SentinelOne Singularity Cloud Security Reviews

We use SentinelOne's Singularity Cloud Security as our Cloud Security Posture Management solution, to proactively identify vulnerabilities within our cloud configurations. Security alerts generated by the platform are then forwarded to our mitigation team for prompt remediation.

The solution is easy to use.

The evidence-based reporting is helpful to our DevOps team who manually mitigate the vulnerabilities.

Singularity Cloud Security offers a flexible agentless vulnerability scanning solution that allows me to receive alerts directly to my personal email, a feature missing from AWS GuardDuty.

Evidence-based reporting that demonstrates how a vulnerability can be exploited is crucial because it allows me to prioritize alerts based on their severity level. This ensures I focus on the most critical issues first.

Singularity Cloud Security has improved our organization's security by proactively identifying vulnerabilities that could have significant detrimental effects.

It has decreased the number of false positives.

Before implementing Singularity Cloud Security our mean time to detection was three to four days.

Singularity Cloud Security has significantly improved our mean time to remediation from one hour to just 15 minutes.

SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security. This means they can adapt the product to our specific needs, whereas Prisma Cloud forces us to wait for their pre-determined release schedule.

SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On. SentinelOne should prioritize the development of a break glass account feature.

We've encountered some filtering difficulties, resulting in a few areas of the interface needing improvement.

I have been using Singularity Cloud Security by SentinelOne for one year.

Singularity Cloud Security by SentinelOne is stable.

I would rate the scalability of Singularity Cloud Security nine out of ten.

The technical support is good. They've assisted us on multiple occasions with implementing new policies and creating custom plug-ins to meet our specific needs.

I successfully deployed the solution in collaboration with a cloud-native administrator. The deployment process went smoothly and we encountered no complications.

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

We have over 400 users in our organization.

Our cloud security posture management is handled by SentinelOne Singularity Cloud Security.

To prevent cloud misconfigurations and developer code errors, we implemented SentinelOne Singularity Cloud Security as a safeguard.

SentinelOne Singularity Cloud Security is deployed as a SaaS.

The UI is easy to navigate and user-friendly even for users with limited experience.

SentinelOne Singularity Cloud Security is easy to use.

The evidence-based reporting is good for helping prioritize and solve important cloud security issues.

Agentless vulnerability scanning simplifies vulnerability discovery across our entire cloud infrastructure, even in multi-cloud environments. This means we can see all our scan results in a unified view.

SentinelOne Singularity Cloud Security's proof of exploitability in evidence-based reporting is important because it helps us easily identify issues.

The offensive security engine is handy for verifying actual exploit paths and prioritizing breach potential. We can identify the issues easily and check with the developers to mitigate them.

The IaC scanning helps with identifying preproduction issues in templates and container configuration files.

SentinelOne Singularity Cloud Security has improved our ability to see and understand our cloud environment. By adhering to compliance regulations, we were able to identify areas where we had blind spots.

It has helped reduce the number of false positives by 60 percent. We have a whitelisting option that makes it easy to avoid false positives.

SentinelOne Singularity Cloud Security has strengthened our overall security posture by both enhancing our environment's security and proactively identifying misconfiguration.

SentinelOne Singularity Cloud Security has reduced our mean time to detection by 90 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 90 percent.

SentinelOne Singularity Cloud Security has affected the collaboration among our cloud security, application developers, and AppSec teams.

The collaboration has saved engineering 80 percent of their time. 

The most valuable features of SentinelOne Singularity Cloud Security are cloud misconfiguration, Kubernetes, and IaC scanning.

A beneficial improvement for SentinelOne Singularity Cloud Security would be integration with Jira, allowing for a more streamlined ticketing system.

I have been using SentinelOne Singularity Cloud Security for two years.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

I would rate the scalability of SentinelOne Singularity Cloud Security ten out of ten.

SentinelOne Singularity Cloud Security's support is my favorite. They are easy to contact.

Positive

In the past, we relied on an open-source CSPM tool, but it lacked functionality beyond basic cloud misconfiguration detection. This necessitated using additional tools to address our broader security needs.

The deployment took two months and involved four people.

We have saved a lot of time and resources using SentinelOne Singularity Cloud Security.

The cost for SentinelOne Singularity Cloud Security is average when compared to other CSPM tools.

Having experience with both Prisma Cloud and SentinelOne Singularity Cloud Security, I found SentinelOne Singularity Cloud Security to be the superior solution.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

We have under 50 SentinelOne Singularity Cloud Security users within our organization and it is deployed in one location.

No maintenance is required on our end.

I recommend SentinelOne Singularity Cloud Security to others.

My company does utility energy disaggregation. We use SentinelOne Singularity Cloud Security for vulnerability management and to limit our exposure to attacks. SentinelOne Singularity Cloud Security scans our AWS cloud environment and provides detailed analysis. It can identify enabled ports or anything that isn't completely integrated with our security. SentinelOne Singularity Cloud Security gives us the details, and we only need to follow their instructions to ensure the vulnerabilities are fixed.

My company handles a lot of customer data for US and European clients. GDPR and SOC 2 standards require that we are almost completely free of vulnerabilities. We also have a SentinelOne Singularity Cloud Security safety score and report that we can provide to our customers. SentinelOne Singularity Cloud Security is integrated with our AWS environment, and it monitors a few customer-critical applications. Two people at my company use SentinelOne Singularity Cloud Security. I am on the IT security side, and another person from the platform security side uses it. 

Since implementing SentinelOne Singularity Cloud Security, we've discovered many vulnerabilities and security issues in our environment. We've fixed those so our data will not be leaked or otherwise compromised. Our priority is protecting customer data, and if we have any issues with the data, it won't be good for business.

SentinelOne Singularity Cloud Security has reduced the false positive rate by around 40 or 50 percent. It has improved our risk posture. We're more secure now. The solution has reduced our mean detection time by about 70 to 80 percent. It does a lot of the work for us. The mean time to remediate has nearly been cut in half. 

The solution's compliance features help us remain SOC 2 compliant. Our third-party auditors ask us to provide vulnerability reports and fix all vulnerabilities we have detected. SentinelOne Singularity Cloud Security gives us all this information our SOC 2 auditors need.

I like the accuracy of SentinelOne Singularity Cloud Security's vulnerability reports and offensive security engine. If any ports are enabled that aren't secure enough, SentinelOne Singularity Cloud Security detects them and provides a report. It's easy to use, and that's one reason we have used it continuously for a long time.

The evidence-based reporting helps us prioritize cloud security issues. We divide things into critical and non-critical vulnerabilities. The critical vulnerabilities have the highest priority, and we take a little more time to fix them if they aren't critical. The proof of exploitability is crucial because our customers ask about the vulnerabilities we fixed and how we detected them. They want to know what security fixes were made. These things are in the proof of exploitability. This is also helpful for SOC 2 auditing.

We use SentinelOne Singularity Cloud Security. If SentinelOne Singularity Cloud Security integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console. 

I have used SentinelOne Singularity Cloud Security for the last two years.

SentinelOne Singularity Cloud Security is stable. 

I rate SentinelOne Singularity Cloud Security 10 out of 10 for scalability.

I rate SentinelOne Singularity Cloud Security support 10 out of 10. They're excellent. When we send an email, they respond quickly and proactively provide solutions. 

Positive

Deploying SentinelOne Singularity Cloud Security is straightforward. The SentinelOne Singularity Cloud Security team asked us to give them some details about our environment that were easy to provide, and we started from there. The deployment took a few days. It required two people from our side and two from SentinelOne Singularity Cloud Security. After deployment, SentinelOne Singularity Cloud Security doesn't need any maintenance. It's a cloud-based platform that updates automatically. 

We've seen a reduction in resources devoted to vulnerability monitoring. Before SentinelOne Singularity Cloud Security we spent a lot of time monitoring and fixing these issues. SentinelOne Singularity Cloud Security enabled us to divert more resources to the production environment. The detailed information SentinelOne Singularity Cloud Security about how to fix vulnerabilities reduces the time spent on remediation by about 70 to 80 percent. 

We use SentinelOne's endpoint protection and SentinelOne Singularity Cloud Security. If the 2 solutions are integrated into a package, the cost of SentinelOne Singularity Cloud Security should be reduced. As a standalone product, SentinelOne Singularity Cloud Security is appropriately priced according to industry standards.

I rate SentinelOne Singularity Cloud Security 9 out of 10. This is the best solution on the market. They are doing an excellent job. 

We primarily use SentinelOne Singularity Cloud Security for cloud security posture management, but the solution also provides other capabilities, like infrastructure-as-code scanning. It identifies hard-coded secrets in the source code and covers Kubernetes security. About 25 members of the security and DevOps teams use the solution. 

We have integrated all of SentinelOne Singularity Cloud Security's CWPP, CSPM, application security, and container scanning features into Jira. It's more of a vulnerability management tool for us. All the issues SentinelOne Singularity Cloud Security identifies flow into Jira, and we have several dashboards that provide an overview of open security issues.

We were using open-source tools. Collecting and collating the results from each tool into one dashboard was so difficult, and SentinelOne Singularity Cloud Security solved this problem. SentinelOne Singularity Cloud Security gives us greater insight into our cloud security posture. For example, it tells us if buckets are public or ports are open. It can also tell you if a repository is going public or if any hard-coded secrets are pushed into the source code. SentinelOne Singularity Cloud Security will notify you when permissive users are created in the GCP environment. It offers a better UI and improved visibility compared to our open-source tools. 

SentinelOne Singularity Cloud Security helped us identify when a developer made our repository public. It identified the issue in minutes. The repository had a few hard-coded secrets that would've caused problems for us because anybody on the internet could access those keys and exploit the systems. SentinelOne Singularity Cloud Security caught the issue quickly. The same goes for public buckets. One of our DevOps engineers made a bucket public, and it had a lot of files in it. SentinelOne Singularity Cloud Security was on top of it. The solution has an automated workflow that automatically blocks this kind of misconfiguration.

It has helped us reduce the number of false positives. Sometimes, you get too many false positives because the tool doesn't have enough context. For example, let's say we have a bucket that we want to be public, and CSPM tools will identify the public bucket as a vulnerability. We can make exceptions or mute the alert. SentinelOne Singularity Cloud Security provides many ways in the UI to mark false positives or mute those tickets so that I don't get them repeatedly. I can also create tags for every issue and put all of the false positives under one tag.

The detection is almost instant. We get Slack or email notifications immediately when issues are detected, reducing our mean time to detect by more than 30 percent. Our remediation time has also improved by about 30 percent or more. We are in the fintech space, so we remedy vulnerabilities right away. The faster our detection, the faster our response. Both have significantly improved. 

SentinelOne Singularity Cloud Security facilitates collaboration between the application security, cloud, and DevOps teams. These three teams use it, and the security team manages it. When SentinelOne Singularity Cloud Security flags vulnerabilities, they are forwarded to DevOps for remediation. Previously, we needed to identify and report the issues, but there would be lapses in communication. Now it's a central dashboard. Anybody can look at the dashboard to see the open issues, what needs to be explored, and how the problems can be remediated. It's self-explanatory. Teams can understand the issues and descriptions, and they directly act on the recommendations.

As a frequently audited company, we value SentinelOne Singularity Cloud Security's compliance monitoring features. They give us a report with a compliance score for how well we meet certain regulatory standards, like HIPAA. We can show our compliance as a percentage. It's also a way to show that we are serious about security.

There is a feature that provides visibility into how an attack could happen. For example, they'll highlight the system vulnerabilities and outline how an attack could be propagated. That visualization helps me prioritize remediation. If I don't know where to start, I can check to see which ones are critical. It provides an exploitability score that enables me to prioritize the issues. 

SentinelOne Singularity Cloud Security is very easy to use, and they have a responsive support team that is available when we face any problems. We can reach out to them for tweaks, and they're always there to tell us how something works. However, most features are self-explanatory, so we don't typically need support to use the product.  

SentinelOne Singularity Cloud Security evidence-based reporting helps us prioritize and solve critical security issues. We have onboarded crucial projects into SentinelOne Singularity Cloud Security, and issues related to those projects are our top priority. The new visualization features demonstrate how an attacker can enter the system, highlighting potential pathways that can be exploited. It will outline all the steps the attacker could take. With that visibility, we can ensure the perimeter is strong, and an attacker cannot enter. It reduces the risk. SentinelOne Singularity Cloud Security helps prioritize issues based on the likelihood of exploitation. I have all the evidence of how an attacker can exploit the weaknesses in my parameter.

The proof of exploitability is helpful because we don't need to refer the issues to the security team. The DevOps guys can also use it to understand the various attack vectors and scenarios. The offensive security engine identifies any misconfigured security settings or other issues. That helps us because we are frequently audited and must report these issues to the auditors. audit heavy company. SentinelOne Singularity Cloud Security gives me these issues in advance so I can close the vulnerabilities before we are audited. It has helped us prepare. 

Infrastructure-as-code scanning is another useful feature. In pre-production, it identifies embedded secrets and misconfigurations. We can also identify issues with Kubernetes or some privileged containers. These features all help us pass the audit. Secure IAC code isn't easily exploitable by attackers. We can be more proactive about identifying and resolving vulnerabilities. 

SentinelOne Singularity Cloud Security is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection.

We have used SentinelOne Singularity Cloud Security for more than a year.

I rate SentinelOne Singularity Cloud Security 9 out of 10 for stability. It's a highly stable product, and we haven't had any issues with reliability. 

I rate SentinelOne Singularity Cloud Security 9 out of 10 for scalability. Our company is growing, and we don't see any performance slowdown from onboarding multiple projects. There are also no changes to the functionality or visibility that it provides. We're confident that it can scale to the level that we want.

I rate SentinelOne Singularity Cloud Security support 7 out of 10. Before SentinelOne acquired SentinelOne Singularity Cloud Security, the support was excellent. I would rate it 9 out of 10. Now, I would rate it 7 because there have been some changes due to the transfer of ownership. It isn't great, but it's okay. They are reachable, but it was much easier when SentinelOne Singularity Cloud Security was an independent company. Still, we can contact them when we need some customization, and they'll help us. 

Neutral

We previously used a mixture of manual work and open-source tools. However, these open-source solutions couldn't cover CSPM and container security. 

Deploying SentinelOne Singularity Cloud Security was straightforward. I wasn't a part of it, but I know it was easy to deploy. 

The return on investment is difficult to quantify. We will be fined if we fall out of compliance, but I would only know how much that would cost us once that has happened. SentinelOne Singularity Cloud Security helps us avoid those fines by proactively mitigating vulnerabilities. 

SentinelOne Singularity Cloud Security is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced.

I rate SentinelOne Singularity Cloud Security 8 out of 10. I would recommend SentinelOne Singularity Cloud Security to any company looking for a cloud security solution. It's more than a CSPM. It provides visibility into application security vulnerabilities and container security.

The company purchased SentinelOne Singularity Cloud Security primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well. 

We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline. 

SentinelOne Singularity Cloud Security has improved the organization's Docker container security, and we can mitigate many of the issues to avoid serious vulnerabilities or attacks. We start to see these benefits within 2 or 3 months of deployment. The tool took almost a month to learn the structure of our organization and environment. After that, it started detecting issues and vulnerabilities. 

We don't get many false positives because we eliminated many of them in the early stages. SentinelOne Singularity Cloud Security can mark detections as false positives, so they won't appear in the future. 

SentinelOne Singularity Cloud Security has reduced our detection time. Before implementing SentinelOne Singularity Cloud Security, it took us around 7 or 8 hours to determine whether an issue was inside our organization. Now that we have deployed SentinelOne Singularity Cloud Security, we have an agent list running on our Docker containers, and SentinelOne Singularity Cloud Security is identifying the issues inside the Docker containers. When it scans periodically, we can detect the issues within 2 or 3 seconds. It has reduced 7 hours of work to a few seconds. 

While it hasn't reduced our remediation time on mid-level or low-level issues, it has drastically improved our remediation time for critical Docker issues and high-priority problems in our environment. We can handle them before they make it into production. 

SentinelOne Singularity Cloud Security has improved collaboration between our developers and security teams. The tool has a feature where we can send issues to developers, but it requires them to reply with recommendations.

SentinelOne Singularity Cloud Security's integration is smooth. They are highly customer-oriented, and the integration went well for us. SentinelOne Singularity Cloud Security is also responsive to our feature requests. The interface isn't difficult to understand for a layperson, and we're familiar with it. There's also built-in support, so we can get help when we have a problem. 

The evidence-based reporting is a critical feature because we can correlate to the issues in the system. We have compared it with free tools that are on the market, and SentinelOne Singularity Cloud Security gets better results. From the perspective of remediation, resources, and security, SentinelOne Singularity Cloud Security is the best option. 

The agentless vulnerability scanning has worked well for us. Removing agents from the equation takes about half the work out of it, and the agentless scan fetches the details every millisecond. SentinelOne Singularity Cloud Security's agentless mechanism is monitoring everything that happens on the system.

Proof of exploitability is an important aspect of SentinelOne Singularity Cloud Securitys evidence-based reporting. When we ask a developer to fix an issue, they ask for evidence of its exploitability and whether it's a critical issue. If SentinelOne Singularity Cloud Security didn't provide this information, we couldn't convince the developer to fix it. SentinelOne Singularity Cloud Security provides the expertise to convince the developer by finding the vulnerabilities and providing explanations.  

The infrastructure-as-code scanning helps identify container configuration issues and other problems before they go into production. We used a script, and we needed to enable everything before going to production, so we have it enabled on the production and pre-production side. We can check the issues and block them before going to production. Before it becomes publicly accessible via the internet, we want it to be safer than it was in pre-production.

I would like SentinelOne Singularity Cloud Security's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool. 

We have one feature request that we've already discussed with SentinelOne Singularity Cloud Security. We want a category feature for exceptions that developers have already accepted. We don't want SentinelOne Singularity Cloud Security to identify the issue next time because the developer has already done the risk assessment. 

We have used SentinelOne Singularity Cloud Security for nearly a year.

SentinelOne Singularity Cloud Security is stable. 

SentinelOne Singularity Cloud Security is scalable.

I rate SentinelOne Singularity Cloud Security support 9 out of 10. 

Positive

We previously worked with many open-source solutions and Prisma, one of its competitors. Ultimately, budget issues made us come back to SentinelOne Singularity Cloud Security. SentinelOne Singularity Cloud Security is a budget-friendly and user-friendly tool. A layperson can start using the system and understand it within 1 or 2 days. It also has more capabilities than the other tools.

Deploying SentinelOne Singularity Cloud Security was straightforward. It took 3 or 4 people to deploy. We are currently enrolled on 2 clouds. We had it on AWS, but now it's on GCP and Azure. It's more than 2,000 endpoints and around 2,000 APIs.

It doesn't require much maintenance because the updates are automatically happening on the cloud. When new features are released, we connect to the SentinelOne Singularity Cloud Security team to understand how it will impact our environment. 

SentinelOne Singularity Cloud Security is reasonably priced, considering the value it offers to our organization. We had a few conversations with them, and they understood our posture. Initially, they offered one amount, but we got them to offer a discount that would meet their expectations. Their customer team is excellent and understanding.

I rate SentinelOne Singularity Cloud Security 8 out of 10. SentinelOne Singularity Cloud Security will meet all your requirements if you're looking for a cloud tool that covers IoC scanning, cloud misconfiguration, secret scanning, integration into the DevOps pipeline, and cloud-image scanning. It's a one-stop solution for all these requirements. It's a user-friendly tool that's easy to handle, and the support is excellent. 

We use Singularity Cloud Workload Security for our production and build workloads.

We implemented the solution to simplify the deployment of forensic tools, including EDR, into our cloud infrastructure, where it may be difficult to install an agent.

We have a hybrid deployment, with an estimated 8,000 to 70,000 cloud workloads. We serve a customer base of nearly one billion people, including 700 million current EA subscribers. Handling this workload is no small feat. The estimate is so broad because we do not own or control every AWS, Azure, or GCP account; studios use this infrastructure without our help. We are still in the discovery phase of trying to determine the exact number of workloads. There are thousands of Kubernetes clusters.

Singularity Cloud Workload Security's real-time threat detection capabilities are good. We recompeted SentinelOne against fifteen or twenty different AV vendors over the course of 2018 and 2019 and found SentinelOne to be superior in virtually every possible way.

Forensic capabilities are now excellent. When we started, we had a contractual agreement with SentinelOne to improve deep visibility to match our current toolset, Carbon Black Response. Over the course of two years, they delivered everything we could get from Carbon Black and even more.

The visibility of workload telemetry is excellent, and the hunting capabilities are second to none.

When no human intervention is required Singularity Cloud Workload Security detects and remediates nearly instantaneously.

Our MTTD is sub 30 days.

Our MTTR is seven days after detection for most instances.

The interoperability with third-party solutions is great.

The most valuable feature is the ability to gain deep visibility into the workloads inside containers.

Sometimes the Storyline ID is a bit wacky. It's not that the data is inaccurate, but the threat item that's flagged can sometimes point to a storyline that's not relevant to the hunting object we're looking for. In short, Singularity Cloud Workload Security can sometimes take us on a roundabout way to get to where we want to be when using Storyline ID.

I would like a public repository for CWPP. Having to request a script from SentinelOne to deploy CWPP is not ideal, and this is true for all of the tools, including the Linux agent. Without a public repository, when a deployment team needs something like a GPG key to validate the image, we have to request a signed copy of the software. This is not ideal because it removes our ability to self-serve. Therefore, if I had to ask for anything to make it easier, it would be signed images that are GPG signed and a public repository where we can get the bits from.

I have been using Singularity Cloud Workload Security for over four years.

Singularity Cloud Workload Security is stable. No lag, no crashing, no downtime. The joy of running as a container is that it doesn't break the other parts. 

The Singularity Cloud Workload Security auto-scaling feature is great.

Technical support is excellent. One of the selling points of SentinelOne is the incredibly good support.

Positive

The initial deployment was straightforward, but only because I had to obtain a script from SentinelOne. I completed the deployment myself.

Our three-year renewal with SentinelOne this year was shockingly expensive. In fact, covering our 50,000 endpoints would have nearly bankrupted most security programs, even well-funded ones like ours. The sticker shock is real. I understand that SentinelOne is a market leader, but the bill we received was astronomical.

We evaluated a few application security tools, but CWBB is only a software opportunity. SentinelOne has become our primary solution for all aspects of endpoint security. Therefore, when we considered adding detections for cloud workloads, it made sense to choose SentinelOne as the ideal solution.

I would rate Singularity Cloud Workload Security nine out of ten.

To someone who doesn't think they need CWPP because they already have a continuous security monitoring solution in place, I would say, Consider the old security adage that they are not currently free of malicious items. They have them, but they just don't know where they are.

We have an upgrade policy for maintenance purposes. We need to implement the upgrade policy, but we do this through Chef automation. Writing Chef automation for this can be a bit complex, but it is not impossible.

SentinelOne Cloud Workload Security's ability to be innovative is excellent. I'm a big fan of SentinelOne's API, which has allowed me to develop some creative solutions. I'm actually the only SentinelOne administrator at my organization, so in terms of innovation, it's probably the best tool I've ever used. I've been able to create an automated "one-man army" using SentinelOne.

I recommend deploying a test environment. Do not try to deploy this into an existing environment and test there. It's a bad idea. Not from a SentinelOne perspective, but I'm not much of a Kubernetes expert. I know it can be dangerous, and we tried to do this in a test environment of a live production environment and had a lot of trouble. Not because of SentinelOne, but because of our Kubernetes deployment. Having to complete a bad Kubernetes environment with little knowledge of CWPP basically made getting it working very difficult. So my advice would be to build a clean, industry-standard test environment that can be broken with no risk.

We use Singularity Cloud Workload Security to protect all our servers from malware, both present and future. We also use it to protect our user endpoints, such as workstations and employee laptops.

We recently switched from Windows Defender to SentinelOne endpoint protection after a few of our laptops were infected with malware. SentinelOne has been protecting our laptops, endpoints, and servers for two years now, and it has performed well in internal and external audits.

We currently have a hybrid Active Directory environment. SentinelOne itself is a SaaS-based product, so it is fully cloud-based. However, we need to install agents on all of our endpoints and cloud services.

Singularity Cloud Workload Security has real-time threat detection capabilities. We have tested it with multiple clients and ourselves, and it has detected malware every time we have been attacked. Compared to other major security vendors, Singularity Cloud Workload Security had the best detection rates for all the malware we threw at it during our proof of concept.

Automated remediation is policy-based, which makes it very useful. The SentinelOne platform gathers all information about how the threat played out and all the changes that were affected on our system. Using this information makes it very easy to remediate all the damage because we know what happened. Automated remediation is amazing and a key differentiator from other competitors.

For Linux kernels, the agent supports almost all platforms, including legacy Windows, macOS, and Linux. We have a few Linux servers, and the mitigation and all the other features work just as well as on the other operating systems.

Using the Deep Visibility Console, we can thoroughly investigate everything that was called or changed on a computer. This gives us visibility into virtually everything that happens on all of our endpoints at all times, in real-time. This has allowed us to find threats that other vendors would have missed. We can also use the Deep Visibility Console to perform threat hunting. For example, if a threat has been moving around our network, we can track it down to see exactly where it is moving to and how it is working.

The historical data record provided by Singularity Cloud Workload Security after an attack is good. For data retention in terms of threats, we have a one-year retention period. This is a long time, and it is very useful for our insurance policies, as we often need to comply with them. For compliance purposes, the one-year retention period is perfect for us. For visibility logs, for example, we are ingesting some logs, and I believe the retention rate is actually fourteen days.

Singularity Cloud Workload Security has reduced our MTTD. Previously, with Defender, it would sometimes fail to detect threats. Now, we detect and remediate many more threats automatically, almost instantaneously. For example, if we download a malware file, we usually cannot even open it because Singularity Cloud Workload Security detects it automatically with a super-fast response time.

Our MTTR is automatic. As soon as a threat is detected, remediation is performed automatically, according to our policy. We can even generate a report of the remediation and all affected files. This allows us to see everything and ensures that remediation is performed quickly.

Singularity Cloud Workload Security has freed up our SOC staff's time to work on other projects. Before, we were considering hiring a 24/7 SOC team, but with SentinelOne's vigilance package, they take care of almost everything for us. We no longer need an employee to monitor logs and threats 24/7.

Since we are freeing up some time from the operations side, our IT administrators and security personnel do not have to constantly monitor the console to see what is happening. Because we trust the product to take care of malware for us, our productivity has definitely increased. We only check the logs once a week.

Singularity Cloud Workload Security works well with other vendors, so we can even have two EDR solutions if we want to. The exclusions can be done through the console, which is very easy to use. It gives us a list of all the applications that we have installed on all our systems and makes it easy to create different types of exclusions. For example, we can create exclusions for performance reasons or to suppress alerts. There are a lot of options, and they are all very easy to use.

My favorite feature is Storyline. It creates a neat graph that shows us how any threat played out, in real time. We can see all the information about what was modified or changed on our system, such as files that were modified, created, or deleted, and register keys that were created or edited. For a SOC analyst, this information is super useful. We can deep dive into all the information and see exactly what happened on each computer individually.

The second feature is actually part of the SDR platform, and it provides native integrations with other security software vendors, such as Okta or Azure AD. This allows us to ingest all of our audit logs for security events and to take action on them. For example, we can set up an automation alert so that if a threat is detected on an endpoint, we can automatically take action on our Okta or AD environment, such as locking the account that was signed in or forcing a password reset.

I know that SentinelOne is working on additional integrations for their XDR platform, and I would definitely prefer more integrations. I understand that many more integrations are coming soon but by the end of the year. I would like additional integrations. Currently, we have integrations with Azure AD, Okta, Mimecast, and Netscope. Many of our clients and we also use firewalls from Cisco, Juniper, and so on. It would be helpful to be able to retrieve audit logs or actionable items from these firewalls.

I have been using Singularity Cloud Workload Security for two years.

Singularity Cloud Workload Security is stable, and we have not experienced any downtime. 

The stability of Singularity Cloud Workload Security is similar to that of Microsoft Defender.

Singularity Cloud Workload Security is infinitely scalable, with a multi-tenancy feature that allows us to have multiple sites, such as physical sites. For example, if we have two locations, we can easily create admins who have access to only one site or to all sites. It scales really well, regardless of our environment.

The auto-scaling feature is user-friendly. As we install more endpoints, they will simply show up in the console, allowing us to create our own physical sites with their own admins and different policies.

My interaction with technical support was pleasant. They gave me a few tips on how to integrate the new system. They also sent me some documentation, which was already available to me, but they saved me the time of searching for it. They even offered to schedule a team call to discuss the integration and have a team member help us directly. The only downside is that the entire interaction was text-based, so it could be difficult to get a definitive answer to some questions.

Positive

We previously used Microsoft Defender, but some of our laptops were infected with malware anyway. Because of this, we had to redeploy all of our laptops. We therefore concluded that the solution was not working as well as it should in terms of detection and response so we switched to Singularity Cloud Workload Security.

Deployment was straightforward. The agent is simple to deploy, and we only need to deploy it to all of our endpoints. It is a simple installation that requires our site token. We can deploy it through group policies, Intune, or any mass deployment software. I completed the deployment myself.

We evaluated CrowdStrike, Carbon Black, and Bitdefender, and found that Singularity Cloud Workload Security had a much better remediation process. This is because Singularity Cloud Workload Security uses AI-powered detection and remediation, instead of relying on human analysts. This means that threats can be detected and remediated much faster than with traditional security solutions. Another factor that influenced our decision was pricing. SentinelOne is not too expensive compared to other providers, and it offers a wide range of integrations with other security products.

I would rate Singularity Cloud Workload Security nine out of ten.

Maintenance is minimal, requiring only occasional updates. When a major update is available, we receive an email notification. We then accept and deploy the update to all eligible endpoints through the console.

Singularity Cloud Workload Security is very easy to deploy and has one of the best detection rates among vendors. It has a very user-friendly UI that provides a high-level overview of current threats and system status, as well as the ability to drill down into analytics and threat indicators using the visibility console. It is so user-friendly that anyone can use it, regardless of their expertise level. However, for more experienced users, there is also the option to dig deeper into the data.

Singularity Cloud Workload Security helps us spend less time on threats and more time on our core competency, which is consulting work. This definitely improves our productivity and innovation.

As a Security Engineer, I use the SentinelOne Singularity Cloud Security primarily for cloud security posture management. Additionally, I benefit from features such as attack visualization and evidence-based reporting, which help proactively mitigate vulnerabilities, reducing compliance risk and audit pressures.

Infrastructure as code scanning is a valuable capability, and while we primarily use the SentinelOne Singularity Cloud Security for cloud security posture management, we also leverage its infrastructure as code scanning, which is vital given the implications of hard-coded secrets in our source code.

I personally use the SentinelOne Singularity Cloud Security daily, and I have noticed that the dashboard occasionally gets stuck, potentially due to internet issues, suggesting it could benefit from enhancements to be more robust and smoother.

The SentinelOne Singularity Cloud Security has improved our ability to protect containers, Kubernetes, and other systems, especially since we have integrated it with all CWPP and CSPM application security and container scanning features into Jira for more effective vulnerability management.

The monitoring tool has comprehensive monitoring features. They also provide reports with a compliance score that shows how well we meet certain regulatory standards and allows us to present our compliance as a percentage, demonstrating our serious approach to security. My company is fundamentally focused on security, so this solution is a significant part of it.

The ease of use of the SentinelOne Singularity Cloud Security is evident, as the dashboard is very simple, allowing even beginners to understand the product and its purpose without confusion.

The evidence-based reporting proves crucial for prioritizing issues, as when I receive alerts about any DDoS attacks or incidents affecting my infrastructure, the SentinelOne Singularity Cloud Security plays a very important role in alerting me quickly.

The proof of exploitability in the evidence-based reporting is significantly important to us, as it allows the SentinelOne Singularity Cloud Security to identify issues quickly, especially when a developer accidentally makes a repository public, catching problems before they escalate.

The SentinelOne Singularity Cloud Security has substantially affected my risk posture, as it was the first tool that notified me of the public exposure of a repository by a developer, allowing me to resolve the issue within minutes.

The SentinelOne Singularity Cloud Security helps us reduce the number of false positives significantly, as it provides context to alerts, allowing us to manage public-facing resources without overwhelming alerts when exceptions are necessary.

My mean time to remediate has reduced by about 30% to 40% since using the SentinelOne Singularity Cloud Security.

The mean time to detect has also decreased by 20% with the SentinelOne Singularity Cloud Security.

The SentinelOne Singularity Cloud Security facilitates collaboration between cloud security, application developers, and application security teams, centralizing the reporting and communication of flagged vulnerabilities for remediation through dashboards.

I personally use the SentinelOne Singularity Cloud Security daily, and I have noticed that the dashboard occasionally gets stuck, potentially due to internet issues. It could benefit from enhancements to be more robust and smoother.

I have been using the SentinelOne Singularity Cloud Security for around 1.5 years.

Sometimes, we do expereince lagging. 

The solution is very scalable. 

Technical support is knowledgable. 

Positive

I did not use an alternative solution. 

It's easy to deploy. It took us two to three days. 

We did have the customer support team on call during the implementation. 

We're just a customer and end-user.  

I do not personally use the agentless vulnerability scanning feature, however, my team utilizes it. I do not have extensive insight into its specific workings.

I do not use the offensive security engine feature.

I rate the SentinelOne Singularity Cloud Security nine out of ten.