We are running the entire cloud base on AWS infrastructure. The major use case for this product is cloud misconfiguration because a lot of changes keep happening in our environment. There are multiple teams and multiple verticals within our organization. We have different verticals across different business units. They have their local IT infrastructure teams, and all these teams are making changes.

We have IT admins at multiple locations. There is a team of 10 to 12 members. It was a challenge to manage cloud security when they made changes, spun up new servers, or created new instances for new projects. Cloud misconfiguration was one of the major areas where we saw issues because things were not getting created as per the process or security protocol. When they are creating instances, they are not aware of the implications and the security incidents that may happen by keeping certain ports open. They might not be aware of the security issues that may come up. So, cloud misconfiguration was one of the main reasons why we opted for this product.

Another reason was to have a dashboard for the management and for the centralized team. We are a part of the centralized team that is taking care of the entire platform. It is very necessary for us to keep track of the changes and see if any P1 or critical security incidents are open. They are a risk to our organization's security. We wanted to have such visibility. Manually keeping track of those changes and open issues was very difficult for us.

It highlights critical or high-priority incidents. That is helpful. When we have a lot of issues on the dashboard, we can at least prioritize them based on the severity. We target critical incidents first and then move to the high-priority incidents. We still have medium and low-priority incidents on the dashboard. We require some amount of time to fix them. From a reporting perspective, it helps us to prioritize accordingly. We know that at least from a high-impact point of view, we are secure.

We do generic vulnerability scanning whenever there are any new changes or we are building any new applications. We keep the generic vulnerability scanning on whenever any new instances are created, and we run the scan once a week for already created instances.

We have not explored evidence-based reporting much. It is a good feature, but we mostly look at the priority of the incidents. We fix them based on the criticality. The description of the issues and the categorization make it easy to utilize the reports.

It has affected our risk posture. All the critical incidents and high-priority issues have been resolved. We are in a better place now in terms of risk posture. The medium-severity issues still need to be fixed, but earlier, we used to have critical incidents as well. We did not have any visibility into those things. We are now quite confident that we do not have any major security issues. We keep running the scan every week. It helps us to detect any new changes or vulnerabilities in our environment.

We could see its benefits immediately in terms of visibility. Previously, we did not have any visibility into where we were in terms of the security landscape. That benefit was immediate, and then we started fixing the problems and reduced critical issues and high-priority issues. We became confident in our security, and we were able to secure the environment wherever we had an incident. Its benefits were immediate from a visibility point of view, and then it took two to three months to have a direct impact in terms of security.

Singularity Cloud Native Security helped us to reduce false positives. We also have a managed service provider. We took their help to reduce false alarms and other issues. It also helped us to implement some of the best practices while creating any instances or making any changes to any particular instances. We created best practices and standard operating procedures for the infrastructure team. They follow the standard operating procedures while making any changes or creating any instances. We are seeing a drop in the number of issues compared to two or three years ago.

Our remediation time is reduced. Initially, it took some time to identify the remediation steps and what had to be done to fix the problems, but now we know what needs to be done. From a prevention point of view, we now know what we should not do. That has helped with changes that we keep on doing in the environment.

Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues. We created a road map and prioritized the issues based on the criticality of the problem. We have reduced P1s. We have resolved any critical incidents that came up in the dashboard. We still get high-priority incidents, and we keep on prioritizing and fixing them. That is because we have visibility into the open issues that we have. Management is also happy. They are aware of the things that are coming up on the dashboard. They are aware of the impact and the risk. We did not have this visibility previously. All the teams that are a part of IT are aware of the importance of it. It has been included as part of our software development cycle.

It is very easy to use. The user interface or the dashboard is quite simple. It clearly shows you the type of issues that are there. It also breaks down and groups them into the types of issues. If I have 100 issues on the dashboard, it categorizes them. Out of these 100 issues, 50 of them might be related to the same category. If I choose one of the high-priority incidents and fix them, all 50 issues might get fixed. This way, it is a bit easier for us to target specific use cases and resolve a lot of underlying problems. The descriptions are helpful. It gives us information about how to resolve a particular problem. It is easier when the tool itself tells you what you have to do to fix an issue. You can then research more and get it done. It is quite simple. Even the leaders who are not very technical can understand what is the impact and what is causing the problem.

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing that a new type of risk has been identified.

We use Jira for pushing any changes. If any kind of integration is possible between Jira and the Singularity Cloud Native Security dashboard, it will be easier for us to track. Before approving in Jira, I can ensure that any issues in Singularity Cloud Native Security are closed. Such an integration will be helpful.

Its pricing model is a little bit inflexible. Different organizations have different structures. We have multiple business units. Based on the different verticals, we have to create different subscriptions for them. If I create a new subscription and add it to Singularity Cloud Native Security, as per the current licensing model, I have to pay more for that. It should not be like that. It should be based on the number of servers. This kind of flexibility would help customers like us.

It has been close to two years since we have been using this solution. Prior to this, we were working with CrowdStrike, and then we migrated to SentinelOne two years back.

I have not seen any issue with Singularity Cloud Native Security.

If any slowness is there, we will probably wait and run it after half an hour or one hour. Nothing major has been highlighted to me or has been a blocker as such. The pricing model is the only thing that would be a concern.

We take help from our managed service provider. If we have to fix any particular problem that we are not aware of or do not have the expertise for, we get help from the managed service provider. They have a service team with experts. They get it done for us.

We did not directly use any other solution. We have a managed service provider. We have taken their help, but it was more of a tool that they used at their end, and then they shared a report with us. Based on that report, we took action. It was not a regular thing that we used to do. Once in a quarter, we would probably allow them to scan and send us a report. Based on that, we used to take action. That was the process that we used to follow earlier.

Its implementation was a little bit difficult because it was a new tool that we were using. It takes time to understand the issues, specifically in terms of what has to be done to fix them. Aligning all the teams was a little bit difficult for the initial two to three months, but once we understood the product and what needed to be done for the issues that were getting highlighted in the dashboard, it was easy.

Initially, we had to do a lot of sessions to bridge the gap. That was because this initiative was taken by the Cloud Security team and the DevOps team. We needed a lot of patience to collaborate with the engineering or development team. A lot of the issues required help from the engineering team in terms of making changes at the core level as well. It took one or two months of time to do sessions with the developers and create SOP within the development life cycle itself. Overall, the support from the leadership was quite good. All the leaders agreed that this is a very important change that we are bringing into the organization, and it will be an ongoing thing that we need to follow. We have also added it as part of the SDLC. We use Jira to manage changes and defects. We have added security as one of the flags over there. Someone from the InfoSec team has to give a sign-off for any changes that are happening. If a project is going live, he has to check any open issues in Singularity Cloud Native Security. He has to give a sign-off before the project goes live. That is one of the changes that we have pushed in terms of the product life cycle itself, and that has helped to align different things. Unless they get a sign-off from the InfoSec team, it cannot be deployed. Everyone knows the process now. It is a part of the cycle.

It took at least 45 days to deploy and utilize all the features. We did not do it in one go. We did it phase-wise. We opted for one subscription, and then we slowly deployed it across other subscriptions.

It does not require any maintenance from our side. We have a managed service provider, and they are keeping track of it. There is no additional maintenance as such. We just have to keep track of things. It is more of a process adherence and making sure that we keep a check before we push anything into production.

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native Security, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of Singularity Cloud Native Security was low.

Singularity Cloud Native Security is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning. There should not be an extra charge for adding a subscription, and the pricing should be based on the number of servers that I am scanning.

We are not using Singularity Cloud Native Security's Offensive Security Engine. We used the Infrastructure as Code (IaC) Scanning initially. When the demo was given, we had to use that scanning, but it is not something that we keep running on a regular basis.

Overall, I would rate it a nine out of ten. I am quite happy with the service and the value that it provides. The one point that I am not giving is because of the pricing model. If it had a more flexible pricing model, I would rate it a ten out of ten.

I use SentinelOne Singularity Cloud Security as an endpoint security tool. We have deployed it on multiple users' endpoints and multiple servers to protect them from security threats.

As a security engineer responsible for administering the SentinelOne Singularity Cloud Security, Kubernetes, and VR tool, I work in an organization with over 10,000 employees and numerous virtual servers and corporate network machines. To safeguard these systems from security threats, we've deployed Singularity across all endpoints and servers to monitor for and respond to incidents, gathering detailed information about their spread and affected machines.

Any security incident or malware detection is reported to security administrators within a fraction of a second. Basic rules and AI detections drive this rapid response. For example, suppose a file is flagged as suspicious based on its activity and alignment with the MITRE ATT&CK framework. In that case, the system identifies the file's behavior, categorizes it according to MITRE attackers, generates AI-based responses, and provides insights to security administrators for review and further investigation.

Automated remediation is highly effective, responding in mere fractions of a second to block, quarantine, or contain affected files or devices. Additionally, it can isolate endpoints from the network to prevent malware from spreading or containing compromised systems.

The Ranger feature is not exclusive to Linux systems. It scans all devices on a network, providing information about the types of machines and operating systems present within that specific network environment.

Workload telemetry visibility is valuable during incident response, triage, and analysis. Detailed information about the process is provided when an incident is reported, offering deep insights. For example, if a file is flagged as malware, the entire process behind its execution, including accessed files and invoked processes, is displayed. This comprehensive history effectively aids in determining file behavior and accurately classifying it as benign or malicious.

The benefits of SentinelOne Singularity Cloud Security are immediately visible through the quick response time.

The mean time to detection is under half a second.

The mean time to remediate is between one and one and a half seconds.

It provides an automated response, eliminating the need to block and investigate files manually. SentinelOne Singularity immediately blocks suspicious files, and subsequent investigation allows us to whitelist the file completely or maintain the block.

The most valuable features are automated threat response, AI detection, and static and dynamic detection. Monitoring all activities on the server's endpoint provides security administrators with deep visibility into endpoints, servers, and the incidents occurring on them.

I request that SentinelOne investigate this false positive, as SentinelOne has a higher false positive rate than other XDR solutions. While false positives are an expected part of incident response, excessive numbers can indicate accuracy issues with the tool.

I have been using SentinelOne Singularity Cloud Security for two years.

Cloud-based stability is beneficial because it eliminates downtime for business owners, ensuring uninterrupted operations.

Scalability is relatively straightforward as it primarily involves installing agents on additional machines and addressing licensing requirements.

Auto-scaling based on workload demands is beneficial, for example, when a hundred machines are added to the corporate network. We need to deploy the SentinelOne agent to these additional machines and confirm that the license accommodates the increased number of devices.

We previously used Crowdstrike Falcon but prefer SentinelOne Singularity Cloud Security because it is user-friendly. The GUI is easy to understand, operate, and administer.

Due to SentinelOne's cloud-based nature, initial deployment is straightforward. Simply installing the agent on the endpoints we wish to protect is sufficient, making setup within our existing corporate network infrastructure relatively uncomplicated.

The deployment time varies depending on the number of endpoints and servers accessible within the network, but it typically takes one to two months to complete and transfer responsibility.

Two people are necessary for deployment: one to handle administrative tasks and another to manage the SCCM component, such as pushing agents to multiple machines.

I would rate SentinelOne Singularity Cloud Security eight out of ten.

Sometimes, Singularity incorrectly flags legitimate files as malware or suspicious, which can disrupt the work of some project users. However, we understand the importance of protecting against potential threats and appreciate Singularity's proactive approach. We can easily whitelist false positives, minimizing productivity impact and ensuring our system remains secure.

SentinelOne Singularity Cloud Security is a valuable tool for organizations with the budget to invest in it. It offers robust protection for servers and endpoints, which are primary targets for security breaches. Given the critical nature of endpoint security, this software should not be overlooked. SentinelOne has a strong reputation, provides rapid response times, and includes features such as deep visibility into malicious files, enabling security administrators to isolate threats in the cloud through sandboxing directly.

The only maintenance required is for agent upgrades.

I'm taking a look and digging into applications. I use it for general analysis.

The visibility is very good. It allows me to go deeper into my investigations. It gives me the information I need.

I do use the vulnerability scanning every day. It's excellent. I have no complaints.

We do get false positives, however, it can be from downloading from dodgy sites or whatever the case may be.

The mean time to detect is good. It's very fast.

It's good as is. From a beginner's perspective, while it's not necessarily complicated, it can be confusing. However, once you get the gist of it, it's pretty clear. For example, when you first go on it, you don't know what's going on. A few YouTube videos could be helpful. There isn't a lot of information out there to look at.

I've been using the solution for roughly six to seven months.

The stability of the solution is good. There is no lagging, crashing or downtime. This year we haven't had any downtime with the solution.

The solution is very scalable.

I've never contacted technical support.

I did not previously use a different solution.

When I joined the company, it was already being used; I did not set up the solution.

It doesn't need ongoing maintenance, although there are occasional agent updates.

I don't know about the pricing or licensing.

I'm an end-user.

I've never used the evidence-based reporting or the offensive or infrastructure-as-code scanning yet.

I'd rate the solution nine out of ten.

We are a channel partner of SentinelOne in Brazil. We have a distributor that we use to sell SentinelOne. We are very happy and very proud to represent SentinelOne here.

SentinelOne Singularity Complete helps consolidate security solutions. There is a hot discussion about the future of the Security Operations Center. Security Operations Centers generally use SIEM and SOAR, but SentinelOne Singularity XDR can also help there because you can see what is happening not only on the endpoints but also in the network. In other words, you can replace the NDR solution. We also see it going all the way to include all the clouds. This ecosystem is very important to us. In the near future, we see it being used for all the problems related to detection and response in cybersecurity.

Our customers use the Ranger functionality. There are two Ranger versions. There is Ranger AD, and there is Ranger Pro. SentinelOne Singularity platform has its own security ecosystem. You do not have the need to buy other solutions. For example, we sell a ZTNA solution. If you have ZTNA, you do not need to buy a PAM solution. You do not need to buy a NAC solution. The ZTNA technology has replaced all the other solutions. It is the same thing with Singularity. If you buy the ecosystem of Singularity, you do not need to buy several different technologies.

Ranger can do all the hardware inventory. It can point out the versions of the operating systems and then you can apply patching to update the versions of the operating systems. You can use Ranger in different ways. For a security professional, it is a very powerful tool.

It sends you alerts and warnings about possible incidents, but you do not get too many false positives. It is precise. You get real information about an incident.

It is very important to have good hygiene of your endpoints and your network. The uptime of the endpoints and networks is very important. SentinelOne Singularity Complete provides a good uptime. Incident identification is very important and having fewer false positives is also important. The SOC staff knows that if SentinelOne Singularity points out an incident, they have to pay attention to the threat. It is a very good checker.

SentinelOne Singularity Complete reduces the organization's risk.

ITDR or Ranger AD is an important feature for me.

It integrates very well. We sell different products from different vendors. We know that the SentinelOne Singularity platform can be integrated with several different solutions from different vendors. We sell products of a Spanish company, and they support the integration of logs produced by SentinelOne into their platform. We see the capacity to integrate SentinelOne with the solutions of other vendors. It is very important because you can get not only a more integrated ecosystem but also a more powerful ecosystem.

All EDRs are made of different modules. There is a firewall module, an IPS module, and an application module. The application module focuses on the different codes and libraries that can be run on the machines. It is very important for Singularity EDR to detect what type of codes and what type of libraries can run in the machine. If they can implement a white list or a black list of codes or libraries that can be used in the machine, it would be very helpful. They can focus more on the application module.

It is a short duration because we started to be a channel partner of SentinelOne two months ago, but we are very focused on SentinelOne.

Their technical support for me is good. I am not involved in the deployment of the solution, but I have not heard any kind of complaint about the support.

We are currently using McAfee in our company, but we are going to move to SentinelOne.

I am a very experienced security professional. I have got the CISSP certification and other specific certifications. I see too many different products. I have good experience with Trend Micro, but I find SentinelOne Singularity more comprehensive.

We are trying to replace the solutions from other vendors. Customers are trying to use more powerful tools such as CrowdStrike or SentinelOne. We do not believe that Microsoft has a very good solution. There are a lot of people who speak about problems with Microsoft Defender and other components of the Microsoft ecosystem. The technical side is not the only factor. Price too is important, but we are trying to replace it. We have some good prospects to replace EDRs or other malware detection tools with SentinelOne Singularity.

I am a security architect. I am not involved in the deployment of the solution. Some other guys in the technical area are involved in the deployment, but from what I hear, there is no problem. You have to do some configurations.

The deployment duration depends on the customer. If you have an SMB customer, it takes less time than to deploy it for a big customer.

We have a team of technicians who are specialized in different kinds of companies. They are specialized in the cloud and other things. We have about 10 people. They take care of the deployment and configuration of the solution. We can also count on the specialist from the distributor for support and vendor support.

You get good support. You get a good product and you are going to be protected. The technology can be integrated with different tools. This is important. We do not live alone in this world. There are other vendors, so the capability to integrate is very important. Singularity Complete is going in the right way.

The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity. This is important for customers because they can add some new features. They do not need to change the product. They can simply add a new feature.

My company is a reseller of SentinelOne. It is one of the top solutions as per Gartner's Magic Quadrants. I am always interested in everything that comes from SentinelOne. I have watched the recent webinars about the latest launch of SentinelOne. There is going to be Purple AI. They have a new console, and we are waiting for it.

What we see here is that companies or customers want more features. The gap between EDR and XDR is too large. XDR includes cloud workloads of the systems and network and not only the endpoints. SentinelOne EDR is a very good solution. You do not need to monitor the Windows operating system. SentinelOne can do this for you. For example, the registry of Windows is the most important part of the operating system. SentinelOne EDR can see what happens in the registry. It can warn about any modification in the registry.

The Singularity ecosystem is very powerful. SentinelOne is very focused on expanding the reach of Singularity and making it a more comprehensive solution. SentinelOne is doing a very good job to get there. We believe that there will be a consolidation of the market, and SentinelOne will survive this consolidation because SentinelOne Singularity is a very powerful and very good solution.

I would rate SentinelOne Singularity Complete a nine out of ten. We have a very good relationship with SentinelOne.

We use SentinelOne's Singularity Cloud Security as our Cloud Security Posture Management solution, to proactively identify vulnerabilities within our cloud configurations. Security alerts generated by the platform are then forwarded to our mitigation team for prompt remediation.

The solution is easy to use.

The evidence-based reporting is helpful to our DevOps team who manually mitigate the vulnerabilities.

Singularity Cloud Security offers a flexible agentless vulnerability scanning solution that allows me to receive alerts directly to my personal email, a feature missing from AWS GuardDuty.

Evidence-based reporting that demonstrates how a vulnerability can be exploited is crucial because it allows me to prioritize alerts based on their severity level. This ensures I focus on the most critical issues first.

Singularity Cloud Security has improved our organization's security by proactively identifying vulnerabilities that could have significant detrimental effects.

It has decreased the number of false positives.

Before implementing Singularity Cloud Security our mean time to detection was three to four days.

Singularity Cloud Security has significantly improved our mean time to remediation from one hour to just 15 minutes.

SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security. This means they can adapt the product to our specific needs, whereas Prisma Cloud forces us to wait for their pre-determined release schedule.

SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On. SentinelOne should prioritize the development of a break glass account feature.

We've encountered some filtering difficulties, resulting in a few areas of the interface needing improvement.

I have been using Singularity Cloud Security by SentinelOne for one year.

Singularity Cloud Security by SentinelOne is stable.

I would rate the scalability of Singularity Cloud Security nine out of ten.

The technical support is good. They've assisted us on multiple occasions with implementing new policies and creating custom plug-ins to meet our specific needs.

I successfully deployed the solution in collaboration with a cloud-native administrator. The deployment process went smoothly and we encountered no complications.

I would rate Singularity Cloud Security by SentinelOne eight out of ten.

We have over 400 users in our organization.

We have one client, and we need a portal to manage security. We use Singularity to provide security information and identify vulnerabilities or malicious scripts that need to be fixed. It also provides recommendations about each of the vulnerabilities that are helpful.

We provide cloud services on our site using AWS. Singularity detects flaws that we must close for security reasons. We use Singularity to observe those findings and fix things based on the customer's requirements. Previously, we used to segregate issues and look after them. Singularity helped us secure our infrastructure. We've significantly reduced our potential security breaches to a minimum.

It has improved how we operate on a larger scale. We set up the platform, onboarded the info, and then gradually moved further. Over time, it helped us slowly resolve those issues. We were using the cloud platforms' native security tools, but those were unhelpful. Now, we rely on this more than those services.

Singularity reduced our false positive rate by about 60 percent. We've had even better results in terms of our risk posture. We can rely on this tool to improve our security conditions on a broader scale. If I gave our security posture a percent rating, I would give it 89 percent.

The solution saves time by giving us everything in one place. You don't need to manually check every account. It tells us a lot. Singularity reduces our detection time by about 60 percent.

Singularity has improved collaboration among cloud security, application developers, and AppSec teams. Previously, it would take around a week for engineers to address issues. Now that we use this tool, we resolve issues in one or two days.

We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues. Singularity is easy and convenient to use. It is extremely easy for a novice to understand what the dashboard is trying to say and the terminology's meanings.

Evidence-based reporting is excellent for auditing. It shows all the findings and severity: low, high, medium, or critical. We solve the low-level and medium issues. Next, we resolve high-level and critical problems. It's easy to fix the security breaches.

We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating.

We have used Singularity Cloud Security for about six months.

I rate Singularity nine out of 10 for stability.

I rate Singularity eight out of 10 for scalability.

I rate SentinelOne support nine out of 10.

Singularity took about a week to deploy. A team of 40 to 50 people was involved.

I rate SentinelOne Singularity Cloud Security nine out of 10. I would recommend the tool to others. It's a convenient and cost-effective tool for identifying security breaches. You get everything in one place, saving you time and costs.

Our cloud security posture is managed with SentinelOne Singularity Cloud Security, a tool that identifies and highlights potential security weaknesses in our systems.

It is user-friendly.

SentinelOne Singularity Cloud Security helps reduce the number of false positives by 20 percent.

In evidence-based reporting, demonstrating that a vulnerability can be exploited is crucial. This information allows us to directly address the issue through manual remediation.

SentinelOne Singularity Cloud Security has improved our risk posture and has reduced our mean time to detection by 50 percent.

SentinelOne Singularity Cloud Security has reduced our mean time to remediation by 30 percent.

The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats.

SentinelOne Singularity Cloud Security filtering has some areas that cause problems, and to achieve single sign-on functionality, a break-glass feature, which is currently unavailable, is necessary.

I have been using SentinelOne Singularity Cloud Security for one year.

I would rate the stability of SentinelOne Singularity Cloud Security nine out of ten.

SentinelOne Singularity Cloud Security is scalable.

The technical support is good.

We previously used Prisma Cloud but when we would request a feature we had to wait until the next release. That is the advantage of SentinelOne Singularity Cloud Security.

The deployment took a few weeks to complete.

SentinelOne Singularity Cloud Security falls somewhere in the middle price range, neither particularly cheap nor expensive.

I would rate SentinelOne Singularity Cloud Security nine out of ten.

We have around five people working with SentinelOne Singularity Cloud Security.

No maintenance is required for SentinelOne Singularity Cloud Security.