SentinelOne Singularity Cloud Security Reviews

We use PingSafe as our Cloud Security Posture Management tool.

PingSafe is easy to use. While some features, like advanced graphics and custom drag-and-drop filters, might have a learning curve, most functionalities are intuitive. Clicking on "Asset Inventory" provides a clear list of all our assets. The filters are logically organized by resource type, account ID, and other relevant categories. In short, most of the platform is straightforward, allowing users to become comfortable within 15 minutes. However, advanced capabilities like custom visualizations and automated filtering through drag-and-drop may require additional time to master.

PingSafe creates a comprehensive inventory of all resources within our cloud infrastructure. It automatically identifies any misconfigurations for each of these resources. The easy-to-track capabilities are further enhanced by automatic integration with Jira. Additionally, PingSafe serves as the primary source of evidence for audits and compliance purposes. It documents the resources we identified with misconfigurations and demonstrates that we have rectified them. This functionality simplifies the process of providing evidence to auditors.

We experienced the benefits of PingSafe immediately after onboarding our entire Cisco setup. However, there was likely a waiting period of up to six hours for the platform to fully populate with information about our infrastructure, resources, and so on. Despite this wait, some immediate benefits were gained. PingSafe likely identified a list of potential misconfigurations across our accounts. This provided a starting point for further investigation and remediation. Of course, to fully leverage PingSafe's capabilities, we might need to integrate it with our existing external tools. However, the initial onboarding process itself yielded some valuable insights.

PingSafe reduces the number of false positives we encounter. Initially, we relied heavily on custom engineering, which created a lot of noise. The code might not have been scalable, or it might have only triggered under specific conditions. We struggled to manage this custom tooling as our environment grew. When we considered scaling our operations, we realized this approach wouldn't be sustainable. PingSafe provided a well-designed system that addressed these challenges. Even during configuration, PingSafe can determine if something is misconfigured or not. However, PingSafe also allows us to suppress findings that might be flagged as security vulnerabilities in a traditional sense, but are expected behavior in our specific context. For example, we might have developed a custom way to handle a specific situation like a three-bucket container for a site. PingSafe allows us to suppress these findings, resulting in a significant reduction in false positives. Integration with PingSafe was very straightforward. Furthermore, suppression occurs at the source where misconfigurations are generated. This eliminates the need for an additional filtering layer. Imagine having 100 issues to address, and needing to manually filter out the ones that are not genuine issues. PingSafe takes care of this filtering within the platform itself.

PingSafe has improved our risk posture by giving us greater visibility into our infrastructure. This includes niche resources and misconfigurations that we weren't previously tracking or aware of. Unlike traditional tools that focus on specific resources or make assumptions, PingSafe performs a holistic scan of our entire account. This has given us a much better understanding of our current attack surface. Once these vulnerabilities were identified, we were able to prioritize and remediate them, leading to a long-term improvement in our overall security posture.

PingSafe has reduced our mean time to remediation. It's slightly better than our previous approach because we were also scanning daily. However, PingSafe also includes scanning for many more resources than we were managing ourselves. So, while the time to fix individual problems might be similar, perhaps slightly less, the reports generated by PingSafe are more comprehensive and complete than what we had before. Additionally, PingSafe helped us identify a number of additional resources that need fixing, which we weren't adequately tracking in the first place. Once a problem is identified and confirmed as a true positive, it takes no more than 15 minutes to fix it.

PingSafe facilitates collaboration between our teams. We have three main groups: application security, infrastructure security, and compliance. The infrastructure team handles the entire PingSafe process, from generating reports and onboarding resources to acting on them. This has streamlined our workflow by consolidating everything into a single view. I now have all the information I need in one place. However, it's important to note that our application security team doesn't currently interact with PingSafe.

The most valuable features of PingSafe are the asset inventory and issue indexing. Once I've onboarded all the cloud accounts I want to manage with PingSafe, it can automatically create an inventory of all resource types across AWS. Additionally, it can identify misconfigurations for those specific resources.

Another key feature we appreciate is the ability to create custom rules for up to ten users. This functionality is useful because PingSafe also collects generic information and metadata about each resource. This allows for granular filtering. For example, we can easily query to find only servers with a specific tag. This filtering capability is valuable for investigations, ad-hoc queries, and data gathering.

Finally, the integration module deserves mention as well. We use Jira internally to track all our tools, security reviews, and bugs. PingSafe can directly push issues to Jira, making it very easy for us to track them. This eliminates the need to constantly return to the PingSafe platform to see which issues were generated.

PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows. While the current dashboard is functional, it could be made more actionable by incorporating additional functionalities. For instance, drag-and-drop functionality would simplify the creation of integrations. Additionally, valuable data can be retrieved from the platform using APIs and displayed on the dashboard, potentially using tools like Tableau for visualization. This is just one example, but it highlights the potential for expanding PingSafe's capabilities by enabling greater integration with other tools, even those not currently supported.

I have been using PingSafe for six months.

There was a phase where we built a proof of concept using the PingSafe platform to understand if it could directly address the problems we're currently facing. After finalizing the POC, we conducted testing and identified a baseline for future comparisons. Then, we moved into the implementation phase, and now the system is fully operational.

PingSafe is stable.

PingSafe is scalable. We have not encountered any issues with the number of accounts and services we are using.

Previously, we managed our cloud security posture with in-house solutions built using open-source tools and custom code. However, as the number of accounts grew, this approach became difficult to scale and maintain. Additionally, the reporting capabilities of our custom tools didn't meet the increasingly stringent compliance requirements. To address these challenges, we sought an external, vendor-managed Cloud Security Posture Management tool.

The initial deployment of PingSafe was easy because their implementation team collaborated closely with one of our cloud security engineers. Since there were no agents or software to install, onboarding accounts simply involved creating a role for them. This role grants the platform read-only access to our infrastructure. The process is very streamlined; our team can onboard an entire account within minutes. However, the first time an account is onboarded, it takes some time to ingest all of its resources and information.

The entire deployment took less than a week. This included not only onboarding accounts but also gaining a holistic understanding of the platform and its capabilities. PingSafe also came to our office to showcase the modules we could leverage and how we could use them effectively. Since this was our first time working with PingSafe, our team actively collaborated with them to resolve any issues we encountered.

One engineer from our organization worked with a team from PingSafe to implement the solution.

Pricing is based on modules, which was ideal for us. We weren't interested in the platform's full capability at first. Our priority was to establish foundational practices like maintaining an asset inventory and identifying misconfigurations. We then aimed to streamline these processes. Thankfully, PingSafe's modular pricing allowed us to pay for only the features we needed, unlike Wiz. With Wiz, we would have paid for the entire platform upfront, potentially leaving us with unused features. This would have been a poor return on investment, especially considering Wiz's high cost. In essence, their pricing model wouldn't have suited our needs. Even if we had eventually used all of PingSafe's features, the initial cost would still have been lower than Wiz in the long run.

After evaluating several options, including PingSafe and Wiz, we determined that PingSafe was the best fit for our needs, particularly in terms of cost. PingSafe provides a comprehensive view of potential security issues in our cloud infrastructure, allowing us to map them to relevant compliance frameworks, custom security requirements, or internal engineering standards. This enables us to effectively track and remediate these issues, ensuring a more secure cloud environment.

The Wiz platform offered a wide range of features that weren't essential for our current needs. For instance, they provided data security and AI-powered security posture management. However, our current security maturity level wouldn't allow us to fully utilize these capabilities. Additionally, Wiz is a comprehensive platform, and individual modules aren't available separately. In contrast, PingSafe allowed for closer collaboration. They could customize the platform's functionalities to meet our specific requirements. Moreover, PingSafe was significantly more cost-effective. While I can't recall the exact price difference, it was a substantial saving. Furthermore, PingSafe's support team was incredibly responsive. They were receptive to our suggestions for features that might be beneficial in the future. This flexibility, along with the platform's affordability, ultimately led us to choose PingSafe.

I would rate PingSafe eight out of ten.

We initially considered the agentless vulnerability scanning as a cloud security management tool, not a host-based security solution. Therefore, we opted against installing agents. Instead, we simply connected our AWS accounts through IAM, allowing the scanner to comprehensively scan all necessary resources and gather the required information.

The maintenance is taken care of by PingSafe directly.

Before deploying PingSafe, it's important to fully understand all its capabilities. While we're currently using one specific feature, PingSafe offers a wide range of functionalities. Gaining a clear internal understanding of your specific needs for PingSafe will help you determine the optimal model. Focusing solely on features without a defined purpose can lead to unnecessary costs. It's more efficient to obtain a quote for the model that aligns with your current needs. As your requirements evolve, you can then expand functionality by integrating additional modules.

The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.  

The primary benefit for our company has been the reduction of false positives. It's saved us time and resources. 

I like that we get a map view of all the assets we have and how these assets are connected together. We can get a view of the entire structure and that gives us a good vantage point when assessing gaps. We can see which assets are public and which are private. It gives us good visibility.

It brings in good security.

It is fairly simple. Anybody can use it.

The evidence-based reporting capabilities are useful. It's good for everyday reporting. It makes it easy to identify actual false positives. Priority cases are assigned accordingly so we don't need to find a needle in a haystack. If something is critical, it's very easy to find and see it. 

The solution offers agentless vulnerability scanning, which helps us identify any open ports on the server or any vulnerable assets online in the cloud. 

While they do have an offensive security engine, we do not use that aspect. We use a different vendor for that. However, it's a very good initiative. It basically expands and searches and does more offensive security.

It's very easy to integrate.

The notifications are very good. We can get notified right on Slack. if we aren't checking out email regularly.

The benefits we witnessed were pretty immediate post-implementation. Once you've done your integrations, it starts showing you vulnerabilities that are being observed, and he lets us immediately identify and deal with infrastructure gaps. It even has allowed us to deal with several misconfigurations. 

It has helped us reduce false positives significantly. That's something I've been focused on. 

The solution has positively affected our risk posture. Thanks to the lower number of security vulnerabilities, it's helped us with several benchmarks and compliance-related issues. 

Our mean time to detection and mean time to remediation has been reduced. If there's an issues, it can be found and dealt with in a short amount of time. It also gives you remediation details as to where particular vulnerabilities exist. We're able to fix problems as soon as possible when we see issues pop up. The mean time to remediation depends on the severity of the issue and who is handling it. Remediation for an experienced user versus a new hire may vary.

After introducing PingSafe, we were able to bridge the gap between developers. Since PingSafe had details about that particular vulnerability and how to remediate it, we could just pass that on to the application developers, who could fix it. That has also reduced the number of vulnerabilities that are being discovered by the application security testing team.

There is a bit of a learning curve. However, you only need 2 to 3 days to identify options and get accustomed. 

They could separate or differentiate between different kinds of frameworks.

I've used the solution since I started working with my company - for about one year and three months. 

I don't recall any stability issues. 

The solution is scalable. The scalability is highly flexible. 

We do have regular meetings with support. They catch us up every month and provide us regular updates and solicit feedback. Support is excellent.

Positive

I have not used any alternatives.

I was not initially involved in the deployment process. 

There isn't really any maintenance needed. The only thing would be if you find a false positive. You can mark it so it doesn't happen again. Beyond that, you don't have to maintain anything. 

I'm not sure how the pricing for the solution works. 

I'm an end-user. 

I'd rate the solution 9 out of 10. 

It's pretty easy to use. Integration with cloud infrastructure may require a bit of help in the initial stages. However, once you are up and running, finding vulnerabilities is simple and reporting is good. 

It's a cloud-based SaaS tool. It's a cloud security partnership management tool. It gives you an overview of misconfigurations, Kubernetes security, Docker security, vulnerability scanning, and secret scanning.

Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take.

Maybe container runtime security could be improved. But with the acquisition by a bigger company, things might roll out faster, potentially including this feature.

I have been using it for six months. 

It's been stable in my experience. 

Since it's a managed service, Cloud Native Security handles scalability. There are around 15 end users in my company using it.

We could just contact the CEO directly with any questions. It was a small team back then, but I don't think that's the case anymore since they've been acquired.

Previously, it was just a 50-person team, and the CEO would hop on the call to solve the problem. 

The initial setup is super easy! It's a SaaS portal, so no deployment is needed. Just configuration that takes about half an hour.

It was reasonable pricing for me. The costing model might have changed now since they have been acquired. 

I would advise integrating your Kubernetes clusters for extra features.

Overall, I would rate the solution a nine out of ten because I'm happy with Cloud Native Security overall.

The number of features Cloud Native Security offered with just a small team was phenomenal. Give them another six months to a year, and it could be one of the best tools out there.

Cloud Native Security is a tool that has good monitoring features. We get multiple misconfigurations from the monitoring on a daily basis. Cloud Native Security detects misconfigurations in real-time, like open ports.

If our team closes a particular alert triggered in Cloud Native Security, it should also be closed in Cloud Native Security. After closing an alert in Cloud Native Security, it still shows as unresolved.

I have been using Cloud Native Security for one and a half years.

We haven’t faced any issues with the solution’s stability.

The technical support of the solution is good.

Positive

Cloud Native Security is a user-friendly solution. If you log in to the console, you'll get all the misconfigurations, and the solution has recently integrated CI/CD. Sometimes, we get false positive alerts. Our team closely observes if there are any misconfigurations. If it is closed for a particular resource, it must also be closed from the monitoring dashboard, which is not happening. We have already raised this issue to the support team.

The solution's proof of exploitability gives complete data from the console regarding the issue, description, resolution, proof of concept, and closing of alerts. The main benefit of Cloud Native Security is that it detects multiple misconfigurations in our environment. If there are any unwanted port openings or any publicly accessible EC2, we will get to know about them easily from the monitoring tool.

Cloud Native Security is deployed on the cloud in our organization. Cloud Native Security has new monthly updates. We are continuously in touch with the Cloud Native Security team for anything that needs to be changed or modified or if there are any new requirements.

Overall, I rate the solution a 9 out of 10.

We are using Cloud Native Security for cloud posture management and cloud workload protection. Apart from this, it also provides alerts from infrastructure as code. If the tool finds any misconfiguration, it triggers that as an alert, and that gets collected in Jira.

Previously, we were using AWS services, but we were not getting the alerts in Jira. When Cloud Native Security was introduced to us, we wanted it to automatically create Jira tickets, and we wanted custom alerts. These were the two areas that we shared with them, and they stood out in these aspects. We decided to take it ahead, and we have been using it for the last two years. I feel a lot of difference in the security posture development. When we share the tickets with the developers, they work on that, and we have tracking of them in Jira. We wanted to track alerts in Jira. We no longer have situations where we flag an issue and it does not get resolved on time. 

We use agentless vulnerability scanning. The process that Cloud Native Security follows is that you have to deploy the cloud permission template in your account, and then it creates a role that tracks or scans all the resources and finds if there is any misconfiguration. We have integrated Cloud Native Security with Jira. It triggers alerts on Jira. A person is assigned to an alert, and the concerned person is notified. As a security team, we collect those tickets and forward them to the respective team.

Previously, we were not able to track those tickets, whereas now, we are getting automated Jira tickets. It has solved our biggest problem. We are expecting the same from Cloud Native Security in the future. We expect that it will capture the triggers or alerts. If any new security vulnerability is found, it will also flag that to us.

It provides an overview of our security posture. If a metrics endpoint is public for any domain, that gets triggered. We get reports for different domains, such as Kubernetes security and vulnerabilities management, IaC scanning, or cloud detection and response. Cloud Native Security covers all of these. There is also a graphics tool where we can get all the details in a graph. All the Kubernetes microservices get scanned in the workload protection. The Cloud Workload Protection module detects all the cluster misconfigurations and other things. It also gives you alerts on the containers. We were looking for such a tool with all the cloud security modules.

We can also create our own custom policy. For example, if we do not want to enable the recommended Cloud Native Security policies for our company, we can create our own policies. This feature is very helpful.

We use Infrastructure as Code (IaC) scanning. It follows all the features for shift-left. We get all the alerts for IaC scanning. For example, if TerraForm is not performing any security checks in the template, that gets triggered. We also get information about any vulnerabilities related to IaC.

We have not got any false positives with Cloud Native Security so far.

Cloud Native Security has affected our risk posture. It shows us our risk areas. As an organization, we look for cloud security tools that can manage all the areas, and Cloud Native Security is doing a good job in managing all the things.

Cloud Native Security has reduced our mean time to detect. The detection time of Cloud Native Security is quite good. It takes half an hour for critical alerts and one hour for high alerts. These are the SLAs that we have. The detection time is quite good.

Cloud Native Security has also reduced our mean time to remediate. We have defined our SLAs as well. In our organization, we define the SLAs and share them with the developers or the DevOps team so that they can follow them. They work on the assigned issue, and if there is any issue, they come back to us.

I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us.

Apart from the posture management, I like the UI. It gives a holistic view of all the alerts and the accounts from where they are triggered.

Cloud Native Security is quite easy to use. It is user-friendly. As compared to other tools, it is more user-friendly, and its cost is also less than the other tools. It provides the same visibility that the other tools are providing in the market.

They can add additional modules to see scanning alerts. Adding additional modules will give us a better view. 

They can work on policies based on different compliance standards.

They can add more modules to the current subscription that we have. If they can merge some of the two modules, it would be great. For example, if they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.

It has been around two years since we have been using this product.

It is a stable product. I would rate it a 10 out of 10 for stability.

It is scalable. I would rate it a 10 out of 10 for scalability.

Our security team uses this solution. We have five to six people on the security team. Overall, we have 600 people. 

Previously, we were using AWS services, but there was no dashboard. That was where we had an issue. We wanted a cloud security tool that matches our requirements and provides the same thing in a holistic view and a better manner. That is why we went for Cloud Native Security. It has now been acquired by SentinelOne. We are getting the same product even after the acquisition.

It is deployed on the cloud. It took us about a week to implement all the features. It was very easy. They were very user-friendly.

In terms of maintenance, they do inform us when the maintenance will be going on.

We had two people involved in its deployment. 

It is not that expensive. There are some tools that are double the cost of Cloud Native Security. It is good on the pricing side.

We started doing POC with Cloud Native Security, and we liked it. We did not think of any other product. It also had better pricing than any other product.

I would recommend Cloud Native Security as a cloud security solution. They are doing an excellent job of providing the features that we require for cloud security posture management.

I would rate Cloud Native Security a 10 out of 10.

Cloud Native Security offers the flexibility to create a customized solution that fits our specific needs. It's a comprehensive tool encompassing the central elements—PSC, PPP, and more.

It is advantageous in terms of time-saving and cost reduction.

There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security.

I have been using Cloud Native Security for the past six months.

I'd rate it an eight. It's a reliable solution that the organization is increasingly adopting for its robust features and security.

It is quite scalable. I would rate it an eight out of ten. 

They are helpful.

Positive

Prisma Cloud seemed limited in its solutions and had to acquire other companies for broader offerings, while Cloud Native Security provided more comprehensive and tailor-made solutions, especially in terms of authentic security features.

The setup isn’t easy because it doesn't support Azure. It's something on the roadmap. It doesn't limit itself to a particular hypervisor.

For now, we don't handle the maintenance. It's all managed by the vendor for our customers.

It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate the pricing a five, somewhere fairly moderate.

I would rate it 8 out of 10. 

Our infrastructure is on AWS and we integrate PingSafe with our enterprise accounts to identify misconfiguration on the Cloud.

The offensive security engine helps us visualize any potential attacks.

PingSafe helps us maintain and improve our security posture.

It has helped reduce the number of false positives.

We have improved our mean time to detection with PingSafe.

PingSafe has improved our mean time to remediation. The alerts provided included details that help us address the issues quickly.

The most valuable aspects of PingSafe are its alerting system and the remediation guidance it provides. This combination helps us identify misconfigurations and vulnerabilities in our systems and swiftly address them.

In addition to the console alerts, I would like PingSafe to also send email notifications.

I have been using PingSafe for one and a half years.

PingSafe is stable.

PingSafe is scalable.

The technical support is helpful and responds quickly to our requests.

Positive

We previously used AWS Security but switched to PingSafe because of its wider scanning range and centralized console for maintenance.

The initial deployment was straightforward and took one month to complete.

We completed the implementation in-house with the help of PingSafe.

I would rate PingSafe eight out of ten.

I recommend PingSafe to others.

I consider it a cloud security posture management tool. It is being used for the overall posture of the environment. 

By implementing Cloud Native Security, we wanted to monitor end-to-end misconfigurations. That is why we started with it. We are now also using one other module for detection and response, but mainly, we are using it to monitor misconfiguration and benchmark compliance.

It is pretty good. It has good coverage and a good reporting system.

There has been tremendous improvement since implementing Cloud Native Security. Cloud Native Security reports any misconfiguration that is there in the infrastructure. We do not have to go and check each service individually. It has helped a lot.

For compliance management, we can find the benchmark compliance status in Cloud Native Security directly. We do not have to do anything. Many benchmarks that we are supposed to follow are added by default. It is pretty easy for us to showcase compliance to anyone.

Misconfiguration detection has been the most effective for threat detection in our cloud environment. We are mainly focusing on the misconfiguration. I can see any configuration-related issues in all the modules.

Because it covers all the modules, every single aspect of the compliance has improved. We were able to find out the critical issues related to cloud infrastructure. It is a real-time monitoring system, so, at any time, we can check and confirm.

Cloud Native Security provides information about the exact affected area. We can easily locate a resource in a particular account or service. It is very clear from the Cloud Native Security report where to look for a particular misconfiguration. They have also added a graphical representation.

The reports tell us what is the impact, how critical it is, and how to locate the issue. That helps to prioritize things and fix a critical issue on an urgent basis. It is easy to analyze things from our side.

After implementing Cloud Native Security, we were able to implement so many best practices. Initially, we were getting different types of issues. We learned from those issues, and we are now implementing best practices based on that. We are also able to do real-time monitoring.

It has helped reduce the number of false positives we deal with. We are hardly getting any false positives. Previously, if we had four false positives, we now have only one false positive.

Cloud Native Security's ease of use and precision in detection have improved our risk posture a lot.

Cloud Native Security has saved our mean time to detect. It has saved a lot of our time. It has saved almost 95% of the time because we cannot go and check all the services in AWS. It is very vast. Cloud Native Security gives us specific information. There is no manual effort.

Cloud Native Security has not helped reduce our mean time to remediate because remediation depends on so many factors. It has nothing to do with Cloud Native Security. We are getting the issues, and the team is responding to them. After fixing them, there is a lot of improvement in the number of issues.

It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end. The other thing is the coverage. As far as I know, it has pretty good coverage. 

It is very easy to use. I would rate it a nine out of ten for ease of use. 

We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks. 

I have been using Cloud Native Security for around ten months.

It is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

Overall, we have seven users of this solution, but at a time, we only have two active users. It is being used in a single location.

Their support is good. Whenever we have doubts, we get proper support. We connect with them and resolve the issue. I would rate them a nine out of ten.

Positive

We did not use any other solution. This is the first one.

It is on the cloud. The implementation phase varies. It can take a few months.

It does not require any maintenance.

I am not involved in the pricing, but it is cost-effective.

I would recommend Cloud Native Security to others. Overall, I would rate Cloud Native Security a nine out of ten.