SentinelOne Singularity Cloud Security Reviews

Our infrastructure utilizes a combination of cloud solutions and Kubernetes for container orchestration. To ensure the security of these environments, we leverage PingSafe. This platform proactively identifies and remediates vulnerabilities within our cloud deployments.

We use PingSafe, which is integrated with our cloud environment. This allows us to receive notifications from PingSafe directly in our Slack channels, according to the notification settings we have configured. We prioritize these alerts and take appropriate actions based on their urgency.

To improve our cloud security posture and achieve best practices, we implemented PingSafe. This security tool helps us identify and address vulnerabilities within our cloud environment.

PingSafe is easy to use.

PingSafe's evidence-based reporting helps prioritize and solve the most important cloud security issue.

PingSafe's proof of exploitability is valuable because it goes beyond simply identifying vulnerabilities. It assesses how severe these vulnerabilities are by determining if they can be actively exploited by attackers. This information allows us to prioritize our actions and focus on fixing the most critical risks first.

PingSafe's compliance monitoring capabilities helped us achieve certifications like PCI and DSS.

PingSafe's UI is easy to use even for beginners.

PingSafe improved our security posture, made us more compliant, and improved our confidence when we spoke to our clients.

Before implementing PingSafe, we lacked any detection capabilities. Consequently, our mean time to detection saw a significant improvement of up to 70 percent after PingSafe's introduction.

PingSafe improved our mean time to remediation by 50 to 70 percent.

PingSafe has significantly improved collaboration between our cloud security, application developers, and AppSec teams. This enhanced collaboration is due to the dashboard that provides a centralized view of all security-related information within PingSafe.

In the past, our infrastructure setup process involved building the infrastructure first and then implementing security best practices at the end. This new approach is different. Now, when we create new infrastructure, we integrate PingSafe right from the start. This integration allows us to receive security alerts immediately. With these real-time insights, we can proactively address any security issues or potential vulnerabilities as we build, rather than waiting until the infrastructure is complete.

We integrated PingSafe with a few alerting systems and our Slack channels.

PingSafe's most valuable feature is its unified console. This console brings together all of our cloud-based and non-cloud-based solutions into a single, centralized location.

I find the visualization graphs particularly helpful. They identify which objects are affected by the issue, allowing us to prioritize our efforts and focus on the areas that need the most attention.

We deployed PingSafe for AWS and Oracle Cloud but we encountered issues with Oracle Cloud. The integration with Oracle has room for improvement.

I have been using PingSafe for a year.

I would rate the stability of PingSafe 9 out of 10.

I would rate the scalability of PingSafe 8 out of 10.

The technical support is responsive and knowledgeable.

Positive

The deployment was straightforward and took half a day for AWS. Two people from our DevOps team were involved in the deployment.

PingSafe improved the security of our infrastructure and helped reduce the costs.

PingSafe is affordable.

In addition to PingSafe, we also considered Palo Alto and AccuKnox for our needs. However, the positive customer service experience we had with a PingSafe representative played a role in our final decision.

I would rate PingSafe 9 out of 10.

We have around five people in our organization who utilize PingSafe. We are all in the same location except for our consultant.

PingSafe does not require maintenance from our end.

I recommend PingSafe to others. It is compatible with most major cloud platforms. However, we did encounter some issues when using it with lesser-known cloud providers, such as Oracle.

We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice.

By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. PingSafe keeps updating its database and highlighting any issues.

We use agentless vulnerability scanning. It is cool. It operates on our cloud. All we need to do is authenticate and authorize our agents to read from our cloud infrastructure, which is cool.

PingSafe includes proof of exploitability in its evidence-based reporting. This is very important because it gives the entry point to the entire process.

We use PingSafe's Infrastructure as Code (IaC) scanning. All of our Terraform code and Git repositories are checked in, identified, and scanned. It helps us identify any issues way before production.

PingSafe has not reduced the number of false positives. We have very few false positives in our organization. We have a very specific structure.

PingSafe has reduced our mean time to detect. It has helped us a lot. It is quite quick, and that is why we put it in our sprint at every agile site. In terms of its effect on the mean time to remediate, we have not crossed the remediation phase. Remediation is okay. I would want it to go a little bit more specific on remediation, but I understand that it is just an engine that can scan.

We were able to realize the benefits of PingSafe in about a month.

PingSafe has not affected the collaboration among our cloud security, application developers, and app sec teams. The access to PingSafe is less. The number of roles that PingSafe provides is very low. I cannot segregate a particular account or a particular user. It is difficult for a lot of people to get. It is just the development, operations, and infrastructure teams that are currently working with it.

It is pretty simple. It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job.

Its reporting is bad. I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved.

The graphical representation of different resources is super cool, but the problem is that you cannot do anything with it. For example, if you just take the subnets and VPN and put them in a diagram, it becomes so big. I pretty much cannot use it. There is no point. If I am drawing a graph or bringing up a graph, but I am not able to show it to a person, what is the use of that? It is pointless.

Its scalability can be improved.

In this organization, I have been using PingSafe for 6  months. Overall, I have about 4.5 years of experience.

I have not had any issues. I have been lucky enough to not notice any issues.

We have a parent organization, and then we have child accounts, but they have to be configured separately in PingSafe, which makes it difficult to add accounts. You have different pages, so a comparative study about account usage is not possible. I am not a fan of its scalability. Its scalability can be better. 

I have interacted with them a couple of times. They have been very helpful. Their speed is pretty good. They are faster than AWS support. They are quick. The support quality is good. I did not see any lack of quality. I do not have anything bad to say about them.

Positive

We have CloudFront, which is a security measure by AWS for a very specific purpose. I have used SonarQube. It is pretty decent. It is code-specific, whereas PingSafe falls under code and IaC. I have used the Trivy scanning mechanism. Semgrep is an open-source tool. GitLab has its own set of static code analysis and static infrastructure analysis tools. These are some of the tools that I have used before.

PingSafe is very specific to the cloud-native environment. It lets you plug in more than one cloud. My organization has a multi-cloud strategy. With PingSafe, we can have Google Cloud and AWS under the same umbrella, which is cool. It has its own unique place, and I like it.

It was very easy. The only problem was getting the RBAC roles. After we had the roles, it was straightforward. It was very simple.

We have a 47-cluster environment. It took about 1.5 hours. It is quick enough. It is as good as CloudFormation.

It does not require any maintenance from our side. Because it is fully managed on the cloud SA, we do not have to do anything.

It was implemented in-house. We have a development and operations team with 5 people.

Its pricing is constant. It has been constant over the previous year, so I am happy with it. However, price distribution can be better explained. That is the only area I am worried about. Otherwise, the pricing is very reasonable. As the cloud vendors change their pricing, PingSafe also has to change its pricing. I understand that. I am happy with it, but the split up can be better explained.

To those evaluating PingSafe, I would advise understanding PingSafe's licensing metrics. You should understand how PingSafe calculates. That is very important because it is not straightforward. You should understand that, and you can talk to the support people. They are very good. They clearly explain it. The person who is dealing with it should have a technical background. He cannot be a business analyst.

Make sure that you put in all the configurations on day one. You will find it difficult to compare if you keep building on top of it.

Overall, I would rate PingSafe a 7 out of 10.

We're managing our cloud environment on AWS, and PingSafe is assisting us as a CSPM tool. It identifies vulnerabilities in our configuration and helps prevent malicious attacks.

Our current cloud environment allows independent resource deployment by our six to eight-person team, which increases the risk of misconfiguration. To mitigate this, we implemented PingSafe. This security tool generates alerts for misconfigurations, allowing us to promptly address them and maintain a strong cloud security posture.

Having too many resources with platform access made misconfigurations more likely. PingSafe addressed this by helping us configure everything according to best practices, helping improve our security posture.

PingSafe is easy to use.

Evidence-based alerts help us mitigate the priority issues that are detected.

The proof of exploitability in evidence-based reporting is helpful.

The offensive security engine strengthens our organization's security posture by validating potential attacker paths and prioritizing vulnerabilities with the highest likelihood of being exploited in a breach.

Infrastructure as Code facilitates the identification of pre-production issues within our Cloud Formation Templates and Terraform configurations.

PingSafe has been instrumental in ensuring our strong cloud security posture, effectively helping us manage and mitigate risks. PingSafe helped our team reduce the number of false positives.

PingSafe plays a key role in strengthening our risk posture. By providing alerts, it assists both our information security and security assessment teams in identifying and mitigating potential threats, ultimately improving our overall security position.

It has improved our mean time to detection by 30 percent and effectively reduces our average time to resolve incidents. By providing valuable information, PingSafe empowers our team to quickly diagnose and rectify problems.

It has improved the collaboration of our cloud security application developers and AppSec teams.

PingSafe has helped save engineering time by 50 percent. 

PingSafe offers security solutions for both Kubernetes and CI/CD pipelines. It helps with vulnerability remediation, ensuring timely alerts for misconfigured resources, so we can address security issues efficiently.

While PingSafe offers real-time response, there is room for improvement in alert accuracy. We've encountered instances where misconfigurations created by teammates were not flagged promptly by PingSafe, leading to downstream issues.

I have been using PingSafe for one year.

I would rate the stability of PingSafe nine out of ten.

I would rate the scalability of PingSafe nine out of ten.

The technical support is helpful.

Positive

PingSafe's team clearly explained the implementation process, which our team of three was then able to complete in just one week.

PingSafe falls within the typical price range for cloud security platforms.

I would rate PingSafe ten out of ten.

Our organization has over 35 members across various teams, each utilizing PingSafe according to their specific needs.

No maintenance is required on our end.

I recommend PingSafe to others. It has done a great job of improving our security posture.

We did a PoC, but we did not go ahead with PingSafe. It is currently on a test cluster. It is not in production.

We were looking for a CSPM tool to monitor all of our AWS resources. We also wanted it to give us an alert in the case of a vulnerability. If, for example, a zero-day vulnerability is there, it should scan all of our tools.

We used agentless vulnerability scanning. It helped us to see all the vulnerabilities without deploying any third-party component in our system.

We used PingSafe's Offensive Security Engine. It helped us to identify all the CVEs. We could see what kind of CVEs were there and what severity level they had, such as normal or critical. It helped visualize all the severities.

PingSafe changed our security posture a lot. In one dashboard, we were able to see all the information. We could see which resources are vulnerable and which ones have critical bugs. It helped us with that.

PingSafe did not reduce our mean time to detect and mean time to remediate.

PingSafe helped with collaboration, but in my organization, developers are not directly involved with PingSafe. There was mainly the infrastructure component where we deployed agents and based on our particular role or access, they were able to send all the data to the PingSafe server. We were able to see all the reports and all the details in the UI.

We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there.

The reporting feature is good. It is able to generate reports.

Its UI is very good, and it is easy to adapt. Any new person will be able to navigate, and within a week, he or she will be able to understand PingSafe.

We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe.

If there is any virtual machine running on your public subnet, it is accessible outside your network. It is accessible via the Internet. If it has any Log4j or remote accessibility vulnerability, the attacker would be able to access the machine. From the private machine, the attacker can do NS Lookup and reach our DBs. It creates a channel for vulnerabilities. Such a feature is not present in PingSafe.

It is stable. We have not had any issues.

It is scalable.

They were helpful. They helped us with the configuration. They were available through the Zoom call. Initially, they also provided us with a demo of all the features. They showed us all the features that we could use.

The speed of their support was good. I would rate their support a 9 out of 10.

Positive

We are using Orca. We did a PoC with PingSafe, and there were some cost benefits. 

PingSafe is a SaaS solution. I was involved in its initial deployment. It took around three months.

We used their support. Its implementation requires at least two people.

Its pricing was a little less than other providers.

I would advise doing a PoC with all the similar tools and then making a decision based on the capabilities, features, and price. 

Overall, I would rate PingSafe a 9 out of 10.

My company uses Cloud Native Security as our CSPM solution to discover vulnerabilities in cloud-based configurations. We take alerts from Cloud Native Security and forward them to the DevOps team to remediate them manually. 

Cloud Native Security helps reduce the number of false positives we receive. We receive notifications and alerts from various channels, such as AWS CloudTrail and Microsoft Defender. These products generate alerts based on their policies. I can feel confident that Cloud Native Security isn't giving any false positives. We get a few, but they are rare, and I can immediately alert the team to redefine their policies. 

Cloud Native Security's most valuable feature is its offensive security engine. I have worked with many CSPM solutions. What sets Cloud Native Security apart is the security engine's ability to provide evidence about the potential for vulnerabilities to be exploited or endpoints exposed with credentials.  

The evidence-based reporting is helpful. It shows us all these details that help us do more research. We are working with various stakeholders to remediate those misconfigurations immediately. No other solutions provide this feature. We can research other resources affected by the same kind of vulnerabilities or misconfigurations. We can prioritize fixing them and work on them immediately. That's beneficial to everyone on the team, and they are learning a lot with this feature from Cloud Native Security itself.

While Cloud Native Security is mostly easy to use, the interface has a few trouble areas. We have faced some challenges with filtering. The Cloud Native Security team is working on that, and they're fixing it immediately. They take feedback seriously. There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature. 

We have been using Cloud Native Security for one year.

Cloud Native Security is stable. 

I rate Cloud Native Security 9 out of 10 for scalability. There is no lag, and the application doesn't break down. 

I rate Cloud Native Security support 8 out of 10. We contacted them about adding some policies and creating plugins based on our requirements. 

Positive

We previously used Prisma Cloud. Each has its own feature set. Prisma is on a higher level, and Cloud Native Security is a startup that's building its feature set and taking feedback from all the customers. That's one advantage Cloud Native Security has. They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away.

Deploying Cloud Native Security wasn't too easy or difficult. It was manageable. I did the deployment by myself. I'm the Cloud Native Security admin for my organization responsible for onboarding all the cloud accounts for AWS, GCP, and Azure. 

We also looked at Orca Security. Like Prisma, Orca is one of the top solutions on the market. Most of the CSPM solutions have the same features. Cloud Native Security stood out for two reasons: One is the offensive security engine. That is the main thing. The second thing Cloud Native Security offers is evidence-based reporting. That helps us a lot. These two features are unique, which is why we chose Cloud Native Security. 

I rate Cloud Native Security 7 out of 10. 

We use the product across all of our entities for EDR, threat detection, and response methods.

We wanted a solution for protection. We had a number of entities with various EDR solutions. We wanted to centralize under one EDR solution, and we wanted one that was efficient and easy to manage with a small team.

The biggest thing for us was getting to a single platform. A single pane of glass has been nice. The ability to segment various sites out. The R-Back involved is super helpful for us as we are a multi-company organization. In general, the time has been greatly reduced for incidents.

The ease of use of the platform is very nice. The console provides excellent visibility into events that occur and, in general, the wide range of tools that are built into the agent itself.

My impression of the product's real-time detection and response capabilities is good. It definitely is a little bit different. It takes a little bit more time to learn than some of the other solutions that we have worked with in the past. Once you do understand it and once you're capable of running through the GUI and you understand what the logs and various windows they're trying to tell you, it's fairly straightforward.

The solution's automated remediation is good. I like that you can segment it into four options. You can choose to kill it at any time in the kill chain, so you can choose to quarantine it, you can choose to remediate, you can choose to roll back, you can choose to let it run. Being able to choose how far along you want those events to get is pretty nice.

The historical data record provided by the solution after an attack is decent. It gives you a flowchart of the attack. All along the processes you get good visibility and see all that were detected. Definitely, from a post-incident analysis perspective, it's very strong.

The solution has helped reduce our organization's mean time to detect by 20% to 30%. Given that extra 20% to 30%, it frees us up to focus on other items. 

The solution's impact on our organization's productivity is good. It provides robust whitelisting capabilities and improves our productivity. 

Agent releases need to be more stable before being pushed out. 

Bugs need to be disclosed quickly.

The reporting, and the logging visibility, are not there. It's very, very crude and simple. It needs to be drastically expanded. 

They need to expand their third-party integrations with SIM tools, and sites need to be given the option to expire at the end of the contract as well.

They could expand their integration with Kubernetes. They are trying to build out their third-party integrations. It does work well on Windows and Mac. 

I've used the product for three and a half years. 

Agent stability and communication with the console and agents going offline can be an issue. It can be time-consuming to coordinate and fix. However, the cloud console is very resilient. It's mostly the agent releases where we might have issues. CrowdStrike agents seem a little more stable. 

We have about 3,000 users using the solution.

Scaling is no issue. 

Technical support is hit or miss. We have worked with some good agents and some less knowledgeable. 

Positive

We have used different solutions, including the fact that we still CrowdStrike at a couple of companies. We are now moving more fully towards SentinelOne.

The simplicity and ease of use were big and where SentinelOne stands out. It's a set-and-forget policy. Based on what we saw in testing, it was the best option. 

In terms of telemetry data, we were all over the board.

The initial setup was a little more complex when we first started. However, they've smoothed a lot of their implementation out and so it's gotten easier over time. It took us a couple of weeks to a month to deploy. About 20 were involved in the deployment. We have 30 to 40 companies around the world and it's across every company and every department. 

The solution does require maintenance. You need to have agents up to date and cases closed properly. It does require you to be invested. 

We have witnessed ROI. It's comprehensive in its detection capabilities and has saved us from multiple attacks. We've likely saved 30% based on prevented attacks. 

The solution is relatively cheaper and is willing to work with companies on pricing. 

We are customers.

For those who believe they already have a continuous monitoring solution in place, I'd advise that SentinelOne knows its own product. They can provide that extra confidence that nothing gets missed. And if you see a high number of alerts, they're able to really help you discern those and get down to the ones that matter most.

The solution doesn't affect our ability to innovate one way or another. It doesn't hold us back.

I'd recommend the solution and advise running a POC in your environment. It's good to run against CRowdStrike. They are seriously contending against CrowdStrike.

I'd rate the solution eight out of ten. 

My primary use case for SentinelOne Singularity Cloud Security is for security purposes. It provides me with alerts. 

By implementing this solution, we wanted notifications about any potential threats, such as port scanning or unauthorized access attempts. This is why we have deployed it on the cloud to monitor and secure our systems.

It has an intuitive dashboard, which streamlines the setup process. It is a user-friendly tool for security teams handling cloud or data centers.

For fewer false positives, they ensure that their threat intelligence databases are up to date. That reduces misclassification and improves system accuracy over time through machine learning.

SentinelOne Singularity Cloud Security has improved our security posture. We are almost 100% secure.

It has reduced our mean time to remediate by 40% and the mean time to detect by about 70%.

SentinelOne Singularity Cloud Security offers valuable features like runtime notifications. These alerts come to my account, ensuring that if any port or component within my infrastructure is opened or compromised, I am informed immediately. It highlights issues within minutes or even seconds. 

It is very easy to use. It is user-friendly. Dashboards and other features are easy to use even for newbies. Someone new can easily understand the dashboard and other features.

The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity. Desktop features might be useful for smaller organizations with less complex security needs. 

Moreover, there is a higher price point compared to traditional endpoint protection solutions, which may not be ideal for smaller organizations.

I have been using SentinelOne Singularity Cloud Security for around one and a half to two years.

It is stable. I would rate its stability a nine out of ten.

I would rate its scalability as seven out of ten because there might be issues due to internet connectivity or occasional lag when deploying for monitoring purposes.

It is being used at multiple locations and by multiple teams. In my team, there are about 12 people.

I would rate the customer service and support as eight out of ten.

Positive

Before SentinelOne Singularity Cloud Security, we did not use any solution in the cloud. We had no centralized system. We had to go through cloud services such as GuardDuty, but it took time to analyze the issue and the root cause.

We wanted to follow the best practices and have something centralized. SentinelOne Singularity Cloud Security gives us centralized and real-time data.

We have multiple clouds and a data center. Its deployment is easy. The initial setup was straightforward, and it took a total of around five days, including testing time.

We have seen approximately 30% return on investment.

It is a little expensive. I would rate it a four out of ten for pricing.

I would rate SentinelOne Singularity Cloud Security an eight out of ten overall. I would recommend it to other users due to its effectiveness in providing centralized notifications and reducing the meantime to address issues.

We use SentinelOne Singularity Cloud Security to maintain security best practices. The platform alerts us to security issues, ranging from low to critical severity, based on our infrastructure. 

We chose SentinelOne Singularity Cloud Security for its targeted vulnerability recommendations and best practice guidance, which allow us to address alerts effectively and maintain a secure infrastructure.

SentinelOne Singularity Cloud Security is user-friendly and easy to understand.

SentinelOne Singularity Cloud Security's evidence-based reporting for helping prioritize and solve the most important cloud security issues is excellent.

The exploitability proof in reports is crucial, enabling me to pinpoint issues and solutions. Without it, identifying vulnerabilities and applying fixes would be impossible. The system alerts me to security events, pinpointing the problem's location with resource and account IDs. This detailed information allows for rapid resolution, saving valuable time.

Upon joining the company, the user interface was not very user-friendly. However, over time, upgrades were introduced, such as more issue resolution documentation and best practices, which enhanced the security of our infrastructure. I realized the benefits of SentinelOne Singularity Cloud Security within five months.

SentinelOne Singularity Cloud Security has significantly strengthened our security posture. Previously, we relied on AWS-managed security alarms, which provided a limited and reactive approach to threat detection. Singularity Cloud Security offers a more proactive and comprehensive solution, enhancing our ability to identify and respond to potential threats.

SentinelOne Singularity Cloud Security has reduced our mean time to detect by five to ten minutes.

SentinelOne Singularity Cloud Security allows us to complete remediation in five minutes.

The most valuable feature is the easy-to-understand user interface, which allows even non-technical users to comprehend and resolve issues. Additionally, the solution provides highly useful recommendations.

To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currently, these issues take two to three hours to be removed, creating unnecessary clutter and potentially delaying the identification of new issues.

I have been using SentinelOne Singularity Cloud Security for almost two years.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

Customer service and support are excellent. They respond promptly, and the technical support is knowledgeable and helpful with any issues we face.

Positive

The initial setup took approximately one week due to the testing phase. It went smoothly with the team's collaboration.

I was present with my team during the deployment process, but I did not personally deploy it.

I would rate SentinelOne Singularity Cloud Security ten out of ten.

Our organization has multiple departments, but only five individuals have access to Singularity Cloud Security.

Singularity Cloud Security's maintenance is handled by SentinelOne.

From a security standpoint, SentinelOne Singularity Cloud Security is excellent, and I highly recommend it.