Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more native integration with Microsoft security tools such as Sentinel and Defender, since those are what we use daily. Having deeper built-in integration instead of relying on generic SIM connections would save time. The training and documentation could also be more comprehensive, with more real-world use case examples specific to different industries. Additionally, having more general customization for the AI models to adjust what gets flagged as anomalous in our specific environment would help reduce alert noise. These are pretty minor improvements, and most of them are probably already in their roadmap based on their recent updates adding self-AI training and bulk status changes for their customers. I believe a mobile app would benefit SOC analysts who need to respond frequently while on the go, as most of the platform feels focused on desktop use. Having a robust mobile experience for approving automated responses and reviewing critical alerts would be really useful.
Cross Platform Development/Solutions Architect And Integrations at One1
Real User
Top 5
Apr 9, 2026
I cannot point exactly to what should be improved at this moment. From my experience, it is mixed. I have worked with integrations with these services. There is always a place for improvements, but I think it is scalable.
Skyhawk Security can be improved mainly by improving the UI so it is a little bit easier to use, and the speed that it takes pages to load are the main downfalls.
The solution needs automatic testing. It's very important for us to be able to create test scenarios to evaluate the resilience of our infrastructure. And will be very useful being able to check different part of our infrastructure like databases, queues, standard instances or the networking part. We cannot afford a red team and we are able to have penetration tests only few times a year, so it could be very useful to have integrated tests in our tools in a convenient way. It also could be useful being able to create comparative reports about these tests in different time periods to investigate how the infrastructure as evolved in resiliency.
Find out what your peers are saying about Skyhawk Security, Orca Security, Wiz and others in Cloud Workload Protection Platforms (CWPP). Updated: June 2026.
Cloud Workload Protection Platforms secure applications running in cloud, container, and hybrid environments, ensuring workload security, compliance, and visibility across multi-cloud frameworks. These platforms provide robust threat detection and response capabilities.CWPP solutions offer unified security management for workload protection, addressing complex security challenges inherent in cloud environments. By integrating seamlessly with existing security frameworks, they deliver...
Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more native integration with Microsoft security tools such as Sentinel and Defender, since those are what we use daily. Having deeper built-in integration instead of relying on generic SIM connections would save time. The training and documentation could also be more comprehensive, with more real-world use case examples specific to different industries. Additionally, having more general customization for the AI models to adjust what gets flagged as anomalous in our specific environment would help reduce alert noise. These are pretty minor improvements, and most of them are probably already in their roadmap based on their recent updates adding self-AI training and bulk status changes for their customers. I believe a mobile app would benefit SOC analysts who need to respond frequently while on the go, as most of the platform feels focused on desktop use. Having a robust mobile experience for approving automated responses and reviewing critical alerts would be really useful.
I cannot point exactly to what should be improved at this moment. From my experience, it is mixed. I have worked with integrations with these services. There is always a place for improvements, but I think it is scalable.
Skyhawk Security can be improved mainly by improving the UI so it is a little bit easier to use, and the speed that it takes pages to load are the main downfalls.
The platform’s interface needs enhancement.
The solution needs automatic testing. It's very important for us to be able to create test scenarios to evaluate the resilience of our infrastructure. And will be very useful being able to check different part of our infrastructure like databases, queues, standard instances or the networking part. We cannot afford a red team and we are able to have penetration tests only few times a year, so it could be very useful to have integrated tests in our tools in a convenient way. It also could be useful being able to create comparative reports about these tests in different time periods to investigate how the infrastructure as evolved in resiliency.