptly.

Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it. 

Since implementing Cloud Native Security, our security team has engaged in robust discussions on enhancing compliance with key regulatory standards such as SOC, ISO, and other pertinent IT infrastructure-related guidelines. As a result of these proactive measures, our security posture has seen a remarkable improvement, reflecting our commitment to maintaining a secure and compliant environment.

Cloud Native Security plays a major role in compliance. IT companies must maintain our company's security level to achieve ISO-based certifications. We are so proud of the changes we have made using Cloud Native Security. We've implemented many of the controls Cloud Native Security recommended, helping us maintain a high security standard. Fintech companies must maintain security best practices overall in our infrastructure. 

Cloud Native Security offers suggestions about best practices for security, and we've implemented them all. It's helpful for companies hosting their applications in the cloud configuration. This tool enables us to record unauthorized actors or security failures. Everything is reported in Cloud Native Security, allowing us to rectify mistakes and misconfigurations.

When security threats occur, Cloud Native Security immediately alerts us through various communication channels. It has several modules, including cloud misconfigurations, container security, Kubernetes, vulnerability management, infrastructure code scanning, and cloud detection and response. It also tells us when unauthorized API calls are occurring. Everything is recorded in Cloud Native Security, and it alerts us about what is happening in the account. The detection time for critical alerts is almost instant. We'll see it in under two minutes. 

The solution saves the company a lot of time. Responding to alerts can take up a lot of our team's bandwidth. But there is a feature of their remediate that helps the bandwidth of our engineering team to fix the issues when we used Cloud Native Security as a team member. They helped us fix the issues and saved a lot of bandwidth for our team.

My top preferences revolve around infrastructure-as-code scanning and Kubernetes security. With infrastructure-as-code scanning, we catch errors or inadvertent inclusion of sensitive data in our code prior to deploying infrastructure via Terraform. As we continue to leverage Terraform for infrastructure deployment, alongside embracing new technologies to stay aligned with industry advancements, these features play a pivotal role in maintaining our security standards and workflow efficiency.

Cloud Native Security helps us detect vulnerabilities when deploying infrastructure.  We use Cloud Native Security to monitor all our cloud infrastructure and accounts. It continuously scans whether or not we have the agent installed. It's something like a role. You can configure an IAM role that provides access to Cloud Native Security to scan. It enables seamless connectivity with any cloud environment.

The Offensive Security Engine has helped us to discover some breaches.
You can see across the cloud domain in Cloud Native Security. For example, the dot com map can cover multiple servers internally. Cloud Native Security flags all URLs exposed to the public and other vulnerabilities. When we get alerts from the Offensive Security Engine, it has some internal debugging tools the developers can use. 

The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud. 

I have used Cloud Native Security for three years.

Cloud Native Security is highly stable. 

Cloud Native Security is scalable. 

I rate Cloud Native Security support nine out of ten. They solve issues within the agreed-upon period. They're impressive. 

Positive

We previously used the native AWS tools like Inspector. Cloud Native Security is impressive compared to those. 

It's easy to integrate Cloud Native Security and onboard all our cloud accounts. Before implementing, we tried to have all the security best practices in place. If you do that, it's easier to fix the vulnerabilities when Cloud Native Security detects them. Deployment took about five or six minutes. 

We opted for Business Plan at an affordable rate, providing excellent value for your investment. While I'm not entirely certain, I believe the monthly cost is around 180,000 rupees.

We looked at Trend Micro and some other options.

I rate Cloud Native Security nine out of ten. Use this tool if you want to keep your cloud applications secure.

We use SentinelOne Singularity Cloud Security to enhance the security of our cloud and data center infrastructure. Its primary functions include providing alerts and guiding the implementation of best practices for cloud security.

To enhance our security posture, we implemented SentinelOne Singularity Cloud Security, as we lack a dedicated managed service for continuous environmental monitoring.

SentinelOne Singularity Cloud Security is easy to use. It offers an intuitive dashboard making it user-friendly.

The evidence-based reporting is helpful for navigating the evolving threat landscape. It enables us to implement security measures proven to reduce risk.

The inclusion of proof of exploitability in its evidence-based reporting fosters stakeholder trust and reduces reliance on human intervention.

SentinelOne Singularity Cloud Security has a minimal impact on system performance compared to traditional antivirus solutions and helps meet compliance requirements by maintaining detailed logs and audit trails.

It has reduced our false positive rate by 20 percent and has significantly improved our security posture by providing comprehensive visibility into all activities across our infrastructure.

SentinelOne Singularity Cloud Security has decreased our mean time to detect by 60 to 70 percent.

Singularity Cloud Security offers autonomous response capabilities, automatically remediating threats and restoring affected files without manual intervention. Its AI-powered threat detection utilizes advanced AI and machine learning to identify and respond to threats in real-time. Its scalability makes it particularly beneficial for small organizations.

The SentinelOne customer support needs improvement, as they are sometimes late in responding, which is critical in a production issue. Cost is also an area for improvement as it must be more affordable, particularly for smaller companies.

We have been using SentinelOne Singularity Cloud Security for almost one year.

I rate the stability of SentinelOne Singularity Cloud Security as eight out of ten. There are no major bugs, glitches, or downtime issues.

I rate the scalability of SentinelOne Singularity Cloud Security a nine out of ten. It is very scalable and suits our needs.

The technical support team's response time is slow at times.

Neutral

SentinelOne is far superior to our previous solution, Accops, due to its seamless updates, effortless maintenance, and user-friendly interface and dashboard.

The initial setup can be slightly time-consuming, requiring about two to three days for deployment on both cloud and data center infrastructure.

SentinelOne Singularity Cloud Security is costly. I would rate the price an eight out of ten, with ten being the most expensive.

I rate SentinelOne Singularity Cloud Security a nine out of ten.

SentinelOne Singularity Cloud Security is deployed across multiple departments in a single location. We have 14 direct users of the tool.

SentinelOne manages the maintenance for Singularity Cloud Security.

I would recommend SentinelOne for security, as it is easy to use. Even without technical knowledge, users can manage it through the dashboard and provided documentation.

We use PingSafe to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. PingSafe finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. 

PingSafe is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack. 

When I joined the organization, we didn't have this kind of security tool in our infrastructure. PingSafe helps us secure any resources that were mistakenly made public and other vulnerabilities. Initially, we were primarily focused on projects, not on the security side, but we were dealing with some system vulnerabilities that hackers could exploit, like publicly accessible resources. The detection is highly granular. It gives you small vulnerabilities and very new types. 

The PingSafe team will help you reduce false positives quickly. When we first used PingSafe, false positives were high, so we contacted the team. They did some testing and modifications, and the problem was solved in one or two days. 

The mean detection time has drastically reduced. The detection time varies depending on what we're scanning. When we're scanning GitHub, it takes 7 to 10 minutes. On the cloud platforms, it depends on resource availability. It takes 10 minutes on the high end, but the mean is about 1 or 2. Overall, it has been reduced by about 10 percent. 

The remediation time is up to us. PingSafe just detects it, but it gives us an assessment and recommendations, making it easier to resolve. When we fix a vulnerability for a particular resource, the issue will not occur again. 

PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub. Using PingSafe's evidence-based reporting, we can rank the severity of issues as critical, high, medium, etc. Having the ability to prioritize security issues is crucial for any organization. 

One good thing about PingSafe is that it gives you a consolidated view of compliance and vulnerabilities. We can follow PingSafe's guidance and comply with those use cases. When you get an alert, they explain how to resolve those issues. 

The user interface is excellent because we see everything in a single panel and can manage all the operations from one portal. It's integrated with Slack, so we can coordinate on the open tickets. We can also mute notifications. The interface is straightforward and easy to use. Anyone can use it.

The offensive security engine is a helpful feature in cases like when a developer leaves some API element exposed, and we can view the potential exploit path. It's helpful when we are deploying any AWS account or service because all our systems depend on AWS.  When the service is initially deployed, we can see what happens and get all the details about anything that depends on it. 

When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again. 

We have used PingSafe for more than 2 years.

I rate PingSafe 9 out of 10 for stability. We've never had any glitches. 

We've had no issues with scalability. We've onboarded about 6 or 7. There is no digital investment. You can integrate multiple accounts from various providers. 

The support team was valuable during the initial stages. PingSafe contacted us every three weeks. They checked our infrastructure and reviewed all the issues that we were incorporating into the system. They took direct responsibility for the system and could solve queries quickly.

Previously, we were using the native tools of each cloud provider. For example, we used GuardDuty on the AWS.

Deploying PingSafe is straightforward. You can onboard new AWS accounts in five to 10 minutes, and it will start scanning very quickly. They give you a script to run on AWS. You can enroll your accounts based on the template, and it starts collecting data. We onboarded six or seven accounts. It hardly took any time. It's a SaaS solution so we don't need to maintain it. We only need to do the onboarding. 

I rate PingSafe 7 out of 10. PingSafe isn't a unique solution. Other solutions have the same features, but I like PingSafe because it's simpler to use. It doesn't require any maintenance and the scalability is good. However, I think other solutions can give the same level of detail and insight.