SentinelOne Singularity Cloud Security - AI Powered CNAPP

I am currently using the cloud security posture management capabilities. We are managing multiple cloud platforms, including AWS , Azure , and GCP. I need a consolidated security posture management across all of my cloud platforms.

We are managing multiple cloud workload profiles. For example, someone has mistakenly configured 0.0.0.0 access, and some misconfiguration has occurred. I want to get that update immediately, otherwise people may use that flaw and attack us. This misconfiguration detection will help us in eliminating missed configurations or configurations that our people have mistakenly implemented. That is my major use case. Additionally, I will get the consolidated asset inventory. These three purposes are what I am using Cloud Security Posture Management for.

The offensive security particular solution works by going through logs and seeing the logs on everything. It will provide complete visibility related to false positive and true positive information. That provides more visibility on the technical front. For example, if you are creating a use case on a SIM and that particular use case is not matching your end-to-end information related to our environment, it will not throw the alert. If you implement the offensive security, it will straight away point out that particular issue in that incident because the alert was triggered by that event.

Secret scanning is our automated scanning. We do not want to do the manual effort, and we do not want to create any automation during production. The moment you do this, the secret scanning will work because it is runtime scanning.

Mean time to detection and mean time to respond is a critical aspect. Most of the incidents sometimes will not be detected if you are not configured properly. The MTTR is very important. That is the reason we have mentioned that to eliminate the misconfiguration part, we need Cloud Security Posture Management. Because if someone has created an account opening 0.0.0.0, and then someone has opened the 'all all' access in the cloud instance itself, then anybody can come and penetrate my cloud workload and destroy it. In that scenario, I want to get a proper, proactive approach. The moment someone has made a mistake, I have to immediately respond. Then only can I protect. To eliminate the manual mistake and misconfiguration, this particular tool does the immediate alert so that we can prevent our cloud workloads based on the priority and based on the alert triggers. We can eliminate the alerts and incidents.

There is one concern related to SentinelOne Singularity Cloud Security platform. They claim it as an AI-based integration that will provide runtime protection. The moment it comes to the runtime protection, if someone is using an existing tool, this particular tool does not scan because we need to achieve it. For example, I have a CrowdStrike EDR in my console, on my VM, I have it installed. This particular runtime also has to be protected. Most of the runtime protection has to be implemented in a proper manner. For that reason, we are doing the scanning on an immediate basis. The first time, this particular runtime protection is not working. For example, I am trying that for the first time, and it is not getting the protection part. It is not working. If I try that particular trial again, only after that is it getting one more runtime protection. It is detection, and then it is getting the protection also.

As a cyber security analyst, my main use case for SentinelOne Singularity Cloud Security  is front line support. I use SentinelOne Singularity Cloud Security  in my daily work for detection through our endpoints for any ingress on our clients.

The best features SentinelOne Singularity Cloud Security offers include the data lake where I can ingest data from all other applications that I use into one central location, making managing alerts much easier and more responsive.

SentinelOne Singularity Cloud Security has positively impacted our organization as it allows us to be more proactive on the alerts that we get and any threats that we receive. The data lake feature helps me day-to-day by ingesting all the information from Darktrace  and Defender into one single point of reference, which makes it easier to locate information.

Being able to get information from one central source helps to streamline processes and security in my daily workflow.

I find the platform somewhat clunky at times, and SentinelOne Singularity Cloud Security does not always give me accurate data, which could also be due to fine tuning on our end.

SentinelOne Singularity Cloud Security needs to be more reliable for the information it is pulling, as I am not always confident that the data coming through is accurate and immediate. We have had a few issues with the configuration setup at our location, which will be resolved; however, some of the configurations have taken a long time to resolve, and the back and forth with support has been frustrating.

Regarding needed improvements, support can be more proactive, faster in responsiveness, and come back with workable solutions rather than just steering me back to online knowledge bases all the time.

I have been using SentinelOne Singularity Cloud Security for about 18 months.

SentinelOne Singularity Cloud Security appears to be stable at the moment.

I am not really sure how the scalability of SentinelOne Singularity Cloud Security plays out in our current position.

The customer support for SentinelOne Singularity Cloud Security is about a 5 out of 10, and I think they need to be more interactive with their clients rather than just steering clients back to knowledge bases.

SentinelOne Singularity Cloud Security's unified platform experience has helped streamline our security operations, as it has definitely allowed us to get more accurate information faster.

For others looking into using SentinelOne Singularity Cloud Security, I would definitely recommend it as worth a look for your current environment to see whether it would have a place, and also compare it against other products out there.

My only other thought about SentinelOne Singularity Cloud Security is that support needs to be enhanced with their clients, requiring more interaction with their customer base rather than online pushing clients to knowledge bases all the time.

I gave this review a rating of 6 out of 10.

I use cloud security in cybersecurity, where it plays one of the major roles in my career. Things that cannot be safeguarded in a normal environment are what I have been utilizing, such as information that one person can trust.

Therefore, I must say that cloud security is one of my major architectures that I am using in my day-to-day work environment.

What I appreciate the most about it is its high performance and the way it simplifies tasks, along with the optimization as well.

The Secret Scanning feature in SentinelOne Singularity Cloud Security  is one of the coolest features I have ever worked with, as it primarily functions through its Singularity  Cloud Native  Security. It is designed to find any kind of sensitive data that developers accidentally leave in their code, which leads to major causes of cloud breaches. The Secret Scanning feature offers a wide scope of coverage, as it does not only look for passwords; it is designed to detect over 800 types of secrets, including API keys, and the tool itself scans across the entire development life cycle to catch any kind of secrets before they reach production.

When it comes to Drift Detection in SentinelOne Singularity Cloud Security , I think it is one of the critical features within its application protection platform. Its configuration mainly focuses on infrastructure as code versus the actual live environment. The coolest feature is that it detects when someone manually tries to change a setting in the cloud console that was not in the original code, and it also has a binary drift option for containers and Kubernetes .

Regarding the downsides of cloud security, I do not have much negative to discuss about cloud security, because it is one of the helpful features that I work on in my daily life. However, I would say one drawback is that data breaches can easily happen in cloud security, and it has some limited visibility. That is also one of the drawbacks I would mention, and in my team, some people are telling me that we are facing some compliance issues in cloud security as well.

When I discuss the easily happening data breaches in cloud security, it is all stored in the cloud environment, so anyone who has access to cloud can easily breach the data. It is also easily vulnerable to theft through breaches or any kind of malware or accidental exposures. I would say that attacking cloud storage is quite easy compared to other things.

I have been using it in my career for around 4.10 years.

I can say that there is nothing unstable about SentinelOne Singularity Cloud Security, as there is no lagging, crashing, or downtime.

I would rate the scalability of SentinelOne Singularity Cloud Security as high, as it operates in a cloud-native architecture that is highly scalable for any kind of organization, ranging from small businesses to global enterprises with thousands of devices.

I have not contacted any technical support for SentinelOne Singularity Cloud Security so far.

I have used alternatives similar to SentinelOne Singularity Cloud Security, and I would say one of the products is Akamai . Akamai  is one of the main options.

I would say that the initial deployment for SentinelOne Singularity Cloud Security is really easy compared to other things in cloud computing, especially with public platform models.

When I deployed it for the first time, it took me around an hour or less, but sometimes, due to its complexity, it may take a day.

When it comes to the number of people required for deployment, technically speaking, a single person can deploy the cloud environment, but the number of people involved depends entirely on the scale of my organization. So, while it is possible to deploy a cloud environment with a single person, it also depends on the organization.

Regarding the pricing for SentinelOne Singularity Cloud Security, I do not think it is something I can compare.

When I compare them, I prefer Akamai more.

The reason I prefer Akamai more is that Akamai is the best. Both have excellent performance, but Akamai offers strong performance in terms of security. Furthermore, it efficiently manages unwanted bots, making Akamai the best compared to cloud security or any other software out there.

Regarding how SentinelOne Singularity Cloud Security Runtime Protection compares to Akamai in terms of adaptability to new and unknown threats, it depends on what you are protecting. I do not think I can compare them while they overlap in cloud security, as they both perform different roles in the cyber stack. For SentinelOne Singularity Cloud Security, its priority is to secure the endpoint, while for Akamai, its main primary task is to protect network and application security. I would rate this review overall as a 9.

I have worked on two use cases for this product regarding its major purposes. One is that end-users want to check posts in their multi-cloud environment, where they have AWS , Azure , and Google Cloud . They were asking for multiple security checks based on compliances across each platform, as AWS  has its own compliance checks and Azure  has its own compliance checks, but they needed to verify if configurations comply with standards such as NIST or MITRE. That was the major concern for the team. They have many compliances because they were operating projects around the world, so they had to comply with GDPR, HIPAA, and CERT-In, and in Australia they also have some projects with additional compliance requirements. For that reason, they looked for this product, and I was able to analyze all their environments. I was able to integrate their AWS accounts, Azure accounts, and Google accounts to SentinelOne Singularity Cloud Security . I was able to showcase how it provides security ratings of each instance or each container. I was also able to showcase misconfigurations, such as instances where a particular configuration was given on a temporary basis but was not removed afterward. I was able to identify these issues and make them aware of them. I was also able to provide fixes and references to fixes using SentinelOne Singularity Cloud Security .

The biggest benefit of SentinelOne Singularity Cloud Security is that it has a good AI-based analytics engine that helps with the detection part by providing full visibility. I was able to see all the configurations that were made, all the permissions that were being given on IAM  roles, user role-based access, and everything in SentinelOne Singularity Cloud Security on a granular basis and across multiple cloud environments.

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions.

Regarding built-in integrations in the product, the integration part can be improved by having more third-party vendors because SentinelOne Singularity Cloud Security is much more focused on premium vendors and premium OEMs. Most customers will be using common platform vendors, but some will be using customized solutions or SMB-level customers may be utilizing custom or new vendors. If possible, they can improve their API integrations with all other platforms. To provide a small example, in the South or APEX region, SonicWall is one of the key players in providing network security, but SentinelOne Singularity Cloud Security does not have any integrations for SonicWall. Also, with Zoho, there is not much of an integration part that the end-user would expect.

The main improvement needed is the integration part with other third-party vendors. Also, they can support multiple platforms and provide support for multiple platforms in terms of features.

Response time can be improved because not all things are perfect in every product, whether CrowdStrike or Trend Micro. In some cases, I have felt that the response time could have been better. Regarding response to an attack or incident, in most cases, SentinelOne Singularity Cloud Security has helped me and has also provided a good reactive approach. Even if the endpoint gets compromised, there is rollback functionality. If it provides rollback, it would be able to provide the rollback functionality based on other platforms, such as Linux and Mac platforms. This would allow me to achieve something that no other competitive product is giving. Regarding response time, it can be improved.

I have been working with SentinelOne Singularity Cloud Security for the past one and a half years.

I would say support is excellent. I would give them a rating of 9.5 to 10 because they are providing prompt support, and in my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne. In the support part, they are doing a great job.

It needs some time to install. For the complexity, I would give around six or seven on a scale of ten, where ten is more complex and zero is simple.

In some cases, SentinelOne Singularity Cloud Security is better than Trend Micro. In detection and visibility control, it is much better than both Trend Micro and Fortinet. Fortinet is just now evolving and has entered the market, but I do not see many references for this particular CNAPP  solution.

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions. My overall rating for this product is eight out of ten.