SentinelOne Singularity Cloud Security Reviews

In its all-in-one aspect, we started with Cloud Security Posture Management at the beginning and then added the Offensive Security Engine, Vulnerability Management of CDR. We also use it for compliance.

By implementing this solution, we wanted an alerting mechanism and detection of any deviation from our current configuration. We also wanted visibility into Kubernetes and AWS cloud. We wanted something that continuously monitors and gives us updates so that we can take action.

We have an overview of our compliance status. We check on a weekly or monthly basis where we are with respect to various compliance standards.

Its dashboard is quite good. We can select any resource and go to any details we want. We have a visual representation of our assets and how they are connected.

I like the granularity of access. We can give read-only, admin, or other types of access to team members based on their roles.

It provides an option for auto-remediation, but we are not leveraging that. However, we are using the exploit information to check what they saw versus what we are seeing. It helps to be able to see their evidence.

It includes proof of exploitability in its evidence-based reporting. This is very important for us. We can validate if something is false positive or not only if we have any evidence from the findings. Having the evidence for every issue helps us prioritize the findings.

Offensive Security Engine has helped to clear a lot of vulnerabilities in the past. Through the dashboard, we could see all the metrics related to public exposure and misconfigurations. We have a lot of services in our cloud, and they were very hard to track. It solves that problem for us. 

Our time to detect and respond has improved drastically. If a misconfiguration happens, we gain visibility quickly. Our mean time to detect and respond has reduced by about 50%.

It has enabled collaboration between multiple teams for implementing cloud detection and response and understanding vulnerabilities. It has saved 20% to 30% of our time.

It has been highly effective in risk mitigation. Slack and Jira integrations have been helpful for alerting and creating tickets. We also have Kubernetes integration for insights. 

The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable. I get to customize severities or rules. The flexibility to rate a finding or category of vulnerabilities is the most interesting. 

The cloud misconfiguration feature gave us almost zero false positives. We are happy with this feature.

In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of critical severity, whereas they are not critical or of high severity. There is a mismatch of severities. They need to work on severity management. 

Alert fatigue is an issue as well. We get many alerts because of severity mismanagement. In CDR, there is no option to rescan or recheck. In cloud security, if a resource is restarting multiple times and gets a new name, we get alerts each time, leading to alert fatigue. If restarted five times, we get five alerts, which is not favorable.

I have used the solution for two years.

It is a stable product. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We are using the Enterprise plan which is the maximum that one can leverage. We are paying for all the features, but we are currently not leveraging VCS. We want to increase the usage of that.

Their technical support is top-notch. I made friends there.

Previously, there was no product. We relied on in-house, independent ad-hoc automations. We now have a comprehensive and all-in-one solution.

Its deployment was easy. It was set up in less than a week.

There were a couple of people from PingSafe and a couple of people from our side.

We are based out of Indonesia and India. The deployment was done on the cloud. We use AWS. The PingSafe team was from Bangalore, India.

Its maintenance is taken care of by the SentinelOne team. There is nothing required from us.

On the resource side, we do not have to invest much money or time into developing our own automation or tools. It has saved us more than 50% of our time.

It is cost-effective compared to other solutions in the market.

I recommend looking at the exact requirements and exploring options for CSPM and Offensive Security Engine. These two are a must-have. I would recommend reviewing the use case first and seeing if any other features are required. 

I would recommend this solution to others. Overall, I would rate it a ten on ten for cloud security.

I personally use this for infrastructure security purposes because it provides alerts for any threat detection or vulnerability detection in my infrastructure. This ensures that these issues are addressed promptly.

It has helped us a lot with security practices which are supported by the industry benchmarks. The security tools and policies are regularly updated based on new evidence or changing threat landscapes.

Furthermore, after SentinelOne Singularity Cloud Security was deployed in our system, it provided quick alerts. Previously, tools did not offer fast notifications in case of incidents. SentinelOne Singularity Cloud Security delivers alerts in seconds or milliseconds. It connects directly with my dashboard. I can see the issue. They also provide critical documentation, helping me address issues. 

It has improved our risk posture significantly. The risk posture improved from 60% to 70% to 90% to 95%. We have better control over the risk posture.

It has reduced our mean time to detect. Previously, it took me around ten to fifteen minutes, but with SentinelOne Singularity Cloud Security, it takes around seven to eight minutes to resolve an issue. There is often a 60% to 70% reduction. It has also reduced our mean time to remediate by about 45%.

Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions.

Another valuable feature is the excellent defense mechanism against ransomware, including rollback features. Their managed service for 24/7 monitoring of the infrastructure for any threats and risks is also valuable.

It is easy to use. A new person can easily understand what SentinelOne does by checking the dashboard. It has an intuitive dashboard and streamlined processes, making it user-friendly for security teams like us.

From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the alert appears on the dashboard, but I have to log in to the dashboard and refresh it. I would prefer it to provide better alerting and notifications so that I can resolve issues on priority.

I have been using the solution for 1.5 years.

I personally did not find any lagging issues or other issues. It is perfect.

It is scalable. I would rate it a nine out of ten for scalability.

They provide excellent customer service, coming to calls very quickly. Their information and technical knowledge are excellent with no comparison to other products I have used.

Positive

We previously used an antivirus product.

The initial setup is quite easy. Their customer support team was also there during deployment. They were knowledgeable, and it took about three to four days to complete deployment and testing.

Its maintenance is handled by SentinelOne. They update it regularly.

We only took help from the PingSafe customer support team for deployment, mostly to address any issues. Four people were more than enough.

I have not found any other solution to be this helpful. After its deployment, I feel totally secure. Everything works smoothly, and I do not need to look into any part. I am tension-free. 

I would rate SentinelOne Singularity Cloud Security a ten out of ten.

In my organization, we use SentinelOne Singularity Cloud Security to enhance our security posture. The platform provides alerts and recommendations on best practices, policies, and necessary updates to strengthen our infrastructure security.

We implemented SentinelOne Singularity Cloud Security to strengthen our security posture. Previously, we lacked clear guidance on best practices, including password reset policies, patching procedures, and VM updates. SentinelOne provides these best practices and recommendations, significantly improving our infrastructure security.

SentinelOne Singularity Cloud Security is user-friendly.

Evidence-based reporting helps prioritize and solve cloud security issues. When an issue occurs in my infrastructure, I receive an alert on their dashboard and a notification is sent to our common email address. SentinelOne Singularity Cloud Security provides a direct link to the affected resource in the AWS console, allowing me to navigate to the issue and resolve it quickly.

SentinelOne Singularity Cloud Security has improved my organization's security posture significantly. Before its implementation, we lacked an understanding of best practices for security. The solution has clarified our path by providing guidelines and alerts, which have helped us secure our infrastructure effectively.

It has reduced the number of false positives significantly, providing accurate data for our security processes.

SentinelOne Singularity Cloud Security has significantly improved our risk posture.

Prior to implementing SentinelOne Singularity Cloud Security, our mean time to detect ranged from 30 to 35 minutes. Now, with SentinelOne, our MTTD has significantly improved, falling within the range of 5 to 10 minutes.

Our mean time to remediate has been reduced to five minutes since implementing SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security offers several valuable features, most notably the rapid vulnerability notifications that provide timely alerts regarding our infrastructure. Furthermore, the platform's intuitive interface enables even novice team members to navigate the dashboard with ease, minimizing the need for extensive documentation.

I believe the UI/UX updates for SentinelOne Singularity Cloud Security have room for improvement. While the current interface is excellent, enhancements could make it more user-friendly. Additionally, an improved notification system that sends alerts about vulnerabilities directly to our centralized console would allow for a more prompt response.

I have been using SentinelOne Singularity Cloud Security for almost one and a half years.

I rate the stability of SentinelOne Singularity Cloud Security as nine out of ten.

I rate the scalability of SentinelOne Singularity Cloud Security as ten out of ten.

I have contacted SentinelOne's technical support team once, and they were very helpful. Their communication and product knowledge were excellent.

Positive

The initial cloud-based deployment was straightforward, taking approximately two to three working days with a team of three people.

The implementation was handled internally by my team with guidance from a senior resource.

I rate SentinelOne Singularity Cloud Security nine out of ten.

We have 150 users of SentinelOne Singularity Cloud Security.

I recommend SentinelOne Singularity Cloud Security to others because it is very important from a security standpoint. 

I use SentinelOne Singularity Cloud Security as an endpoint security tool. We have deployed it on multiple users' endpoints and multiple servers to protect them from security threats.

As a security engineer responsible for administering the SentinelOne Singularity Cloud Security, Kubernetes, and VR tool, I work in an organization with over 10,000 employees and numerous virtual servers and corporate network machines. To safeguard these systems from security threats, we've deployed Singularity across all endpoints and servers to monitor for and respond to incidents, gathering detailed information about their spread and affected machines.

Any security incident or malware detection is reported to security administrators within a fraction of a second. Basic rules and AI detections drive this rapid response. For example, suppose a file is flagged as suspicious based on its activity and alignment with the MITRE ATT&CK framework. In that case, the system identifies the file's behavior, categorizes it according to MITRE attackers, generates AI-based responses, and provides insights to security administrators for review and further investigation.

Automated remediation is highly effective, responding in mere fractions of a second to block, quarantine, or contain affected files or devices. Additionally, it can isolate endpoints from the network to prevent malware from spreading or containing compromised systems.

The Ranger feature is not exclusive to Linux systems. It scans all devices on a network, providing information about the types of machines and operating systems present within that specific network environment.

Workload telemetry visibility is valuable during incident response, triage, and analysis. Detailed information about the process is provided when an incident is reported, offering deep insights. For example, if a file is flagged as malware, the entire process behind its execution, including accessed files and invoked processes, is displayed. This comprehensive history effectively aids in determining file behavior and accurately classifying it as benign or malicious.

The benefits of SentinelOne Singularity Cloud Security are immediately visible through the quick response time.

The mean time to detection is under half a second.

The mean time to remediate is between one and one and a half seconds.

It provides an automated response, eliminating the need to block and investigate files manually. SentinelOne Singularity immediately blocks suspicious files, and subsequent investigation allows us to whitelist the file completely or maintain the block.

The most valuable features are automated threat response, AI detection, and static and dynamic detection. Monitoring all activities on the server's endpoint provides security administrators with deep visibility into endpoints, servers, and the incidents occurring on them.

I request that SentinelOne investigate this false positive, as SentinelOne has a higher false positive rate than other XDR solutions. While false positives are an expected part of incident response, excessive numbers can indicate accuracy issues with the tool.

I have been using SentinelOne Singularity Cloud Security for two years.

Cloud-based stability is beneficial because it eliminates downtime for business owners, ensuring uninterrupted operations.

Scalability is relatively straightforward as it primarily involves installing agents on additional machines and addressing licensing requirements.

Auto-scaling based on workload demands is beneficial, for example, when a hundred machines are added to the corporate network. We need to deploy the SentinelOne agent to these additional machines and confirm that the license accommodates the increased number of devices.

We previously used Crowdstrike Falcon but prefer SentinelOne Singularity Cloud Security because it is user-friendly. The GUI is easy to understand, operate, and administer.

Due to SentinelOne's cloud-based nature, initial deployment is straightforward. Simply installing the agent on the endpoints we wish to protect is sufficient, making setup within our existing corporate network infrastructure relatively uncomplicated.

The deployment time varies depending on the number of endpoints and servers accessible within the network, but it typically takes one to two months to complete and transfer responsibility.

Two people are necessary for deployment: one to handle administrative tasks and another to manage the SCCM component, such as pushing agents to multiple machines.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

Sometimes, Singularity incorrectly flags legitimate files as malware or suspicious, which can disrupt the work of some project users. However, we understand the importance of protecting against potential threats and appreciate Singularity's proactive approach. We can easily whitelist false positives, minimizing productivity impact and ensuring our system remains secure.

SentinelOne Singularity Cloud Security is a valuable tool for organizations with the budget to invest in it. It offers robust protection for servers and endpoints, which are primary targets for security breaches. Given the critical nature of endpoint security, this software should not be overlooked. SentinelOne has a strong reputation, provides rapid response times, and includes features such as deep visibility into malicious files, enabling security administrators to isolate threats in the cloud through sandboxing directly.

The only maintenance required is for agent upgrades.

Our infrastructure utilizes a combination of cloud solutions and Kubernetes for container orchestration. To ensure the security of these environments, we leverage SentinelOne Singularity Cloud Security. This platform proactively identifies and remediates vulnerabilities within our cloud deployments.

We use SentinelOne Singularity Cloud Security, which is integrated with our cloud environment. This allows us to receive notifications from SentinelOne Singularity Cloud Security directly in our Slack channels, according to the notification settings we have configured. We prioritize these alerts and take appropriate actions based on their urgency.

To improve our cloud security posture and achieve best practices, we implemented SentinelOne Singularity Cloud Security. This security tool helps us identify and address vulnerabilities within our cloud environment.

SentinelOne Singularity Cloud Security is easy to use.

SentinelOne Singularity Cloud Security's evidence-based reporting helps prioritize and solve the most important cloud security issue.

SentinelOne Singularity Cloud Security's proof of exploitability is valuable because it goes beyond simply identifying vulnerabilities. It assesses how severe these vulnerabilities are by determining if they can be actively exploited by attackers. This information allows us to prioritize our actions and focus on fixing the most critical risks first.

SentinelOne Singularity Cloud Security's compliance monitoring capabilities helped us achieve certifications like PCI and DSS.

SentinelOne Singularity Cloud Security's UI is easy to use even for beginners.

SentinelOne Singularity Cloud Security improved our security posture, made us more compliant, and improved our confidence when we spoke to our clients.

Before implementing SentinelOne Singularity Cloud Security, we lacked any detection capabilities. Consequently, our mean time to detection saw a significant improvement of up to 70 percent after SentinelOne Singularity Cloud Security's introduction.

SentinelOne Singularity Cloud Security improved our mean time to remediation by 50 to 70 percent.

SentinelOne Singularity Cloud Security has significantly improved collaboration between our cloud security, application developers, and AppSec teams. This enhanced collaboration is due to the dashboard that provides a centralized view of all security-related information within SentinelOne Singularity Cloud Security.

In the past, our infrastructure setup process involved building the infrastructure first and then implementing security best practices at the end. This new approach is different. Now, when we create new infrastructure, we integrate SentinelOne Singularity Cloud Security right from the start. This integration allows us to receive security alerts immediately. With these real-time insights, we can proactively address any security issues or potential vulnerabilities as we build, rather than waiting until the infrastructure is complete.

We integrated SentinelOne Singularity Cloud Security with a few alerting systems and our Slack channels.

SentinelOne Singularity Cloud Security's most valuable feature is its unified console. This console brings together all of our cloud-based and non-cloud-based solutions into a single, centralized location.

I find the visualization graphs particularly helpful. They identify which objects are affected by the issue, allowing us to prioritize our efforts and focus on the areas that need the most attention.

We deployed SentinelOne Singularity Cloud Security for AWS and Oracle Cloud but we encountered issues with Oracle Cloud. The integration with Oracle has room for improvement.

I have been using SentinelOne Singularity Cloud Security for a year.

I would rate the stability of SentinelOne Singularity Cloud Security 9 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 8 out of 10.

The technical support is responsive and knowledgeable.

Positive

The deployment was straightforward and took half a day for AWS. Two people from our DevOps team were involved in the deployment.

SentinelOne Singularity Cloud Security improved the security of our infrastructure and helped reduce the costs.

SentinelOne Singularity Cloud Security is affordable.

In addition to SentinelOne Singularity Cloud Security, we also considered Palo Alto and AccuKnox for our needs. However, the positive customer service experience we had with a SentinelOne Singularity Cloud Security representative played a role in our final decision.

I would rate SentinelOne Singularity Cloud Security 9 out of 10.

We have around five people in our organization who utilize SentinelOne Singularity Cloud Security. We are all in the same location except for our consultant.

SentinelOne Singularity Cloud Security does not require maintenance from our end.

I recommend SentinelOne Singularity Cloud Security to others. It is compatible with most major cloud platforms. However, we did encounter some issues when using it with lesser-known cloud providers, such as Oracle.

I use SentinelOne for the traffic flow in my customer's account.

Singularity Cloud Security gives us alerts, and it is helpful for us to get these alerts. We get to know about any issues through these alerts. We can resolve the issues accordingly.

It helps resolve issues more quickly. I do not have to analyze them on my own. We get to know the issues, and we also have documentation and recommendations about how to resolve them. That is very helpful for me.

We were able to realize its benefits pretty quickly because I already had its knowledge. I had studied a little bit and researched it. After implementation, my work got faster by almost 60% to 70%. The client was happy with that.

Singularity Cloud Security has reduced the number of risks. After resolving an issue on one of the servers, I can implement the fix on other servers before getting alerts about those. There is about 70% to 80% reduction.

It has been beneficial for all team members because we are all working in shifts and we are not able to communicate with each other much. The documentation has helped a lot.

Our security posture is much better. I do not have the numbers, but we see fewer notifications about security and threats. We follow the guidelines and best practices.

The security that it provides is valuable. It has a user-friendly dashboard that I can access without any difficulty.

Security notifications or alerts are also very useful. The alert mechanism helps in identifying issues.

It is very easy to use. I would rate it a nine out of ten for usability.

Sometimes, I am not able to see the flow when there is an issue. When anyone complains and I have to troubleshoot it, I find it difficult to search. 

The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles.

I have six months of experience using it.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability. Our clients are large organizations.

In our AWS Cloud, we have multiple accounts. We have almost 400 users. The AppSec team is a different team that is responsible for its installation. We are its users.

I use vendor support. I would rate them a nine out of ten.

Positive

I did not use any different solution before.

Initially, it took a lot of time because I had to first learn it and then implement it. First time, there can be some challenges. It took some time to understand because it was my first setup. Once I understood the process, it became easier with subsequent setups.

We implemented this solution after reviewing the documentation. Our AppSec team deployed it.

I would recommend this solution. I find it very user-friendly, and the documentation is also good enough to give solutions, which is very important. In addition to notifications, we also get solutions.

I would rate Singularity Cloud Security a nine out of ten.

We use SentinelOne Singularity Cloud Security as our CSPM. Integrated with our environment, SentinelOne Singularity Cloud Security scans for vulnerabilities and recommends remediation.

We implemented SentinelOne Singularity Cloud Security to monitor our cloud security for vulnerabilities in the configuration.

SentinelOne Singularity Cloud Security is easy to use.

The evidence-based reporting provides details of the vulnerability and the steps we need to take to resolve it.

The SentinelOne Singularity Cloud Security scanning engine provides valuable evidence by identifying and reporting vulnerabilities that could be attacker targets. This evidence of exploitability is crucial because it allows us to prioritize and patch vulnerabilities effectively. Without this information, we might not be able to address critical vulnerabilities promptly.

Thanks to SentinelOne Singularity Cloud Security, our security posture has improved significantly. Our team has been able to effectively address all critical and high vulnerabilities identified by the platform.

SentinelOne Singularity Cloud Security has improved our mean time to detection. Without a CSPM tool, we would not be able to identify vulnerabilities.

SentinelOne Singularity Cloud Security facilitated collaboration between our cloud security, application development, and AppSec teams. The evidence provided by SentinelOne Singularity Cloud Security streamlines collaboration and vulnerability resolution across these teams.

The collaboration has saved engineering time by up to 40 percent.

SentinelOne Singularity Cloud Security's improved compliance monitoring capabilities have helped us achieve a more secure posture.

All the features we use are equal and get the job done.

We encountered issues with some of the configured security rules. The vulnerability recommendations provided by SentinelOne Singularity Cloud Security were inaccurate. In some cases, the rules are strictly enforced but do not align with real-world use cases. To address this, I recommend revising the security rule definitions to better reflect practical scenarios and provide clearer explanations.

We encountered a problem with SentinelOne Singularity Cloud Security. They required a broad security policy, but we requested that they implement least privileged access and grant fewer permissions than they initially required. It took them over six months to respond to our request.

I have been using SentinelOne Singularity Cloud Security for 1.5 years.

I would rate the stability of SentinelOne Singularity Cloud Security 8 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 9 out of 10.

The technical support teams' response time was good but they were lacking a deep understanding of the different environments which caused delays in resolving our issues. 

Neutral

The initial deployment was straightforward and took 2 days to complete.

Two people from our team were involved in the deployment.

I would rate SentinelOne Singularity Cloud Security 7 out of 10.

Four people in our organization utilize SentinelOne Singularity Cloud Security.

No maintenance is required from our end.

I recommend SentinelOne Singularity Cloud Security to others for CSPM. 

We use the solution for security posture management. It's a safeguard for our cloud. It helps flag misconfiguration or any kind of vulnerability. There are also remediation capabilities, although we're only subscribed to alerts.

It's a safeguard tool for our cloud. When I'm using my cloud I need to make sure whatever I'm doing is secure. So we needed a gatekeeper or something acting as a gatekeeper, to keep an eye out since people can sometimes make mistakes. If there is any kind of event error, it helps us get alerted.

It's a real-time monitoring tool that runs 24/7.

I like the security capabilities. The availability and stability are very good. 

It is very easy to use, and the graphical user interface is nice. It's great that they provide information regarding issues on the front end. The evidence-based reporting is good. There is some heavy investment there. The user interface and ease of use for security operations are very helpful. Everything is easily available, and that's very impressive. 

It works within a certain set of rules. It has enough information to cover 100% of the services we are using. For most of my expectations, the product has covered my needs. They are also adding new features and functionality.

We use the infrastructure as code scanning, which is good. There's very good security scanning. We can scan non-production environments and get a report. We get notifications of issues immediately. Before moving to production, we always look at reports to check for issues. 

We're almost 99% compliant based on the compliance regulations we follow. It's helpful to have good compliance scanning. 

We've been dealing with fewer false positives. It's improved over time. It's too early to say, percentage-wise, how many fewer we're seeing; however, it is noticeable. 

It's lowered our risk posture. We have been satisfied so far. It covers what we need to be covered.

The mean time to remediate has been lowered by about 20% to 30%.

We now have very good collaboration between our cloud security, application developers, and AppSec teams. There's better communication in terms of response. We haven't calculated if it's saved us any engineering time, however. 

They could improve their mean time to detect. It's good, however, it could be lowered further. Detection should be in near real-time. We need these alerts fast as security is our greatest concern.

They could improve reporting and offer better, faster notifications. 

I've used the solution for almost 2 years.

I'd rate the stability 8 out of 10.

We have 10 to 15 people using the solution. 

I'd rate the ability to scale 8 out of 10.

We've had our support directly reach out to theirs. Sometimes they address items slowly; sometimes they are faster. The support response time could be improved. 

Positive

We did use something prior to PingSafe. We had a few things on-premises and on our private cloud. We liked the pricing and feature offering of PingSafe and decided to implement it. 

The initial setup was pretty straightforward. We had to do some integration and it was simple. The deployment itself hardly took an hour. It's integrated with our AWS and that was pretty seamless. 

I don't worry about maintenance. I don't take care of that aspect. However, PingSafe works in the background, maintaining and upgrading the system directly. 

We had a few people from PingSafe involved in the implementation. 

I'm a customer and end-user.

It's a 100% available solution. It covers most of our cloud security requirements and has a nice interface. Support could be faster, though. When we're dealing with security, we don't want lots of time between responses. 

I'd rate the solution 7 out of 10.