We utilize SentinelOne Singularity Cloud Security for Cloud Security Posture Management and real-time cloud configuration monitoring. SentinelOne Singularity Cloud Security identifies vulnerabilities at the resource level and generates reports. It also includes defense modules that investigate potential exposure of secrets in public or private repositories. Additionally, the scanning module can identify vulnerabilities and analyze how they correspond to and impact other modules.

We chose SentinelOne Singularity Cloud Security as our cloud security solution for its ability to identify misconfigurations, both intentional and unintentional, within our infrastructure. Additionally, SentinelOne Singularity Cloud Security generates reports that facilitate security compliance audits and help us identify inactive user accounts. It further integrates with our Jira instance, allowing for seamless data visualization on our security dashboard.

SentinelOne Singularity Cloud Security is user-friendly. The portal is well-designed and intuitive. SentinelOne Singularity Cloud Security boasts excellent customer engagement. They keep us informed with monthly updates on new features and upcoming releases, providing opportunities for learning and raising any challenges we encounter. Their approach is both proactive and professional.

It's evidence-based reporting system prioritizes and assigns reported issues to the appropriate teams based on their severity. This ensures that critical issues are addressed first. Reports are initially delivered to our CTO and then disseminated to the relevant teams for action.

Our agentless vulnerability scanner helps us discover vulnerabilities across our cloud infrastructure by analyzing cloud logs and log flows. It then provides detailed information and guidance on the identified vulnerabilities.

We find the offensive security engine that verifies actual exploit paths and prioritizes breach potentials to be very useful.

Using SentinelOne Singularity Cloud Security streamlines our cloud configuration validation process. We no longer need to spend excessive time and effort planning or using other tools to ensure our configurations meet industry standards. This reduces the training burden on our team, keeping them current with security best practices. Additionally, SentinelOne Singularity Cloud Security acts as a safety net, providing peace of mind and increased confidence when deploying updates, rolling out new policies, or making any security-related cloud configuration changes. Our experience and trust in SentinelOne Singularity Cloud Security are well-founded. Their support has consistently addressed any concerns we've raised throughout the year. This report demonstrates the value of maintaining a compliance center, and SentinelOne Singularity Cloud Security plays a critical role in making that possible.

SentinelOne Singularity Cloud Security has been instrumental in reducing false positives during login deployments. For example, when our server load balancer or cluster switches between servers. During this brief window of usually just a few seconds, the DNS isn't mapped to any background resources because it's being transferred from the old load balancer to the new one. While this is a minor, expected occurrence, it was previously flagged as a critical issue. Resolving these false positives took several hours. While SentinelOne Singularity Cloud Security likely detects these discrepancies in real time, it validates and corrects them based on a specific schedule. This delay in resolving the alerts prompted us to report the issue and request suppression of these expected findings. Highlighting this problem helped draw the attention of our executives and senior management.

SentinelOne Singularity Cloud Security has significantly improved our security posture. In the past, developers occasionally exposed credentials to the public unintentionally. SentinelOne Singularity Cloud Security effectively detects and reports these incidents to senior management, allowing us to address them promptly. Additionally, during infrastructure testing, security gateway code might be unintentionally exposed. However, SentinelOne Singularity Cloud Security helps us swiftly identify and mitigate these issues before any damage occurs.

Thanks to SentinelOne Singularity Cloud Security, we've significantly reduced our mean time to detection. It delivers the critical data we need, eliminating the need for dedicated full-time staff.

SentinelOne Singularity Cloud Security has helped us improve our mean time to remediation. Now, we can get prompt support from their team, allowing us to work together to mitigate issues quickly.

SentinelOne Singularity Cloud Security has improved collaboration between our cloud security team, application developers, and AppSec teams. Notably, secret configuration detection allows us to collaborate effectively with developers to swiftly resolve any emerging issues. Our DevOps team handles cloud security, and all teams are satisfied with SentinelOne Singularity Cloud Security's implementation. They actively participate in monthly meetings.

The collaboration has freed up some of our engineers' time. Once we enabled the module and it began identifying issues, engineers were able to plan their work more effectively. The analytical dashboard also helps them manage tasks efficiently, eliminating the need to hire additional staff.

SentinelOne Singularity Cloud Security offers comprehensive security posture management. Its success stems from its ability to analyze DNS mappings. While we may have access to the DNS record itself, the underlying infrastructure associated with that domain might be decommissioned. This creates a potential risk, as the domain could be remapped to a malicious website, leading to data breaches or credential theft. However, SentinelOne Singularity Cloud Security proactively detects and alerts us to such accidental exposures of sensitive information, including SaaS credentials. These are some of SentinelOne Singularity Cloud Security's most valuable features.

There is room for improvement in the current active licensing model for SentinelOne Singularity Cloud Security. As both a customer and service provider, I believe a more comprehensive package could be developed that would be mutually beneficial.

I recommend including endpoint monitoring functionality in a future release of SentinelOne Singularity Cloud Security. While we currently scan our endpoints manually through an external vendor, integrating this capability within SentinelOne Singularity Cloud Security would offer significant advantages. Additionally having real-time detection of malicious activity in our network would be beneficial.

I have been using SentinelOne Singularity Cloud Security for 2.5 years.

SentinelOne Singularity Cloud Security is stable.

SentinelOne Singularity Cloud Security is scalable.

The technical support is responsive and they stay in contact with us.

As an energy company, SentinelOne Singularity Cloud Security helps us ensure compliance across our many providers, which is essential for our business expansion.

The pricing for SentinelOne Singularity Cloud Security in India was more reasonable than other competitors.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

We have 15 people in our organization that use it. SentinelOne Singularity Cloud Security is responsible for the maintenance.

It is a sophisticated and fast-growing product with great services.

We use SentinelOne Singularity Cloud Security to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate SentinelOne Singularity Cloud Security with our GitHub repositories that store our hard-coded secrets.

We renewed our contract with SentinelOne Singularity Cloud Security for another year because it's extremely easy to use. The user-friendly UI, along with its integration with Jira and the ability to consume alerts through Slack, make it a valuable tool for our team.

Evidence-based reporting facilitates addressing complaints related to mandatory controls. SentinelOne Singularity Cloud Security offers an option for high-alert items to be kept publicly available if we're confident we have appropriate controls implemented.

SentinelOne Singularity Cloud Security's agentless vulnerability scanning has identified a significant number of vulnerabilities.

SentinelOne Singularity Cloud Security's evidence-based reporting, particularly its proof of exploitability, is highly valuable. For example, their recommendations significantly reduce investigation time and allow us to easily research vulnerabilities using tags. This targeted approach helps stakeholders prioritize and address critical vulnerabilities efficiently through the dashboard.

We utilize the offensive security engine, but fortunately, it doesn't detect many vulnerabilities. It primarily identifies publicly known patch versions and the exposure of the SMTP service. On the other hand, I would rate the ASM functionality an eight out of ten.

IaC scanning has been effective in identifying code-level issues whenever infrastructure as code is scanned.

SentinelOne Singularity Cloud Security automatically populates and maps our network, identifying any misconfigurations within the first two hours of deployment.

It has reduced false positives by around 90 percent.

Our mean time to detection has been improved, especially for critical areas. Our mean time to remediation has been improved as well.

SentinelOne Singularity Cloud Security has improved our risk posture by providing visibility into our cloud infrastructure.

SentinelOne Singularity Cloud Security improved the collaboration between the cloud security application developers and the app security team.

It helped our developers save time.

SentinelOne Singularity Cloud Security offers an intuitive user interface that lets us navigate quickly and easily. Additionally, its identification feature allows us to customize rules and configurations in the cloud.

IaS scanning identifies misconfigured code within GitHub repositories. This represents a "shift left" approach to security.

Customized queries should be made easier to improve SentinelOne Singularity Cloud Security.

I have been using SentinelOne Singularity Cloud Security for one and a half years.

While SentinelOne Singularity Cloud Security is stable for around 90 percent of the time, there are occasional glitches in the UI. However, as a security tool, our primary focus is on the results it delivers, rather than the aesthetics of the dashboards themselves.

Scaling SentinelOne Singularity Cloud Security is easy. We recently integrated with AWS and it went well.

We regularly contact the technical support team about some UI glitches. We provide them with feedback on these glitches regularly. Additionally, we would like to see some new features added to Jira when creating tickets. We've also been in touch with the technical support team about this.

The technical support team's responses are good and have been improving.

We've noticed a decline in their response times lately. This could be due to the recent acquisition of SentinelOne Singularity Cloud Security by SentinelOne. Previously, their response times were much faster.

The initial deployment was straightforward.

Deploying SentinelOne Singularity Cloud Security is a quick process that involves creating a dedicated service account, granting the necessary roles to the service account, and attaching the service account to SentinelOne Singularity Cloud Security.

The total deployment time took around 15 minutes.

The implementation was completed in-house.

The features included in SentinelOne Singularity Cloud Security justify its price point. The agent-level monitoring for Kubernetes clusters is particularly valuable and could support a modest price increase.

Our evaluation of Prisma Cloud and Trend Micro on an open-source platform for identifying misconfigurations yielded a high number of false positives, limiting its effectiveness. We chose SentinelOne Singularity Cloud Security based on the price and the ease of use.

The setup and cleanup need to be done first to get things organized. This makes SentinelOne Singularity Cloud Security a much easier option than the other products we evaluated, which were all very complex. So, we won't be jumping straight to CWP. Instead, we'll focus on securing our perimeter. We believe SentinelOne Singularity Cloud Security can solve this issue, and the support we received during the proof of concept was also very positive. Considering all these factors, we decided to go with SentinelOne Singularity Cloud Security.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security does not require maintenance.

It is easy to use, but it works best when you have established organizational practices in place. If you feel this is critical, don't hesitate to address it directly. Integrating SentinelOne Singularity Cloud Security is straightforward, so there's no need to worry about that. It's a ready-made solution that can be integrated with just a click. You can then address the specific issues you find most important. Ideally, integrate all your relevant sources during onboarding, such as GitHub or any cloud accounts you use. This ensures you capture everything from the start and get the best possible results.

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources.

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it.

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud.

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations.

It has helped us reduce false positives significantly. That's something I've been focused on.

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues.

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed.

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months.

I don't recall any stability issues.

The solution is scalable. The scalability is highly flexible.

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

I have not used any alternatives.

I was not initially involved in the deployment process.

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything.

I'm not sure how the pricing for the solution works.

I'm an end-user.

I'd rate the solution 9 out of 10.

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good.

SentinelOne Singularity Cloud Security offers a variety of functionalities, including cloud configuration assessment and detailed misconfiguration reports. It automates vulnerability scanning, saving us time and effort. Additionally, SentinelOne Singularity Cloud Security allows us to filter compliance-related findings and provides consolidated reports for a comprehensive view.

Furthermore, SentinelOne Singularity Cloud Security can conduct customized posture management research for Cloud Posture Management initiatives. This eliminates the need for complex, independent research. Finally, SentinelOne Singularity Cloud Security helps us understand our readiness for specific security certifications.

One of the key features of SentinelOne Singularity Cloud Security that we utilize is its cloud-based configuration. This helps with our cloud security monitoring processes. This allows for infrastructure automation and broader implementation access. To mitigate this risk, we have multiple personnel actively monitoring activity to safeguard against vulnerabilities, employing vulnerability scanning techniques.

SentinelOne Singularity Cloud Security simplifies managing compliance. It gives us a clear compliance report, allowing us to easily identify areas for improvement and achieve full compliance. This makes it a valuable resource.

SentinelOne Singularity Cloud Security is easy to use. I would rate the ease of use 9 out of 10 compared to our previous tool which had good features but was not as intuitive as SentinelOne Singularity Cloud Security and had bugs.

SentinelOne Singularity Cloud Security's dashboard provides a single place for managing everything, including reporting and prioritization. Previously, we relied on Jira, which required submitting and closing tickets. This meant we were juggling both Jira and separate ticket management. Now, SentinelOne Singularity Cloud Security consolidates everything into a single dashboard, allowing us to see all issue priorities and address them directly. As a result, our resolution times have significantly improved, going from 9 days down to 3.

SentinelOne Singularity Cloud Security's proof of exploitability in evidence-based reporting is important. We can see all the evidence and assess it to see why the vulnerability has come up. We are also able to edit the policies and create custom policies.

Identifying preproduction issues in the IAC template or container configuration files is helpful. SentinelOne Singularity Cloud Security notifies us if the public rate defined is different which should not happen. Sometimes we encounter false positives but not many.

SentinelOne Singularity Cloud Security improved our security through the cloud configuration feature. We receive notifications if someone makes changes and our mitigation time has gone from up to 30 days down to nine.

SentinelOne Singularity Cloud Security generates some alerts that we categorize as false positives. These can occur, for instance, when someone uses a publicly available open-source tool and SentinelOne Singularity Cloud Security flags it. While SentinelOne Singularity Cloud Security's detection is valid in itself, we consider it a false positive because our development doesn't rely on that particular tool.

Our recent security assessment revealed a positive change in our security posture. We've moved from a medium to a high rating, thanks in part to SentinelOne Singularity Cloud Security.

SentinelOne Singularity Cloud Security has reduced our mean time to detect by 40 percent.

It has reduced our mean time to remediate down to 9 days.

Using SentinelOne Singularity Cloud Security, our cloud security, application development, and AppSec teams have achieved a high level of collaboration. All work is automatically updated within SentinelOne Singularity Cloud Security, allowing each team to generate reports, review identified issues, and work towards resolving them.

Integrating AI with SentinelOne Singularity Cloud Security has strengthened our security posture.

It offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning.

We can customize security policies but lack auditing capabilities. Ideally, we should be able to review logs and track user access.

I have been using SentinelOne Singularity Cloud Security for 1.5 years.

I would rate the stability of SentinelOne Singularity Cloud Security 10 out of 10.

I would rate the scalability of SentinelOne Singularity Cloud Security 10 out of 10. We are using multiple clouds and have integrated them with SentinelOne Singularity Cloud Security allowing us to easily scale.

SentinelOne Singularity Cloud Security provides excellent technical support. In addition to monthly guidance, we also receive a comprehensive quarterly business review. We haven't needed to contact their support team outside of these scheduled interactions. We also have a customer support engineer readily available to assist us whenever we encounter any issues.

We switched to SentinelOne Singularity Cloud Security because of the price and user-friendly functionality.

The initial deployment was easy because it was cloud-based and handled by SentinelOne Singularity Cloud Security. The entire deployment process only took 1 day. We had a meeting beforehand, and the next day, they provided us with the steps to follow. We successfully integrated the system by following these instructions. 2 people from our organization were involved in the deployment.

SentinelOne Singularity Cloud Security has delivered a return on investment by enabling collaborating teams to save up to 50 percent of their time.

SentinelOne Singularity Cloud Security is fairly priced.

I would rate SentinelOne Singularity Cloud Security 9 out of 10.

10 people in our organization use SentinelOne Singularity Cloud Security.

I recommend SentinelOne Singularity Cloud Security to others.

Cloud Native Security is a tool that has good monitoring features. We get multiple misconfigurations from the monitoring on a daily basis. Cloud Native Security detects misconfigurations in real-time, like open ports.

If our team closes a particular alert triggered in Cloud Native Security, it should also be closed in Cloud Native Security. After closing an alert in Cloud Native Security, it still shows as unresolved.

I have been using Cloud Native Security for one and a half years.

We haven’t faced any issues with the solution’s stability.

The technical support of the solution is good.

Cloud Native Security is a user-friendly solution. If you log in to the console, you'll get all the misconfigurations, and the solution has recently integrated CI/CD. Sometimes, we get false positive alerts. Our team closely observes if there are any misconfigurations. If it is closed for a particular resource, it must also be closed from the monitoring dashboard, which is not happening. We have already raised this issue to the support team.

The solution's proof of exploitability gives complete data from the console regarding the issue, description, resolution, proof of concept, and closing of alerts. The main benefit of Cloud Native Security is that it detects multiple misconfigurations in our environment. If there are any unwanted port openings or any publicly accessible EC2, we will get to know about them easily from the monitoring tool.

Cloud Native Security is deployed on the cloud in our organization. Cloud Native Security has new monthly updates. We are continuously in touch with the Cloud Native Security team for anything that needs to be changed or modified or if there are any new requirements.

Overall, I rate the solution a 9 out of 10.

My company uses Cloud Native Security as our CSPM solution to discover vulnerabilities in cloud-based configurations. We take alerts from Cloud Native Security and forward them to the DevOps team to remediate them manually.

Cloud Native Security helps reduce the number of false positives we receive. We receive notifications and alerts from various channels, such as AWS CloudTrail and Microsoft Defender. These products generate alerts based on their policies. I can feel confident that Cloud Native Security isn't giving any false positives. We get a few, but they are rare, and I can immediately alert the team to redefine their policies.

Cloud Native Security's most valuable feature is its offensive security engine. I have worked with many CSPM solutions. What sets Cloud Native Security apart is the security engine's ability to provide evidence about the potential for vulnerabilities to be exploited or endpoints exposed with credentials.

The evidence-based reporting is helpful. It shows us all these details that help us do more research. We are working with various stakeholders to remediate those misconfigurations immediately. No other solutions provide this feature. We can research other resources affected by the same kind of vulnerabilities or misconfigurations. We can prioritize fixing them and work on them immediately. That's beneficial to everyone on the team, and they are learning a lot with this feature from Cloud Native Security itself.

While Cloud Native Security is mostly easy to use, the interface has a few trouble areas. We have faced some challenges with filtering. The Cloud Native Security team is working on that, and they're fixing it immediately. They take feedback seriously. There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature.

We have been using Cloud Native Security for one year.

Cloud Native Security is stable.

I rate Cloud Native Security 9 out of 10 for scalability. There is no lag, and the application doesn't break down.

I rate Cloud Native Security support 8 out of 10. We contacted them about adding some policies and creating plugins based on our requirements.

We previously used Prisma Cloud. Each has its own feature set. Prisma is on a higher level, and Cloud Native Security is a startup that's building its feature set and taking feedback from all the customers. That's one advantage Cloud Native Security has. They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away.

Deploying Cloud Native Security wasn't too easy or difficult. It was manageable. I did the deployment by myself. I'm the Cloud Native Security admin for my organization responsible for onboarding all the cloud accounts for AWS, GCP, and Azure.

We also looked at Orca Security. Like Prisma, Orca is one of the top solutions on the market. Most of the CSPM solutions have the same features. Cloud Native Security stood out for two reasons: One is the offensive security engine. That is the main thing. The second thing Cloud Native Security offers is evidence-based reporting. That helps us a lot. These two features are unique, which is why we chose Cloud Native Security.

I rate Cloud Native Security 7 out of 10.

We have a wide array of applications. It extends beyond mere container and threat management; in fact, we extensively utilize it across all facets of our cloud data management. It offers comprehensive security for our entire infrastructure, encompassing containers, Kubernetes, cloud services, and more. Its scalability is particularly beneficial for our operations.

We receive Slack alerts for any vulnerable resources within our inventory. These alerts indicate if a particular resource is vulnerable and requires attention, ensuring timely action for remediation. Additionally, critical events are promptly communicated to us, enhancing our overall security posture.

Furthermore, we are provided with compliance metrics, allowing us to gauge our level of adherence to regulatory standards and guidelines.

Cloud Native Security's automation features have revolutionized our approach to cloud-native security, making it a standout solution in the market. With its seamless automation capabilities and timely alert notifications, Cloud Native Security ensures that we stay ahead of potential vulnerabilities, providing peace of mind in our dynamic cloud environment.

One of Cloud Native Security's greatest strengths lies in its ability to streamline compliance management. While specific controls are not directly provided, Cloud Native Security's automated assessment of our cloud and server infrastructure empowers us to maintain compliance effortlessly. The platform offers comprehensive insights into our compliance status, allowing us to identify areas for improvement and scale up our operations with confidence.

During our initial implementation, Cloud Native Security proved invaluable in tackling the challenges posed by our extensive resource inventory. By providing a detailed breakdown of resource utilization and associated vulnerabilities, Cloud Native Security enabled us to take proactive measures to enhance our security posture. The intuitive dashboard interface offers granular control and simplifies decision-making, sparing us the burden of manual inspections.

Cloud Native Security's automated auditing feature sets it apart, offering a comprehensive overview of our cloud resources with minimal effort. The asset inventory feature provides detailed insights into resource usage, ensuring that no stone is left unturned in our quest for security and compliance excellence. While there may be a slight learning curve initially, Cloud Native Security's user-friendly interface makes navigation a breeze over time.

The evidence-based reporting functionality of Cloud Native Security is a game-changer, allowing us to prioritize and address critical security issues efficiently. While occasional false positives may occur, Cloud Native Security's continuous improvement efforts ensure that such instances are minimal and swiftly addressed. Integration with our existing security infrastructure further enhances its capabilities, providing a holistic approach to our security strategy.

Overall, Cloud Native Security has been instrumental in fortifying our risk posture and facilitating our growth trajectory. With a significant reduction in mean time to detect issues and improved visibility for our development teams through DevSecOps integration, Cloud Native Security has truly become an indispensable asset in our security arsenal.

While we do encounter occasional false positives, we appreciate Cloud Native Security's efforts to address this issue.

In terms of improvement, we believe there's room for enhancing the comprehensiveness of their rule sets. Specifically, if we have unique requirements for our cloud security and need to establish custom rule sets, we require more comprehensive options than currently available. While Cloud Native Security has provided a feature for this purpose, its implementation is currently challenging. We see this as an area for improvement where Cloud Native Security could refine its offerings to better meet the diverse needs of its users.

I've been using the solution for 1.5 years.

We have not found any glitches or suffered any downtime.

Currently, we have approximately three platform engineers actively utilizing the solution.

The solution demonstrates excellent scalability and offers considerable flexibility.

Technical support is good. They help us out on certain details. We can submit tickets in order to get assistance.

Previously, we didn't employ a different solution; instead, we relied on various open-source tools. While these tools weren't direct competitors, their functionalities didn't fully align with what we needed. Since adopting this solution, we've witnessed significant improvements in scaling our security measures effectively.

The initial onboarding process for Cloud Native Security resources presented some challenges, albeit manageable ones. However, the deployment itself was remarkably swift, typically taking only 15 to 20 minutes. Incorporating Cloud Native Security into our original deployment was crucial for establishing permissions effectively. To manage power demand efficiently, we required running scripts consistently.

As a Software as a Service (SaaS) solution, deployment to multiple locations wasn't necessary. Cloud Native Security is hosted on their cloud platform, eliminating concerns about maintenance or internal management on our end. We can rely on the provider for seamless operation without the need for internal intervention.

The pricing is fair, as it is determined by the resources we utilize. We have the flexibility to adjust our resource usage according to our needs.

Prior to implementing this solution, we didn't assess any other options.

Currently, the market offers numerous products for cloud-native security. Despite the abundance of choices, we received excellent guidance with this solution. The support provided was invaluable, demonstrating their strength in customer success.

As end users, we don't maintain a direct relationship with the company.

I highly recommend this solution to fellow users.

In terms of rating, I would give the solution a solid 9 out of 10.

I consider it a cloud security posture management tool. It is being used for the overall posture of the environment.

By implementing Cloud Native Security, we wanted to monitor end-to-end misconfigurations. That is why we started with it. We are now also using one other module for detection and response, but mainly, we are using it to monitor misconfiguration and benchmark compliance.

It is pretty good. It has good coverage and a good reporting system.

There has been tremendous improvement since implementing Cloud Native Security. Cloud Native Security reports any misconfiguration that is there in the infrastructure. We do not have to go and check each service individually. It has helped a lot.

For compliance management, we can find the benchmark compliance status in Cloud Native Security directly. We do not have to do anything. Many benchmarks that we are supposed to follow are added by default. It is pretty easy for us to showcase compliance to anyone.

Misconfiguration detection has been the most effective for threat detection in our cloud environment. We are mainly focusing on the misconfiguration. I can see any configuration-related issues in all the modules.

Because it covers all the modules, every single aspect of the compliance has improved. We were able to find out the critical issues related to cloud infrastructure. It is a real-time monitoring system, so, at any time, we can check and confirm.

Cloud Native Security provides information about the exact affected area. We can easily locate a resource in a particular account or service. It is very clear from the Cloud Native Security report where to look for a particular misconfiguration. They have also added a graphical representation.

The reports tell us what is the impact, how critical it is, and how to locate the issue. That helps to prioritize things and fix a critical issue on an urgent basis. It is easy to analyze things from our side.

After implementing Cloud Native Security, we were able to implement so many best practices. Initially, we were getting different types of issues. We learned from those issues, and we are now implementing best practices based on that. We are also able to do real-time monitoring.

It has helped reduce the number of false positives we deal with. We are hardly getting any false positives. Previously, if we had four false positives, we now have only one false positive.

Cloud Native Security's ease of use and precision in detection have improved our risk posture a lot.

Cloud Native Security has saved our mean time to detect. It has saved a lot of our time. It has saved almost 95% of the time because we cannot go and check all the services in AWS. It is very vast. Cloud Native Security gives us specific information. There is no manual effort.

Cloud Native Security has not helped reduce our mean time to remediate because remediation depends on so many factors. It has nothing to do with Cloud Native Security. We are getting the issues, and the team is responding to them. After fixing them, there is a lot of improvement in the number of issues.

It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end. The other thing is the coverage. As far as I know, it has pretty good coverage.

It is very easy to use. I would rate it a nine out of ten for ease of use.

We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks.

I have been using Cloud Native Security for around ten months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

Overall, we have seven users of this solution, but at a time, we only have two active users. It is being used in a single location.

Their support is good. Whenever we have doubts, we get proper support. We connect with them and resolve the issue. I would rate them a nine out of ten.

We did not use any other solution. This is the first one.

It is on the cloud. The implementation phase varies. It can take a few months.

It does not require any maintenance.

I am not involved in the pricing, but it is cost-effective.

I would recommend Cloud Native Security to others. Overall, I would rate Cloud Native Security a nine out of ten.

Cloud Native Security helps us identify security issues related to cloud configuration and containers. We leverage cloud synchronization for real-time incident notification.

Cloud Native Security is easy to use. Its user-friendly features make integrating new tools a breeze. Everything can be connected through a simple API. The intuitive dashboard and effortless ticket submission further enhance the user experience.

One of Cloud Native Security's most valuable features is its offensive security engine. This engine excels at identifying vulnerabilities caused by misconfigurations, which could potentially be exploited by external attackers. In these cases, Cloud Native Security's offensive security engine findings are highly accurate, with a proven positive detection rate.

Cloud Native Security has helped reduce the false positive rate. The reduction in false positives has improved our operations.

As a small startup, implementing all security best practices across the organization can be challenging. Additionally, security awareness may not be widespread. However, Cloud Native Security, a cloud-based security tool, helps us address these limitations. Cloud Native Security acts as a vigilant watchdog, continuously monitoring our infrastructure for misconfigurations. This includes detecting unauthorized access attempts, such as someone opening a specific port or granting historical access from an external AWS account. By integrating Cloud Native Security with our Slack channel, we receive immediate alerts whenever such suspicious activity occurs. The notification will highlight the potential risk and provide details, allowing us to investigate and take prompt action. Previously, we unknowingly stored sensitive information, known as hard-coded secrets, in our public GitHub repository. Since integrating Cloud Native Security with GitHub, these secrets are identified immediately and flagged through Slack alerts. This enables us to address the issue swiftly and reduce our overall security exposure.

It is far more effective at reducing our meantime to detection compared to the open-source solution we used previously.

Cloud Native Security's findings have led to increased collaboration with our infrastructure team. While our application is a separate product and doesn't reside in the cloud, Cloud Native Security has still proven valuable in this way.

Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews. This helped my organization identify nearly 10,000 secrets added across our repositories, many of which had a significant security impact. Integrating Cloud Native Security with GitHub alone allowed us to identify all these secrets. This is a key feature that has been instrumental in improving our security posture through testing.

Secondly, Cloud Native Security's cloud SIEM feature has been essential in preventing our most critical security incidents.

We are experiencing problems with Cloud Native Security reporting. Our organization primarily uses Jira for issue tracking. While Cloud Native Security offers input options for reporting vulnerabilities, the "connect action" it provides to link issues isn't replicating information to Jira. This is happening for approximately half of the company and is causing difficulties for developers and stakeholders in fully understanding the reported issues.

Cloud Native Security's proof of exploitability is not that useful when it relates to container images. More detail should be included in the reporting.

Cloud Native Security can identify hard-coded secrets within our code and tell us if they're valid or not. However, in some cases, Cloud Native Security may flag a valid secret as hard-coded without specifying its exact location within the codebase. This lack of detail makes it difficult for developers to identify where the secret is used. Ideally, Cloud Native Security should provide the specific location of valid hard-coded secrets. This would significantly improve the developer experience by allowing them to easily locate and manage these secrets.

Cloud Native Security integrates with Jira and Slack through APIs, which is great. However, I would also like to see Cloud Native Security offer APIs that allow us to directly build dashboards within the platform. This would be incredibly helpful for visualizing vulnerabilities, security settings, and Cloud Native Security usage reports. Imagine if Cloud Native Security provided these APIs. We could create custom dashboards for specific purposes, like offensive security, cloud misconfiguration monitoring, or even integrating ISS scans. Essentially, any customer could easily build dashboards tailored to their needs. Unfortunately, Cloud Native Security doesn't currently offer this functionality. Other security products provide this level of customization. Adding this feature to Cloud Native Security would significantly improve its overall solution.

I have been using Cloud Native Security for two years.

Cloud Native Security is extremely stable and we have not encountered any issues.

Cloud Native Security is scalable.

We contact technical support weekly. They are helpful and respond quickly. Additionally, there is a built-in chatbot that allows us to submit support tickets.

We also rely on AWS built-in features that alert us if there are any misconfigurations along with Cloud Native Security.

Regarding the license model, I believe their approach is appropriate based on the customer workload data we're tracking. It seems like an ideal way to proceed.

For pricing, it currently seems to be in line with market rates. However, I recall Cloud Native Security charging a slightly higher premium previously.

I would rate Cloud Native Security nine out of ten.

We receive notifications from Cloud Native Security whenever maintenance is required, and they provide instructions to complete the process.

New users should be prepared to have a dedicated staff member manage Cloud Native Security. This person will handle alerts, configurations, and integrations. You should continuously evaluate all the findings that Cloud Native Security provides, as it performs daily scans. However, it's possible to miss vulnerabilities that have already been fixed. Therefore, careful attention is needed when raising issues with developers. To optimize your use of Cloud Native Security and potentially reduce workload, consider providing feedback to improve the product. Additionally, try to utilize as many features as possible, as they can all have a positive impact on your organization's infrastructure.