Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

SentinelOne Singularity Cloud Security - AI Powered CNAPP

SentinelOne

Reviews from AWS customer

47 AWS reviews

External reviews

186 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Sreeraj Mohandas

Consolidated cloud security has reduced manual work and has automated vulnerability remediation

  • April 23, 2026
  • Review from a verified AWS customer

How has it helped my organization?

My customer saw benefits from using SentinelOne Singularity Cloud Security as we are able to actually fix the vulnerabilities. There are many infrastructure components that need to be properly patched. We have a hybrid platform with hyper-scaler components. My customer is into hyper-scaler environments, and there are many aspects that need to be properly patched. We have plenty of cloud native applications that have been hosted in both AWS and Azure. Governing all of this requires many employees to govern it. When we implemented SentinelOne, the team was shortened from 25 people to only 15 or 16 people. This reduction occurred because of the consolidated platform and all the vulnerabilities showing up in the console have been automatically patched. The vulnerabilities automatically go to the SIEM and are patched by the application team, and the vulnerabilities in the cloud are patched by the cloud department. This was much easier because the integration with the SIEM, which was LogRhythm on premise, was much easier than Trend Micro. Trend Micro would have required syslog servers, but SentinelOne only had three or four steps and just connected to the log server. LogRhythm was able to easily fetch the logs from it.

The role of SentinelOne's secret scanning feature is very important in tightening my company's cloud hygiene. In an infrastructure where there are hybrid cloud and different vendors of cloud such as AWS and Azure, maintaining both clouds and having a resource pool with the skill set of AWS and Azure is very difficult. After implementing CSPM, I could have a vulnerability management system under one roof where I could take the misconfiguration of Azure and AWS at the same place and get it done by a limited amount of users. SentinelOne CSPM knows how AWS configuration and Azure configuration work, so I can know about it and fix it all in one place. SentinelOne has eased the process of finding vulnerabilities in each cloud platform. I have vulnerability visibility for every tenant that I have hosted in different cloud hosting platforms, and it has eased my work of fixing the vulnerabilities.

The impact and effectiveness SentinelOne had in managing cloud identities and enforcing least privilege is evident in an incident where SentinelOne helped us. There were some identities which did not have two-factor authentication. In fact, they were not even linked to our Active Directory. It turned out that the cloud infrastructure had some identities from the company which implemented that cloud. We were able to find accounts which were not supposed to exist in the cloud infrastructure because it mapped itself with the Active Directory and fetched all the users who actually need access to the AWS server. We found out that these two users were not in there, identified the anomaly, and deleted the identities from the cloud platforms.

What is most valuable?

My experience includes implementing SentinelOne Singularity Cloud Security, specifically the Cloud Singularity as a marketplace for AWS and Azure. I only have to connect the connectors from the marketplace, and as soon as I get the license, I can deploy it from the marketplace and start using it. The deployment phase was actually easy when I connected with the connectors from AWS and Azure marketplace.

I compared Trend Micro and SentinelOne Singularity Cloud Security with two POCs for both of them. SentinelOne was at the higher price end, but my customer and the management opted for it because of the integrity and the better coverage. The ease of deployment mechanism in SentinelOne is not present in Trend Micro. In Trend Micro, for each cloud platform, such as AWS, I need to have another localhost web URL to access that particular dashboard. In SentinelOne, I can manage everything under one particular URL and there are different functions to it. I can easily navigate to any dashboard that I require, so the ease of using SentinelOne was easier than Trend Micro. The better coverage and easy deployment is the second part. Trend Micro had some manual intervention required and an extra server needed to be a jump server for all the traffic to be passed. SentinelOne had both on-premise and cloud options, which was another plus point for the customer.

In Cloud Singularity, there is a cloud native application, and in that, there is CSPM. We also used to have CWSPM. In CSPM, we only used to get the vulnerabilities in the cloud configuration, just the misconfiguration. In SentinelOne CWSPM, the attack map and the graph that it created inside the dashboard gave me a better idea for myself and the management to fix the most vulnerable issues. There might be some vulnerabilities with a higher risk rate, but some CVE IDs with lesser risk rate could have caused major damage to the company's infrastructure than the CVE with the higher risk end. The attack graph which CWSPM showed in SentinelOne was the best thing I have come across because it gave me a better visibility of the whole infrastructure and what vulnerabilities can be impactful and more critical to any customer.

SentinelOne's runtime protection is lightweight. I would say it is very lightweight and it does not even feel that I am running a SentinelOne agent in the systems. Compared to Checkpoint EDR, SentinelOne is a lot better because the Checkpoint agent takes a major chunk of the RAM of the desktop. SentinelOne barely takes around 25 MB of the RAM, so it is very easy and lightweight.

Regarding SentinelOne Singularity Cloud Security advanced SIEM capabilities, we had log servers. There were only EDR part and the CSPM, and it actually created the attack graph matrix and created it as a SIEM. We have actually used it. The logs are very much in real time and the false positive was less compared to the LogRhythm ones.

What needs improvement?

I elaborate on my rating of SentinelOne support by mentioning that there was some time where the troubleshooting took a longer time. In fact, there were many meetings going on. The availability of the document on the internet is on a lesser side because as an engineer, I would want to know about the troubleshooting aspects of this particular tool. When I am facing a customer, I do not prefer to bring the vendor to every call and try to resolve it, as it takes months and months. It would be better to have a training session with the engineer on site to explain and train properly. This is not the case with SentinelOne, so this is the only thing I have a complaint about.

I do not have any other room for improvement to suggest within SentinelOne itself. However, I would really want the AI assistant for the threat hunting part to be more accessible. They have it, but they are making it licensed, so it is a bit on the higher end.

What do I think about the stability of the solution?

Regarding stability and availability of SentinelOne Singularity Cloud Security, it has been on and stable every time I have opened it. There are no issues for me with respect to the availability of it, so it is going good.

What do I think about the scalability of the solution?

SentinelOne Singularity Cloud Security scalability does grow well with the growing needs of my company and my client's company. We are trying to make every other component SentinelOne so that we can have a better attack map walkthrough and have clearer visibility for where the attack can be associated with. We are trying to replace whichever security solutions are necessary to create a consolidated attack map vector which we call the Singularity, the Cloud Singularity, so that everything comes under one and we can get a better overview of all the vulnerabilities and fix it accordingly.

How are customer service and support?

Regarding the level of support I am getting from SentinelOne, I would rate it a seven out of ten.

Which solution did I use previously and why did I switch?

Since switching to SentinelOne, I have been able to eliminate three tools or solutions. The first was Trend Micro EDR, which SentinelOne replaced. The second one was Tenable Synapse, which we replaced with CSPM from SentinelOne. The third one was the SIEM LogRhythm.

Which other solutions did I evaluate?

I compared Trend Micro and SentinelOne Singularity Cloud Security.

What other advice do I have?

SentinelOne CSPM also eliminates misconfiguration on its own after one approval, which is a very good thing that I actually liked about SentinelOne CSPM.

The rating of nine is because of some false positives that I found recently. There was some misconfiguration from cloud servers which I thought was not necessary. That is the one point that I reduced for. They can improve, but they are better than other solutions, which is the reason it received a nine and not a ten.

If someone is considering and evaluating SentinelOne Singularity Cloud Security, I want to advise them to opt for SentinelOne because if you want integrity and faster driven insights on your whole infrastructure, you should really opt for SentinelOne because it has ease of access, easy deployment, and you would require only fewer engineers to deploy it because it is not a big Checkpoint level complex integrity that you have to do in SentinelOne. I gave this review an overall rating of nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Rakesh Das

Unified cloud security has reduced alert fatigue and improves response with AI-driven protection

  • April 19, 2026
  • Review from a verified AWS customer

What is our primary use case?

I have been using SentinelOne Singularity Cloud Security for the last two years.

My main use case for SentinelOne Singularity Cloud Security is Cloud Security Posture Management, cloud data security, and unified visibility.

A specific example of how I use SentinelOne Singularity Cloud Security for cloud data security management is with cloud object storage such as Amazon S3.

I continuously monitor and audit my environment for misconfigurations as part of my main use case for SentinelOne Singularity Cloud Security.

What is most valuable?

The best features SentinelOne Singularity Cloud Security offers in my experience are cloud Open-Sip Security Engine and a very tight expert path, as well as AI-powered runtime protection. This feature provides clear evidence of exploitability, allowing security teams to focus on fixing critical issues rather than chasing noise and false positives. It uses behavioral AI to detect ransomware, zero-day exploits, fileless attacks, and NDR attacks.

For visibility, SentinelOne Singularity Cloud Security has a Singularity Data Lake, where telemetry from cloud workload endpoints identifies into a single repository for rapid querying and analysis. It also has Graph Explorer, which visually maps the relationships between cloud assets, endpoints, and identities to help analysts understand the blast radius and root cause of the incident. It correlates related events into a single storyline, providing full historical context for deeper forensic analysis.

SentinelOne Singularity Cloud Security positively impacts my organization by reducing alert fatigue and decreasing false positives. The platform allows security analysts to focus strictly on actionable, verified risk rather than manual triage. It also provides faster response times, helping my organization see a reduction in mean time to respond and mean time to detect. It includes autonomous resolutions and eliminates blind spots, providing unified visibility across multi-cloud environments, endpoints, and enterprise risk, reducing the likelihood of major security incidents.

What needs improvement?

In terms of improvement for SentinelOne Singularity Cloud Security, users and industry analysts identify several areas where the platform can be enhanced, including administrative setup experience and operational tuning and performance.

The user interface of SentinelOne Singularity Cloud Security is quite good. I do not have any additional improvements needed for SentinelOne Singularity Cloud Security that I have not already mentioned.

For how long have I used the solution?

I have been working in my current field for two years.

What do I think about the stability of the solution?

SentinelOne Singularity Cloud Security is very stable.

What do I think about the scalability of the solution?

SentinelOne Singularity Cloud Security's scalability is quite good, as it is very scalable.

How are customer service and support?

I rate the customer support for SentinelOne Singularity Cloud Security a ten out of ten.

What other advice do I have?

I observe an approximate 88% reduction in mean time to respond as a specific metric around the reduction in false positives and response times.

I chose a rating of ten out of ten for SentinelOne Singularity Cloud Security because of its autonomous threat detection and response, comprehensive visibility, operational efficiency, and lightweight performance. It also demonstrates proven industry leadership.

SentinelOne Singularity Cloud Security's unified platform experience has helped streamline my security operations, functioning as a single pane of glass. My users appreciate having one source of truth for endpoints and cloud workloads, such as virtual machines and containers across AWS and other clouds. It has verified exploit paths, not just listing vulnerabilities but identifying which ones are actually reachable and exploitable by an attacker, helping my team focus only on high-priority risks.

I use Purple AI for threat investigations, and it is a game-changer.

SentinelOne Singularity Cloud Security's runtime protection is quite good in terms of adaptability to new and unknown threats compared to other solutions I have used.

It is significant for my team to have built-in integrations that unify various aspects of cloud security, resulting in superior threat detection and faster response, along with improved operational efficiency and security posture.

Drift detection significantly impacts my organization's ability to detect unexpected process behavior in containerized environments by reducing response times. The system can automatically share information and responses across different aspects to improve incident response time significantly. The automation of tasks and built-in integration enables automated compliance audit and risk remediation, reducing manual efforts and human error in managing security configurations.

SentinelOne Singularity Cloud Security drastically reduces the mean time to remediate for cloud incidents by shrinking investigation and response time from hours to seconds or minutes. The platform offers an autonomous AI-driven approach.

We measure the time savings in terms of SecOps operations achieved through SentinelOne Singularity Cloud Security by focusing on metrics, where automation reduces manual investigation and expedites incident response time. My organization frequently achieves significant efficiencies, with some customers achieving a 95% reduction in mean time to detect and an 88% reduction in mean time to respond. The reduction of false positives by using AI contextualized alerts allows teams to spend less time investigating non-malicious findings. The verified exploit paths feature helps my team prioritize vulnerabilities with a critical exploitable route, reducing time spent patching non-critical issues.

I advise others looking into using SentinelOne Singularity Cloud Security to prioritize the visibility feature, utilize the AI-driven Purple AI for cross-environment threat analysis, and adopt a least-privilege IAM model to maximize the security impact.

SentinelOne Singularity Cloud Security is a recognized Singularity Cloud system and a premier cloud-native application protection platform, heavily emphasizing autonomous and AI-driven protection over manual, policy-based detections. I rate this product ten out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    Anniki Iskandar

Unified endpoint protection has simplified real-time threat blocking and policy-driven control

  • April 15, 2026
  • Review provided by PeerSpot

What is our primary use case?

I use SentinelOne Singularity Cloud Security to collect endpoint data from the company, such as servers, computers, and mobile phones. The solution functions similarly to Cortex XDR and provides antivirus protection that safeguards devices from viruses and malware.

What is most valuable?

SentinelOne Singularity Cloud Security offers real-time protection, anti-tamper capabilities, and a centralized platform with a good user interface. The UI is intuitive enough that even people without cybersecurity knowledge can understand how to use it.

The policy feature is valuable because it tells the product what to do with new files, such as whether to scan them or leave them untouched. One single tab covers all the features, so I do not have to open another tab or window to turn settings on or off. The simplicity of the product itself makes it better than competitors.

The real-time protection is quite valuable. If any attack occurs or if an employee tries to download something malicious, SentinelOne Singularity Cloud Security directly blocks it for us without requiring manual intervention. For example, if an employee accidentally clicks on a link that tries to download something malicious, SentinelOne Singularity Cloud Security directly blocks it and quarantines it, notifying us on the console about the employee's name and what they attempted to download. We can then check the file or ask the user, and if they did not download it intentionally, we can close the case. If it was critical for them, we can release it directly from the console.

The unified platform experience of SentinelOne Singularity Cloud Security is good. The dashboard, settings menu, policy menu, user menu, and endpoint menu are all well organized. I can say it is one of the best user interfaces I have used, and it is very user-friendly.

What needs improvement?

Integration could be improved because not all solutions can be integrated with SentinelOne Singularity Cloud Security or vice versa. I was in a project where the company wanted to integrate SentinelOne Singularity Cloud Security with another solution product. When I checked, it turned out that integration was possible but could not be directly connected. It had to go through middleware before reaching that product, which is more complicated.

SentinelOne Singularity Cloud Security is a newer product compared to Palo Alto Cortex, so perhaps some product solutions cannot be integrated yet. SentinelOne Singularity Cloud Security does not have as large a portfolio of integrations as Cortex XDR.

SentinelOne Singularity Cloud Security is more sensitive compared to other solutions. While all solutions perform well when it comes to real-time protection, SentinelOne Singularity Cloud Security tends to generate more false positive events due to its high sensitivity. For example, some companies use older types of WinRAR, which may get blocked by SentinelOne Singularity Cloud Security directly.

I would appreciate it if they introduced a filtering or archive feature where we could add applications that should not be marked as threats.

Many features in SentinelOne Singularity Cloud Security have additional costs, which limits our exploration of the full product.

It would be more convenient if SentinelOne Singularity Cloud Security could be integrated with other solution tools such as firewalls or SIEM, as it would be more comfortable for us to avoid checking the console every single time. In our SOC, we have many tabs open on our screen, and it is confusing; we might miss some alerts. With better integrations, we could go in one tab and have everything provided for us.

For how long have I used the solution?

I have used SentinelOne Singularity Cloud Security for almost one year.

What do I think about the stability of the solution?

SentinelOne Singularity Cloud Security is very stable, and there are no errors, even compared to Cortex where there were errors on the agent. We have not experienced any issues with SentinelOne Singularity Cloud Security. The platform is more convenient, and for the server, they choose the nearest one from Indonesia, so when we go to the console or when the devices try to connect, there are no errors. Even during power outages, the system remains stable.

What do I think about the scalability of the solution?

From the licensing perspective, it is very easy to scale. When a company wants to add more licenses, they simply call the provider or a consultant, and they can add it within one or two months from the time they request it. They will then receive the license instantly.

SentinelOne Singularity Cloud Security is more resource-friendly, so it does not consume a lot of RAM or storage. This is excellent because even companies with older devices can run SentinelOne Singularity Cloud Security. In Indonesia, especially in financial-related companies, there are regulations stating that some servers or programs can only run on older servers. SentinelOne Singularity Cloud Security can directly create a custom build for that specific server.

In the case of custom builds, the company itself has to contact SentinelOne Singularity Cloud Security, as this is not publicly available.

How are customer service and support?

I have experience with the technical support and customer service of SentinelOne Singularity Cloud Security.

During implementation, when we encounter any issues, we call support. The implementation process has only involved minor issues, so we have not needed extensive support. We simply email them, and they respond directly with documentation if available. Otherwise, they provide comments to help resolve the issue.

What other advice do I have?

After implementation, the process is fast. SentinelOne Singularity Cloud Security provides cloud hosting itself. If we choose the cloud option, they will set it up, and we simply wait until we have our domain and account. When we go to that domain and log in, our console is already there.

Regarding the deployment model, I recommend the cloud option for SentinelOne Singularity Cloud Security.

As far as I know, SentinelOne Singularity Cloud Security has one license for the cloud itself and another license for the devices. If the company size is one thousand people, they can buy one thousand or one thousand one hundred for a backup. If they need more, they can add more licenses, and the company will buy it and update it directly to the console. SentinelOne Singularity Cloud Security is much cheaper than Palo Alto Cortex.

SentinelOne Singularity Cloud Security is simpler than Cortex XDR. The process is similar to Cortex, but the difference is that Cortex integrates the package file with the license or token. With SentinelOne Singularity Cloud Security, we have to manually insert the token or copy it from the console to a notepad. When we try to install, we click the installer and open the notepad to paste the token.

    Abdelattim Abdelattim

AI-driven protection has improved endpoint security and currently saves significant analyst time

  • April 13, 2026
  • Review provided by PeerSpot

What is our primary use case?

Our main use case for SentinelOne Singularity Cloud Security in our company is using the endpoint for the machine.

What is most valuable?

In my opinion, the best features of SentinelOne Singularity Cloud Security are the integration with AI capability and more powerful performance; this is the future.

I find these features the best for my organization because the feature protects the machine.

SentinelOne Singularity Cloud Security has impacted my company positively as it provides good protection for the company and for the services.

What needs improvement?

In my opinion, SentinelOne Singularity Cloud Security can be improved by acknowledging that it has a good future with good capability for integrating with AI capability; it increased the high speed and performance for taking action.

For how long have I used the solution?

I have been using SentinelOne Singularity Cloud Security for one year.

What do I think about the stability of the solution?

SentinelOne Singularity Cloud Security has been very stable so far.

What do I think about the scalability of the solution?

My impression of SentinelOne Singularity Cloud Security's scalability is that it has high scalability and grows well.

How are customer service and support?

I would evaluate SentinelOne Singularity Cloud Security's customer service or technical support by giving them an eight.

I give them an eight because it is not quite exceeded to reach a ten.

For them to get a ten, I still do not have any notes to give them to improve their service.

Which solution did I use previously and why did I switch?

Before choosing SentinelOne Singularity Cloud Security, we evaluated other solutions and we are using Microsoft Defender.

The main differences between SentinelOne Singularity Cloud Security and Microsoft Defender, both pros and cons, are that SentinelOne Singularity Cloud Security has AI capability and is faster for performance and detection.

How was the initial setup?

My experience with the pricing, setup costs, and licensing of SentinelOne Singularity Cloud Security is that the pricing is good; it is not expensive, it is medium.

What about the implementation team?

I did not purchase SentinelOne Singularity Cloud Security through the AWS Marketplace.

What was our ROI?

I have not seen a return on my investment so far.

What's my experience with pricing, setup cost, and licensing?

My experience with the pricing, setup costs, and licensing of SentinelOne Singularity Cloud Security is that the pricing is good; it is not expensive, it is medium.

Which other solutions did I evaluate?

Before choosing SentinelOne Singularity Cloud Security, we evaluated other solutions and we are using Microsoft Defender.

The main differences between SentinelOne Singularity Cloud Security and Microsoft Defender, both pros and cons, are that SentinelOne Singularity Cloud Security has AI capability and is faster for performance and detection.

What other advice do I have?

There has been no impact on reducing our MTTR until now.

I do use Purple AI for threat investigations.

Its impact on understanding the root causes of security incidents is good; it understood the root cause for security.

SentinelOne Singularity Cloud Security's runtime protection compares well to other solutions I have used in terms of adaptability to new and unknown threats, as SentinelOne Singularity Cloud Security is a stable solution.

I am not using the Offensive Security Engine feature.

The role of SentinelOne Singularity Cloud Security's Secret Scanning feature in tightening my company's cloud hygiene is that it is a good one; it is very heavy and not too much load from the endpoint.

We measure the time savings achieved through SentinelOne Singularity Cloud Security as a good achievement.

I save time for my security operations by using SentinelOne Singularity Cloud Security.

I have saved approximately one year of time. I gave this review an overall rating of eight.

    Magdy Ali

Centralized security monitoring has improved visibility and unified cloud threat detection

  • February 24, 2026
  • Review provided by PeerSpot

What is our primary use case?

I use it myself, as I have not recommended it or implemented it to my customers.

We usually use it as an EDR, and the main function for SentinelOne Singularity Cloud Security is the logs, which is the main function for us.

We did not use it as an investigation tool, but SentinelOne Singularity Cloud Security is useful for investigations and to collect the logs, making it easy. I can say it is an easy dashboard for the logs.

Currently, 600 people are using it in my company.

We need three administrators to manage it.

I did not use the Purple AI for threat investigation.

I did not use the Offensive Security Engine, OSE feature.

I did not use any AI SPM, Security Posture Management for AI workloads.

I did not check for the advanced CIEM capabilities in SentinelOne Singularity Cloud Security.

I do not integrate it with third-party solutions.

How has it helped my organization?

SentinelOne Singularity Cloud Security has reduced confusion and silos within my organization.

What is most valuable?

The features I find most valuable in SentinelOne Singularity Cloud Security are the XDR and the integrations with other vendors.

From using it, I get more visibility for what happens on the end-user side.

The role of SentinelOne Singularity Cloud Security's secret scanning feature is important as it is used for normal scans based on the behavior of the user.

It is significant for my team to have built-in integrations that unify various aspects of cloud security, as it is easy and gives us more visibility.

The detection for the agent is great, which allows us to identify unexpected process behavior.

Measurement of time savings in terms of SecOps operations with SentinelOne Singularity Cloud Security is based on cloud management.

What needs improvement?

I do not see room for improvement in SentinelOne Singularity Cloud Security.

In the future, I would like to see the identity feature with two-factor authentication.

It would be good if they could add AI agents to support in analysis and management.

For how long have I used the solution?

I have been working with it for three and a half years.

What do I think about the scalability of the solution?

SentinelOne Singularity Cloud Security is stable and scalable.

How are customer service and support?

I would rate the technical support by SentinelOne as good, as when I create a ticket, it takes the normal process and I get the answer before the SLA, so there is no delay.

I would give their technical support nine out of ten.

Which solution did I use previously and why did I switch?

Before choosing SentinelOne Singularity Cloud Security, I evaluated CrowdStrike.

Before SentinelOne Singularity Cloud Security, I did not use anything similar as an EDR solution.

What was our ROI?

For the ROI, we are paying as a subscription, and we see the benefits from the security tools; it is useful for us.

What other advice do I have?

I might plan to increase usage in the future.

I find the price reasonable.

The unified platform experience is good for us, and the GUI for the application is easy and not complex.

SentinelOne Singularity Cloud Security's runtime protection operates 24/7.

It helps me deal with new and unknown threats through the behaviors.

There is nothing in play regarding SentinelOne Singularity Cloud Security integration with other security tools affecting my team's workflow.

In the future, I would like to see the identity feature with two-factor authentication.

I do not know about the product's popularity in my region, and I do not think they should promote it more.

I would give this product an overall rating of 8 out of 10.

    Mohan Janarthanan

Cloud posture has improved and security team gains instant visibility into misconfigurations

  • February 04, 2026
  • Review provided by PeerSpot

What is our primary use case?

SentinelOne Singularity Cloud Security is the module we are using, specifically for endpoint protection. We have been using this particular product for the last two months.

I am currently using the cloud security posture management capabilities. We are managing multiple cloud platforms, including AWS, Azure, and GCP. I need a consolidated security posture management across all of my cloud platforms.

We are managing multiple cloud workload profiles. For example, someone has mistakenly configured 0.0.0.0 access, and some misconfiguration has occurred. I want to get that update immediately, otherwise people may use that flaw and attack us. This misconfiguration detection will help us in eliminating missed configurations or configurations that our people have mistakenly implemented. That is my major use case. Additionally, I will get the consolidated asset inventory. These three purposes are what I am using Cloud Security Posture Management for.

What is most valuable?

The single-touch, agentless deployment is number one. Normally, with CSPM, we do not want to do any agent integration to get the details of a VM or workload. For example, I have some container repositories, and I want to get that list. I would have to install the agent. Here, with SentinelOne Singularity Cloud Security, I do not want to install the agent. This deployment is an agentless deployment.

The offensive security particular solution works by going through logs and seeing the logs on everything. It will provide complete visibility related to false positive and true positive information. That provides more visibility on the technical front. For example, if you are creating a use case on a SIM and that particular use case is not matching your end-to-end information related to our environment, it will not throw the alert. If you implement the offensive security, it will straight away point out that particular issue in that incident because the alert was triggered by that event.

Secret scanning is our automated scanning. We do not want to do the manual effort, and we do not want to create any automation during production. The moment you do this, the secret scanning will work because it is runtime scanning.

What needs improvement?

SentinelOne Singularity Cloud Security is a little expensive compared to my earlier product, CloudGuard. This product is a little expensive, not over-expensive.

Mean time to detection and mean time to respond is a critical aspect. Most of the incidents sometimes will not be detected if you are not configured properly. The MTTR is very important. That is the reason we have mentioned that to eliminate the misconfiguration part, we need Cloud Security Posture Management. Because if someone has created an account opening 0.0.0.0, and then someone has opened the 'all all' access in the cloud instance itself, then anybody can come and penetrate my cloud workload and destroy it. In that scenario, I want to get a proper, proactive approach. The moment someone has made a mistake, I have to immediately respond. Then only can I protect. To eliminate the manual mistake and misconfiguration, this particular tool does the immediate alert so that we can prevent our cloud workloads based on the priority and based on the alert triggers. We can eliminate the alerts and incidents.

There is one concern related to SentinelOne Singularity Cloud Security platform. They claim it as an AI-based integration that will provide runtime protection. The moment it comes to the runtime protection, if someone is using an existing tool, this particular tool does not scan because we need to achieve it. For example, I have a CrowdStrike EDR in my console, on my VM, I have it installed. This particular runtime also has to be protected. Most of the runtime protection has to be implemented in a proper manner. For that reason, we are doing the scanning on an immediate basis. The first time, this particular runtime protection is not working. For example, I am trying that for the first time, and it is not getting the protection part. It is not working. If I try that particular trial again, only after that is it getting one more runtime protection. It is detection, and then it is getting the protection also.

For how long have I used the solution?

Two months.

What do I think about the stability of the solution?

I have never faced such an issue. In the earlier product I have mentioned, the cloud management console on the Check Point may have some latency issues, but not for this product.

What do I think about the scalability of the solution?

SentinelOne Singularity Cloud Security is a SaaS platform. As long as you are going with the SaaS platform, scalability may not be an issue.

How are customer service and support?

It is complete remote support only. They are coming on the remote based on our availability. Based on our criticality also, they are doing that.

Which solution did I use previously and why did I switch?

I have done the POC and then I got the results. Commercially, it is a little costlier than the other provider. Then we have gone with SentinelOne Singularity Cloud Security.

What was our ROI?

The return on investment is very much achievable in ten months. The product compared to Wiz, which is one more product we have tested, is more favorable. We have not gone through that product because commercially it is very high compared to other products. SentinelOne Singularity Cloud Security is a little bit cheaper than the other product named Wiz.

What other advice do I have?

My review rating for SentinelOne Singularity Cloud Security is 8.5.

    Ian Page

Centralized threat insight has improved frontline detection but support still needs faster, clearer help

  • January 26, 2026
  • Review provided by PeerSpot

What is our primary use case?

As a cyber security analyst, my main use case for SentinelOne Singularity Cloud Security is front line support. I use SentinelOne Singularity Cloud Security in my daily work for detection through our endpoints for any ingress on our clients.

What is most valuable?

The best features SentinelOne Singularity Cloud Security offers include the data lake where I can ingest data from all other applications that I use into one central location, making managing alerts much easier and more responsive.

SentinelOne Singularity Cloud Security has positively impacted our organization as it allows us to be more proactive on the alerts that we get and any threats that we receive. The data lake feature helps me day-to-day by ingesting all the information from Darktrace and Defender into one single point of reference, which makes it easier to locate information.

Being able to get information from one central source helps to streamline processes and security in my daily workflow.

What needs improvement?

I find the platform somewhat clunky at times, and SentinelOne Singularity Cloud Security does not always give me accurate data, which could also be due to fine tuning on our end.

SentinelOne Singularity Cloud Security needs to be more reliable for the information it is pulling, as I am not always confident that the data coming through is accurate and immediate. We have had a few issues with the configuration setup at our location, which will be resolved; however, some of the configurations have taken a long time to resolve, and the back and forth with support has been frustrating.

Regarding needed improvements, support can be more proactive, faster in responsiveness, and come back with workable solutions rather than just steering me back to online knowledge bases all the time.

For how long have I used the solution?

I have been using SentinelOne Singularity Cloud Security for about 18 months.

What do I think about the stability of the solution?

SentinelOne Singularity Cloud Security appears to be stable at the moment.

What do I think about the scalability of the solution?

I am not really sure how the scalability of SentinelOne Singularity Cloud Security plays out in our current position.

How are customer service and support?

The customer support for SentinelOne Singularity Cloud Security is about a 5 out of 10, and I think they need to be more interactive with their clients rather than just steering clients back to knowledge bases.

SentinelOne Singularity Cloud Security's unified platform experience has helped streamline our security operations, as it has definitely allowed us to get more accurate information faster.

What other advice do I have?

For others looking into using SentinelOne Singularity Cloud Security, I would definitely recommend it as worth a look for your current environment to see whether it would have a place, and also compare it against other products out there.

My only other thought about SentinelOne Singularity Cloud Security is that support needs to be enhanced with their clients, requiring more interaction with their customer base rather than online pushing clients to knowledge bases all the time.

I gave this review a rating of 6 out of 10.

    GANESAN K

Cloud security has improved as I gain unified visibility and detect misconfigurations across platforms

  • January 13, 2026
  • Review from a verified AWS customer

What is our primary use case?

I have worked on two use cases for this product regarding its major purposes. One is that end-users want to check posts in their multi-cloud environment, where they have AWS, Azure, and Google Cloud. They were asking for multiple security checks based on compliances across each platform, as AWS has its own compliance checks and Azure has its own compliance checks, but they needed to verify if configurations comply with standards such as NIST or MITRE. That was the major concern for the team. They have many compliances because they were operating projects around the world, so they had to comply with GDPR, HIPAA, and CERT-In, and in Australia they also have some projects with additional compliance requirements. For that reason, they looked for this product, and I was able to analyze all their environments. I was able to integrate their AWS accounts, Azure accounts, and Google accounts to SentinelOne Singularity Cloud Security. I was able to showcase how it provides security ratings of each instance or each container. I was also able to showcase misconfigurations, such as instances where a particular configuration was given on a temporary basis but was not removed afterward. I was able to identify these issues and make them aware of them. I was also able to provide fixes and references to fixes using SentinelOne Singularity Cloud Security.

What is most valuable?

The biggest benefit of SentinelOne Singularity Cloud Security is that it has a good AI-based analytics engine that helps with the detection part by providing full visibility. I was able to see all the configurations that were made, all the permissions that were being given on IAM roles, user role-based access, and everything in SentinelOne Singularity Cloud Security on a granular basis and across multiple cloud environments.

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions.

What needs improvement?

Regarding built-in integrations in the product, the integration part can be improved by having more third-party vendors because SentinelOne Singularity Cloud Security is much more focused on premium vendors and premium OEMs. Most customers will be using common platform vendors, but some will be using customized solutions or SMB-level customers may be utilizing custom or new vendors. If possible, they can improve their API integrations with all other platforms. To provide a small example, in the South or APEX region, SonicWall is one of the key players in providing network security, but SentinelOne Singularity Cloud Security does not have any integrations for SonicWall. Also, with Zoho, there is not much of an integration part that the end-user would expect.

The main improvement needed is the integration part with other third-party vendors. Also, they can support multiple platforms and provide support for multiple platforms in terms of features.

Response time can be improved because not all things are perfect in every product, whether CrowdStrike or Trend Micro. In some cases, I have felt that the response time could have been better. Regarding response to an attack or incident, in most cases, SentinelOne Singularity Cloud Security has helped me and has also provided a good reactive approach. Even if the endpoint gets compromised, there is rollback functionality. If it provides rollback, it would be able to provide the rollback functionality based on other platforms, such as Linux and Mac platforms. This would allow me to achieve something that no other competitive product is giving. Regarding response time, it can be improved.

For how long have I used the solution?

I have been working with SentinelOne Singularity Cloud Security for the past one and a half years.

How are customer service and support?

I would say support is excellent. I would give them a rating of 9.5 to 10 because they are providing prompt support, and in my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne. In the support part, they are doing a great job.

How was the initial setup?

It needs some time to install. For the complexity, I would give around six or seven on a scale of ten, where ten is more complex and zero is simple.

Which other solutions did I evaluate?

In some cases, SentinelOne Singularity Cloud Security is better than Trend Micro. In detection and visibility control, it is much better than both Trend Micro and Fortinet. Fortinet is just now evolving and has entered the market, but I do not see many references for this particular CNAPP solution.

What other advice do I have?

From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions. My overall rating for this product is eight out of ten.

    Devisri V.

Effortless to Use and Highly Intuitive

  • January 09, 2026
  • Review provided by G2

What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its ease of use combined with a very streamlined and intuitive implementation. The platform provides strong visibility and protection across cloud workloads without adding operational complexity. Its unified console, automated threat detection, and clear insights make it easier for engineering and security teams to quickly deploy, manage, and respond to risks at scale while maintaining a strong security posture.
What do you dislike about the product?
I don’t have any major dislikes, but like many powerful security platforms, SentinelOne Singularity Cloud Security can require time to fully understand and tune advanced features for specific environments. Some configurations and alerts may need fine-tuning to reduce noise and better align with an organization’s workflows. That said, this is typical of robust security solutions and improves with experience and customization.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security helps solve the challenge of securing cloud workloads and environments at scale while maintaining visibility and control. It addresses risks such as misconfigurations, runtime threats, and unauthorized access across dynamic cloud infrastructures. By providing centralized monitoring, automated threat detection, and rapid response capabilities, it reduces operational overhead, improves incident response time, and allows teams to confidently scale cloud services without compromising security or customer trust.

    Shruti J.

Comprehensive Cloud Security with Strong Visibility and Automation

  • January 06, 2026
  • Review provided by G2

What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its strong AI-driven threat detection and automated response, which significantly reduces the need for manual intervention and helps security teams respond to incidents faster. The platform offers centralized visibility across cloud workloads and environments, making it easier to manage security in hybrid and multi-cloud setups. Its automation helps minimize alert fatigue while still providing deep insights into risks and misconfigurations, and it integrates well with major cloud providers and existing security workflows. Overall, it strengthens cloud security posture while improving efficiency for security teams.
What do you dislike about the product?
What I dislike about SentinelOne Singularity Cloud Security is that the initial setup and policy configuration can be complex and time-consuming, especially for teams without deep cloud security expertise. Alert tuning and reducing false positives may require ongoing effort, and some areas of the dashboard are not as intuitive as they could be. Additionally, the platform can feel expensive or heavy for smaller environments, and there are occasional limitations around reporting, search, or overall usability that could be improved.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security solves visibility gaps and risk blind spots across cloud environments by unifying posture, workload protection, and threat detection in one platform. It automates security monitoring and compliance, reducing manual effort and response time. This helps me quickly identify and remediate vulnerabilities, enforce secure configurations, and protect cloud workloads from attacks. As a result, it improves overall cloud security posture and lowers operational risk.

showing 1 - 10