What advice do you have for others considering Singularity Cloud Workload Security?

It has a single agent to cover all aspects. You can save money and costs with data ingestion by using the Security DataLake from Singularity. There is also the ease of use of its console. There is also the ease of deployment by it being cloud-based. If you are looking for a tool that is perfect for cloud solutions and protects your cloud host, Singularity Cloud Workload Security would be at the top of my list. To someone who does not think that they need a Singularity Cloud Workload Protection Platform (CWPP) because they have a continuous security monitoring (CSM) solution in place, I would recommend looking again at Singularity because there is one agent and the ease of transitioning and deploying into the cloud. Another big thing about Singularity is the holding of the data. We utilize Splunk. However, with Singularity, we do not need to ingest all the data because we can also utilize their data lake. The query or the information that we can look up at Splunk can also be looked up in Singularity, so there is no need to take all that data from Singularity and ingest it into our Splunk and increase our license. We can utilize our license and capabilities. We can just use the data lake that comes with Singularity and utilize logs in that manner. In the end, it is saving us costs when it comes to our SIEM tool ingestion, so I would recommend looking at these top aspects. It is easy in the cloud. It helps save data on your SIEM tool. It saves the ingestion costs. There is also a single agent. I would rate Singularity Cloud Workload Security a nine out of ten.

I'd ask users to take a good look at Singularity Cloud Workload Security because it brings a lot of value to the table. For its price, the solution does a good job compared to some other solutions. Singularity Cloud Workload Security’s automated remediation works great. The solution’s real-time detection and response capabilities work great for us. It frees up time, unlike our previous solution, where we had a lot of false positives. It's granular, and you can take a deeper dive into something if you need to. You can analyze and get a verdict. It's easier to narrow it down and pinpoint it with more detail. The solution helped reduce our organization’s mean time to detect. Singularity Cloud Workload Security is quicker than our previous solution. We are a small group of just five people, and we have to do instantaneous detection to stop things from coming in quickly. We like that part a lot. The solution helped reduce our organization’s mean time to remediate. It lets us analyze an incident, report the status quicker, and escalate it quicker than our previous solution. Singularity Cloud Workload Security helped free up SOC staff to work on other projects. It probably freed up 10 to 15 hours a week. Before, we spent a couple of hours a day sifting through events and trying to see if they were false positives. The solution freed up a lot of time. We have seen an impact on our organization's productivity using Singularity Cloud Workload Security. With the freed-up time, we're able to do a lot of other work. We use other products and look at phishing emails. It frees up our time to study more than we did in the past. I would have users look at their visibility across their environment. The solution's quick response to threats, ability to act on them, automated incident response, and forensic investigation capabilities are really good. The solution provides you with 24/7 threat monitoring detection. We work eight hours a day when we have someone on call. It's nice to know someone else is also looking at our events. They're there to dive in with us when we need them to help increase our team. Even though they're not on our team, they're there to help us. Overall, I rate Singularity Cloud Workload Security a nine out of ten.

Other than the manual upgrades we do, Singularity Cloud Workload Security doesn't require any maintenance. I would ask users to put the solution through the spaces, do what they normally do in response to an incident, and see how Singularity Cloud Workload Security acts. If you have a certain set of steps that you take for an incident, follow those in Singularity Cloud Workload Security. Whatever you do with your current product, do it in Singularity Cloud Workload Security, and make sure that every step you've taken in the old one works in the new one. Singularity Cloud Workload Security's real-time detection and response capabilities seem to be pretty good. They're very on point. We don't have to deal with anything like signatures. It updates itself automatically. It works very quickly and efficiently so that we can track down issues and events without wasting a lot of time. We don't use the solution's automated remediation too much because taking something out of the hands of the engineers doesn't make everyone very comfortable. So, we use it sparingly, but what it does, it does well. Cloud Workload Security's forensic visibility is fantastic. We have a smaller Linux footprint than a Windows footprint, but the footprint we do have is very exposed to the internet and other nasty places that are out there. Being able to look into those and make sure that things aren't open or open things are being remediated quickly is very important to us. We like the solution's forensic visibility feature quite a bit. The historical data record provided by Singularity Cloud Workload Security after an attack is fantastic. We want to fix the problem initially, but when we do the rehash of the event, we'd like to go back and see where it all started. We'd like to see what happened in the meantime and ensure that everything that was infected, attacked, or damaged is listed and taken care of so that no things out there can reinfect us or cause more problems. So, we really enjoy that feature. The solution has helped reduce our organization's mean time to detect. It's much quicker than our old solution. It's reduced the response time from 24 hours down to 12 hours for the most part. That's nearly a 50% increase in the response time. The solution has helped reduce our organization's mean time to remediate. It's good, and it works really well. We haven't had to use it too frequently, but the times we've tested it or the times we have had to enable it have been very quick and successful without too many issues behind it. I would say Singularity Cloud Workload Security has helped free up SOC staff to work on other projects. I don't think we have any true measurements of it. However, I feel like they have more freedom to explore or work on projects as a whole versus having to chase down incidents like they did in the past. Singularity Cloud Workload Security has improved our organization’s productivity by at least 50%. If someone is comfortable with another solution, they can stay with it. However, the threat landscape changes so frequently and so fast that not having an up-to-date feature-packed product could be a detriment. Singularity Cloud Workload Security is a good product that provides such an environment for big and small customers. We don't have a large Kubernetes environment. From what I have seen via Windows and Linux, we have not had any serious issues with Singularity Cloud Workload Security's interoperability with any of those solutions. We haven't really used autoscaling as we don't want to scale it mostly for over-licensing our products. It has never been an issue. We just don't want it to grab onto something that it doesn't need to grab onto or implement itself in an environment that doesn't need it. We don't really use that, but we have tested it on a smaller scale, and it has scaled easily without too much issue. I think the solution can help us when we need a significant innovation, a new product, or a new system being implemented. For the most part, it hasn't hindered anything currently in the works, so I see it as a plus to innovate in the future as needed. Overall, I rate Singularity Cloud Workload Security a nine out of ten.

I rate SentinelOne Singularity Cloud a nine out of ten. SentinelOne is a novel form of endpoint detection and response that has assisted us in effectively managing our clients and servers. It provides us with substantial visibility and aids in safeguarding our infrastructure against emerging threats. Regarding maintenance, I check the event logs every two weeks, in addition to reviewing emails, and I update the schedule to manage the agents. The interoperability with third-party solutions is good. We don't have any compatibility issues. SentinelOne Singularity Cloud is updated bi-weekly or monthly and the signature to the client is updated every two days. Evaluating SentinelOne Singularity Cloud is made simple by installing the client and logging into the console.

To those who have a continuous monitoring solution in place, I'd advise them to have something running on their client end as well. Otherwise, you don't have full coverage. I haven't really integrated the solution with any third-party solutions. I'd rate the solution ten out of ten. It's straightforward and not that hard to work with. You don't have to do too much prep work before jumping in. It's an easy solution to implement.