SentinelOne Singularity Cloud Security is the module we are using, specifically for endpoint protection. We have been using this particular product for the last two months.

I am currently using the cloud security posture management capabilities. We are managing multiple cloud platforms, including AWS, Azure, and GCP. I need a consolidated security posture management across all of my cloud platforms.

We are managing multiple cloud workload profiles. For example, someone has mistakenly configured 0.0.0.0 access, and some misconfiguration has occurred. I want to get that update immediately, otherwise people may use that flaw and attack us. This misconfiguration detection will help us in eliminating missed configurations or configurations that our people have mistakenly implemented. That is my major use case. Additionally, I will get the consolidated asset inventory. These three purposes are what I am using Cloud Security Posture Management for.

The single-touch, agentless deployment is number one. Normally, with CSPM, we do not want to do any agent integration to get the details of a VM or workload. For example, I have some container repositories, and I want to get that list. I would have to install the agent. Here, with SentinelOne Singularity Cloud Security, I do not want to install the agent. This deployment is an agentless deployment.

The offensive security particular solution works by going through logs and seeing the logs on everything. It will provide complete visibility related to false positive and true positive information. That provides more visibility on the technical front. For example, if you are creating a use case on a SIM and that particular use case is not matching your end-to-end information related to our environment, it will not throw the alert. If you implement the offensive security, it will straight away point out that particular issue in that incident because the alert was triggered by that event.

Secret scanning is our automated scanning. We do not want to do the manual effort, and we do not want to create any automation during production. The moment you do this, the secret scanning will work because it is runtime scanning.

SentinelOne Singularity Cloud Security is a little expensive compared to my earlier product, CloudGuard. This product is a little expensive, not over-expensive.

Mean time to detection and mean time to respond is a critical aspect. Most of the incidents sometimes will not be detected if you are not configured properly. The MTTR is very important. That is the reason we have mentioned that to eliminate the misconfiguration part, we need Cloud Security Posture Management. Because if someone has created an account opening 0.0.0.0, and then someone has opened the 'all all' access in the cloud instance itself, then anybody can come and penetrate my cloud workload and destroy it. In that scenario, I want to get a proper, proactive approach. The moment someone has made a mistake, I have to immediately respond. Then only can I protect. To eliminate the manual mistake and misconfiguration, this particular tool does the immediate alert so that we can prevent our cloud workloads based on the priority and based on the alert triggers. We can eliminate the alerts and incidents.

There is one concern related to SentinelOne Singularity Cloud Security platform. They claim it as an AI-based integration that will provide runtime protection. The moment it comes to the runtime protection, if someone is using an existing tool, this particular tool does not scan because we need to achieve it. For example, I have a CrowdStrike EDR in my console, on my VM, I have it installed. This particular runtime also has to be protected. Most of the runtime protection has to be implemented in a proper manner. For that reason, we are doing the scanning on an immediate basis. The first time, this particular runtime protection is not working. For example, I am trying that for the first time, and it is not getting the protection part. It is not working. If I try that particular trial again, only after that is it getting one more runtime protection. It is detection, and then it is getting the protection also.

Two months.

I have never faced such an issue. In the earlier product I have mentioned, the cloud management console on the Check Point may have some latency issues, but not for this product.

SentinelOne Singularity Cloud Security is a SaaS platform. As long as you are going with the SaaS platform, scalability may not be an issue.

It is complete remote support only. They are coming on the remote based on our availability. Based on our criticality also, they are doing that.

I have done the POC and then I got the results. Commercially, it is a little costlier than the other provider. Then we have gone with SentinelOne Singularity Cloud Security.

The return on investment is very much achievable in ten months. The product compared to Wiz, which is one more product we have tested, is more favorable. We have not gone through that product because commercially it is very high compared to other products. SentinelOne Singularity Cloud Security is a little bit cheaper than the other product named Wiz.

My review rating for SentinelOne Singularity Cloud Security is 8.5.

As a cyber security analyst, my main use case for SentinelOne Singularity Cloud Security is front line support. I use SentinelOne Singularity Cloud Security in my daily work for detection through our endpoints for any ingress on our clients.

The best features SentinelOne Singularity Cloud Security offers include the data lake where I can ingest data from all other applications that I use into one central location, making managing alerts much easier and more responsive.

SentinelOne Singularity Cloud Security has positively impacted our organization as it allows us to be more proactive on the alerts that we get and any threats that we receive. The data lake feature helps me day-to-day by ingesting all the information from Darktrace and Defender into one single point of reference, which makes it easier to locate information.

Being able to get information from one central source helps to streamline processes and security in my daily workflow.

I find the platform somewhat clunky at times, and SentinelOne Singularity Cloud Security does not always give me accurate data, which could also be due to fine tuning on our end.

SentinelOne Singularity Cloud Security needs to be more reliable for the information it is pulling, as I am not always confident that the data coming through is accurate and immediate. We have had a few issues with the configuration setup at our location, which will be resolved; however, some of the configurations have taken a long time to resolve, and the back and forth with support has been frustrating.

Regarding needed improvements, support can be more proactive, faster in responsiveness, and come back with workable solutions rather than just steering me back to online knowledge bases all the time.

I have been using SentinelOne Singularity Cloud Security for about 18 months.

SentinelOne Singularity Cloud Security appears to be stable at the moment.

I am not really sure how the scalability of SentinelOne Singularity Cloud Security plays out in our current position.

The customer support for SentinelOne Singularity Cloud Security is about a 5 out of 10, and I think they need to be more interactive with their clients rather than just steering clients back to knowledge bases.

SentinelOne Singularity Cloud Security's unified platform experience has helped streamline our security operations, as it has definitely allowed us to get more accurate information faster.

For others looking into using SentinelOne Singularity Cloud Security, I would definitely recommend it as worth a look for your current environment to see whether it would have a place, and also compare it against other products out there.

My only other thought about SentinelOne Singularity Cloud Security is that support needs to be enhanced with their clients, requiring more interaction with their customer base rather than online pushing clients to knowledge bases all the time.

I gave this review a rating of 6 out of 10.

I use cloud security in cybersecurity, where it plays one of the major roles in my career. Things that cannot be safeguarded in a normal environment are what I have been utilizing, such as information that one person can trust.

Therefore, I must say that cloud security is one of my major architectures that I am using in my day-to-day work environment.

What I appreciate the most about it is its high performance and the way it simplifies tasks, along with the optimization as well.

The Secret Scanning feature in SentinelOne Singularity Cloud Security is one of the coolest features I have ever worked with, as it primarily functions through its Singularity Cloud Native Security. It is designed to find any kind of sensitive data that developers accidentally leave in their code, which leads to major causes of cloud breaches. The Secret Scanning feature offers a wide scope of coverage, as it does not only look for passwords; it is designed to detect over 800 types of secrets, including API keys, and the tool itself scans across the entire development life cycle to catch any kind of secrets before they reach production.

When it comes to Drift Detection in SentinelOne Singularity Cloud Security, I think it is one of the critical features within its application protection platform. Its configuration mainly focuses on infrastructure as code versus the actual live environment. The coolest feature is that it detects when someone manually tries to change a setting in the cloud console that was not in the original code, and it also has a binary drift option for containers and Kubernetes.

Regarding the downsides of cloud security, I do not have much negative to discuss about cloud security, because it is one of the helpful features that I work on in my daily life. However, I would say one drawback is that data breaches can easily happen in cloud security, and it has some limited visibility. That is also one of the drawbacks I would mention, and in my team, some people are telling me that we are facing some compliance issues in cloud security as well.

When I discuss the easily happening data breaches in cloud security, it is all stored in the cloud environment, so anyone who has access to cloud can easily breach the data. It is also easily vulnerable to theft through breaches or any kind of malware or accidental exposures. I would say that attacking cloud storage is quite easy compared to other things.

I have been using it in my career for around 4.10 years.

I can say that there is nothing unstable about SentinelOne Singularity Cloud Security, as there is no lagging, crashing, or downtime.

I would rate the scalability of SentinelOne Singularity Cloud Security as high, as it operates in a cloud-native architecture that is highly scalable for any kind of organization, ranging from small businesses to global enterprises with thousands of devices.

I have not contacted any technical support for SentinelOne Singularity Cloud Security so far.

I have used alternatives similar to SentinelOne Singularity Cloud Security, and I would say one of the products is Akamai. Akamai is one of the main options.

I would say that the initial deployment for SentinelOne Singularity Cloud Security is really easy compared to other things in cloud computing, especially with public platform models.

When I deployed it for the first time, it took me around an hour or less, but sometimes, due to its complexity, it may take a day.

When it comes to the number of people required for deployment, technically speaking, a single person can deploy the cloud environment, but the number of people involved depends entirely on the scale of my organization. So, while it is possible to deploy a cloud environment with a single person, it also depends on the organization.

Regarding the pricing for SentinelOne Singularity Cloud Security, I do not think it is something I can compare.

When I compare them, I prefer Akamai more.

The reason I prefer Akamai more is that Akamai is the best. Both have excellent performance, but Akamai offers strong performance in terms of security. Furthermore, it efficiently manages unwanted bots, making Akamai the best compared to cloud security or any other software out there.

Regarding how SentinelOne Singularity Cloud Security Runtime Protection compares to Akamai in terms of adaptability to new and unknown threats, it depends on what you are protecting. I do not think I can compare them while they overlap in cloud security, as they both perform different roles in the cyber stack. For SentinelOne Singularity Cloud Security, its priority is to secure the endpoint, while for Akamai, its main primary task is to protect network and application security. I would rate this review overall as a 9.

I have worked on two use cases for this product regarding its major purposes. One is that end-users want to check posts in their multi-cloud environment, where they have AWS, Azure, and Google Cloud. They were asking for multiple security checks based on compliances across each platform, as AWS has its own compliance checks and Azure has its own compliance checks, but they needed to verify if configurations comply with standards such as NIST or MITRE. That was the major concern for the team. They have many compliances because they were operating projects around the world, so they had to comply with GDPR, HIPAA, and CERT-In, and in Australia they also have some projects with additional compliance requirements. For that reason, they looked for this product, and I was able to analyze all their environments. I was able to integrate their AWS accounts, Azure accounts, and Google accounts to SentinelOne Singularity Cloud Security. I was able to showcase how it provides security ratings of each instance or each container. I was also able to showcase misconfigurations, such as instances where a particular configuration was given on a temporary basis but was not removed afterward. I was able to identify these issues and make them aware of them. I was also able to provide fixes and references to fixes using SentinelOne Singularity Cloud Security.

The biggest benefit of SentinelOne Singularity Cloud Security is that it has a good AI-based analytics engine that helps with the detection part by providing full visibility. I was able to see all the configurations that were made, all the permissions that were being given on IAM roles, user role-based access, and everything in SentinelOne Singularity Cloud Security on a granular basis and across multiple cloud environments.

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions.

Regarding built-in integrations in the product, the integration part can be improved by having more third-party vendors because SentinelOne Singularity Cloud Security is much more focused on premium vendors and premium OEMs. Most customers will be using common platform vendors, but some will be using customized solutions or SMB-level customers may be utilizing custom or new vendors. If possible, they can improve their API integrations with all other platforms. To provide a small example, in the South or APEX region, SonicWall is one of the key players in providing network security, but SentinelOne Singularity Cloud Security does not have any integrations for SonicWall. Also, with Zoho, there is not much of an integration part that the end-user would expect.

The main improvement needed is the integration part with other third-party vendors. Also, they can support multiple platforms and provide support for multiple platforms in terms of features.

Response time can be improved because not all things are perfect in every product, whether CrowdStrike or Trend Micro. In some cases, I have felt that the response time could have been better. Regarding response to an attack or incident, in most cases, SentinelOne Singularity Cloud Security has helped me and has also provided a good reactive approach. Even if the endpoint gets compromised, there is rollback functionality. If it provides rollback, it would be able to provide the rollback functionality based on other platforms, such as Linux and Mac platforms. This would allow me to achieve something that no other competitive product is giving. Regarding response time, it can be improved.

I have been working with SentinelOne Singularity Cloud Security for the past one and a half years.

I would say support is excellent. I would give them a rating of 9.5 to 10 because they are providing prompt support, and in my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne. In the support part, they are doing a great job.

It needs some time to install. For the complexity, I would give around six or seven on a scale of ten, where ten is more complex and zero is simple.

In some cases, SentinelOne Singularity Cloud Security is better than Trend Micro. In detection and visibility control, it is much better than both Trend Micro and Fortinet. Fortinet is just now evolving and has entered the market, but I do not see many references for this particular CNAPP solution.

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions. My overall rating for this product is eight out of ten.

We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period. We attempted to onboard it and used it for application security and to track vulnerability management. However, as we are part of the Danaher organization and one of the operating companies under it, they decided to move to a different vendor, resulting in this short period of usage.

SentinelOne Singularity Cloud Security was implemented across our multi-cloud infrastructure, with all of these infrastructures integrated into the platform. The solution pulled all accounts and subscriptions from AWS and Azure, providing a consolidated view of our entire infrastructure. Within those infrastructures, it ran agentless scanning and could identify any vulnerabilities, malware, or risks associated with our infrastructure resources.

SentinelOne Singularity Cloud Security was user-friendly and not difficult to understand in terms of how the application works. The integration process was pretty straightforward. We integrated with AWS, Azure, and Google, though integration with Google required significant workarounds involving Terraform. Once the integration was completed, the process became straightforward. The onboarding process for accounts was somewhat tedious, but apart from that aspect, everything was straightforward.

The visibility provided by SentinelOne Singularity Cloud Security around infrastructure was very valuable. The platform has levels that notify you of information-level risks, and these notifications increase as risks escalate, such as when malware is detected. The system continuously defines and alerts you about risks. There are mechanisms where you can integrate with messaging tools and notifications according to your preferences, which helps you get notified on a priority basis. You can configure how often you want to receive notifications based on whether a risk is medium or high priority. We were working on configuring these features when we stopped because we were moving to another tool.

From a security operations perspective, SentinelOne Singularity Cloud Security played an important role. I work with the infrastructure team and closely work with the Infosec team, which is the primary security team. They relied on all the risks and alerts from the platform and worked on how to remediate them and determine whether patching was required. All remediation decisions were based on the initial visibility of any infrastructure risk provided by this application.

The secret scanning feature in SentinelOne Singularity Cloud Security is very important. When we create new accounts or onboard new accounts for any business unit, we gain visibility into what exactly that team is doing and what risks are associated with their activities. As a platform engineer, I work with multiple business units who want to work on Kubernetes or Docker solutions in test environments or sandboxes. When we create an account for a business unit without segmentation around what connects to what, SentinelOne Singularity Cloud Security runs scanning and provides visibility. For example, if a developer creates a vulnerable Jenkins instance, the SOC team and I get a better view of the risks associated with instances that the developer team is working on, even though the developers themselves may not be aware of those risks.

We did not try to use the threat investigations feature from SentinelOne Singularity Cloud Security.

Drift detection with respect to infrastructure code is important. When somebody makes changes to infrastructure code, it creates a drift and lets you know what changes have been made at the infrastructure level.

The first downside of SentinelOne Singularity Cloud Security was the onboarding process, which was very challenging and took a lot of time. We faced many challenges around onboarding accounts. However, once we got past that initial phase, everything became pretty straightforward and we did not have any issues.

We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period.

I have not observed any lagging, crashing, downtime, or any sort of instability with SentinelOne Singularity Cloud Security.

We did not attempt to scale extensively with SentinelOne Singularity Cloud Security. As of the time we used it, the application was working fine. Since we did not use it for a longer period of time, we did not face any challenges in terms of scalability.

The maintenance part of SentinelOne Singularity Cloud Security was not very challenging. The platform had some bugs in between, but when we reached out to support, they helped us and indicated that the issue would be resolved. They could reach out to the engineering team and provided us with a resolution in one to two weeks if the bug was not critical. We did not face any challenges with support or maintenance.

The speed of opening a ticket with SentinelOne Singularity Cloud Security support is good. However, there were some cases where getting a support agent on a call was a little difficult.

We moved to another application after discontinuing SentinelOne Singularity Cloud Security. We are now using Palo Alto's application called Prisma. Prisma is also going to be rebranded into Cortex, which is probably going to be released next year. Currently, all operating companies under Danaher, which we are part of, are using Palo Alto Prisma.

The company went with Prisma because within multiple operating companies, there is a significant footprint of Palo Alto devices for firewalls and endpoint firewalls on-premise. Since Prisma is also a Palo Alto product, it integrates natively with their existing applications. SentinelOne Singularity Cloud Security operated through the cloud, while Prisma also provides risk assessment for on-premise devices, which is an additional capability. This is the reason why Prisma is preferred currently.

I was not part of the onboarding process, so I do not know how difficult or challenging the implementation was. However, I did not observe any issues or discussions within the team indicating that implementation of SentinelOne Singularity Cloud Security was difficult.

I have not tried using the Offensive Security Engine feature. My overall rating for SentinelOne Singularity Cloud Security is seven out of ten.

My use case for SentinelOne Singularity Cloud Security was mostly for cloud security, to identify vulnerabilities in the environment and to secure important sensitive data. These were the two primary use cases.

SentinelOne Singularity Cloud Security improved our risk posture significantly. There was a very great improvement that I can definitely confirm.

SentinelOne Singularity Cloud Security helped reduce our mean time to detect and mean time to remediate.

The inclusion of proof of exploitability in SentinelOne Singularity Cloud Security's evidence-based reporting is quite important to me, as they were quite useful.

Regarding its evidence-based reporting for helping prioritize and solve the most important cloud security issues, it mostly relates to our VMs running on GCP, which was the most important use case for us. I assess this agentless vulnerability scanning for vulnerability discovery across my cloud infrastructure as good; they frequently provide us with existing vulnerabilities, so overall, it was great to work with.

SentinelOne Singularity Cloud Security helped to reduce the number of false positives. I was using automated malware scanning for S3 buckets in SentinelOne, and we were able to resolve quite a good number of use cases with that, so it was pretty helpful.

SentinelOne Singularity Cloud Security improved collaboration among our cloud security teams, application developers, and AppSec teams. We were able to collaborate with different teams, sharing information about vulnerabilities related to development, explaining the actual problems, how they could be resolved, and how they could be verified first. This collaboration helped save engineering time, approximately three to four hours.

I appreciate its ability to scan the entire environment and fetch all items that are not configured properly, which is one of the best capabilities. It also suggests what the actual configuration should be, notifies instantly about any information that is leaked, and regularly gives updates about vulnerabilities that are present in the market.

SentinelOne Singularity Cloud Security is quite easy to use; there is not much complexity. The UI is quite user-friendly, making it very easy to use.

One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have configured the policies could be enhanced. There could be a better way to configure custom policies, which is one aspect that I feel can be improved further.

I used this solution for two years.

In my opinion, it is stable.

It is a scalable solution.

I would rate my experience with the technical support of SentinelOne Singularity Cloud Security as eight out of ten.

I did not use a different SentinelOne solution or solutions from other vendors.

I was not involved in the deployment of the solution or the initial setup of SentinelOne Singularity Cloud Security.

We saw a return on investment with SentinelOne Singularity Cloud Security. The aspects where I have seen ROI were mainly in time-saving, as it saved considerable time in identifying vulnerabilities, testing vulnerabilities, and it helped in preventing quite a few incidents that could have led to major issues.

I think the pricing of SentinelOne Singularity Cloud Security is a bit high.

I would rate SentinelOne Singularity Cloud Security an eight out of ten.