Cloud posture has improved and security team gains instant visibility into misconfigurations
What is our primary use case?
SentinelOne Singularity Cloud Security is the module we are using, specifically for endpoint protection. We have been using this particular product for the last two months.
I am currently using the cloud security posture management capabilities. We are managing multiple cloud platforms, including AWS, Azure, and GCP. I need a consolidated security posture management across all of my cloud platforms.
We are managing multiple cloud workload profiles. For example, someone has mistakenly configured 0.0.0.0 access, and some misconfiguration has occurred. I want to get that update immediately, otherwise people may use that flaw and attack us. This misconfiguration detection will help us in eliminating missed configurations or configurations that our people have mistakenly implemented. That is my major use case. Additionally, I will get the consolidated asset inventory. These three purposes are what I am using Cloud Security Posture Management for.
What is most valuable?
The single-touch, agentless deployment is number one. Normally, with CSPM, we do not want to do any agent integration to get the details of a VM or workload. For example, I have some container repositories, and I want to get that list. I would have to install the agent.
Here, with
SentinelOne Singularity Cloud Security, I do not want to install the agent. This deployment is an agentless deployment.
The offensive security particular solution works by going through logs and seeing the logs on everything. It will provide complete visibility related to false positive and true positive information. That provides more visibility on the technical front. For example, if you are creating a use case on a SIM and that particular use case is not matching your end-to-end information related to our environment, it will not throw the alert. If you implement the offensive security, it will straight away point out that particular issue in that incident because the alert was triggered by that event.
Secret scanning is our automated scanning. We do not want to do the manual effort, and we do not want to create any automation during production. The moment you do this, the secret scanning will work because it is runtime scanning.
What needs improvement?
SentinelOne Singularity Cloud Security is a little expensive compared to my earlier product, CloudGuard. This product is a little expensive, not over-expensive.
Mean time to detection and mean time to respond is a critical aspect. Most of the incidents sometimes will not be detected if you are not configured properly. The MTTR is very important. That is the reason we have mentioned that to eliminate the misconfiguration part, we need Cloud Security Posture Management. Because if someone has created an account opening 0.0.0.0, and then someone has opened the 'all all' access in the cloud instance itself, then anybody can come and penetrate my cloud workload and destroy it. In that scenario, I want to get a proper, proactive approach. The moment someone has made a mistake, I have to immediately respond. Then only can I protect. To eliminate the manual mistake and misconfiguration, this particular tool does the immediate alert so that we can prevent our cloud workloads based on the priority and based on the alert triggers. We can eliminate the alerts and incidents.
There is one concern related to SentinelOne Singularity Cloud Security platform. They claim it as an AI-based integration that will provide runtime protection. The moment it comes to the runtime protection, if someone is using an existing tool, this particular tool does not scan because we need to achieve it. For example, I have a CrowdStrike EDR in my console, on my VM, I have it installed. This particular runtime also has to be protected. Most of the runtime protection has to be implemented in a proper manner. For that reason, we are doing the scanning on an immediate basis. The first time, this particular runtime protection is not working. For example, I am trying that for the first time, and it is not getting the protection part. It is not working. If I try that particular trial again, only after that is it getting one more runtime protection. It is detection, and then it is getting the protection also.
For how long have I used the solution?
What do I think about the stability of the solution?
I have never faced such an issue. In the earlier product I have mentioned, the cloud management console on the Check Point may have some latency issues, but not for this product.
What do I think about the scalability of the solution?
SentinelOne Singularity Cloud Security is a SaaS platform. As long as you are going with the SaaS platform, scalability may not be an issue.
How are customer service and support?
It is complete remote support only. They are coming on the remote based on our availability. Based on our criticality also, they are doing that.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have done the POC and then I got the results. Commercially, it is a little costlier than the other provider. Then we have gone with SentinelOne Singularity Cloud Security.
What was our ROI?
The return on investment is very much achievable in ten months. The product compared to
Wiz, which is one more product we have tested, is more favorable. We have not gone through that product because commercially it is very high compared to other products. SentinelOne Singularity Cloud Security is a little bit cheaper than the other product named
Wiz.
What other advice do I have?
My review rating for SentinelOne Singularity Cloud Security is 8.5.
Cloud security has strengthened daily threat detection and protects sensitive code secrets
What is our primary use case?
I use cloud security in cybersecurity, where it plays one of the major roles in my career. Things that cannot be safeguarded in a normal environment are what I have been utilizing, such as information that one person can trust.
Therefore, I must say that cloud security is one of my major architectures that I am using in my day-to-day work environment.
What is most valuable?
What I appreciate the most about it is its high performance and the way it simplifies tasks, along with the optimization as well.
The Secret Scanning feature in SentinelOne Singularity Cloud Security is one of the coolest features I have ever worked with, as it primarily functions through its Singularity Cloud Native Security. It is designed to find any kind of sensitive data that developers accidentally leave in their code, which leads to major causes of cloud breaches. The Secret Scanning feature offers a wide scope of coverage, as it does not only look for passwords; it is designed to detect over 800 types of secrets, including API keys, and the tool itself scans across the entire development life cycle to catch any kind of secrets before they reach production.
When it comes to Drift Detection in SentinelOne Singularity Cloud Security, I think it is one of the critical features within its application protection platform. Its configuration mainly focuses on infrastructure as code versus the actual live environment. The coolest feature is that it detects when someone manually tries to change a setting in the cloud console that was not in the original code, and it also has a binary drift option for containers and Kubernetes.
What needs improvement?
Regarding the downsides of cloud security, I do not have much negative to discuss about cloud security, because it is one of the helpful features that I work on in my daily life. However, I would say one drawback is that data breaches can easily happen in cloud security, and it has some limited visibility. That is also one of the drawbacks I would mention, and in my team, some people are telling me that we are facing some compliance issues in cloud security as well.
When I discuss the easily happening data breaches in cloud security, it is all stored in the cloud environment, so anyone who has access to cloud can easily breach the data. It is also easily vulnerable to theft through breaches or any kind of malware or accidental exposures. I would say that attacking cloud storage is quite easy compared to other things.
For how long have I used the solution?
I have been using it in my career for around 4.10 years.
What do I think about the stability of the solution?
I can say that there is nothing unstable about SentinelOne Singularity Cloud Security, as there is no lagging, crashing, or downtime.
What do I think about the scalability of the solution?
I would rate the scalability of SentinelOne Singularity Cloud Security as high, as it operates in a cloud-native architecture that is highly scalable for any kind of organization, ranging from small businesses to global enterprises with thousands of devices.
How are customer service and support?
I have not contacted any technical support for SentinelOne Singularity Cloud Security so far.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have used alternatives similar to SentinelOne Singularity Cloud Security, and I would say one of the products is Akamai. Akamai is one of the main options.
How was the initial setup?
I would say that the initial deployment for SentinelOne Singularity Cloud Security is really easy compared to other things in cloud computing, especially with public platform models.
When I deployed it for the first time, it took me around an hour or less, but sometimes, due to its complexity, it may take a day.
What about the implementation team?
When it comes to the number of people required for deployment, technically speaking, a single person can deploy the cloud environment, but the number of people involved depends entirely on the scale of my organization. So, while it is possible to deploy a cloud environment with a single person, it also depends on the organization.
What's my experience with pricing, setup cost, and licensing?
Regarding the pricing for SentinelOne Singularity Cloud Security, I do not think it is something I can compare.
Which other solutions did I evaluate?
When I compare them, I prefer Akamai more.
The reason I prefer Akamai more is that Akamai is the best. Both have excellent performance, but Akamai offers strong performance in terms of security. Furthermore, it efficiently manages unwanted bots, making Akamai the best compared to cloud security or any other software out there.
What other advice do I have?
Regarding how SentinelOne Singularity Cloud Security Runtime Protection compares to Akamai in terms of adaptability to new and unknown threats, it depends on what you are protecting. I do not think I can compare them while they overlap in cloud security, as they both perform different roles in the cyber stack. For SentinelOne Singularity Cloud Security, its priority is to secure the endpoint, while for Akamai, its main primary task is to protect network and application security. I would rate this review overall as a 9.
Cloud security has improved as I gain unified visibility and detect misconfigurations across platforms
What is our primary use case?
I have worked on two use cases for this product regarding its major purposes. One is that end-users want to check posts in their multi-cloud environment, where they have AWS, Azure, and Google Cloud. They were asking for multiple security checks based on compliances across each platform, as AWS has its own compliance checks and Azure has its own compliance checks, but they needed to verify if configurations comply with standards such as NIST or MITRE. That was the major concern for the team. They have many compliances because they were operating projects around the world, so they had to comply with GDPR, HIPAA, and CERT-In, and in Australia they also have some projects with additional compliance requirements. For that reason, they looked for this product, and I was able to analyze all their environments. I was able to integrate their AWS accounts, Azure accounts, and Google accounts to SentinelOne Singularity Cloud Security. I was able to showcase how it provides security ratings of each instance or each container. I was also able to showcase misconfigurations, such as instances where a particular configuration was given on a temporary basis but was not removed afterward. I was able to identify these issues and make them aware of them. I was also able to provide fixes and references to fixes using SentinelOne Singularity Cloud Security.
What is most valuable?
The biggest benefit of SentinelOne Singularity Cloud Security is that it has a good AI-based analytics engine that helps with the detection part by providing full visibility. I was able to see all the configurations that were made, all the permissions that were being given on IAM roles, user role-based access, and everything in SentinelOne Singularity Cloud Security on a granular basis and across multiple cloud environments.
From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions.
What needs improvement?
Regarding built-in integrations in the product, the integration part can be improved by having more third-party vendors because SentinelOne Singularity Cloud Security is much more focused on premium vendors and premium OEMs. Most customers will be using common platform vendors, but some will be using customized solutions or SMB-level customers may be utilizing custom or new vendors. If possible, they can improve their API integrations with all other platforms. To provide a small example, in the South or APEX region, SonicWall is one of the key players in providing network security, but SentinelOne Singularity Cloud Security does not have any integrations for SonicWall. Also, with Zoho, there is not much of an integration part that the end-user would expect.
The main improvement needed is the integration part with other third-party vendors. Also, they can support multiple platforms and provide support for multiple platforms in terms of features.
Response time can be improved because not all things are perfect in every product, whether CrowdStrike or Trend Micro. In some cases, I have felt that the response time could have been better. Regarding response to an attack or incident, in most cases, SentinelOne Singularity Cloud Security has helped me and has also provided a good reactive approach. Even if the endpoint gets compromised, there is rollback functionality. If it provides rollback, it would be able to provide the rollback functionality based on other platforms, such as Linux and Mac platforms. This would allow me to achieve something that no other competitive product is giving. Regarding response time, it can be improved.
For how long have I used the solution?
I have been working with SentinelOne Singularity Cloud Security for the past one and a half years.
How are customer service and support?
I would say support is excellent. I would give them a rating of 9.5 to 10 because they are providing prompt support, and in my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne. In the support part, they are doing a great job.
How would you rate customer service and support?
How was the initial setup?
It needs some time to install. For the complexity, I would give around six or seven on a scale of ten, where ten is more complex and zero is simple.
Which other solutions did I evaluate?
In some cases, SentinelOne Singularity Cloud Security is better than Trend Micro. In detection and visibility control, it is much better than both Trend Micro and Fortinet. Fortinet is just now evolving and has entered the market, but I do not see many references for this particular CNAPP solution.
What other advice do I have?
From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions. My overall rating for this product is eight out of ten.
Effortless to Use and Highly Intuitive
What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its ease of use combined with a very streamlined and intuitive implementation. The platform provides strong visibility and protection across cloud workloads without adding operational complexity. Its unified console, automated threat detection, and clear insights make it easier for engineering and security teams to quickly deploy, manage, and respond to risks at scale while maintaining a strong security posture.
What do you dislike about the product?
I don’t have any major dislikes, but like many powerful security platforms, SentinelOne Singularity Cloud Security can require time to fully understand and tune advanced features for specific environments. Some configurations and alerts may need fine-tuning to reduce noise and better align with an organization’s workflows. That said, this is typical of robust security solutions and improves with experience and customization.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security helps solve the challenge of securing cloud workloads and environments at scale while maintaining visibility and control. It addresses risks such as misconfigurations, runtime threats, and unauthorized access across dynamic cloud infrastructures. By providing centralized monitoring, automated threat detection, and rapid response capabilities, it reduces operational overhead, improves incident response time, and allows teams to confidently scale cloud services without compromising security or customer trust.
Comprehensive Cloud Security with Strong Visibility and Automation
What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its strong AI-driven threat detection and automated response, which significantly reduces the need for manual intervention and helps security teams respond to incidents faster. The platform offers centralized visibility across cloud workloads and environments, making it easier to manage security in hybrid and multi-cloud setups. Its automation helps minimize alert fatigue while still providing deep insights into risks and misconfigurations, and it integrates well with major cloud providers and existing security workflows. Overall, it strengthens cloud security posture while improving efficiency for security teams.
What do you dislike about the product?
What I dislike about SentinelOne Singularity Cloud Security is that the initial setup and policy configuration can be complex and time-consuming, especially for teams without deep cloud security expertise. Alert tuning and reducing false positives may require ongoing effort, and some areas of the dashboard are not as intuitive as they could be. Additionally, the platform can feel expensive or heavy for smaller environments, and there are occasional limitations around reporting, search, or overall usability that could be improved.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security solves visibility gaps and risk blind spots across cloud environments by unifying posture, workload protection, and threat detection in one platform. It automates security monitoring and compliance, reducing manual effort and response time. This helps me quickly identify and remediate vulnerabilities, enforce secure configurations, and protect cloud workloads from attacks. As a result, it improves overall cloud security posture and lowers operational risk.
Effortless Threat Detection and Unified Security with Excellent Support
What do you like best about the product?
1.Autonomous Threat Detection
2.It provides real-time visibility into workloads and containers, automatically isolates threats, and remediates issues without manual intervention.
3.Singularity Cloud Security offers unified visibility across endpoints, workloads, and containers from a single console.
4. Management handling is very easy.
5. Easy to implement the agent on the endoints.
6. Customer support is excellent.
What do you dislike about the product?
1. Initial setup and policy configuration can be a bit complex.
2.Alert tuning and policy fine-tuning take some time to get right.
3.ometimes the agent deployment in cloud-native environments requires additional manual steps, especially across Kubernetes clusters.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security helps us protect cloud workloads and containers in real time. It automatically detects and remediates threats before they can spread, giving us complete visibility across our hybrid and multi-cloud environments. This has significantly reduced manual investigation time and strengthened our overall security posture.
Powerful Cloud Security with a Steep Learning Curve
What do you like best about the product?
SentinelOne Singularity Cloud Security is great because it protects cloud servers, containers, and data in realtime.
It finds real security risks (keys leak) not just alerts by analyzing how attackers could exploit systems.
It supports multi-cloud environments like AWS, Azure, and GCP in one dashboard.
It also scans CI/CD pipelines and IaC to catch issues early before deployment.
What do you dislike about the product?
SentinelOne Singularity Cloud Security can be a bit complex to set up and learn.
It may show some false alerts that need tuning. The platform can feel heavy and expensive for smaller teams. The dashboard and UI could be more user friendly in some areas.
What problems is the product solving and how is that benefiting you?
It helps find and fix cloud and Kubernetes security issues before they cause problems. It protects workloads in real time from attacks and malware. It gives one place to see security for all cloud resources and containers. This saves time, reduces risk, and keeps applications and data secure.
Improves risk posture and reduces response time by proactively identifying misconfigurations and vulnerabilities
What is our primary use case?
My use case for SentinelOne Singularity Cloud Security was mostly for cloud security, to identify vulnerabilities in the environment and to secure important sensitive data. These were the two primary use cases.
How has it helped my organization?
SentinelOne Singularity Cloud Security improved our risk posture significantly. There was a very great improvement that I can definitely confirm.
SentinelOne Singularity Cloud Security helped reduce our mean time to detect and mean time to remediate.
The inclusion of proof of exploitability in SentinelOne Singularity Cloud Security's evidence-based reporting is quite important to me, as they were quite useful.
Regarding its evidence-based reporting for helping prioritize and solve the most important cloud security issues, it mostly relates to our VMs running on GCP, which was the most important use case for us. I assess this agentless vulnerability scanning for vulnerability discovery across my cloud infrastructure as good; they frequently provide us with existing vulnerabilities, so overall, it was great to work with.
SentinelOne Singularity Cloud Security helped to reduce the number of false positives. I was using automated malware scanning for S3 buckets in SentinelOne, and we were able to resolve quite a good number of use cases with that, so it was pretty helpful.
SentinelOne Singularity Cloud Security improved collaboration among our cloud security teams, application developers, and AppSec teams. We were able to collaborate with different teams, sharing information about vulnerabilities related to development, explaining the actual problems, how they could be resolved, and how they could be verified first. This collaboration helped save engineering time, approximately three to four hours.
What is most valuable?
I appreciate its ability to scan the entire environment and fetch all items that are not configured properly, which is one of the best capabilities. It also suggests what the actual configuration should be, notifies instantly about any information that is leaked, and regularly gives updates about vulnerabilities that are present in the market.
SentinelOne Singularity Cloud Security is quite easy to use; there is not much complexity. The UI is quite user-friendly, making it very easy to use.
What needs improvement?
One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have configured the policies could be enhanced. There could be a better way to configure custom policies, which is one aspect that I feel can be improved further.
For how long have I used the solution?
I used this solution for two years.
What do I think about the stability of the solution?
In my opinion, it is stable.
What do I think about the scalability of the solution?
It is a scalable solution.
How are customer service and support?
I would rate my experience with the technical support of SentinelOne Singularity Cloud Security as eight out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I did not use a different SentinelOne solution or solutions from other vendors.
How was the initial setup?
I was not involved in the deployment of the solution or the initial setup of SentinelOne Singularity Cloud Security.
What was our ROI?
We saw a return on investment with SentinelOne Singularity Cloud Security. The aspects where I have seen ROI were mainly in time-saving, as it saved considerable time in identifying vulnerabilities, testing vulnerabilities, and it helped in preventing quite a few incidents that could have led to major issues.
What's my experience with pricing, setup cost, and licensing?
I think the pricing of SentinelOne Singularity Cloud Security is a bit high.
What other advice do I have?
I would rate SentinelOne Singularity Cloud Security an eight out of ten.
SentenalOne has given my team a great Security Platform
What do you like best about the product?
The ease of use in deployment and scanning, not to mention its alerting
What do you dislike about the product?
I have not found any downsides as of yet
What problems is the product solving and how is that benefiting you?
Basically it allows us to focus on the day to day with out have to constantly worry about virus security with endpoints. It has great reporting and it is easy to use
Enables us to prioritize and effectively address critical security issues
What is our primary use case?
As an engineer, I'm using the solution for managing infrastructure and security posture management.
It's primarily for cloud infrastructure, data center infrastructure, and security posture management, but it also provides other capabilities such as infrastructure-as-code scanning and detects hardcoded secrets in the source code, including for EKS, DevOps tools, etc.
How has it helped my organization?
Evidence-based reporting helps us to prioritize and solve critical security issues. The new visualization feature demonstrates how an attacker can enter the system, highlighting the potential path that can be exploited and outlining all the steps the attacker could take. With that visibility, we can ensure the perimeter is strong and attackers cannot enter, thus reducing the risk. It has helped us prioritize issues.
The visibility into how an attack could happen is valuable. For example, it highlights the system vulnerability and outlines where an attack could propagate. The visualization helps me to prioritize remediation, and if I don't know where to start, I can check to see the score that enables me to prioritize issues.
I am using infrastructure-as-code scanning, and it's one of the useful features. In pre-production, it identifies embedded secrets and misconfigurations, including issues with Kubernetes or some privileged containers. This feature allows us to pass the audit and secure IaC code so that it isn't easily exploitable by attackers. We can more proactively work to identify and resolve vulnerabilities by using the dashboard and the alerting system that SentinelOne provides.
It helps us with audits and compliance. We can show the compliance in percentage. We can confidently say that our company or infrastructure is very secure. It has improved our security posture by 30% to 35%.
It has reduced our false positives by 30%.
It has helped teams collaborate better. The security team manages SentinelOne Singularity Cloud Security, and when it flags vulnerabilities, they are forwarded to DevOps for remediation. Previously, we needed to identify and report the issues, but there would be lapses in communication. Now, there is a centralized dashboard that anyone can look at and see the open issues and work on them.
What is most valuable?
I go to the dashboard on a daily basis. The UI and the widgets are what I personally appreciate. I find it easy to use. If anyone is a beginner or new to this industry, they'll be able to understand how to use it for their use cases.
What needs improvement?
There is scope for more application security posture management features. Additionally, the runtime protection needs attention.
For how long have I used the solution?
I've been using the solution for around 1.2 years.
What do I think about the stability of the solution?
It is stable. I would rate it a nine out of ten for stability.
What do I think about the scalability of the solution?
The scalability of SentinelOne Singularity Cloud Security is more than Prisma Cloud, and I would rate its scalability a nine out of ten.
We have 17 users working with this solution.
How are customer service and support?
I would rate their technical support a nine out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Prisma Cloud is more expensive. The stability and scalability of SentinelOne Singularity Cloud Security are better than Prisma Cloud.
How was the initial setup?
It is deployed on the cloud and also in a data center. My cloud is on Azure, and the data center is running in a different location. It's easy to deploy SentinelOne Singularity Cloud Security; it took me around two to three days to deploy it, and some members of the customer support service helped us to deploy this on both locations.
It does require maintenance, but it's not done by my team. There's a different team called InfoSec that handles this maintenance part.
What was our ROI?
It helped us to secure our infrastructure and applications on the cloud side.
We get notified of any issues immediately, reducing our mean time to detect and remediate by 30%. It saves money and time.
What's my experience with pricing, setup cost, and licensing?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is worth the price.
What other advice do I have?
I would definitely recommend this product to other members, vendors, or users, as it covers security posture management, auditing, documentation, and compliance management.
I would rate SentinelOne Singularity Cloud Security a nine out of ten.
