SentinelOne Singularity Cloud Security Reviews

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

We use Singularity Cloud Workload Security to protect all our servers from malware, both present and future. We also use it to protect our user endpoints, such as workstations and employee laptops.

We recently switched from Windows Defender to SentinelOne endpoint protection after a few of our laptops were infected with malware. SentinelOne has been protecting our laptops, endpoints, and servers for two years now, and it has performed well in internal and external audits.

We currently have a hybrid Active Directory environment. SentinelOne itself is a SaaS-based product, so it is fully cloud-based. However, we need to install agents on all of our endpoints and cloud services.

Singularity Cloud Workload Security has real-time threat detection capabilities. We have tested it with multiple clients and ourselves, and it has detected malware every time we have been attacked. Compared to other major security vendors, Singularity Cloud Workload Security had the best detection rates for all the malware we threw at it during our proof of concept.

Automated remediation is policy-based, which makes it very useful. The SentinelOne platform gathers all information about how the threat played out and all the changes that were affected on our system. Using this information makes it very easy to remediate all the damage because we know what happened. Automated remediation is amazing and a key differentiator from other competitors.

For Linux kernels, the agent supports almost all platforms, including legacy Windows, macOS, and Linux. We have a few Linux servers, and the mitigation and all the other features work just as well as on the other operating systems.

Using the Deep Visibility Console, we can thoroughly investigate everything that was called or changed on a computer. This gives us visibility into virtually everything that happens on all of our endpoints at all times, in real-time. This has allowed us to find threats that other vendors would have missed. We can also use the Deep Visibility Console to perform threat hunting. For example, if a threat has been moving around our network, we can track it down to see exactly where it is moving to and how it is working.

The historical data record provided by Singularity Cloud Workload Security after an attack is good. For data retention in terms of threats, we have a one-year retention period. This is a long time, and it is very useful for our insurance policies, as we often need to comply with them. For compliance purposes, the one-year retention period is perfect for us. For visibility logs, for example, we are ingesting some logs, and I believe the retention rate is actually fourteen days.

Singularity Cloud Workload Security has reduced our MTTD. Previously, with Defender, it would sometimes fail to detect threats. Now, we detect and remediate many more threats automatically, almost instantaneously. For example, if we download a malware file, we usually cannot even open it because Singularity Cloud Workload Security detects it automatically with a super-fast response time.

Our MTTR is automatic. As soon as a threat is detected, remediation is performed automatically, according to our policy. We can even generate a report of the remediation and all affected files. This allows us to see everything and ensures that remediation is performed quickly.

Singularity Cloud Workload Security has freed up our SOC staff's time to work on other projects. Before, we were considering hiring a 24/7 SOC team, but with SentinelOne's vigilance package, they take care of almost everything for us. We no longer need an employee to monitor logs and threats 24/7.

Since we are freeing up some time from the operations side, our IT administrators and security personnel do not have to constantly monitor the console to see what is happening. Because we trust the product to take care of malware for us, our productivity has definitely increased. We only check the logs once a week.

Singularity Cloud Workload Security works well with other vendors, so we can even have two EDR solutions if we want to. The exclusions can be done through the console, which is very easy to use. It gives us a list of all the applications that we have installed on all our systems and makes it easy to create different types of exclusions. For example, we can create exclusions for performance reasons or to suppress alerts. There are a lot of options, and they are all very easy to use.

My favorite feature is Storyline. It creates a neat graph that shows us how any threat played out, in real time. We can see all the information about what was modified or changed on our system, such as files that were modified, created, or deleted, and register keys that were created or edited. For a SOC analyst, this information is super useful. We can deep dive into all the information and see exactly what happened on each computer individually.

The second feature is actually part of the SDR platform, and it provides native integrations with other security software vendors, such as Okta or Azure AD. This allows us to ingest all of our audit logs for security events and to take action on them. For example, we can set up an automation alert so that if a threat is detected on an endpoint, we can automatically take action on our Okta or AD environment, such as locking the account that was signed in or forcing a password reset.

I know that SentinelOne is working on additional integrations for their XDR platform, and I would definitely prefer more integrations. I understand that many more integrations are coming soon but by the end of the year. I would like additional integrations. Currently, we have integrations with Azure AD, Okta, Mimecast, and Netscope. Many of our clients and we also use firewalls from Cisco, Juniper, and so on. It would be helpful to be able to retrieve audit logs or actionable items from these firewalls.

I have been using Singularity Cloud Workload Security for two years.

Singularity Cloud Workload Security is stable, and we have not experienced any downtime. 

The stability of Singularity Cloud Workload Security is similar to that of Microsoft Defender.

Singularity Cloud Workload Security is infinitely scalable, with a multi-tenancy feature that allows us to have multiple sites, such as physical sites. For example, if we have two locations, we can easily create admins who have access to only one site or to all sites. It scales really well, regardless of our environment.

The auto-scaling feature is user-friendly. As we install more endpoints, they will simply show up in the console, allowing us to create our own physical sites with their own admins and different policies.

My interaction with technical support was pleasant. They gave me a few tips on how to integrate the new system. They also sent me some documentation, which was already available to me, but they saved me the time of searching for it. They even offered to schedule a team call to discuss the integration and have a team member help us directly. The only downside is that the entire interaction was text-based, so it could be difficult to get a definitive answer to some questions.

Positive

We previously used Microsoft Defender, but some of our laptops were infected with malware anyway. Because of this, we had to redeploy all of our laptops. We therefore concluded that the solution was not working as well as it should in terms of detection and response so we switched to Singularity Cloud Workload Security.

Deployment was straightforward. The agent is simple to deploy, and we only need to deploy it to all of our endpoints. It is a simple installation that requires our site token. We can deploy it through group policies, Intune, or any mass deployment software. I completed the deployment myself.

We evaluated CrowdStrike, Carbon Black, and Bitdefender, and found that Singularity Cloud Workload Security had a much better remediation process. This is because Singularity Cloud Workload Security uses AI-powered detection and remediation, instead of relying on human analysts. This means that threats can be detected and remediated much faster than with traditional security solutions. Another factor that influenced our decision was pricing. SentinelOne is not too expensive compared to other providers, and it offers a wide range of integrations with other security products.

I would rate Singularity Cloud Workload Security nine out of ten.

Maintenance is minimal, requiring only occasional updates. When a major update is available, we receive an email notification. We then accept and deploy the update to all eligible endpoints through the console.

Singularity Cloud Workload Security is very easy to deploy and has one of the best detection rates among vendors. It has a very user-friendly UI that provides a high-level overview of current threats and system status, as well as the ability to drill down into analytics and threat indicators using the visibility console. It is so user-friendly that anyone can use it, regardless of their expertise level. However, for more experienced users, there is also the option to dig deeper into the data.

Singularity Cloud Workload Security helps us spend less time on threats and more time on our core competency, which is consulting work. This definitely improves our productivity and innovation.

We use Singularity Cloud Workload Security primarily as an EDR for protecting our endpoints. We also use it for incident response. We can track down issues or weirdness in our network via Singularity Cloud Workload Security and other tools we have. 

We use it as an additional set of storage for our Splunk SIEM. It collects some of the less important events, and we keep them in Singularity Cloud Workload Security. We save money on storage space and the number of events that we have to search through.

The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link. This feature has helped our incident response team and SOC team to track stuff down and ensure that it hasn't spread further into the network than we're aware of. It also helps us see where it started and take appropriate steps.

While it is good, I think the solution's console could be improved. I'm the SME for Singularity Cloud Workload Security, and the amount of time I have to spend resetting passwords or accounts seems particularly high. We don't use SSO for the time being. It's fairly common for me to go in weekly and reset a password or reissue credentials to get people to log in. This process is very antiquated and could definitely be improved upon.

We have been using Singularity Cloud Workload Security for about two years now.

I have not experienced any issues with the solution's stability. Occasionally, we'll have an issue with an install where it may not install correctly, and we have to pull it out and reinstall it. Other than that, we have not had any serious issues with the solution's stability. Singularity Cloud Workload Security is significantly more stable than our previous solution.

We have not had any issues with the solution's scalability. As we grow and shrink and our offices open and close, we've never had an issue scaling the product according to our needs.

Singularity Cloud Workload Security's technical support team gets to your issue relatively quickly. I've never had an issue where I've had to call in to follow up on a ticket. Other than a complex issue that needed resolving, I've never had any serious issues with them.

Positive

Before Singularity Cloud Workload Security, we used a product called Endpoint Security. With Endpoint, it was almost as if the company that had created the solution had forgotten about it. Its updates were coming slowly, and it wasn't making any effort to improve itself. That was a big push. We saw that SentinelOne was a very new and good product that took many innovative steps. Hence, we decided to use Singularity Cloud Workload Security.

I feel Singularity Cloud Workload Security's initial setup was fairly straightforward. Deploying the product was not terribly difficult. It was more about scheduling and timing on the various teams' parts. Once we had that under control, the deployment of the product itself was very simple.

We deployed the solution by ourselves. We did have SentinelOne support available. A team was available for us, but we did roll it out on our own. Around five people were involved in the solution's deployment.

The solution has provided improvement in productivity and the time spent on issues. With the implementation of Singularity Cloud Workload Security, our teams have been able to more efficiently use their time to fight other fires, as it were.

Singularity Cloud Workload Security's pricing is good. It's pretty similar to a lot of newer products' pricing. A lot of legacy products don't really use it. This newer pricing model seems to be a better fit for our company, and I like that.

Before choosing Singularity Cloud Workload Security, we evaluated CrowdStrike and Symantec. I feel like CrowdStrike is probably an equal to Singularity Cloud Workload Security. However, we decided not to go for CrowdStrike because it was more expensive.

Singularity Cloud Workload Security is a SaaS product, so no equipment or installations are needed other than agents on the endpoints. The ability to be available if we were to have some type of DR incident was a huge plus. That way, we could still keep the tool working if there was some issue with one location or multiple locations. As always, cost was definitely an issue here as well. The features and the efficiency that was offered were also a big draw.

Other than the manual upgrades we do, Singularity Cloud Workload Security doesn't require any maintenance.

I would ask users to put the solution through the spaces, do what they normally do in response to an incident, and see how Singularity Cloud Workload Security acts. If you have a certain set of steps that you take for an incident, follow those in Singularity Cloud Workload Security. Whatever you do with your current product, do it in Singularity Cloud Workload Security, and make sure that every step you've taken in the old one works in the new one.

Singularity Cloud Workload Security's real-time detection and response capabilities seem to be pretty good. They're very on point. We don't have to deal with anything like signatures. It updates itself automatically. It works very quickly and efficiently so that we can track down issues and events without wasting a lot of time.

We don't use the solution's automated remediation too much because taking something out of the hands of the engineers doesn't make everyone very comfortable. So, we use it sparingly, but what it does, it does well.

Cloud Workload Security's forensic visibility is fantastic. We have a smaller Linux footprint than a Windows footprint, but the footprint we do have is very exposed to the internet and other nasty places that are out there.

Being able to look into those and make sure that things aren't open or open things are being remediated quickly is very important to us. We like the solution's forensic visibility feature quite a bit.

The historical data record provided by Singularity Cloud Workload Security after an attack is fantastic. We want to fix the problem initially, but when we do the rehash of the event, we'd like to go back and see where it all started. We'd like to see what happened in the meantime and ensure that everything that was infected, attacked, or damaged is listed and taken care of so that no things out there can reinfect us or cause more problems. So, we really enjoy that feature.

The solution has helped reduce our organization's mean time to detect. It's much quicker than our old solution. It's reduced the response time from 24 hours down to 12 hours for the most part. That's nearly a 50% increase in the response time.

The solution has helped reduce our organization's mean time to remediate. It's good, and it works really well. We haven't had to use it too frequently, but the times we've tested it or the times we have had to enable it have been very quick and successful without too many issues behind it.

I would say Singularity Cloud Workload Security has helped free up SOC staff to work on other projects. I don't think we have any true measurements of it. However, I feel like they have more freedom to explore or work on projects as a whole versus having to chase down incidents like they did in the past.

Singularity Cloud Workload Security has improved our organization’s productivity by at least 50%.

If someone is comfortable with another solution, they can stay with it. However, the threat landscape changes so frequently and so fast that not having an up-to-date feature-packed product could be a detriment. Singularity Cloud Workload Security is a good product that provides such an environment for big and small customers.

We don't have a large Kubernetes environment. From what I have seen via Windows and Linux, we have not had any serious issues with Singularity Cloud Workload Security's interoperability with any of those solutions.

We haven't really used autoscaling as we don't want to scale it mostly for over-licensing our products. It has never been an issue. We just don't want it to grab onto something that it doesn't need to grab onto or implement itself in an environment that doesn't need it. We don't really use that, but we have tested it on a smaller scale, and it has scaled easily without too much issue.

I think the solution can help us when we need a significant innovation, a new product, or a new system being implemented. For the most part, it hasn't hindered anything currently in the works, so I see it as a plus to innovate in the future as needed.

Overall, I rate Singularity Cloud Workload Security a nine out of ten.

We use the solution basically for AD protection. We get to see at a deeper level the different processes that are being run on computers.

We've been able to stop any potential malicious actions that are being taken on various computers.

Their detection of potentially malicious stuff is probably the most beneficial feature and their new Singularity XDR is an awesome platform.

The solution's real-time detection and response capabilities are very good. Pretty much anytime that there is something that we might see as potentially malicious is caught. Depending on the type of computer it is, it does a great job of blocking those actions that are being taken. 

It's really easy to configure enterprise-wide, which actions we want to stop. It's very easy to stop malicious stuff.

The solution's automated remediation is really good. We're doing the rollback also now. That way, if something does happen, it's able to roll back to the state before the process happens.

The solution's forensic visibility into our Linux kernel in regards to deep visibility is really good. It is very granular. It's able to show everything that it did. 

The historical data record provided by the solution after an attack is great. You're able to search by different computers. You can get a whole scope of computers - as much as you want. You're able to get as granular as you want as well and can identify different cross processes than indicators and different files that were launched during a period of time.

It helped reduce our organization's mean time to detect very significantly. We had Endgame before this. It did not stop the processes in a manner of time that you would like it to. This definitely improved our response time to anything that we saw. It's very fast. It's improved the response time by 50% to 75% from just detection time to our response. 

The solution reduced the organization's mean time to remediate. It is as fast as the potentially malicious process that's launched. It'll stop it right then and there. It'll remediate the action immediately. 

It helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console.

The solution's impact on your organization's productivity has been impressive. We just had to put a bunch of time upfront. However, ever since then, we haven't had to really do much there besides analyzing threats.

There's the singularity marketplace, which they've expanded a bunch. However, there are some other APIs that I'd like to see. We'd like to be able to connect to them from a SIM perspective.

The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint.

I've used the solution for about a year and a half.

The stability is very good. I'd rate stability ten out of ten. I've never had issues. It's never been down. 

We have four different properties on which agents are one and 1,700  workstations as well as 250 servers. 

The product is scalable. We have about 2,000 endpoints. If we had 4,000 or 10,000 it really wouldn't be an issue. It's just a matter of configuring your groups. It's good at autoscaling based on workload demands. 

Technical support is really good. Whenever a threat comes into our environment, they will comment and give analysis. That's been very helpful in covering items we're not totally sure of. 

Positive

I previously used a different solution called Endgame. We did a POC with Crowdstrike and SentinelOne and SentinelOne was a much cleaner, easier-to-use console.

The initial setup did take some understanding on our part of how we wanted to split and group. We needed to figure out how to split our servers and workstations. That was the hardest part. After that, we had to get our policies in order. 

We were able to get everything up within a week to where we were comfortable with how everything was running. We're still tweaking little things. 

We had three people on our team and two people from professional services. 

Maintenance is minimal, such as adding exclusions to threats or alerts. 

We did initiate the setup with professional services. 

We have noted a good ROI and haven't had a single incident since implementing the solution. 

The solution is fairly priced for what they're offering especially compared to other platforms. It gives you great visibility into the different processes that are running on different computers. It's fairly priced, especially for a cloud platform.

We are customers and end-users.

If someone doesn't think they need a singularity cloud workflow protection platform because they have a continuous security monitoring solution, I'd say it depends on whether you're able to block potentially malicious stuff or not. This solution gives you just about the fastest understanding from a machine-learning perspective. 

This is much better than our previous solution. They've innovated a lot in terms of their deep visibility and singularity XDR (which is more granular).

I'd advise potential users to do a POC no matter what. That said, this is a great product. I rave about it to everybody. It's likely my favorite product for our environment.

I'd rate the solution ten out of ten. 

SentinelOne Singularity Cloud Security is deployed on all our servers except for user machines. When Singularity identifies a downloaded application as malicious, it triggers an alert sent to our SIEM console. We can then investigate the alert details, including associated logs, to determine if the malware is static or actively malicious. We can also investigate suspicious IP addresses or domains. Additionally, Singularity monitors process creation and can provide forensic data on security incidents, including information about backdoor connections and the applications involved, like Chrome or other browsers.

SentinelOne Singularity Cloud Security stands out for its user-friendliness compared to competitors like CrowdStrike, FireEye HX, and Microsoft Defender. Unlike these tools, which can be cumbersome for tasks like running queries or searching for logs, Singularity offers intuitive interfaces and delivers results in seconds, even for complex searches across various hash formats, like MD5, SHA256, etc., without needing conversion.

Our existing SIEM console allows us to analyze alerts triggered by the SOC team. We can investigate potential false positives or conduct tests directly within the console. Additionally, the console facilitates quick searches for IOCs to identify malicious communications. Furthermore, Singularity Cloud Security offers a central management console for automated machine reboots, containment, and even self-maintenance in response to high-severity security alerts. This eliminates the need for manual intervention.

We saw the benefits of SentinelOne Singularity Cloud Security within the first two months of transitioning from FireEye HX. Singularity was easy to manage, and we were able to identify vulnerabilities.

SentinelOne Singularity Cloud Security has helped reduce the false positives we receive by 15 percent compared to FireEye HX.

Singularity has helped reduce our mean time to detect. The automatic containment of the infected machine is done within the first ten seconds of detection.

Singularity has helped reduce our mean time to remediate. 

The user-friendliness is the most valuable feature.

SentinelOne Singularity Cloud Security offers a custom search function with a default 14-day limit. Extending this period to 30 days requires an additional license. A two-month grace period for extended searches would be a valuable improvement. Additionally, enhancements to the threat-hunting capabilities of the hunter module are recommended.

I have been using SentinelOne Singularity Cloud Security for two years.

We had an incident in which they pushed a patch without notifying us and without testing, damaging all of our security controls. 

Neutral

We previously used FireEye HX but shifted to Singularity because we saw the potential while the POC was going on. The top three endpoint security solutions are SentinelOne Singularity, Microsoft Defender, and CrowdStrike. FireEye HX is not one of them.

The initial deployment's complexity was moderate. The entire deployment took six months to complete.

The implementation was completed with the help of the vendor.

I would rate SentinelOne Singularity Cloud Security seven out of ten. The lack of a 60-day search option for the log source lowers the overall score.

The endpoint security team does the maintenance.

SentinelOne Singularity Cloud Security is a good product that is easy to use. 

We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. 

We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.

We are a services company. We are working for multiple clients from the banking sector or the finance sector. They have to follow the rules and regulations of their country. Each country has multiple compliance requirements, and SentinelOne Singularity Cloud Security helps with the compliance standards that need to be followed. We get reports on the basis of that. We get to know our compliance level. It helps organizations to achieve a high level of compliance.

Its reporting is very good. We do not have to go to the portal and see things again and again. All the required reports go to the respective teams. We have created multiple reports on the basis of applications and cloud accounts. The reports directly go to the application team or the cloud team. They are working on the security posture.

Offensive security is my favorite feature. It gives a lot of things with evidence. It also provides the severity levels, such as critical, high, and medium.

SentinelOne Singularity Cloud Security has reduced false alerts. We are using SentinelOne Singularity Cloud Security every day, and we are able to see every configuration. If we find anything different, we work with SentinelOne Singularity Cloud Security's support team. We create a support ticket as a bug or as a false positive. We are able to close an issue on the basis of priority.

SentinelOne Singularity Cloud Security is protecting our overall infrastructure. It protects our configuration, network, and IM configuration-related things. We trust SentinelOne Singularity Cloud Security. We are getting good results, and we hope to keep getting good results in the future as well.

SentinelOne Singularity Cloud Security has reduced the mean time to detect. If needed, we can also run a scan, and the results are reflected in the SentinelOne Singularity Cloud Security portal.

SentinelOne Singularity Cloud Security has reduced our mean time to remediate. It also has auto-remediation capability, but we are not using that. As of now, we are following the information given for closing an alert. This information makes it quite easy. It is very helpful. We do not have to search on the web to find a way to fix the issue. The description it provides is good enough.

SentinelOne Singularity Cloud Security has affected the collaboration among our cloud security, application developers, and app sec teams. All the teams are on the same platform. They are able to communicate with each other.  

The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well.

Its UI is quite easy. The recommendation part is also quite easy to understand. Users can read the description, and they get to know which action to perform. It is quite easy to use it and onboard things. I would rate it a 9 out of 10 for the ease of use.

For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue. This is a feature request that we have. We are trying to get that done as soon as possible.

We have been using SentinelOne Singularity Cloud Security for the last year. We are implementing it for customers. We are also trying to be a partner of SentinelOne Singularity Cloud Security or SentinelOne.

It is stable. I would rate it a 10 out of 10 for stability. We have not faced any downtime. The platform is working well.

Its scalability is very good. We can onboard multiple accounts, Kubernetes clusters, or ECS services on a single platform.

I have contacted them. We also have a Customer Success Manager whom we can contact via email. Whenever required, we raise a support ticket with them. We get a call from them, and it gets resolved every time.

We also have biweekly calls with the SentinelOne Singularity Cloud Security team. We discuss any issue that we have with them. They let us know about the things they can do. They provide us with updates. This is how we are working with the SentinelOne team or the SentinelOne Singularity Cloud Security team.

Positive

SentinelOne Singularity Cloud Security is a SaaS solution. It is easy to deploy it for a customer. If we have all the permissions on the infrastructure, we can onboard any cloud within an hour. However, in an organization, some approvals might be required. In such a case, it can take a week.

It does not require any maintenance. Whatever they are doing is quite good, and the application is working fine. They let us know about their maintenance plans via email. We get to know that downtime is at a specific time. So far, we have not had any issues. It has been pretty good.

We have not used SentinelOne Singularity Cloud Security's agentless vulnerability scanning. We are trying to onboard all the features and enable them in our tenant. Currently, there are a few features that we have not enabled because we have onboarded some of the accounts as a single account. We are trying to onboard all the accounts at the org level, but we are facing some issues. We are communicating with the SentinelOne team. We are trying to get it done as soon as possible.

We have done a PoC of IaC for some of the projects. In a couple of months, we will start with this feature. It is quite a good feature because we get to the issues in our code before deploying it. It is very good for developers and the Infra team. They do not have to worry after the deployment of the application.

Overall, I would rate SentinelOne Singularity Cloud Security a 10 out of 10. It is helpful. It is easy to use and easy to understand. It makes it easy to explain things to the customers.

We were looking for an XDR solution that we could deploy to all of our computers since all of our users are mostly remote, and we previously had firewalls at branch locations. When workers went somewhere else, it wouldn't provide any protection. We wanted to make sure that they had protection no matter where they went. 

We were trying to cover as many security bases as possible, mostly around malware. A lot of people focus on antivirus, and most of the problems that businesses face are ransomware or malware. I wanted to make sure we had something that was competitive against that.

It's improved the organization in the sense that it's taken a lot off of our plate as far as having to track down trace vulnerabilities and remediate different threats against our end users, especially when they're in different locations all the time. The product gives us peace of mind no matter where our users are. They're always going to be protected if they have the endpoint installed on their computers.

The automation is great. Not having to focus on it is helpful. The portal itself is very easy to use. The amount of granularity that can be configured is really wonderful. There are a lot of things that it can do, however, since we're a small IT team, having it able to automate and remediate different flaws and things like that is very, very helpful.

The real-time detection and response capabilities are excellent. That's pretty much what sold us on it. We had that done in the demo, and we were shown how ransomware can be immediately stopped in real-time. That was huge.

Its automated remediation is useful for us. As a small IT team, that's something that we needed. We don't have time to be able to go in and track down and investigate every time there's a vulnerability. Being able to have it auto-remediate for us and being able to see what's going on is extremely helpful.

The historical data record provided by the product is good. We've seen a few vulnerabilities come through, and it has shown us everything we need to see. I have a somewhat limited experience with the small amount of vulnerabilities we've seen. That said, it seemed to show us everything that we needed to see. It was very good.

It has helped to reduce our organization's mean time to detect by four or five hours. It could be even more, depending on what the vulnerability is. It's at least several hours at this point. The same is true with our organization's mean time to remediate. 

It's helped free up staff time so that they can work on other projects. We're a very small IT team and most of us do everything and it's helped reduce our workload. On average it has likely saved two to three hours a day.

It's also positively affected productivity. Most security solutions can sometimes hold up files from being downloaded and things like that. So far, it's been great. It's been completely transparent to our end users as far as I know. And that those things that it has remediated have been done on the back end and it alerted us admins so as to not affect end users.

The interoperability with third-party solutions has been fine so far. 

Some of the navigation and some aspects of the portal may be a little bit confusing. That could honestly be just due to the fact that we're not used to it yet. 

We just have the cloud-based version. The complete version has some extra deep-dive stuff. There are some features that we don't have or that I would like to have in there, however, we just aren't able to afford that at this point.

I've used the solution for probably two months at this point. We are fairly new to it.

The solution has been nothing but stable. 

The product is deployed across our company and we have 450 users coast to coast. Most of our remote workers are based out of Houston.

It is scalable. As soon as we need to add somebody, we just add them to NinjaOne, and then we have a script set up where it automatically deploys and adds them to whichever group we need. 

We're in a high-turnover industry. It's easy to add or remove people, especially with NinjaOne.

I have yet to use technical support. 

We didn't use an XDR solution. We used SonicWall firewalls and we had a Check Point antivirus for a short time, however, Check Point was very intrusive, and it was difficult to work with.

With this product, everything is centralized. We don't have to go to more than one place to detect or figure out what's going on.

I was involved in the deployment. It was straightforward. We actually used another platform called NinjaOne. The process was very smooth.

We beta-tested the solution with about ten to 15 of our users and made sure it wasn't going to interfere with anything before we pushed it out completely. After testing for a week we pushed it out to the rest of the company.

We had three staff members who managed the deployment. 

It does not require any maintenance. 

We did not use any third parties. We simply used NinjaOne to help with the deployment. 

We have witnessed an ROI. So far, we've saved tons of time having to remediate and detect - things of that nature.

The pricing was competitive. The price was very, very important to us, and it came down to the price when we were doing our evaluations WatchGuard and SentinelOne. They were similarly priced. SentinelOne seems like it's more mature. It was close enough to where it was worth it to go with the SentinelOne.

We also evaluated WatchGuard and a few other options. With this product and WatchGuard, there were not a lot of differences. That said, we did not use both in our production environment. This product seemed to be easier to navigate and was a little more user-friendly as far as finding remediation options, and vulnerabilities. We also had an easy experience with the licensing. WatchGuard's licensing seemed unnecessarily complicated. 

We haven't had to look into the forensic side yet. I did again see that in the demo, yet we haven't in the real world had to do that. Hopefully, we won't have to for a very long time. Therefore, I don't have much experience with that yet.

I'd ask someone who doesn't think that they need a workload protection platform if they have a continuous security monitoring solution in place if whatever they have detects and remediates in real-time. I'd be surprised if there was something else out there that can do what this solution does for cheaper. 

It supports our ability to innovate. We don't have to worry about security aspects. We really get a chance to focus on other things. That's nice for a small department like ours. 

I'd rate the solution nine out of ten. It's been a great fit for our company. There are other solutions out there. This solution, however, is hard to beat.

Singularity Cloud Workload Security gave us the visibility we needed and freed up time to do other tasks. It narrows down the false positives that we got with the previous solution.

We use Singularity Cloud Workload Security to detect threats and protect our assets. We look at the threats that come in and whether they're being blocked. We use Singularity Cloud Workload Security as an anti-malware threat management product.

Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks.

We had a couple of issues with the solution's deployment. We had to deploy the agent, and sometimes there were issues. It feels like we're battling a version of the software when we have to deploy an agent over another agent. It would be really helpful if the solution improves its agent deployment process.

I have been using Singularity Cloud Workload Security for over a year.

I haven't heard from our team about any stability issues with Singularity Cloud Workload Security. Singularity Cloud Workload Security is more stable than our previous solution.

Singularity Cloud Workload Security handles anything we throw at it. The scalability is good.

When we have an issue, an online engineer from their group helps us resolve it within an hour or two. I haven't heard anything negative about the solution's support from our team.

Positive

I was involved in the selection and the proof of concept process. I wasn't on the call for the installation, but I overheard our two engineers involved in the solution's installation. The solution's deployment was pretty quick, and they installed it in one day.

We implemented the solution with an in-house team.

Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at. One product was a little bit cheaper, but its functionality and the overall product weren't as good as Singularity Cloud Workload Security. One of the vendors' prices was almost double what we would get thus far. Talking to their engineer and salesperson put our minds at ease when we got it. We knew they would be there for support, and they have been really good.

I'd ask users to take a good look at Singularity Cloud Workload Security because it brings a lot of value to the table. For its price, the solution does a good job compared to some other solutions.

Singularity Cloud Workload Security’s automated remediation works great.

The solution’s real-time detection and response capabilities work great for us. It frees up time, unlike our previous solution, where we had a lot of false positives. 

It's granular, and you can take a deeper dive into something if you need to. You can analyze and get a verdict. It's easier to narrow it down and pinpoint it with more detail.

The solution helped reduce our organization’s mean time to detect. Singularity Cloud Workload Security is quicker than our previous solution. We are a small group of just five people, and we have to do instantaneous detection to stop things from coming in quickly. We like that part a lot.

The solution helped reduce our organization’s mean time to remediate. It lets us analyze an incident, report the status quicker, and escalate it quicker than our previous solution.

Singularity Cloud Workload Security helped free up SOC staff to work on other projects. It probably freed up 10 to 15 hours a week. Before, we spent a couple of hours a day sifting through events and trying to see if they were false positives. The solution freed up a lot of time.

We have seen an impact on our organization's productivity using Singularity Cloud Workload Security. With the freed-up time, we're able to do a lot of other work. We use other products and look at phishing emails. It frees up our time to study more than we did in the past.

I would have users look at their visibility across their environment. The solution's quick response to threats, ability to act on them, automated incident response, and forensic investigation capabilities are really good. The solution provides you with 24/7 threat monitoring detection.

We work eight hours a day when we have someone on call. It's nice to know someone else is also looking at our events. They're there to dive in with us when we need them to help increase our team. Even though they're not on our team, they're there to help us.

Overall, I rate Singularity Cloud Workload Security a nine out of ten.