SentinelOne Singularity Cloud Security Reviews

I consider it a cloud security posture management tool. It is being used for the overall posture of the environment. 

By implementing Cloud Native Security, we wanted to monitor end-to-end misconfigurations. That is why we started with it. We are now also using one other module for detection and response, but mainly, we are using it to monitor misconfiguration and benchmark compliance.

It is pretty good. It has good coverage and a good reporting system.

There has been tremendous improvement since implementing Cloud Native Security. Cloud Native Security reports any misconfiguration that is there in the infrastructure. We do not have to go and check each service individually. It has helped a lot.

For compliance management, we can find the benchmark compliance status in Cloud Native Security directly. We do not have to do anything. Many benchmarks that we are supposed to follow are added by default. It is pretty easy for us to showcase compliance to anyone.

Misconfiguration detection has been the most effective for threat detection in our cloud environment. We are mainly focusing on the misconfiguration. I can see any configuration-related issues in all the modules.

Because it covers all the modules, every single aspect of the compliance has improved. We were able to find out the critical issues related to cloud infrastructure. It is a real-time monitoring system, so, at any time, we can check and confirm.

Cloud Native Security provides information about the exact affected area. We can easily locate a resource in a particular account or service. It is very clear from the Cloud Native Security report where to look for a particular misconfiguration. They have also added a graphical representation.

The reports tell us what is the impact, how critical it is, and how to locate the issue. That helps to prioritize things and fix a critical issue on an urgent basis. It is easy to analyze things from our side.

After implementing Cloud Native Security, we were able to implement so many best practices. Initially, we were getting different types of issues. We learned from those issues, and we are now implementing best practices based on that. We are also able to do real-time monitoring.

It has helped reduce the number of false positives we deal with. We are hardly getting any false positives. Previously, if we had four false positives, we now have only one false positive.

Cloud Native Security's ease of use and precision in detection have improved our risk posture a lot.

Cloud Native Security has saved our mean time to detect. It has saved a lot of our time. It has saved almost 95% of the time because we cannot go and check all the services in AWS. It is very vast. Cloud Native Security gives us specific information. There is no manual effort.

Cloud Native Security has not helped reduce our mean time to remediate because remediation depends on so many factors. It has nothing to do with Cloud Native Security. We are getting the issues, and the team is responding to them. After fixing them, there is a lot of improvement in the number of issues.

It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end. The other thing is the coverage. As far as I know, it has pretty good coverage. 

It is very easy to use. I would rate it a nine out of ten for ease of use. 

We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks. 

I have been using Cloud Native Security for around ten months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

Overall, we have seven users of this solution, but at a time, we only have two active users. It is being used in a single location.

Their support is good. Whenever we have doubts, we get proper support. We connect with them and resolve the issue. I would rate them a nine out of ten.

Positive

We did not use any other solution. This is the first one.

It is on the cloud. The implementation phase varies. It can take a few months.

It does not require any maintenance.

I am not involved in the pricing, but it is cost-effective.

I would recommend Cloud Native Security to others. Overall, I would rate Cloud Native Security a nine out of ten.

SentinelOne Singularity Cloud is on our computers and servers, mainly for threat hunting. I use it to ensure our devices remain healthy and are virus-free, ransomware-free, and threat-free.

We've felt more comfortable having SentinelOne Singularity Cloud because we've had a safer environment. The benefits from the platform were immediate.

What is most valuable in SentinelOne Singularity Cloud is that it can detect any threat on a machine or is being installed on a machine, so it is a platform that helps keep the environment safe.

I also found the real-time detection and response capabilities of SentinelOne Singularity Cloud impressive because it is a platform that uses artificial intelligence to determine what is normal and what is abnormal and can lock down any virus it may encounter.

SentinelOne Singularity Cloud has good automated remediation capabilities. It can catch threats that other antiviruses do not.

The platform also has a very good deep visibility feature, enabling you to run scans and find what you need.

SentinelOne Singularity Cloud provides excellent historical data to find what you need.

The platform reduced my organization's mean time to detect and mean time to remediate anywhere from a week to sixty days.

SentinelOne Singularity Cloud also helped free up SOC staff, enabling staff to work on other projects or tasks. Through the platform, the team does not have to spend as much time trying to go through different objects on the machines manually.

SentinelOne Singularity Cloud hasn't had a direct, everyday impact on my organization's productivity. What it has an impact on is uptime whenever there is a threat on a computer because it blocks it.

The platform has good interoperability with third-party solutions and integrates smoothly.

SentinelOne Singularity Cloud is able to support my organization's ability to innovate. It is good in that aspect, though I have yet to work with that extensively.

SentinelOne Singularity Cloud sometimes has false positives, but the main area for improvement I want to see is for it to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is.

I've been working with SentinelOne Singularity Cloud for about three years.

I found SentinelOne Singularity Cloud stable.

SentinelOne Singularity Cloud is scalable, and it is pretty seamless in terms of autoscaling based on my organization's workload demands.

I have not contacted the SentinelOne Singularity Cloud technical support team.

My organization used Windows Defender but switched because SentinelOne Singularity Cloud was more robust.

Due to its notifications, you can also have the turnout time of obtaining telemetry data from SentinelOne Singularity Cloud automatically, so you do not have to watch it constantly to see the data. The platform automatically shuts down the computer, takes it off the network, and then reports to you versus Windows Defender, which requires you to do a little more research into the items, as it did not provide as much information.

I was involved in the initial setup of SentinelOne Singularity Cloud, which I found pretty straightforward.

We worked with a consultant in implementing SentinelOne Singularity Cloud.

Only two people were involved, and the process took about two weeks.

I believe there is ROI from SentinelOne Singularity Cloud because of its impact on productivity through its ability to remediate and self-resolve some of the items.

I have no information on how much SentinelOne Singularity Cloud costs.

We did not evaluate other options before choosing SentinelOne Singularity Cloud.

If someone were to tell me that they do not believe they need SentinelOne Singularity Cloud because they have a continuous security monitoring solution in place, I would disagree because, with the SentinelOne Singularity Cloud platform, you can allow or disallow items within the machine. It automatically disconnects the machine from the network, helping you determine what is happening.

My organization works with the cloud version of the platform. It is deployed in multiple departments, and about four hundred users work with the endpoints.

SentinelOne Singularity Cloud requires maintenance, but it's not difficult to maintain.

Only one person takes care of the maintenance of the platform.

My advice to other users who would like to start working with SentinelOne Singularity Cloud is that I would highly recommend it based on its abilities and what it can find and remediate for you. It is easy to deploy and maintain, so I would tell others it is a solid platform.

My rating for SentinelOne Singularity Cloud is eight out of ten.

We are a channel partner of SentinelOne in Brazil. We have a distributor that we use to sell SentinelOne. We are very happy and very proud to represent SentinelOne here.

SentinelOne Singularity Complete helps consolidate security solutions. There is a hot discussion about the future of the Security Operations Center. Security Operations Centers generally use SIEM and SOAR, but SentinelOne Singularity XDR can also help there because you can see what is happening not only on the endpoints but also in the network. In other words, you can replace the NDR solution. We also see it going all the way to include all the clouds. This ecosystem is very important to us. In the near future, we see it being used for all the problems related to detection and response in cybersecurity.

Our customers use the Ranger functionality. There are two Ranger versions. There is Ranger AD, and there is Ranger Pro. SentinelOne Singularity platform has its own security ecosystem. You do not have the need to buy other solutions. For example, we sell a ZTNA solution. If you have ZTNA, you do not need to buy a PAM solution. You do not need to buy a NAC solution. The ZTNA technology has replaced all the other solutions. It is the same thing with Singularity. If you buy the ecosystem of Singularity, you do not need to buy several different technologies.

Ranger can do all the hardware inventory. It can point out the versions of the operating systems and then you can apply patching to update the versions of the operating systems. You can use Ranger in different ways. For a security professional, it is a very powerful tool.

It sends you alerts and warnings about possible incidents, but you do not get too many false positives. It is precise. You get real information about an incident.

It is very important to have good hygiene of your endpoints and your network. The uptime of the endpoints and networks is very important. SentinelOne Singularity Complete provides a good uptime. Incident identification is very important and having fewer false positives is also important. The SOC staff knows that if SentinelOne Singularity points out an incident, they have to pay attention to the threat. It is a very good checker.

SentinelOne Singularity Complete reduces the organization's risk.

ITDR or Ranger AD is an important feature for me.

It integrates very well. We sell different products from different vendors. We know that the SentinelOne Singularity platform can be integrated with several different solutions from different vendors. We sell products of a Spanish company, and they support the integration of logs produced by SentinelOne into their platform. We see the capacity to integrate SentinelOne with the solutions of other vendors. It is very important because you can get not only a more integrated ecosystem but also a more powerful ecosystem.

All EDRs are made of different modules. There is a firewall module, an IPS module, and an application module. The application module focuses on the different codes and libraries that can be run on the machines. It is very important for Singularity EDR to detect what type of codes and what type of libraries can run in the machine. If they can implement a white list or a black list of codes or libraries that can be used in the machine, it would be very helpful. They can focus more on the application module.

It is a short duration because we started to be a channel partner of SentinelOne two months ago, but we are very focused on SentinelOne.

Their technical support for me is good. I am not involved in the deployment of the solution, but I have not heard any kind of complaint about the support. 

Positive

We are currently using McAfee in our company, but we are going to move to SentinelOne.

I am a very experienced security professional. I have got the CISSP certification and other specific certifications. I see too many different products. I have good experience with Trend Micro, but I find SentinelOne Singularity more comprehensive.

We are trying to replace the solutions from other vendors. Customers are trying to use more powerful tools such as CrowdStrike or SentinelOne. We do not believe that Microsoft has a very good solution. There are a lot of people who speak about problems with Microsoft Defender and other components of the Microsoft ecosystem. The technical side is not the only factor. Price too is important, but we are trying to replace it. We have some good prospects to replace EDRs or other malware detection tools with SentinelOne Singularity.

I am a security architect. I am not involved in the deployment of the solution. Some other guys in the technical area are involved in the deployment, but from what I hear, there is no problem. You have to do some configurations.

The deployment duration depends on the customer. If you have an SMB customer, it takes less time than to deploy it for a big customer.

We have a team of technicians who are specialized in different kinds of companies. They are specialized in the cloud and other things. We have about 10 people. They take care of the deployment and configuration of the solution. We can also count on the specialist from the distributor for support and vendor support.

You get good support. You get a good product and you are going to be protected. The technology can be integrated with different tools. This is important. We do not live alone in this world. There are other vendors, so the capability to integrate is very important. Singularity Complete is going in the right way.

The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity. This is important for customers because they can add some new features. They do not need to change the product. They can simply add a new feature.

My company is a reseller of SentinelOne. It is one of the top solutions as per Gartner's Magic Quadrants. I am always interested in everything that comes from SentinelOne. I have watched the recent webinars about the latest launch of SentinelOne. There is going to be Purple AI. They have a new console, and we are waiting for it.

What we see here is that companies or customers want more features. The gap between EDR and XDR is too large. XDR includes cloud workloads of the systems and network and not only the endpoints. SentinelOne EDR is a very good solution. You do not need to monitor the Windows operating system. SentinelOne can do this for you. For example, the registry of Windows is the most important part of the operating system. SentinelOne EDR can see what happens in the registry. It can warn about any modification in the registry.

The Singularity ecosystem is very powerful. SentinelOne is very focused on expanding the reach of Singularity and making it a more comprehensive solution. SentinelOne is doing a very good job to get there. We believe that there will be a consolidation of the market, and SentinelOne will survive this consolidation because SentinelOne Singularity is a very powerful and very good solution.

I would rate SentinelOne Singularity Complete a nine out of ten. We have a very good relationship with SentinelOne.

I'm taking a look and digging into applications. I use it for general analysis. 

The visibility is very good. It allows me to go deeper into my investigations. It gives me the information I need. 

I do use the vulnerability scanning every day. It's excellent. I have no complaints. 

We do get false positives, however, it can be from downloading from dodgy sites or whatever the case may be. 

The mean time to detect is good. It's very fast.

It's good as is. From a beginner's perspective, while it's not necessarily complicated, it can be confusing. However, once you get the gist of it, it's pretty clear. For example, when you first go on it, you don't know what's going on. A few YouTube videos could be helpful. There isn't a lot of information out there to look at. 

I've been using the solution for roughly six to seven months. 

The stability of the solution is good. There is no lagging, crashing or downtime. This year we haven't had any downtime with the solution. 

The solution is very scalable. 

I've never contacted technical support. 

I did not previously use a different solution. 

When I joined the company, it was already being used; I did not set up the solution.

It doesn't need ongoing maintenance, although there are occasional agent updates. 

I don't know about the pricing or licensing. 

I'm an end-user.

I've never used the evidence-based reporting or the offensive or infrastructure-as-code scanning yet. 

I'd rate the solution nine out of ten. 

We use the product across all of our entities for EDR, threat detection, and response methods.

We wanted a solution for protection. We had a number of entities with various EDR solutions. We wanted to centralize under one EDR solution, and we wanted one that was efficient and easy to manage with a small team.

The biggest thing for us was getting to a single platform. A single pane of glass has been nice. The ability to segment various sites out. The R-Back involved is super helpful for us as we are a multi-company organization. In general, the time has been greatly reduced for incidents.

The ease of use of the platform is very nice. The console provides excellent visibility into events that occur and, in general, the wide range of tools that are built into the agent itself.

My impression of the product's real-time detection and response capabilities is good. It definitely is a little bit different. It takes a little bit more time to learn than some of the other solutions that we have worked with in the past. Once you do understand it and once you're capable of running through the GUI and you understand what the logs and various windows they're trying to tell you, it's fairly straightforward.

The solution's automated remediation is good. I like that you can segment it into four options. You can choose to kill it at any time in the kill chain, so you can choose to quarantine it, you can choose to remediate, you can choose to roll back, you can choose to let it run. Being able to choose how far along you want those events to get is pretty nice.

The historical data record provided by the solution after an attack is decent. It gives you a flowchart of the attack. All along the processes you get good visibility and see all that were detected. Definitely, from a post-incident analysis perspective, it's very strong.

The solution has helped reduce our organization's mean time to detect by 20% to 30%. Given that extra 20% to 30%, it frees us up to focus on other items. 

The solution's impact on our organization's productivity is good. It provides robust whitelisting capabilities and improves our productivity. 

Agent releases need to be more stable before being pushed out. 

Bugs need to be disclosed quickly.

The reporting, and the logging visibility, are not there. It's very, very crude and simple. It needs to be drastically expanded. 

They need to expand their third-party integrations with SIM tools, and sites need to be given the option to expire at the end of the contract as well.

They could expand their integration with Kubernetes. They are trying to build out their third-party integrations. It does work well on Windows and Mac. 

I've used the product for three and a half years. 

Agent stability and communication with the console and agents going offline can be an issue. It can be time-consuming to coordinate and fix. However, the cloud console is very resilient. It's mostly the agent releases where we might have issues. CrowdStrike agents seem a little more stable. 

We have about 3,000 users using the solution.

Scaling is no issue. 

Technical support is hit or miss. We have worked with some good agents and some less knowledgeable. 

Positive

We have used different solutions, including the fact that we still CrowdStrike at a couple of companies. We are now moving more fully towards SentinelOne.

The simplicity and ease of use were big and where SentinelOne stands out. It's a set-and-forget policy. Based on what we saw in testing, it was the best option. 

In terms of telemetry data, we were all over the board.

The initial setup was a little more complex when we first started. However, they've smoothed a lot of their implementation out and so it's gotten easier over time. It took us a couple of weeks to a month to deploy. About 20 were involved in the deployment. We have 30 to 40 companies around the world and it's across every company and every department. 

The solution does require maintenance. You need to have agents up to date and cases closed properly. It does require you to be invested. 

We have witnessed ROI. It's comprehensive in its detection capabilities and has saved us from multiple attacks. We've likely saved 30% based on prevented attacks. 

The solution is relatively cheaper and is willing to work with companies on pricing. 

We are customers.

For those who believe they already have a continuous monitoring solution in place, I'd advise that SentinelOne knows its own product. They can provide that extra confidence that nothing gets missed. And if you see a high number of alerts, they're able to really help you discern those and get down to the ones that matter most.

The solution doesn't affect our ability to innovate one way or another. It doesn't hold us back.

I'd recommend the solution and advise running a POC in your environment. It's good to run against CRowdStrike. They are seriously contending against CrowdStrike.

I'd rate the solution eight out of ten. 

The most beneficial aspect of adopting these solutions is gaining visibility. We manage false positives efficiently, using tools like Tenable, which also provide visibility and help differentiate between actual risks and false positives concerning vulnerabilities.

Visibility is the most important aspect. Azure Monitor, SentinelOne Singularity Cloud Security, and other tools help gain visibility into our environments. Previously, we did not have any information about our environment. We now have visibility.

Evidence-based reporting is essential as it guides us in deciding and prioritizing vulnerability by improving our understanding of our environment. Before implementing these tools, obtaining information about our environment was challenging.

The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializing in the implementation of SentinelOne Singularity Cloud Security is very important, as it can save time during the implementation process.

I have used this solution for four or five years.

In my previous company, we once discovered a problem in one of our environments using SentinelOne, but I do not remember exactly what the problem was.

I have not used any similar solution. SentinelOne offers a comprehensive solution for the complete environment. It is very difficult to get the same results from different partners and manufacturers.

It is easy; it is not difficult.

Usually, we make a deal with a specific partner specializing in implementation. We do not implement it on our own.

Most security solutions are easy to use but require minimal knowledge to implement and maintain them.

Overall, I would rate this solution a nine out of ten.

We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by SentinelOne Singularity Cloud Security for best practices and good security. In the past, we've had code exposed to the internet, and SentinelOne Singularity Cloud Security has been able to catch such instances. Basically, it is for security and monitoring purposes. 

We've been able to integrate SentinelOne Singularity Cloud Security with out AWS and deployed their agents to Kubernetes. For production and compliance purposes, it allows us to monitor actively for issues from one place. 

The solution reduces notifications.

We mainly use it for monitoring and security guidelines only. It's been really useful for us in terms of the developer accounts. If any have been exposed, we get notified and we can take care of issues before anything happens. 

We haven't seen any server downtime. It's always been available when we've needed it. 

The UI is very nice, and feature-wise, it's very good.

It has very good documentation. 

Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful. 

The solution is very easy to use. We have not had to spend much time customizing or integrating items. We were able to integrate all four AWS accounts in order to centrally monitor everything.

There is evidence-based reporting which can help prioritize and solve cloud security issues. We haven't actively used it or set it up.

We use the infrastructure as code scanning feature. It's good for identifying pre-production issues. 

About six months ago, there was a major upgrade. We can see the containers running and which vulnerabilities appear, et cetera. 

We haven't seen any increase in false positives since using the solution. 

It's helped us improve our risk posture. We're more confident now that things aren't happening and getting missed. We're on the right track to adapting proper security rules.

More than saving engineering time, this solution has helped promote confidence is the security of our cloud accounts. We're more sure of our configurations and security posture. Since we don't have a cloud expertise team that might identify issues, it has helped us gain confidence in SQL deployments. 

There should be more documentation about the product. Sometimes we have to go to customer support to get clarification.

I've been using the solution for 1.5 years. 

The solution is stable. I have not seen any downtime.

We have around 15 users leveraging SentinelOne Singularity Cloud Security. They are mainly admins and engineers.

Technical support is very helpful. However, the documentation needs to be better.

They tend to resolve issues within an hour or so. With most issues, they are very helpful 

Positive

We have a different pipeline product working in parallel to this solution that is also helping us reduce vulnerabilities. Something else, for example, monitors compliance for us. SentinelOne Singularity Cloud Security is more of an additional tool than our main solution. We have been using open-source tools for scanning.

The development was just one configuration, and we were able to implement SentinelOne Singularity Cloud Security in about an hour.

The solution does not require any maintenance. 

We have noted an ROI based on the amount of confidence we've gained having visibility into our vulnerabilities. I do not have specific metrics on hand to illustrate that, however. 

The pricing is reasonable.

We're a customer and end-user. I'm a DevOps engineer.

I'd recommend the solution to others. I would rate it 10 out of 10 as it currently meets all of our requirements. I can't speak to other companies that may have different requirements. 

Cloud Native Security offers the flexibility to create a customized solution that fits our specific needs. It's a comprehensive tool encompassing the central elements—PSC, PPP, and more.

It is advantageous in terms of time-saving and cost reduction.

There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security.

I have been using Cloud Native Security for the past six months.

I'd rate it an eight. It's a reliable solution that the organization is increasingly adopting for its robust features and security.

It is quite scalable. I would rate it an eight out of ten. 

They are helpful.

Positive

Prisma Cloud seemed limited in its solutions and had to acquire other companies for broader offerings, while Cloud Native Security provided more comprehensive and tailor-made solutions, especially in terms of authentic security features.

The setup isn’t easy because it doesn't support Azure. It's something on the roadmap. It doesn't limit itself to a particular hypervisor.

For now, we don't handle the maintenance. It's all managed by the vendor for our customers.

It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate the pricing a five, somewhere fairly moderate.

I would rate it 8 out of 10.