I use SentinelOne Singularity Cloud Security to collect endpoint data from the company, such as servers, computers, and mobile phones. The solution functions similarly to Cortex XDR and provides antivirus protection that safeguards devices from viruses and malware.
Junior Security Analyst at ITSEC Asia
Unified endpoint protection has simplified real-time threat blocking and policy-driven control
Pros and Cons
- "I can say it is one of the best user interfaces I have used, and it is very user-friendly."
- "Many features in SentinelOne Singularity Cloud Security have additional costs, which limits our exploration of the full product."
What is our primary use case?
What is most valuable?
SentinelOne Singularity Cloud Security offers real-time protection, anti-tamper capabilities, and a centralized platform with a good user interface. The UI is intuitive enough that even people without cybersecurity knowledge can understand how to use it.
The policy feature is valuable because it tells the product what to do with new files, such as whether to scan them or leave them untouched. One single tab covers all the features, so I do not have to open another tab or window to turn settings on or off. The simplicity of the product itself makes it better than competitors.
The real-time protection is quite valuable. If any attack occurs or if an employee tries to download something malicious, SentinelOne Singularity Cloud Security directly blocks it for us without requiring manual intervention. For example, if an employee accidentally clicks on a link that tries to download something malicious, SentinelOne Singularity Cloud Security directly blocks it and quarantines it, notifying us on the console about the employee's name and what they attempted to download. We can then check the file or ask the user, and if they did not download it intentionally, we can close the case. If it was critical for them, we can release it directly from the console.
The unified platform experience of SentinelOne Singularity Cloud Security is good. The dashboard, settings menu, policy menu, user menu, and endpoint menu are all well organized. I can say it is one of the best user interfaces I have used, and it is very user-friendly.
What needs improvement?
Integration could be improved because not all solutions can be integrated with SentinelOne Singularity Cloud Security or vice versa. I was in a project where the company wanted to integrate SentinelOne Singularity Cloud Security with another solution product. When I checked, it turned out that integration was possible but could not be directly connected. It had to go through middleware before reaching that product, which is more complicated.
SentinelOne Singularity Cloud Security is a newer product compared to Palo Alto Cortex, so perhaps some product solutions cannot be integrated yet. SentinelOne Singularity Cloud Security does not have as large a portfolio of integrations as Cortex XDR.
SentinelOne Singularity Cloud Security is more sensitive compared to other solutions. While all solutions perform well when it comes to real-time protection, SentinelOne Singularity Cloud Security tends to generate more false positive events due to its high sensitivity. For example, some companies use older types of WinRAR, which may get blocked by SentinelOne Singularity Cloud Security directly.
I would appreciate it if they introduced a filtering or archive feature where we could add applications that should not be marked as threats.
Many features in SentinelOne Singularity Cloud Security have additional costs, which limits our exploration of the full product.
It would be more convenient if SentinelOne Singularity Cloud Security could be integrated with other solution tools such as firewalls or SIEM, as it would be more comfortable for us to avoid checking the console every single time. In our SOC, we have many tabs open on our screen, and it is confusing; we might miss some alerts. With better integrations, we could go in one tab and have everything provided for us.
For how long have I used the solution?
I have used SentinelOne Singularity Cloud Security for almost one year.
Buyer's Guide
SentinelOne Singularity Cloud Security
June 2026
Learn what your peers think about SentinelOne Singularity Cloud Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
What do I think about the stability of the solution?
SentinelOne Singularity Cloud Security is very stable, and there are no errors, even compared to Cortex where there were errors on the agent. We have not experienced any issues with SentinelOne Singularity Cloud Security. The platform is more convenient, and for the server, they choose the nearest one from Indonesia, so when we go to the console or when the devices try to connect, there are no errors. Even during power outages, the system remains stable.
What do I think about the scalability of the solution?
From the licensing perspective, it is very easy to scale. When a company wants to add more licenses, they simply call the provider or a consultant, and they can add it within one or two months from the time they request it. They will then receive the license instantly.
SentinelOne Singularity Cloud Security is more resource-friendly, so it does not consume a lot of RAM or storage. This is excellent because even companies with older devices can run SentinelOne Singularity Cloud Security. In Indonesia, especially in financial-related companies, there are regulations stating that some servers or programs can only run on older servers. SentinelOne Singularity Cloud Security can directly create a custom build for that specific server.
In the case of custom builds, the company itself has to contact SentinelOne Singularity Cloud Security, as this is not publicly available.
How are customer service and support?
I have experience with the technical support and customer service of SentinelOne Singularity Cloud Security.
During implementation, when we encounter any issues, we call support. The implementation process has only involved minor issues, so we have not needed extensive support. We simply email them, and they respond directly with documentation if available. Otherwise, they provide comments to help resolve the issue.
What other advice do I have?
After implementation, the process is fast. SentinelOne Singularity Cloud Security provides cloud hosting itself. If we choose the cloud option, they will set it up, and we simply wait until we have our domain and account. When we go to that domain and log in, our console is already there.
Regarding the deployment model, I recommend the cloud option for SentinelOne Singularity Cloud Security.
As far as I know, SentinelOne Singularity Cloud Security has one license for the cloud itself and another license for the devices. If the company size is one thousand people, they can buy one thousand or one thousand one hundred for a backup. If they need more, they can add more licenses, and the company will buy it and update it directly to the console. SentinelOne Singularity Cloud Security is much cheaper than Palo Alto Cortex.
SentinelOne Singularity Cloud Security is simpler than Cortex XDR. The process is similar to Cortex, but the difference is that Cortex integrates the package file with the license or token. With SentinelOne Singularity Cloud Security, we have to manually insert the token or copy it from the console to a notepad. When we try to install, we click the installer and open the notepad to paste the token.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Last updated: Apr 16, 2026
Flag as inappropriateSr. Solutions Engineer - India and SAARC at a tech vendor with 1,001-5,000 employees
Unified cloud security has improved posture visibility and simplifies identity risk management
Pros and Cons
- "From an operationalized perspective, the agentless part, security prioritization, risk prioritization, and the AI detection have been very beneficial."
- "Support also needs to be improved; the ticket closing time or understanding of the issues is much longer, and the understanding of the issues from the support perspective is less."
What is our primary use case?
Cloud security is what I refer to when discussing SentinelOne Singularity Cloud Security. The main use case for SentinelOne Singularity Cloud Security would be getting the security posture through the CSPM module, understanding how the security posture of the cloud is configured. The second would be the identity piece, understanding from an identity perspective because in the cloud, even in the front end, you see one identity and the roles associated with it. However, in the back end, that identity is mapped to multiple roles, and if it gets compromised, you don't have visibility on how far the attack is or how deep the breach has happened. To have complete visibility of how the identities are mapped within the cloud and what are the misconfigurations and vulnerabilities associated with it, CSPM and CIEM are the main use cases that I am looking for concerning cloud configuration vulnerabilities and identity perspective.
What is most valuable?
Regarding the functionality part of SentinelOne Singularity Cloud Security, it is a unified platform. All the different modules which comprise cloud security, such as CSPM, CWPP, and CIEM, are unified and given in a single console which helps because I don't have to log in to different things and then check or do a lineage comparison. In a single console, I get everything. The AI feature is also quite good. The AI detection rate that I have found is much better than the other set of tools that I work on. From a Kubernetes perspective, it has some good in-depth sidecar-based scanning technologies that I have found to be good. From the reporting perspective, the reports are better. I can easily prioritize my risks based on the reports that are generated from the solution. At the back end, it also has a single data lake, so from the single console and single data lake, I am able to get some good reports. Overall, these are the benefits I would say from the solution perspective that I liked.
SentinelOne Singularity Cloud Security helps me understand the nitty-gritties of my environment. A few of its deployments are agentless, so that helps from the system perspective because it does not utilize any resources. Reporting is quite better, and it gives an in-depth picture of the overall cloud security posture of my environment. These are the factors that have defined my inclination towards going for SentinelOne Singularity Cloud Security.
SentinelOne Singularity Cloud Security helps reduce MTTR for cloud incidents, especially in the investigation part. My MTTR has reduced because of the AI detection capabilities and the risk prioritization. Because of the AI detection and its integration with third-party solutions for automation of remediations, plus the risk prioritization, I know which risks to address first even if there are one hundred risks. From an operationalized perspective, the agentless part, security prioritization, risk prioritization, and the AI detection have been very beneficial.
The unified platform experience helps to streamline some security operations, so the single console and single data lake at the back end have helped to streamline the operations, and the agentless part has made the operations part quite easier.
The AI detection engine of SentinelOne is quite powerful, and since it works on behavioral patterns rather than signatures, the detection of unknown threats is much better compared to the other solutions.
What needs improvement?
In my opinion, if you have worked on the SentinelOne platform, then SentinelOne Singularity Cloud Security is easier to manage. However, if you are new to it, understanding the console, the policies, and the integrations takes more time for an administrator. Compared to other solutions, the third-party integrations are currently less compared to other cloud security solutions. They may improve in the future, but as of now, they are less. They have entered the market a couple of years ago from a cloud perspective, so the maturity factor or the support perspective is still not that competitive compared to others. Support also needs to be improved; the ticket closing time or understanding of the issues is much longer, and the understanding of the issues from the support perspective is less.
The technical support is quite immature, so I would rate it as a six.
For how long have I used the solution?
I have used SentinelOne Singularity Cloud Security since last year.
What do I think about the stability of the solution?
I would rate the stability for SentinelOne Singularity Cloud Security a seven.
What do I think about the scalability of the solution?
Scalability for SentinelOne Singularity Cloud Security has no issues; it is good. I would rate it a nine, or 9.5 in fact.
Which solution did I use previously and why did I switch?
I can compare SentinelOne Singularity Cloud Security with Google's Wiz, Palo Alto's Prisma Cloud, and CrowdStrike's Falcon Cloud. In my opinion, I rate SentinelOne Singularity Cloud Security number two, then Prisma, and then Wiz. I find CrowdStrike somewhat better from SentinelOne Singularity Cloud Security.
How was the initial setup?
The initial setup for SentinelOne Singularity Cloud Security is not that simple, but it is also not that complex. It is somewhere in between. If I understand cloud and if I have worked on the SentinelOne platform, it is easier comparatively. However, if not, then it becomes a tedious task. Since I have worked on SentinelOne before, it was not that complex. However, for someone new, it might be complex if they don't know.
What other advice do I have?
Regarding the pricing model for SentinelOne Singularity Cloud Security, I would rate it a six. I find it to be pretty reasonable money for the product, but it could be a bit cheaper.
I am totally satisfied with the functionality part of SentinelOne Singularity Cloud Security. The functionality is fine. They have some good feature sets. If you look at it from an individual perspective, it gives good reports and a good index of what my cloud posture is. From the agentless perspective, I have less overhead. From an operationalized perspective and from a security perspective, that is good.
Purple AI is very good; it is natural language, so I can easily ask questions and get those answers. I don't have to write some heavy codes or do some XML programming at the back end. With simple queries, I get all the results that are expected. My overall review rating for SentinelOne Singularity Cloud Security is eight.
Disclosure: My company has a business relationship with this vendor other than being a customer. reseller
Last updated: Jun 30, 2026
Flag as inappropriateBuyer's Guide
SentinelOne Singularity Cloud Security
June 2026
Learn what your peers think about SentinelOne Singularity Cloud Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,680 professionals have used our research since 2012.
Network DevOps at a pharma/biotech company with 1,001-5,000 employees
Cloud risk visibility has improved security operations but onboarding still needs refinement
Pros and Cons
- "The visibility provided by SentinelOne Singularity Cloud Security around infrastructure was very valuable."
- "The first downside of SentinelOne Singularity Cloud Security was the onboarding process, which was very challenging and took a lot of time."
What is our primary use case?
We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period. We attempted to onboard it and used it for application security and to track vulnerability management. However, as we are part of the Danaher organization and one of the operating companies under it, they decided to move to a different vendor, resulting in this short period of usage.
SentinelOne Singularity Cloud Security was implemented across our multi-cloud infrastructure, with all of these infrastructures integrated into the platform. The solution pulled all accounts and subscriptions from AWS and Azure, providing a consolidated view of our entire infrastructure. Within those infrastructures, it ran agentless scanning and could identify any vulnerabilities, malware, or risks associated with our infrastructure resources.
SentinelOne Singularity Cloud Security was user-friendly and not difficult to understand in terms of how the application works. The integration process was pretty straightforward. We integrated with AWS, Azure, and Google, though integration with Google required significant workarounds involving Terraform. Once the integration was completed, the process became straightforward. The onboarding process for accounts was somewhat tedious, but apart from that aspect, everything was straightforward.
What is most valuable?
The visibility provided by SentinelOne Singularity Cloud Security around infrastructure was very valuable. The platform has levels that notify you of information-level risks, and these notifications increase as risks escalate, such as when malware is detected. The system continuously defines and alerts you about risks. There are mechanisms where you can integrate with messaging tools and notifications according to your preferences, which helps you get notified on a priority basis. You can configure how often you want to receive notifications based on whether a risk is medium or high priority. We were working on configuring these features when we stopped because we were moving to another tool.
From a security operations perspective, SentinelOne Singularity Cloud Security played an important role. I work with the infrastructure team and closely work with the Infosec team, which is the primary security team. They relied on all the risks and alerts from the platform and worked on how to remediate them and determine whether patching was required. All remediation decisions were based on the initial visibility of any infrastructure risk provided by this application.
The secret scanning feature in SentinelOne Singularity Cloud Security is very important. When we create new accounts or onboard new accounts for any business unit, we gain visibility into what exactly that team is doing and what risks are associated with their activities. As a platform engineer, I work with multiple business units who want to work on Kubernetes or Docker solutions in test environments or sandboxes. When we create an account for a business unit without segmentation around what connects to what, SentinelOne Singularity Cloud Security runs scanning and provides visibility. For example, if a developer creates a vulnerable Jenkins instance, the SOC team and I get a better view of the risks associated with instances that the developer team is working on, even though the developers themselves may not be aware of those risks.
What needs improvement?
We did not try to use the threat investigations feature from SentinelOne Singularity Cloud Security.
Drift detection with respect to infrastructure code is important. When somebody makes changes to infrastructure code, it creates a drift and lets you know what changes have been made at the infrastructure level.
The first downside of SentinelOne Singularity Cloud Security was the onboarding process, which was very challenging and took a lot of time. We faced many challenges around onboarding accounts. However, once we got past that initial phase, everything became pretty straightforward and we did not have any issues.
For how long have I used the solution?
We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period.
What do I think about the stability of the solution?
I have not observed any lagging, crashing, downtime, or any sort of instability with SentinelOne Singularity Cloud Security.
What do I think about the scalability of the solution?
We did not attempt to scale extensively with SentinelOne Singularity Cloud Security. As of the time we used it, the application was working fine. Since we did not use it for a longer period of time, we did not face any challenges in terms of scalability.
How are customer service and support?
The maintenance part of SentinelOne Singularity Cloud Security was not very challenging. The platform had some bugs in between, but when we reached out to support, they helped us and indicated that the issue would be resolved. They could reach out to the engineering team and provided us with a resolution in one to two weeks if the bug was not critical. We did not face any challenges with support or maintenance.
The speed of opening a ticket with SentinelOne Singularity Cloud Security support is good. However, there were some cases where getting a support agent on a call was a little difficult.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We moved to another application after discontinuing SentinelOne Singularity Cloud Security. We are now using Palo Alto's application called Prisma. Prisma is also going to be rebranded into Cortex, which is probably going to be released next year. Currently, all operating companies under Danaher, which we are part of, are using Palo Alto Prisma.
The company went with Prisma because within multiple operating companies, there is a significant footprint of Palo Alto devices for firewalls and endpoint firewalls on-premise. Since Prisma is also a Palo Alto product, it integrates natively with their existing applications. SentinelOne Singularity Cloud Security operated through the cloud, while Prisma also provides risk assessment for on-premise devices, which is an additional capability. This is the reason why Prisma is preferred currently.
How was the initial setup?
I was not part of the onboarding process, so I do not know how difficult or challenging the implementation was. However, I did not observe any issues or discussions within the team indicating that implementation of SentinelOne Singularity Cloud Security was difficult.
What other advice do I have?
I have not tried using the Offensive Security Engine feature. My overall rating for SentinelOne Singularity Cloud Security is seven out of ten.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Dec 19, 2025
Flag as inappropriateDevOps Engineer at Hike
Improves risk posture and reduces response time by proactively identifying misconfigurations and vulnerabilities
Pros and Cons
- "SentinelOne Singularity Cloud Security improved our risk posture significantly, helped reduce our mean time to detect and mean time to remediate, and enabled collaboration across cloud security, development, and AppSec teams, saving engineering time by approximately three to four hours."
- "One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have configured the policies could be enhanced."
What is our primary use case?
My use case for SentinelOne Singularity Cloud Security was mostly for cloud security, to identify vulnerabilities in the environment and to secure important sensitive data. These were the two primary use cases.
How has it helped my organization?
SentinelOne Singularity Cloud Security improved our risk posture significantly. There was a very great improvement that I can definitely confirm.
SentinelOne Singularity Cloud Security helped reduce our mean time to detect and mean time to remediate.
The inclusion of proof of exploitability in SentinelOne Singularity Cloud Security's evidence-based reporting is quite important to me, as they were quite useful.
Regarding its evidence-based reporting for helping prioritize and solve the most important cloud security issues, it mostly relates to our VMs running on GCP, which was the most important use case for us. I assess this agentless vulnerability scanning for vulnerability discovery across my cloud infrastructure as good; they frequently provide us with existing vulnerabilities, so overall, it was great to work with.
SentinelOne Singularity Cloud Security helped to reduce the number of false positives. I was using automated malware scanning for S3 buckets in SentinelOne, and we were able to resolve quite a good number of use cases with that, so it was pretty helpful.
SentinelOne Singularity Cloud Security improved collaboration among our cloud security teams, application developers, and AppSec teams. We were able to collaborate with different teams, sharing information about vulnerabilities related to development, explaining the actual problems, how they could be resolved, and how they could be verified first. This collaboration helped save engineering time, approximately three to four hours.
What is most valuable?
I appreciate its ability to scan the entire environment and fetch all items that are not configured properly, which is one of the best capabilities. It also suggests what the actual configuration should be, notifies instantly about any information that is leaked, and regularly gives updates about vulnerabilities that are present in the market.
SentinelOne Singularity Cloud Security is quite easy to use; there is not much complexity. The UI is quite user-friendly, making it very easy to use.
What needs improvement?
One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have configured the policies could be enhanced. There could be a better way to configure custom policies, which is one aspect that I feel can be improved further.
For how long have I used the solution?
I used this solution for two years.
What do I think about the stability of the solution?
In my opinion, it is stable.
What do I think about the scalability of the solution?
It is a scalable solution.
How are customer service and support?
I would rate my experience with the technical support of SentinelOne Singularity Cloud Security as eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not use a different SentinelOne solution or solutions from other vendors.
How was the initial setup?
I was not involved in the deployment of the solution or the initial setup of SentinelOne Singularity Cloud Security.
What was our ROI?
We saw a return on investment with SentinelOne Singularity Cloud Security. The aspects where I have seen ROI were mainly in time-saving, as it saved considerable time in identifying vulnerabilities, testing vulnerabilities, and it helped in preventing quite a few incidents that could have led to major issues.
What's my experience with pricing, setup cost, and licensing?
I think the pricing of SentinelOne Singularity Cloud Security is a bit high.
What other advice do I have?
I would rate SentinelOne Singularity Cloud Security an eight out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Architect at IT Specialist LLC
Unified cloud security has improved misconfiguration detection and simplified compliance work
Pros and Cons
- "What I appreciate most about SentinelOne Singularity Cloud Security is how deeply the solution can identify misconfigurations with many different built-in rules for misconfigurations, probably around 2,000 if I remember correctly."
- "In one of my latest projects, I faced issues with the functionality of runtime protection for serverless functions for AWS, as SentinelOne currently does not have this functionality."
What is our primary use case?
I am an integrator and reseller of SentinelOne Singularity Cloud Security. Most of our customers are interested in cloud security posture management, including misconfigurations of different clouds, particularly AWS and Azure. We also use SentinelOne Singularity Cloud Security for compliance in the cloud and, rarely, with modules like Kubernetes security and IAC security posture management.
What is most valuable?
What I appreciate most about SentinelOne Singularity Cloud Security is how deeply the solution can identify misconfigurations with many different built-in rules for misconfigurations, probably around 2,000 if I remember correctly. Additionally, the solution has very good compliance modules with strong rules for standards such as PCI DSS.
From my experience, the unified platform of SentinelOne helps streamline security operations, and I propose to our customers that they move to the platform where they can choose different solutions such as EDR, SIEM, cloud security, and others, which I consider one of the biggest positives.
What needs improvement?
In one of my latest projects, I faced issues with the functionality of runtime protection for serverless functions for AWS, as SentinelOne currently does not have this functionality. However, the vendor promised that this functionality should be added by the end of this year, so it would be beneficial if SentinelOne adds runtime protection for serverless AWS.
For how long have I used the solution?
I am still working with SentinelOne Singularity Cloud Security for half a year.
What do I think about the stability of the solution?
The stability and reliability of SentinelOne Singularity Cloud Security are good enough. I believe the vendor does not have any problems with stability, which indicates it is a good factor for improvement in the future. I have not experienced any outages with SentinelOne Singularity Cloud Security when the product stopped working abruptly.
What do I think about the scalability of the solution?
When evaluating how scalable SentinelOne Singularity Cloud Security is, I find that if we need to scale, we just need to buy additional licenses; we do not need to deploy additional servers or consoles.
How are customer service and support?
I do not usually communicate with the technical support of SentinelOne Singularity Cloud Security. In some projects, we have communicated with their support due to specific customer infrastructure needs, but generally, the initial setup can be completed without support team communication.
Based on my interactions with the technical support of SentinelOne, I would rate them highly. As an integrator, I have communicated with many support teams and vendors, and I was impressed when we sent some technical requests and received answers within 30 minutes, although those were general questions, not high-priority ones.
How was the initial setup?
My experience with the initial setup of SentinelOne Singularity Cloud Security is that when we receive the license and do a full initial setup, it takes around one workday. After one workday, we can use this solution with all capabilities and get value.
Overall, I find the initial setup of SentinelOne Singularity Cloud Security straightforward due to good documentation and a really user-friendly interface. I do not use the documentation a lot other than during the initial setup, but I refer to it in specific cases.
What's my experience with pricing, setup cost, and licensing?
I think it is hard to say about the pricing, but projects with SentinelOne Singularity Cloud Security can start from probably 20,000 dollars per year. I do not know the current cost for one cloud resource for scanning, but I think if the customer has about 20,000 dollars for cloud security posture management solutions, we can proceed with SentinelOne.
What other advice do I have?
I have extensive experience with SentinelOne Singularity Cloud Security. The functionalities I get from SentinelOne Singularity Cloud Security mean the possibilities outweigh the price. It is not over-expensive; for the capabilities it provides, SentinelOne Singularity Cloud Security is truly not over-expensive.
I cannot answer the question about the impact of SentinelOne Singularity Cloud Security on reducing MTTR for cloud incident investigations because I am not working as an analyst and this is not part of my experience. I have not worked closely with any different technology for the same use cases before SentinelOne Singularity Cloud Security.
I would rate this review a 9 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Last updated: Jun 9, 2026
Flag as inappropriateSecurity Administrator at EJADA
AI-driven protection has improved endpoint security and currently saves significant analyst time
Pros and Cons
- "SentinelOne Singularity Cloud Security has impacted my company positively as it provides good protection for the company and for the services."
- "I have not seen a return on my investment so far."
What is our primary use case?
Our main use case for SentinelOne Singularity Cloud Security in our company is using the endpoint for the machine.
What is most valuable?
In my opinion, the best features of SentinelOne Singularity Cloud Security are the integration with AI capability and more powerful performance; this is the future.
I find these features the best for my organization because the feature protects the machine.
SentinelOne Singularity Cloud Security has impacted my company positively as it provides good protection for the company and for the services.
What needs improvement?
In my opinion, SentinelOne Singularity Cloud Security can be improved by acknowledging that it has a good future with good capability for integrating with AI capability; it increased the high speed and performance for taking action.
For how long have I used the solution?
I have been using SentinelOne Singularity Cloud Security for one year.
What do I think about the stability of the solution?
SentinelOne Singularity Cloud Security has been very stable so far.
What do I think about the scalability of the solution?
My impression of SentinelOne Singularity Cloud Security's scalability is that it has high scalability and grows well.
How are customer service and support?
I would evaluate SentinelOne Singularity Cloud Security's customer service or technical support by giving them an eight.
I give them an eight because it is not quite exceeded to reach a ten.
For them to get a ten, I still do not have any notes to give them to improve their service.
Which solution did I use previously and why did I switch?
Before choosing SentinelOne Singularity Cloud Security, we evaluated other solutions and we are using Microsoft Defender.
The main differences between SentinelOne Singularity Cloud Security and Microsoft Defender, both pros and cons, are that SentinelOne Singularity Cloud Security has AI capability and is faster for performance and detection.
How was the initial setup?
My experience with the pricing, setup costs, and licensing of SentinelOne Singularity Cloud Security is that the pricing is good; it is not expensive, it is medium.
What about the implementation team?
I did not purchase SentinelOne Singularity Cloud Security through the AWS Marketplace.
What was our ROI?
I have not seen a return on my investment so far.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup costs, and licensing of SentinelOne Singularity Cloud Security is that the pricing is good; it is not expensive, it is medium.
Which other solutions did I evaluate?
Before choosing SentinelOne Singularity Cloud Security, we evaluated other solutions and we are using Microsoft Defender.
The main differences between SentinelOne Singularity Cloud Security and Microsoft Defender, both pros and cons, are that SentinelOne Singularity Cloud Security has AI capability and is faster for performance and detection.
What other advice do I have?
There has been no impact on reducing our MTTR until now.
I do use Purple AI for threat investigations.
Its impact on understanding the root causes of security incidents is good; it understood the root cause for security.
SentinelOne Singularity Cloud Security's runtime protection compares well to other solutions I have used in terms of adaptability to new and unknown threats, as SentinelOne Singularity Cloud Security is a stable solution.
I am not using the Offensive Security Engine feature.
The role of SentinelOne Singularity Cloud Security's Secret Scanning feature in tightening my company's cloud hygiene is that it is a good one; it is very heavy and not too much load from the endpoint.
We measure the time savings achieved through SentinelOne Singularity Cloud Security as a good achievement.
I save time for my security operations by using SentinelOne Singularity Cloud Security.
I have saved approximately one year of time. I gave this review an overall rating of eight.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Apr 13, 2026
Flag as inappropriateNetwork & Security Section Head/Digital Transformation at a government with 201-500 employees
Centralized security monitoring has improved visibility and unified cloud threat detection
Pros and Cons
- "The unified platform experience is good for us, and the GUI for the application is easy and not complex."
What is our primary use case?
I use it myself, as I have not recommended it or implemented it to my customers.
We usually use it as an EDR, and the main function for SentinelOne Singularity Cloud Security is the logs, which is the main function for us.
We did not use it as an investigation tool, but SentinelOne Singularity Cloud Security is useful for investigations and to collect the logs, making it easy. I can say it is an easy dashboard for the logs.
Currently, 600 people are using it in my company.
We need three administrators to manage it.
I did not use the Purple AI for threat investigation.
I did not use the Offensive Security Engine, OSE feature.
I did not use any AI SPM, Security Posture Management for AI workloads.
I did not check for the advanced CIEM capabilities in SentinelOne Singularity Cloud Security.
I do not integrate it with third-party solutions.
How has it helped my organization?
SentinelOne Singularity Cloud Security has reduced confusion and silos within my organization.
What is most valuable?
The features I find most valuable in SentinelOne Singularity Cloud Security are the XDR and the integrations with other vendors.
From using it, I get more visibility for what happens on the end-user side.
The role of SentinelOne Singularity Cloud Security's secret scanning feature is important as it is used for normal scans based on the behavior of the user.
It is significant for my team to have built-in integrations that unify various aspects of cloud security, as it is easy and gives us more visibility.
The detection for the agent is great, which allows us to identify unexpected process behavior.
Measurement of time savings in terms of SecOps operations with SentinelOne Singularity Cloud Security is based on cloud management.
What needs improvement?
I do not see room for improvement in SentinelOne Singularity Cloud Security.
In the future, I would like to see the identity feature with two-factor authentication.
It would be good if they could add AI agents to support in analysis and management.
For how long have I used the solution?
I have been working with it for three and a half years.
What do I think about the scalability of the solution?
SentinelOne Singularity Cloud Security is stable and scalable.
How are customer service and support?
I would rate the technical support by SentinelOne as good, as when I create a ticket, it takes the normal process and I get the answer before the SLA, so there is no delay.
I would give their technical support nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Before choosing SentinelOne Singularity Cloud Security, I evaluated CrowdStrike.
Before SentinelOne Singularity Cloud Security, I did not use anything similar as an EDR solution.
What was our ROI?
For the ROI, we are paying as a subscription, and we see the benefits from the security tools; it is useful for us.
What other advice do I have?
I might plan to increase usage in the future.
I find the price reasonable.
The unified platform experience is good for us, and the GUI for the application is easy and not complex.
SentinelOne Singularity Cloud Security's runtime protection operates 24/7.
It helps me deal with new and unknown threats through the behaviors.
There is nothing in play regarding SentinelOne Singularity Cloud Security integration with other security tools affecting my team's workflow.
In the future, I would like to see the identity feature with two-factor authentication.
I do not know about the product's popularity in my region, and I do not think they should promote it more.
I would give this product an overall rating of 8 out of 10.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Feb 24, 2026
Flag as inappropriateSenior Vice President IT at AS IT Consulting Pvt. Ltd.
Cloud security has delivered strong detection, fast investigations, and user-friendly management
Pros and Cons
- "The detection ratio of SentinelOne Singularity Cloud Security is way ahead of any other solution available in the market."
- "In India, the team is very much used to getting immediate online support. SentinelOne is the only vendor that does not offer support and always avoids giving support."
What is our primary use case?
My use case for SentinelOne Singularity Cloud Security involves servers on the cloud, and I needed something secured with a warranty kind of scenario. The agent is the same as an endpoint agent, but it was a better option.
What is most valuable?
When talking about Windows in relation to SentinelOne Singularity Cloud Security, the Rollback feature is definitely the most valuable.
SentinelOne Singularity Cloud Security is quite good, and the scan engine and the technology behind it gives us better output and detection as well as prevention, which I have observed other security tools fail to provide.
SentinelOne Singularity Cloud Security definitely reduces MTTR for cloud incident investigations because I have all the data available on the cloud itself.
The unified platform experience of SentinelOne Singularity Cloud Security definitely helps to streamline security operations.
What needs improvement?
Regarding points for improvement for SentinelOne Singularity Cloud Security, they are offering raw data only for two weeks. That should be increased to 365 days.
Usually, if there is some kind of web control also over and above, or a DLP built into SentinelOne Singularity Cloud Security, that will be a good advantage. Then I can always say it is a Singularity product and I would not need to go for a third-party product.
For how long have I used the solution?
I have been working with SentinelOne Singularity Cloud Security for almost four to five years.
How are customer service and support?
My mark for vendor support regarding SentinelOne Singularity Cloud Security is one.
In India, the team is very much used to getting immediate online support. SentinelOne is the only vendor that does not offer support and always avoids giving support. They will come on call and ask what the version is, tell me to change the version, and ask for logs. That is all they will do. They will never come online with me and resolve the issue in real-time. Even if it is a very critical issue, it takes months to resolve for SentinelOne because they never come on-site, meaning they do not provide remote support.
How was the initial setup?
The setup process for SentinelOne Singularity Cloud Security is simple.
What other advice do I have?
I rate the price for SentinelOne Singularity Cloud Security at five.
I always try to keep SentinelOne Singularity Cloud Security as number one in comparison, but competitors are there and can compete on pricing and cost. Otherwise, regarding technology, they do not have anything compared to what SentinelOne has.
SentinelOne Singularity Cloud Security is number one in functionality when compared with competitors.
The management console of SentinelOne Singularity Cloud Security is very user-friendly.
The purchase process for SentinelOne Singularity Cloud Security is B2B. SentinelOne cannot directly sell in India, so it has to come through a distributor.
I have to take SentinelOne Singularity Cloud Security from the distributor and then provide it to the customer. There is no direct selling.
I rate the scalability for SentinelOne Singularity Cloud Security a ten.
The detection ratio of SentinelOne Singularity Cloud Security is way ahead of any other solution available in the market.
SentinelOne Singularity Cloud Security is integrated well with other security tools.
I would rate this review a ten overall.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer. reseller
Last updated: Jul 1, 2026
Flag as inappropriateVP - Information Technology at a financial services firm with 201-500 employees
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Pros and Cons
- "You not only get to know about vulnerabilities and misconfigurations but also some of the actual"
- "It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background."
What is our primary use case?
We use it for a couple of use cases. The biggest one we use it for is to protect our AWS environment, and it does a couple of functions for us and our whole development. It scans all the code in our GitLab or our code repository and looks for any hard-coded passwords or keys or any insecurities. It checks if we have any old deprecated components within our software and points that out.
There are a couple of gates that we can set up. When we are pushing the code out of the repos into AWS, it finds any high-severity vulnerability. This is configurable, but we have critical, high, and medium severities. If it finds any, it blocks the push and puts some notes in for the developers to go in to remediate the issue before they can push the code into AWS. Let us assume the code is good in GitLab and gets over to AWS. It then does a couple of things on the AWS side. It looks at the overall infrastructure and how things are configured. There may be things in AWS that are misconfigured or old components that were manually built or deployed without going to GitLab. It points them out.
How has it helped my organization?
I have been very happy with the evidence-based reporting. It is not just theoretical. It scans the code or looks at the AWS environment and pulls back the details that tell us that this is a vulnerability. We have a good understanding of why it is a highly-rated vulnerability. It makes it much easier to prioritize and then go through and remediate the issue.
Agentless vulnerability scanning has been very good. It pulls back quite a bit of information that is actionable by our team.
Singularity Cloud Security includes proof of exploitability in its evidence-based reporting. That is critically important because especially in large environments, when you run scans or use the vulnerability scanning tool, you might be inundated with results. It takes a long time for analysts to go back through and validate whether it is a true positive or a false positive. Singularity Cloud Security can eliminate a lot of false positives or almost all of them, and we can focus on something that is a true issue, as opposed to wasting our time and resources.
The Offensive Security Engine is doing the attack path management. That is one of the most critical features to us because it tells us that we have this misconfiguration here, or we may have a secret or some vulnerability here. It tells us about the impact and how an attacker could exploit that to gain persistence in our environment and install data. We have a true impact of why this is important and why we need to fix it. With scanners like Rapid, Qualys, and others, we get the credentials and we get a scan, but then we spend an inordinate amount of time looking through reports and trying to figure out:
- Where do we spend our time?
- What do we prioritize?
- What is remediated?
- What is it that we can remediate?
- What is it that we can take action on and make an improvement in the environment?
It is very frustrating when you are spending hours only to run down something and realize it is a false positive, and there is nothing you can do to make a positive impact. Eliminating all those false positives really helps us.
We have had very good luck with the IaC. For us, it is hugely valuable because we can catch things very early in the process before they get promoted into production. In case something flips through or escapes, it still helps you to find it.
We started seeing its benefits literally the day after deployment. The only reason I say the day after is because we ended up working on it kind of late in the afternoon. We got things set up, and it took a few hours for results to start populating, but its benefits were very apparent when we started looking through the reports and dashboards.
Singularity Cloud Security significantly helped reduce the number of false positives we deal with. The biggest aspect for us is allowing the security and development teams and DevOps to be much more efficient. As opposed to spending 80 hours going through some big reports, we are able to cut that down to a fraction of the time and make a positive impact on the environment. We are not chasing a bunch of dead ends.
It has made a great impact on the risk posture. We are also able to look at the trends over time in terms of where we started and what we remediated. You can see the environment getting more secure as we keep knocking down vulnerabilities.
Our mean time to detect is much faster. It is a much lower number there. There has been a significant change in the number of vulnerabilities remediated or per hour of investment from the engineering and security teams. By implementing this tool, we are able to do a lot more with the same team size and remediate things much faster than before.
It has made it much easier for these disparate teams to have the conversation in terms of what needs to be prioritized and fixed, and then it has given a lot more information. It eliminates some of the he said, she said, or some of the frustration that can happen between different teams because one team is looking at a tool they are familiar with and the other team has a different tool. Historically, there were some disagreements in terms of what issues exist in the environment and where we should spend our time in terms of trying to make improvements and remediate.
What is most valuable?
Our favorite feature is attack path management. If you have an S3 bucket that is configured to be publicly accessible, it will look and inform you that it is publicly accessible. If someone gets in this bucket, they could ultimately traverse, get into this RDS, and do something negative or detrimental to the environment there. You not only get to know about vulnerabilities and misconfigurations but also some of the actual impacts of having these vulnerabilities. It is not just a raw data dump.
So far, it has been very easy to use. It gives very rich information or a lot of details about the findings. It has a lot of links to go back into GitLab or into AWS to validate the CDF configuration, and then it gives a lot of guidance for remediation.
Standing it up was pretty straightforward. We did get assistance from SentinelOne SE at the time of the trial to ensure that everything was configured and working correctly.
What needs improvement?
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us.
Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
For how long have I used the solution?
I have been using this solution for six months.
What do I think about the stability of the solution?
We have not had any issues with stability. It has been solid on that front.
What do I think about the scalability of the solution?
We are not huge, so we have not run into any sort of scalability problems at all. We are running only six or seven subscriptions in AWS. Our bill in AWS is less than 20K a month, so it is not huge.
How are customer service and support?
I have talked to SentinelOne support multiple times, but not on the cloud-native security front. I cannot add anything on that side.
Which solution did I use previously and why did I switch?
I have not used any other tool at this company. In the past, I have used some different tools.
How was the initial setup?
It was very easy for us with one exception. We had a mono repo, and we worked it out with the SentinelOne security engineering team. We got some direction for them in terms of how to do some of the code-blocking configuration, but it was a pretty straightforward and quick setup.
It took us three weeks maybe, but it was not like we spent three weeks heavily. We did it slowly. We did most of the deployment in a couple of hours, and then we had some check-in meetings over the next few weeks to go through and just check on it, become familiarized with the system, and then ask questions. The initial deployment took less than a day and then learning, discovering, and getting familiar with it took us a few weeks.
It does not require any maintenance from our side. We may have some sort of maintenance to do. For example, we are planning to acquire assets from another institution. They are on-prem, so we will have to build up their AWS environment. Once we build out that environment, we may need to make some changes in SentinelOne so that it picks up those new environments. That is a guess. We have not done it yet.
What about the implementation team?
We literally did it with SentinelOne SE. They provided all the setup work for us. We did not pull in a third party.
What's my experience with pricing, setup cost, and licensing?
We found it to be fine for us. Its price was competitive. It was something we were happy with. We are not a Fortune 500 company, so I do not know how pricing scales at the top end, but for our cloud environment, it works very well.
Which other solutions did I evaluate?
We did look at Wiz, Orca Security, and Palo Alto's Prisma. We also looked at Lacework and ultimately settled on SentinelOne for a couple of reasons.
We did like the functionality provided by Palo Alto, but the way their licensing worked was frustrating, to say the least, and the cost was fairly high. We found it unaffordable.
Lacework was still at an early stage. We did not feel that they provided all the functionality we needed, so we did not feel the confidence there.
Wiz is a dominant player in the market. I have a lot of respect for them, but it did not provide all the reporting and data we needed. Especially for the price point, it was affordable for us.
In the case of Orca Security, in the previous organization, we saw some pretty glaring false positives, which turned us off on that platform.
What other advice do I have?
To new users, I would say that like any tool, you need to sit down and learn what the tool can do. Understand your objectives and then work through to make sure the tool meets your needs. It is straightforward and easy to use.
I would rate Singularity Cloud Security a ten out of ten at this point.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Information Security Engineer at DataVigilant Infotech
Enables us to prioritize and effectively address critical security issues
Pros and Cons
- "The UI and the widgets are what I personally appreciate. I find it easy to use."
- "I would definitely recommend this product to other members, vendors, or users, as it covers security posture management, auditing, documentation, and compliance management."
- "There is scope for more application security posture management features. Additionally, the runtime protection needs attention."
What is our primary use case?
As an engineer, I'm using the solution for managing infrastructure and security posture management.
It's primarily for cloud infrastructure, data center infrastructure, and security posture management, but it also provides other capabilities such as infrastructure-as-code scanning and detects hardcoded secrets in the source code, including for EKS, DevOps tools, etc.
How has it helped my organization?
Evidence-based reporting helps us to prioritize and solve critical security issues. The new visualization feature demonstrates how an attacker can enter the system, highlighting the potential path that can be exploited and outlining all the steps the attacker could take. With that visibility, we can ensure the perimeter is strong and attackers cannot enter, thus reducing the risk. It has helped us prioritize issues.
The visibility into how an attack could happen is valuable. For example, it highlights the system vulnerability and outlines where an attack could propagate. The visualization helps me to prioritize remediation, and if I don't know where to start, I can check to see the score that enables me to prioritize issues.
I am using infrastructure-as-code scanning, and it's one of the useful features. In pre-production, it identifies embedded secrets and misconfigurations, including issues with Kubernetes or some privileged containers. This feature allows us to pass the audit and secure IaC code so that it isn't easily exploitable by attackers. We can more proactively work to identify and resolve vulnerabilities by using the dashboard and the alerting system that SentinelOne provides.
It helps us with audits and compliance. We can show the compliance in percentage. We can confidently say that our company or infrastructure is very secure. It has improved our security posture by 30% to 35%.
It has reduced our false positives by 30%.
It has helped teams collaborate better. The security team manages SentinelOne Singularity Cloud Security, and when it flags vulnerabilities, they are forwarded to DevOps for remediation. Previously, we needed to identify and report the issues, but there would be lapses in communication. Now, there is a centralized dashboard that anyone can look at and see the open issues and work on them.
What is most valuable?
I go to the dashboard on a daily basis. The UI and the widgets are what I personally appreciate. I find it easy to use. If anyone is a beginner or new to this industry, they'll be able to understand how to use it for their use cases.
What needs improvement?
There is scope for more application security posture management features. Additionally, the runtime protection needs attention.
For how long have I used the solution?
I've been using the solution for around 1.2 years.
What do I think about the stability of the solution?
It is stable. I would rate it a nine out of ten for stability.
What do I think about the scalability of the solution?
The scalability of SentinelOne Singularity Cloud Security is more than Prisma Cloud, and I would rate its scalability a nine out of ten.
We have 17 users working with this solution.
How are customer service and support?
I would rate their technical support a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Prisma Cloud is more expensive. The stability and scalability of SentinelOne Singularity Cloud Security are better than Prisma Cloud.
How was the initial setup?
It is deployed on the cloud and also in a data center. My cloud is on Azure, and the data center is running in a different location. It's easy to deploy SentinelOne Singularity Cloud Security; it took me around two to three days to deploy it, and some members of the customer support service helped us to deploy this on both locations.
It does require maintenance, but it's not done by my team. There's a different team called InfoSec that handles this maintenance part.
What was our ROI?
It helped us to secure our infrastructure and applications on the cloud side.
We get notified of any issues immediately, reducing our mean time to detect and remediate by 30%. It saves money and time.
What's my experience with pricing, setup cost, and licensing?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is worth the price.
What other advice do I have?
I would definitely recommend this product to other members, vendors, or users, as it covers security posture management, auditing, documentation, and compliance management.
I would rate SentinelOne Singularity Cloud Security a nine out of ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Download our free SentinelOne Singularity Cloud Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Cloud-Native Application Protection Platforms (CNAPP) Vulnerability Management Cloud and Data Center Security Container Security Cloud Workload Protection Platforms (CWPP) Cloud Security Posture Management (CSPM) Compliance Management AI ObservabilityPopular Comparisons
Microsoft Defender for Cloud
Prisma Cloud by Palo Alto Networks
Qualys TotalCloud
Varonis Platform
TrendAI Vision One – Cloud Security
Buyer's Guide
Download our free SentinelOne Singularity Cloud Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Does SentinelOne have a Virtual Patching functionality?
- When evaluating Cloud-Native Application Protection Platforms (CNAPP), what aspect do you think is the most important to look for?
- Why is a CNAPP (Cloud-Native Application Protection Platform) important?
- What CNAPP solution do you recommend for a hybrid cloud?
- Why are Cloud-Native Application Protection Platforms (CNAPP) tools important for companies?
- When evaluating Cloud-Native Application Protection Platforms (CNAPP) solutions, what aspect do you think is the most important to look for?
- Why is Cloud-Native Application Protection Platforms (CNAPP) important for companies?
- What Cloud-Native Application Protection Platform do you recommend?




















