SentinelOne Singularity Cloud Security Reviews

Our primary use case is for security purposes. It is deployed on our cloud to handle our security threat detections. It scans our infrastructure to recognize security issues, detect attacks, and provide protection.

SentinelOne offers an intuitive dashboard to streamline and set up processes. It is user-friendly for security and InfoSec teams.

It helps with regular compliance and transparency. They provide a clear rationale for security practices, which helps in gaining stakeholder's trust. The data-driven approach aligns with compliance framework requirements. I also see a reduction in reliance on human judgment.

It has reduced our mean time to detect by 30% to 40%. There is about a 20% to 30% reduction in the meantime to remediate. In case of any threat, we get alerted within milliseconds. It provides me with everything I need.

It scans my infrastructure very well and finds any issues.

The features that stand out are threat detection using advanced artificial intelligence and machine learning, helping to identify and respond to threats in real-time. 

Additionally, the extended detection and response (XDR) provides deep visibility and unified security across our endpoints, network, and cloud environments. 

The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashboard can also be laggy.

I have been using the solution for about one year.

The solution is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it an eight out of ten for scalability.

The technical support is excellent. I would rate them a nine out of ten.

Positive

We did not have any similar solution previously. We used AWS services such as GuardDuty and CloudTrail.

By implementing SentinelOne Singularity Cloud Security, we wanted AI-powered scanning and threat detection. SentinelOne stands out due to its ability to provide alerts and documentation without needing to continuously monitor the services. Everything is centralized. It alerts me through an email or a notification if something is happening in our infrastructure. I can look into it and see what I need to do.

It is deployed on the cloud. It took about four days to implement it.

Its maintenance is taken care of by SentinelOne.

Initially, 8 people were involved in deploying the solution. We have about 13 people using this solution.

The implementation of the solution has resulted in a saving of time and resources by around 40%.

SentinelOne is quite costly compared to other security platforms. I would rate it an eight out of ten for costliness.

I would recommend this solution to other users because of its security. 

Overall, I would rate SentinelOne Singularity Cloud Security a ten out of ten.

I use SentinelOne Singularity Cloud Security to detect vulnerabilities and threats.

I use SentinelOne Singularity Cloud Security for continuous monitoring, as it provides constant threat detection with minimal impact on our system's performance compared to other endpoint security solutions.

SentinelOne Singularity Cloud Security's initiative dashboards have a user-friendly interface that is easy to understand, even for new users. The intuitive design eliminates the need for extensive knowledge transfer, allowing anyone to grasp the essential functions of SentinelOne quickly.

The evidence-based reporting effectively prioritizes and resolves critical cloud security issues. Its operational metrics, including key performance indicators and security metrics like false-positive rates, mean time to detection, and mean time to response, provide valuable insights for improvement.

SentinelOne Singularity Cloud Security offers exceptionally clear proof of exploitability for security practices. This clarity fosters trust among stakeholders and managers, assuring them of a secure environment by simplifying vulnerability identification and remediation.

It has significantly enhanced our security visibility. The system provides alerts for any vulnerabilities, along with comprehensive documentation and user-friendly solutions. Its multi-cloud support streamlines issue resolution, allowing for quicker remediation.

SentinelOne Singularity Cloud Security has reduced the number of false positives by 40 percent, our mean time to detect by 20 percent, and our mean time to remediate by 30 percent.

As an application developer and infrastructure/technical support specialist, I find SentinelOne Singularity Cloud Security extremely helpful for our security needs. The notifications and other features are particularly useful in my daily work.

SentinelOne Singularity Cloud Security has saved up to 50 percent in engineering time.

SentinelOne's behavior analytics are valuable because they detect anomalies and malicious behavior that signature-based solutions might miss. The cost is also much cheaper than other products in the market.

SentinelOne Singularity Cloud Security has limited legacy system support and may not fully support older operating systems or legacy environments. The depth of features may be overwhelming for small-scale organizations with less complex security needs. It can sometimes feel complex for smaller teams, requiring specialized expertise that might be challenging for teams without skilled cybersecurity professionals.

I have been using SentinelOne Singularity Cloud Security for eight months.

I would rate the stability of SentinelOne Singularity Cloud Security a seven out of ten because sometimes the UI feels laggy.

I would rate the scalability of SentinelOne Singularity Cloud Security nine out of ten.

The technical support has been satisfactory.

Positive

Without SentinelOne, I would need to add two to three resources to my team for monitoring and threat detection. It has reduced the need for additional resources and saved money by 40 percent.

While I'm slightly out of touch with pricing, I know SentinelOne is much cheaper than other products.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

SentinelOne Singularity Cloud Security is deployed across various departments and locations for approximately 70 users.

SentinelOne manages the maintenance for Singularity Cloud Security.

I recommend SentinelOne Singularity Cloud Security to other users for security, monitoring, and threat detection purposes. SentinelOne uses AI-based detection, continuously upgrading itself to be on top of the market. 

We use SentinelOne's Singularity Cloud Security as our Cloud Security Posture Management solution, to proactively identify vulnerabilities within our cloud configurations. Security alerts generated by the platform are then forwarded to our mitigation team for prompt remediation.

The solution is easy to use.

The evidence-based reporting is helpful to our DevOps team who manually mitigate the vulnerabilities.

Singularity Cloud Security offers a flexible agentless vulnerability scanning solution that allows me to receive alerts directly to my personal email, a feature missing from AWS GuardDuty.

Evidence-based reporting that demonstrates how a vulnerability can be exploited is crucial because it allows me to prioritize alerts based on their severity level. This ensures I focus on the most critical issues first.

Singularity Cloud Security has improved our organization's security by proactively identifying vulnerabilities that could have significant detrimental effects.

It has decreased the number of false positives.

Before implementing Singularity Cloud Security our mean time to detection was three to four days.

Singularity Cloud Security has significantly improved our mean time to remediation from one hour to just 15 minutes.

SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security. This means they can adapt the product to our specific needs, whereas Prisma Cloud forces us to wait for their pre-determined release schedule.

SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On. SentinelOne should prioritize the development of a break glass account feature.

We've encountered some filtering difficulties, resulting in a few areas of the interface needing improvement.

I have been using Singularity Cloud Security by SentinelOne for one year.

Singularity Cloud Security by SentinelOne is stable.

I would rate the scalability of Singularity Cloud Security nine out of ten.

The technical support is good. They've assisted us on multiple occasions with implementing new policies and creating custom plug-ins to meet our specific needs.

Positive

I successfully deployed the solution in collaboration with a cloud-native administrator. The deployment process went smoothly and we encountered no complications.

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

We have over 400 users in our organization.

Our infrastructure is on AWS and we integrate PingSafe with our enterprise accounts to identify misconfiguration on the Cloud.

The offensive security engine helps us visualize any potential attacks.

PingSafe helps us maintain and improve our security posture.

It has helped reduce the number of false positives.

We have improved our mean time to detection with PingSafe.

PingSafe has improved our mean time to remediation. The alerts provided included details that help us address the issues quickly.

The most valuable aspects of PingSafe are its alerting system and the remediation guidance it provides. This combination helps us identify misconfigurations and vulnerabilities in our systems and swiftly address them.

In addition to the console alerts, I would like PingSafe to also send email notifications.

I have been using PingSafe for one and a half years.

PingSafe is stable.

PingSafe is scalable.

The technical support is helpful and responds quickly to our requests.

Positive

We previously used AWS Security but switched to PingSafe because of its wider scanning range and centralized console for maintenance.

The initial deployment was straightforward and took one month to complete.

We completed the implementation in-house with the help of PingSafe.

I would rate PingSafe eight out of ten.

I recommend PingSafe to others.

We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice.

By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. PingSafe keeps updating its database and highlighting any issues.

We use agentless vulnerability scanning. It is cool. It operates on our cloud. All we need to do is authenticate and authorize our agents to read from our cloud infrastructure, which is cool.

PingSafe includes proof of exploitability in its evidence-based reporting. This is very important because it gives the entry point to the entire process.

We use PingSafe's Infrastructure as Code (IaC) scanning. All of our Terraform code and Git repositories are checked in, identified, and scanned. It helps us identify any issues way before production.

PingSafe has not reduced the number of false positives. We have very few false positives in our organization. We have a very specific structure.

PingSafe has reduced our mean time to detect. It has helped us a lot. It is quite quick, and that is why we put it in our sprint at every agile site. In terms of its effect on the mean time to remediate, we have not crossed the remediation phase. Remediation is okay. I would want it to go a little bit more specific on remediation, but I understand that it is just an engine that can scan.

We were able to realize the benefits of PingSafe in about a month.

PingSafe has not affected the collaboration among our cloud security, application developers, and app sec teams. The access to PingSafe is less. The number of roles that PingSafe provides is very low. I cannot segregate a particular account or a particular user. It is difficult for a lot of people to get. It is just the development, operations, and infrastructure teams that are currently working with it.

It is pretty simple. It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job.

Its reporting is bad. I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved.

The graphical representation of different resources is super cool, but the problem is that you cannot do anything with it. For example, if you just take the subnets and VPN and put them in a diagram, it becomes so big. I pretty much cannot use it. There is no point. If I am drawing a graph or bringing up a graph, but I am not able to show it to a person, what is the use of that? It is pointless.

Its scalability can be improved.

In this organization, I have been using PingSafe for 6  months. Overall, I have about 4.5 years of experience.

I have not had any issues. I have been lucky enough to not notice any issues.

We have a parent organization, and then we have child accounts, but they have to be configured separately in PingSafe, which makes it difficult to add accounts. You have different pages, so a comparative study about account usage is not possible. I am not a fan of its scalability. Its scalability can be better. 

I have interacted with them a couple of times. They have been very helpful. Their speed is pretty good. They are faster than AWS support. They are quick. The support quality is good. I did not see any lack of quality. I do not have anything bad to say about them.

Positive

We have CloudFront, which is a security measure by AWS for a very specific purpose. I have used SonarQube. It is pretty decent. It is code-specific, whereas PingSafe falls under code and IaC. I have used the Trivy scanning mechanism. Semgrep is an open-source tool. GitLab has its own set of static code analysis and static infrastructure analysis tools. These are some of the tools that I have used before.

PingSafe is very specific to the cloud-native environment. It lets you plug in more than one cloud. My organization has a multi-cloud strategy. With PingSafe, we can have Google Cloud and AWS under the same umbrella, which is cool. It has its own unique place, and I like it.

It was very easy. The only problem was getting the RBAC roles. After we had the roles, it was straightforward. It was very simple.

We have a 47-cluster environment. It took about 1.5 hours. It is quick enough. It is as good as CloudFormation.

It does not require any maintenance from our side. Because it is fully managed on the cloud SA, we do not have to do anything.

It was implemented in-house. We have a development and operations team with 5 people.

Its pricing is constant. It has been constant over the previous year, so I am happy with it. However, price distribution can be better explained. That is the only area I am worried about. Otherwise, the pricing is very reasonable. As the cloud vendors change their pricing, PingSafe also has to change its pricing. I understand that. I am happy with it, but the split up can be better explained.

To those evaluating PingSafe, I would advise understanding PingSafe's licensing metrics. You should understand how PingSafe calculates. That is very important because it is not straightforward. You should understand that, and you can talk to the support people. They are very good. They clearly explain it. The person who is dealing with it should have a technical background. He cannot be a business analyst.

Make sure that you put in all the configurations on day one. You will find it difficult to compare if you keep building on top of it.

Overall, I would rate PingSafe a 7 out of 10.

We did a PoC, but we did not go ahead with PingSafe. It is currently on a test cluster. It is not in production.

We were looking for a CSPM tool to monitor all of our AWS resources. We also wanted it to give us an alert in the case of a vulnerability. If, for example, a zero-day vulnerability is there, it should scan all of our tools.

We used agentless vulnerability scanning. It helped us to see all the vulnerabilities without deploying any third-party component in our system.

We used PingSafe's Offensive Security Engine. It helped us to identify all the CVEs. We could see what kind of CVEs were there and what severity level they had, such as normal or critical. It helped visualize all the severities.

PingSafe changed our security posture a lot. In one dashboard, we were able to see all the information. We could see which resources are vulnerable and which ones have critical bugs. It helped us with that.

PingSafe did not reduce our mean time to detect and mean time to remediate.

PingSafe helped with collaboration, but in my organization, developers are not directly involved with PingSafe. There was mainly the infrastructure component where we deployed agents and based on our particular role or access, they were able to send all the data to the PingSafe server. We were able to see all the reports and all the details in the UI.

We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there.

The reporting feature is good. It is able to generate reports.

Its UI is very good, and it is easy to adapt. Any new person will be able to navigate, and within a week, he or she will be able to understand PingSafe.

We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe.

If there is any virtual machine running on your public subnet, it is accessible outside your network. It is accessible via the Internet. If it has any Log4j or remote accessibility vulnerability, the attacker would be able to access the machine. From the private machine, the attacker can do NS Lookup and reach our DBs. It creates a channel for vulnerabilities. Such a feature is not present in PingSafe.

It is stable. We have not had any issues.

It is scalable.

They were helpful. They helped us with the configuration. They were available through the Zoom call. Initially, they also provided us with a demo of all the features. They showed us all the features that we could use.

The speed of their support was good. I would rate their support a 9 out of 10.

Positive

We are using Orca. We did a PoC with PingSafe, and there were some cost benefits. 

PingSafe is a SaaS solution. I was involved in its initial deployment. It took around three months.

We used their support. Its implementation requires at least two people.

Its pricing was a little less than other providers.

I would advise doing a PoC with all the similar tools and then making a decision based on the capabilities, features, and price. 

Overall, I would rate PingSafe a 9 out of 10.

We use the solution basically for AD protection. We get to see at a deeper level the different processes that are being run on computers.

We've been able to stop any potential malicious actions that are being taken on various computers.

Their detection of potentially malicious stuff is probably the most beneficial feature and their new Singularity XDR is an awesome platform.

The solution's real-time detection and response capabilities are very good. Pretty much anytime that there is something that we might see as potentially malicious is caught. Depending on the type of computer it is, it does a great job of blocking those actions that are being taken. 

It's really easy to configure enterprise-wide, which actions we want to stop. It's very easy to stop malicious stuff.

The solution's automated remediation is really good. We're doing the rollback also now. That way, if something does happen, it's able to roll back to the state before the process happens.

The solution's forensic visibility into our Linux kernel in regards to deep visibility is really good. It is very granular. It's able to show everything that it did. 

The historical data record provided by the solution after an attack is great. You're able to search by different computers. You can get a whole scope of computers - as much as you want. You're able to get as granular as you want as well and can identify different cross processes than indicators and different files that were launched during a period of time.

It helped reduce our organization's mean time to detect very significantly. We had Endgame before this. It did not stop the processes in a manner of time that you would like it to. This definitely improved our response time to anything that we saw. It's very fast. It's improved the response time by 50% to 75% from just detection time to our response. 

The solution reduced the organization's mean time to remediate. It is as fast as the potentially malicious process that's launched. It'll stop it right then and there. It'll remediate the action immediately. 

It helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console.

The solution's impact on your organization's productivity has been impressive. We just had to put a bunch of time upfront. However, ever since then, we haven't had to really do much there besides analyzing threats.

There's the singularity marketplace, which they've expanded a bunch. However, there are some other APIs that I'd like to see. We'd like to be able to connect to them from a SIM perspective.

The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint.

I've used the solution for about a year and a half.

The stability is very good. I'd rate stability ten out of ten. I've never had issues. It's never been down. 

We have four different properties on which agents are one and 1,700  workstations as well as 250 servers. 

The product is scalable. We have about 2,000 endpoints. If we had 4,000 or 10,000 it really wouldn't be an issue. It's just a matter of configuring your groups. It's good at autoscaling based on workload demands. 

Technical support is really good. Whenever a threat comes into our environment, they will comment and give analysis. That's been very helpful in covering items we're not totally sure of. 

Positive

I previously used a different solution called Endgame. We did a POC with Crowdstrike and SentinelOne and SentinelOne was a much cleaner, easier-to-use console.

The initial setup did take some understanding on our part of how we wanted to split and group. We needed to figure out how to split our servers and workstations. That was the hardest part. After that, we had to get our policies in order. 

We were able to get everything up within a week to where we were comfortable with how everything was running. We're still tweaking little things. 

We had three people on our team and two people from professional services. 

Maintenance is minimal, such as adding exclusions to threats or alerts. 

We did initiate the setup with professional services. 

We have noted a good ROI and haven't had a single incident since implementing the solution. 

The solution is fairly priced for what they're offering especially compared to other platforms. It gives you great visibility into the different processes that are running on different computers. It's fairly priced, especially for a cloud platform.

We are customers and end-users.

If someone doesn't think they need a singularity cloud workflow protection platform because they have a continuous security monitoring solution, I'd say it depends on whether you're able to block potentially malicious stuff or not. This solution gives you just about the fastest understanding from a machine-learning perspective. 

This is much better than our previous solution. They've innovated a lot in terms of their deep visibility and singularity XDR (which is more granular).

I'd advise potential users to do a POC no matter what. That said, this is a great product. I rave about it to everybody. It's likely my favorite product for our environment.

I'd rate the solution ten out of ten. 

SentinelOne Singularity Cloud is on our computers and servers, mainly for threat hunting. I use it to ensure our devices remain healthy and are virus-free, ransomware-free, and threat-free.

We've felt more comfortable having SentinelOne Singularity Cloud because we've had a safer environment. The benefits from the platform were immediate.

What is most valuable in SentinelOne Singularity Cloud is that it can detect any threat on a machine or is being installed on a machine, so it is a platform that helps keep the environment safe.

I also found the real-time detection and response capabilities of SentinelOne Singularity Cloud impressive because it is a platform that uses artificial intelligence to determine what is normal and what is abnormal and can lock down any virus it may encounter.

SentinelOne Singularity Cloud has good automated remediation capabilities. It can catch threats that other antiviruses do not.

The platform also has a very good deep visibility feature, enabling you to run scans and find what you need.

SentinelOne Singularity Cloud provides excellent historical data to find what you need.

The platform reduced my organization's mean time to detect and mean time to remediate anywhere from a week to sixty days.

SentinelOne Singularity Cloud also helped free up SOC staff, enabling staff to work on other projects or tasks. Through the platform, the team does not have to spend as much time trying to go through different objects on the machines manually.

SentinelOne Singularity Cloud hasn't had a direct, everyday impact on my organization's productivity. What it has an impact on is uptime whenever there is a threat on a computer because it blocks it.

The platform has good interoperability with third-party solutions and integrates smoothly.

SentinelOne Singularity Cloud is able to support my organization's ability to innovate. It is good in that aspect, though I have yet to work with that extensively.

SentinelOne Singularity Cloud sometimes has false positives, but the main area for improvement I want to see is for it to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is.

I've been working with SentinelOne Singularity Cloud for about three years.

I found SentinelOne Singularity Cloud stable.

SentinelOne Singularity Cloud is scalable, and it is pretty seamless in terms of autoscaling based on my organization's workload demands.

I have not contacted the SentinelOne Singularity Cloud technical support team.

My organization used Windows Defender but switched because SentinelOne Singularity Cloud was more robust.

Due to its notifications, you can also have the turnout time of obtaining telemetry data from SentinelOne Singularity Cloud automatically, so you do not have to watch it constantly to see the data. The platform automatically shuts down the computer, takes it off the network, and then reports to you versus Windows Defender, which requires you to do a little more research into the items, as it did not provide as much information.

I was involved in the initial setup of SentinelOne Singularity Cloud, which I found pretty straightforward.

We worked with a consultant in implementing SentinelOne Singularity Cloud.

Only two people were involved, and the process took about two weeks.

I believe there is ROI from SentinelOne Singularity Cloud because of its impact on productivity through its ability to remediate and self-resolve some of the items.

I have no information on how much SentinelOne Singularity Cloud costs.

We did not evaluate other options before choosing SentinelOne Singularity Cloud.

If someone were to tell me that they do not believe they need SentinelOne Singularity Cloud because they have a continuous security monitoring solution in place, I would disagree because, with the SentinelOne Singularity Cloud platform, you can allow or disallow items within the machine. It automatically disconnects the machine from the network, helping you determine what is happening.

My organization works with the cloud version of the platform. It is deployed in multiple departments, and about four hundred users work with the endpoints.

SentinelOne Singularity Cloud requires maintenance, but it's not difficult to maintain.

Only one person takes care of the maintenance of the platform.

My advice to other users who would like to start working with SentinelOne Singularity Cloud is that I would highly recommend it based on its abilities and what it can find and remediate for you. It is easy to deploy and maintain, so I would tell others it is a solid platform.

My rating for SentinelOne Singularity Cloud is eight out of ten.