Excellent Visibility and Control for Secrets and Non-Human Identities at Enterprise Scale
What do you like best about the product?
As part of the security engineering team, I find Entro especially helpful for secrets discovery and non-human identity governance, providing clear visibility into exposed secrets, service accounts, and machine identities across our environments, and allowing our team to operate more efficiently.
What do you dislike about the product?
Entro has been extremely reliable and useful overall — I’d just like to see improvements in reporting customization and deeper integrations with additional third-party security tools to make it even better.
What problems is the product solving and how is that benefiting you?
Entro helps us automate workflows, saves time on manual secrets discovery and rotation, and improves our ability to reduce identity-based attack surface and prevent credential-related incidents. It offers strong coverage across multiple secret types with accurate detection and useful filtering, allowing us to quickly prioritize real risks and focus on remediation rather than triage.
Optimized Integrations and CI/CD Pipeline Security
What do you like best about the product?
Entro's extensive integration capabilities and its ability to perform scans directly within the CI/CD pipeline
What do you dislike about the product?
Support for multi-tenancy hasn’t been implemented yet
What problems is the product solving and how is that benefiting you?
Visibility into exposed secrets across our tech stack was limited. Gaining this visibility allows us to better understand ownership and drive accountability among developers.
Essential Tool for Automated Secret Detection and Workflow Efficiency
What do you like best about the product?
I find Entro very useful for automating secret detection and helping streamline workflows. It provides near real-time visibility into risks and accelerates remediation.
What do you dislike about the product?
I’d like to see expanded data export options as the ones that already exist.
What problems is the product solving and how is that benefiting you?
I handle security engineering operations, using Entro to automate exposure management, track remediation, and improve workflow visibility.
Automated Secret Scanning and Custom Workflows That Elevate Security
What do you like best about the product?
As a Principal Product Security Engineer, I love that Entro allows me to automate secret scanning and build custom workflows like our Tines alert flow that improves notification speed and accuracy.
What do you dislike about the product?
I’d like more custom rule options and deeper integration with internal ticketing systems.
What problems is the product solving and how is that benefiting you?
Entro saves time on scanning, improves monitoring of exposures, and helps our team address incidents faster.
Proactive management empowers security measures with ease of onboarding
What do you like best about the product?
As a Strategic IT and Cybersecurity Leader, Entro helps me manage exposure visibility and strategic risk control. It has become a key tool for me and my team.
What do you dislike about the product?
I’d like to see deeper insights such as the AI analysis the team has been working on.
What problems is the product solving and how is that benefiting you?
Entro helps streamline monitoring, saves time on risk reporting, and enhances executive visibility.
Essential Tool for Managing Exposure and Risk
What do you like best about the product?
As a an infrastructure Technician, Entro helps my team manage exposure visibility and strategic risk control. It has become a key tool that keeps me and my team safe
What do you dislike about the product?
I’d like to see some more deeper insights for example what AI analysis the team has been working on
What problems is the product solving and how is that benefiting you?
Entro helps streamline monitoring, saves time on risk reporting, and enhances executive visibility. It is really helping push us forward as an IT unit.
Entro Security: Essential for Comprehensive NHI Security
What do you like best about the product?
Entro Security provides unparalleled visibility and control over our non-human identities and secrets. The platform's comprehensive discovery, classification, and posture management capabilities are incredibly powerful. We especially value its ability to seamlessly integrate across our critical platforms like Slack, the full GitHub ecosystem, and Atlassian, enabling us to scan for and identify exposed secrets and non-human identities (NHIs) across our entire infrastructure. This crucial visibility and proactive monitoring ensures these critical assets are secure. It truly offers an end-to-end solution that has significantly strengthened our security posture.
What do you dislike about the product?
While the platform is incredibly robust, as with any advanced security solution, there's a learning curve to fully leverage all its capabilities. Continued expansion of integrations with various niche developer tools would also be beneficial as our ecosystem evolves.
What problems is the product solving and how is that benefiting you?
Entro Security is solving our most pressing challenges related to securing non-human identities like API keys, tokens, and service accounts. Before Entro, managing these at scale created significant blind spots and potential attack vectors. Entro has given us complete discovery and control, automating the entire lifecycle from provisioning to rotation and decommissioning. This benefits us by strengthening the security of our identity & access management, preventing unauthorized access, streamlining our compliance efforts, and giving our Security team peace of mind that these critical assets are protected.
Detecting Leaked Secrets Across Platform and Helping with NHI Challanges
What do you like best about the product?
Everyone makes mistakes, and some could mean leaking a secret to the world. As we knew secrets existed in our codebase and platforms, Entro has helped us increase the visibility of these secrets and take the appropriate actions. Accidental leakage of secrets is inevitable; the key is to promptly address and remediate these leaks when they occur. Leveraging Entro, we're able to reduce the mean-time-to-respond to any future leakage. In addition to that, by marrying the power of Entro together with that of Elastic, we're able to generate metrics and increase secrets management best practices across the different Elastic teams.
What do you dislike about the product?
As a rapidly evolving platform, we sometimes see new features rolled out that require minor adjustments to our existing workflows. However, the Entro team is consistently responsive and supportive in helping us adapt, ensuring any transitions are smooth.
What problems is the product solving and how is that benefiting you?
Primarily, it addresses the pervasive problem of exposed secrets in our CI/CD and code locations. Furthermore, Entro has provided us the ability to identify and promote the revocation of idle and unused non-human identities across critical platforms such as AWS (IAM tokens), and GitHub (PATs), significantly reducing our attack surface. It also automates the crucial review process for NHIs belonging to former employees. The platform's proactive approach has allowed us to drastically reduce our overall exposure to compromised secrets, streamline disablement, and enforce regular rotation, ultimately enhancing our overall security posture and operational efficiency.
Proactive management empowers security measures with ease of onboarding
What is our primary use case?
I am a Security Engineer at a company called Regatta. We started using Entro Security to address a request from one of the head developers to gain control over secrets and identities.
We initially found only ten identities after a month of manual work. However, Entro Security's free evaluation managed to find thousands of secrets, which was a game-changer for us. It became a necessity to use Entro Security for our cybersecurity needs, and it has now evolved into a proactive measure for our organization.
What is most valuable?
The top features of Entro Security that stand out are its ease of onboarding and discovery. Integration takes minutes, and it quickly scans resources like Azure, Teams, Slack, Confluence, and Jira.
It provides clarity in the way secrets are displayed, alert mechanisms, and customized alerts like creating tickets on Jira or sending messages on Teams or Slack. Meanwhile, the support team at Entro is magnificent, offering invaluable insights and assistance.
What needs improvement?
Entro Security could benefit from improvements in IAM control to allow segregation of duties among developers. Providing a more modular alerting system to have proactive measures without extensive communication with engineers would also be an improvement. While the basic alerts work, a more customizable alert system would be a plus.
For how long have I used the solution?
I have been using Entro Security for two years.
What do I think about the stability of the solution?
Entro Security is very stable. I have never experienced downtime and every feature works as expected. The platform is reliable.
What do I think about the scalability of the solution?
The scalability of Entro Security is seamless. Connecting it to services like GitHub or Teams at an organizational level ensures all projects are instantly added, demonstrating excellent scalability.
How are customer service and support?
The customer service and support provided by Entro Security are excellent. They have a can-do attitude and never say no. The support team is always helpful and provides all the necessary services.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We didn't use any previous solution before Entro Security. We evaluated competitors like Oasis Security and Trufflehog, however, Entro Security's white paper was superior, and their free trial setup was quick.
How was the initial setup?
The initial setup was very easy, taking about an hour including the initial call. The hands-on part of enrolling services like Azure, GitHub, Teams, Slack, and DevOps took only 10 to 15 minutes.
What's my experience with pricing, setup cost, and licensing?
Entro Security is not the cheapest solution. However, I am willing to pay for quality cybersecurity products. We received a good discount this year, which significantly reduced the price. Next year, we may review licenses for better pricing or explore competitive options.
Which other solutions did I evaluate?
We evaluated Oasis Security and Trufflehog before choosing Entro Security.
What other advice do I have?
Overall, I would rate Entro Security a ten out of ten.
I recommend it because of its excellent customer service, seamless scalability, and the proactive security measures it provides.
