Senior Software Engineer at a consultancy with 51-200 employees
Real User
Top 20
2024-04-24T09:30:00Z
Apr 24, 2024
My company is trying to get an ISO certification by the second quarter of 2024, so we have been resolving certain security issues for the past year. I use the solution in my company, where we have alerts coming from PingSafe, especially if any security threats are there. Our company's primary concern in using the tool is to get the ISO certification. My company wants to get our infrastructure to meet ISO standards so that there won't be any issues while getting ISO certification.
Lead Dev Ops Engineer at a recruiting/HR firm with 1,001-5,000 employees
Real User
Top 20
2024-04-23T15:00:00Z
Apr 23, 2024
My company has around ten AWS accounts, and we use SentinelOne to monitor and see if any risks are there or not in any security groups for VPC endpoints or any other resources that come under severe risk or medium risk, so my company uses the product for calculations concerning the aforementioned area. The tool also creates tickets for our company, which helps us monitor the resources and change them according to the standards applicable to the organization.
Works at a comms service provider with 1-10 employees
Real User
Top 20
2024-04-22T14:22:00Z
Apr 22, 2024
We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.
Senior Devops Engineer at a financial services firm with 51-200 employees
Real User
Top 10
2024-04-22T09:59:00Z
Apr 22, 2024
Our infrastructure utilizes a combination of cloud solutions and Kubernetes for container orchestration. To ensure the security of these environments, we leverage PingSafe. This platform proactively identifies and remediates vulnerabilities within our cloud deployments. We use PingSafe, which is integrated with our cloud environment. This allows us to receive notifications from PingSafe directly in our Slack channels, according to the notification settings we have configured. We prioritize these alerts and take appropriate actions based on their urgency. To improve our cloud security posture and achieve best practices, we implemented PingSafe. This security tool helps us identify and address vulnerabilities within our cloud environment.
As a financial institution, we rely on PingSafe as our single source of truth for both CSVM and CWPP data. PingSafe provides us with essential security benchmarks, including those for Kubernetes deployments and CSVMs. It also allows us to monitor our overall cloud security posture and identify vulnerabilities for remediation. PingSafe serves as a centralized platform for all our cloud security metrics.
Learn what your peers think about Singularity Cloud Security by SentinelOne. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
Senior DevOps Engineer at a tech services company with 501-1,000 employees
Real User
Top 20
2024-04-18T07:25:00Z
Apr 18, 2024
We use PingSafe to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. PingSafe finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. PingSafe is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack.
We use PingSafe to identify threats and vulnerabilities in our AWS accounts and the compute resources that are hosted on those cloud accounts. We implemented PingSafe to address network-related issues, such as communication between individual components (part-to-part or node communication). PingSafe's Graph Explorer feature also helped us understand the overall network landscape, including the attack surface. This feature allows us to discover and explore various components within our AWS environment. In essence, PingSafe helped us identify how different networks connect and how microservices within our system interact with each other.
Security Engineer at a venture capital & private equity firm with 1,001-5,000 employees
Real User
Top 20
2024-04-17T10:03:00Z
Apr 17, 2024
We use PingSafe as a Cloud Native Application Protection tool to identify anomalies or deviations from best practices in our cloud environment. We chose PingSafe because it meets our compliance requirements.
IT Architect at a tech services company with 10,001+ employees
Real User
Top 20
2024-04-17T08:59:00Z
Apr 17, 2024
We use PingSafe as our CSPM. Integrated with our environment, PingSafe scans for vulnerabilities and recommends remediation. We implemented PingSafe to monitor our cloud security for vulnerabilities in the configuration.
Cloud Engineer at a construction company with 5,001-10,000 employees
Real User
Top 20
2024-04-17T07:16:00Z
Apr 17, 2024
PingSafe was being used for cybersecurity and governance. The company where I used to work wanted to secure sensitive information or prevent any data leaks. It provided good protection. I used it on a daily basis. If any alert came up, or any best practice needed to be followed, I used to look into the alerts and work on the issue so that it did not affect our systems.
We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice. By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. PingSafe keeps updating its database and highlighting any issues.
Cloud Security Engineer at eSec Forte® Technologies
Real User
Top 20
2024-04-16T16:15:00Z
Apr 16, 2024
We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.
SDE II/ Senior SRE at a computer software company with 1,001-5,000 employees
Real User
Top 20
2024-04-16T15:21:00Z
Apr 16, 2024
We did a PoC, but we did not go ahead with PingSafe. It is currently on a test cluster. It is not in production. We were looking for a CSPM tool to monitor all of our AWS resources. We also wanted it to give us an alert in the case of a vulnerability. If, for example, a zero-day vulnerability is there, it should scan all of our tools.
Senior Director, Global Systems and Cyber Security at a tech services company with 5,001-10,000 employees
Real User
Top 10
2024-04-16T14:16:00Z
Apr 16, 2024
We use it to monitor Azure and AWS accounts. We also use it to monitor the GitHub account for any data leakage and misconfigurations and also to have proactive configuration checks.
We are a security-based company. We use PingSafe to put our data planes on it. We have a cloud setup, and we have integrated PingSafe into our environment. It checks for any audit or security-related issues. By implementing PingSafe, we wanted a centralized solution. We have many AWS accounts to manage, so we wanted a single dashboard with analytics. We wanted to be able to view and monitor everything at once. We also wanted to customize the rules on which we wanted the alerts to be set up. PingSafe was a better option for our use case.
We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by PingSafe for best practices and good security. In the past, we've had code exposed to the internet, and PingSafe has been able to catch such instances. Basically, it is for security and monitoring purposes.
Solution Cloud Architect at a insurance company with 501-1,000 employees
Real User
Top 20
2024-04-16T10:06:00Z
Apr 16, 2024
We use the solution for security posture management. It's a safeguard for our cloud. It helps flag misconfiguration or any kind of vulnerability. There are also remediation capabilities, although we're only subscribed to alerts.
Cloud Security Engineer & Consultant at a financial services firm with 10,001+ employees
Consultant
Top 20
2024-04-16T08:30:00Z
Apr 16, 2024
We use the solution for security and monitoring. It helps maintain compliance standards. Multiple policies can be mapped and evaluated and alerts can trigger your attention.
I am working with AWS. I'm a junior cloud engineer and on the client side, we use this software for security. We use this just for scanning all across the AWS environment for any bug, vulnerability, or high risk security issues, and we have to resolve these issues. The solution offers us low to critical alerts and our work depends on these alerts. If it is a critical alert, we have to resolve things as soon as possible.
Engineer at a transportation company with 1-10 employees
Real User
Top 10
2024-04-15T16:00:00Z
Apr 15, 2024
We have AWS for most of our infrastructure, however, we don't have a dedicated security team. There are a lot of potential vulnerabilities which we are concerned about. We use PingSafe for security. For example, if there are open ports or incorrect configurations, we would get alerted and could fix them.
We use PingSafe as a cloud security posture management tool. PingSafe is integrated with our GCP, Azure, and AWS accounts. It will identify all the misconfigurations and security issues on all these cloud platforms and alert us. In addition to the CSPM capabilities, PingSafe has several other features like vulnerability management, container security, Kubernetes security posture management, and secret scanning All of these features are bundled inside PingSafe. It combines all the telemetry from the cloud, containers, and the Kubernetes platform. The vulnerability scanners are connected to the registries and give us a holistic picture of what else is vulnerable versus all the dummy data others would give.
We use PingSafe as a cloud-native application protection platform. It scans all our accounts to identify any loopholes or vulnerabilities. We get the results and recommended resolutions. It provides reports with all the minute details. For example, it might tell us there is an admin user with access that might increase the risk. PingSafe gives a comprehensive overview of anything about our cloud posture. We scan an Azure or AWS account, and PingSafe tells us the particular route an attacker might take and the risks. We use it extensively because it provides information on everything that could lead to a disaster. We're scanning 20 to 25 database accounts, with no more than 20 users.
My company does utility energy disaggregation. We use PingSafe for vulnerability management and to limit our exposure to attacks. PingSafe scans our AWS cloud environment and provides detailed analysis. It can identify enabled ports or anything that isn't completely integrated with our security. PingSafe gives us the details, and we only need to follow their instructions to ensure the vulnerabilities are fixed. My company handles a lot of customer data for US and European clients. GDPR and SOC 2 standards require that we are almost completely free of vulnerabilities. We also have a PingSafe safety score and report that we can provide to our customers. PingSafe is integrated with our AWS environment, and it monitors a few customer-critical applications. Two people at my company use PingSafe. I am on the IT security side, and another person from the platform security side uses it.
We use PingSafe to check for misconfigurations and vulnerabilities in new infrastructure or applications we deploy on AWS. All of our accounts are integrated. When we deploy new services, it highlights any misconfiguration or lack of encryption. We return to our applications and try to fix the issues immediately. The company has about 25 PingSafe users across three teams and five cloud environments, including production. PingSafe covers all five.
Security Engineering Manager at a media company with 51-200 employees
Real User
Top 10
2024-04-15T08:13:00Z
Apr 15, 2024
We primarily use PingSafe for cloud security posture management, but the solution also provides other capabilities, like infrastructure-as-code scanning. It identifies hard-coded secrets in the source code and covers Kubernetes security. About 25 members of the security and DevOps teams use the solution. We have integrated all of PingSafe's CWPP, CSPM, application security, and container scanning features into Jira. It's more of a vulnerability management tool for us. All the issues PingSafe identifies flow into Jira, and we have several dashboards that provide an overview of open security issues.
Engineering Security Manager at a recreational facilities/services company with 201-500 employees
Real User
Top 10
2024-04-15T06:58:00Z
Apr 15, 2024
The company purchased PingSafe primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well. We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline.
We utilize PingSafe for Cloud Security Posture Management and real-time cloud configuration monitoring. PingSafe identifies vulnerabilities at the resource level and generates reports. It also includes defense modules that investigate potential exposure of secrets in public or private repositories. Additionally, the scanning module can identify vulnerabilities and analyze how they correspond to and impact other modules. We chose PingSafe as our cloud security solution for its ability to identify misconfigurations, both intentional and unintentional, within our infrastructure. Additionally, PingSafe generates reports that facilitate security compliance audits and help us identify inactive user accounts. It further integrates with our Jira instance, allowing for seamless data visualization on our security dashboard.
Cyber Defence Analyst at a media company with 51-200 employees
Real User
Top 10
2024-04-11T19:45:00Z
Apr 11, 2024
We use PingSafe to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate PingSafe with our GitHub repositories that store our hard-coded secrets.
The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.
Sr DevOps Engineer at a tech company with 51-200 employees
Real User
Top 10
2024-04-03T10:55:00Z
Apr 3, 2024
PingSafe offers a variety of functionalities, including cloud configuration assessment and detailed misconfiguration reports. It automates vulnerability scanning, saving us time and effort. Additionally, PingSafe allows us to filter compliance-related findings and provides consolidated reports for a comprehensive view. Furthermore, PingSafe can conduct customized posture management research for Cloud Posture Management initiatives. This eliminates the need for complex, independent research. Finally, PingSafe helps us understand our readiness for specific security certifications.
CISO at a computer software company with 201-500 employees
Real User
Top 20
2024-03-12T15:37:00Z
Mar 12, 2024
PingSafe is a cloud posture management solution. Initially, it focused on helping us understand and assess our compliance posture and cloud configuration for workloads, etc. There are three key use cases for PingSafe: * Continuous Configuration Monitoring: This ensures 24/7 oversight of configurations and identifies any issues as they arise. * Asset Visibility: Gain immediate visibility of all cloud assets upon deployment and ensure they are properly tracked within the system. * Container Security: Assess vulnerabilities in Docker clusters and other containerized environments based on compliance requirements.
Cloud Security Specialist at a insurance company with 10,001+ employees
Real User
Top 20
2024-03-12T12:15:00Z
Mar 12, 2024
We currently use PingSafe for cloud security posture management, leveraging both the CWP module and the authentication security tab. While we regularly utilize these features, we're planning to onboard the cloud detection and response module, along with the ISIS scanning functionality. We implemented PingSafe as a secondary control measure to complement our existing security posture. In our Prisma Cloud environment, we have a detection score threshold set at 70 or above. As PingSafe was a new entrant in the market, we wanted to evaluate its capabilities. Fortunately, PingSafe's unique features and policies proved valuable. For instance, PingSafe detected an alert when a developer accidentally committed VS Code files to a public GitHub repository. This helped us promptly remove the VS code from GitHub.
We are using PingSafe for cloud posture management and cloud workload protection. Apart from this, it also provides alerts from infrastructure as code. If the tool finds any misconfiguration, it triggers that as an alert, and that gets collected in Jira.
Lead Security Engineer at Reward360 Global Services Pvt Ltd.
Real User
Top 20
2024-03-04T09:00:00Z
Mar 4, 2024
Our PingSafe use cases depend on the type of SQL server we use. Currently, we need to check all cloud-based configurations directly. PingSafe helps us identify SQL configurations on our local PCs.
It's a cloud-based SaaS tool. It's a cloud security partnership management tool. It gives you an overview of misconfigurations, Kubernetes security, Docker security, vulnerability scanning, and secret scanning.
Enterprise Account Manager at Ninth Dimension IT Solutions (P) Ltd
Reseller
Top 10
2023-11-08T09:03:00Z
Nov 8, 2023
PingSafe offers the flexibility to create a customized solution that fits our specific needs. It's a comprehensive tool encompassing the central elements—PSC, PPP, and more.
Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™....
My company is trying to get an ISO certification by the second quarter of 2024, so we have been resolving certain security issues for the past year. I use the solution in my company, where we have alerts coming from PingSafe, especially if any security threats are there. Our company's primary concern in using the tool is to get the ISO certification. My company wants to get our infrastructure to meet ISO standards so that there won't be any issues while getting ISO certification.
My company has around ten AWS accounts, and we use SentinelOne to monitor and see if any risks are there or not in any security groups for VPC endpoints or any other resources that come under severe risk or medium risk, so my company uses the product for calculations concerning the aforementioned area. The tool also creates tickets for our company, which helps us monitor the resources and change them according to the standards applicable to the organization.
We primarily use the solution to monitor for vulnerabilities on our AWS account. We use it for alerts.
We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.
Our infrastructure utilizes a combination of cloud solutions and Kubernetes for container orchestration. To ensure the security of these environments, we leverage PingSafe. This platform proactively identifies and remediates vulnerabilities within our cloud deployments. We use PingSafe, which is integrated with our cloud environment. This allows us to receive notifications from PingSafe directly in our Slack channels, according to the notification settings we have configured. We prioritize these alerts and take appropriate actions based on their urgency. To improve our cloud security posture and achieve best practices, we implemented PingSafe. This security tool helps us identify and address vulnerabilities within our cloud environment.
As a financial institution, we rely on PingSafe as our single source of truth for both CSVM and CWPP data. PingSafe provides us with essential security benchmarks, including those for Kubernetes deployments and CSVMs. It also allows us to monitor our overall cloud security posture and identify vulnerabilities for remediation. PingSafe serves as a centralized platform for all our cloud security metrics.
We primarily use PingSafe for compliance purposes because we work with banks and the fintech industry, so we must follow some standards like PCI DSS.
We use PingSafe for our AWS cloud used in my project and to check the account's vulnerabilities.
We use PingSafe to secure our IT infrastructure and fix vulnerabilities. For example, it tells us if our resources have been inappropriately made public. We provision our infrastructure on AWS and GitHub. PingSafe finds vulnerabilities across our entire network and secrets in our GitHub repositories. It also helps us manage our cloud configurations and security groups. PingSafe is integrated with Metabolic, Opsgenie, and Slack for notifications. It's also integrated with our security team. They are using a script to correlate the data from SysTrack.
I work for an insurance company whose infrastructure is on the cloud, so we use PingSafe for security management and vulnerability detection.
We use PingSafe to identify threats and vulnerabilities in our AWS accounts and the compute resources that are hosted on those cloud accounts. We implemented PingSafe to address network-related issues, such as communication between individual components (part-to-part or node communication). PingSafe's Graph Explorer feature also helped us understand the overall network landscape, including the attack surface. This feature allows us to discover and explore various components within our AWS environment. In essence, PingSafe helped us identify how different networks connect and how microservices within our system interact with each other.
We use PingSafe as a Cloud Native Application Protection tool to identify anomalies or deviations from best practices in our cloud environment. We chose PingSafe because it meets our compliance requirements.
We use PingSafe as our CSPM. Integrated with our environment, PingSafe scans for vulnerabilities and recommends remediation. We implemented PingSafe to monitor our cloud security for vulnerabilities in the configuration.
PingSafe was being used for cybersecurity and governance. The company where I used to work wanted to secure sensitive information or prevent any data leaks. It provided good protection. I used it on a daily basis. If any alert came up, or any best practice needed to be followed, I used to look into the alerts and work on the issue so that it did not affect our systems.
We use it in different ways. The number one use case is related to vulnerabilities, which includes cloud misconfiguration, the Offensive Security Engine, and the management screen itself. That is our primary use case. Then comes the graphical representation of interfaces, and the third use case is the inventory that it allows, which is very nice. By implementing this solution, we wanted to watch the security vulnerabilities in our organization. We wanted to watch them in the code that gets checked in. We wanted the latest and refreshed list of vulnerabilities in, for example, Log4j or any other software to be highlighted. PingSafe keeps updating its database and highlighting any issues.
We have onboarded multiple accounts from our organization. We have onboarded Azure accounts, and we have also onboarded GCP accounts. We are using the vulnerability management feature, and we are also using the offensive security feature. We are planning to use IaC in a couple of months.
We did a PoC, but we did not go ahead with PingSafe. It is currently on a test cluster. It is not in production. We were looking for a CSPM tool to monitor all of our AWS resources. We also wanted it to give us an alert in the case of a vulnerability. If, for example, a zero-day vulnerability is there, it should scan all of our tools.
We use it to monitor Azure and AWS accounts. We also use it to monitor the GitHub account for any data leakage and misconfigurations and also to have proactive configuration checks.
We are a security-based company. We use PingSafe to put our data planes on it. We have a cloud setup, and we have integrated PingSafe into our environment. It checks for any audit or security-related issues. By implementing PingSafe, we wanted a centralized solution. We have many AWS accounts to manage, so we wanted a single dashboard with analytics. We wanted to be able to view and monitor everything at once. We also wanted to customize the rules on which we wanted the alerts to be set up. PingSafe was a better option for our use case.
We have multiple AWS accounts and we use it for our products and deployments, et cetera, and they are being monitored by PingSafe for best practices and good security. In the past, we've had code exposed to the internet, and PingSafe has been able to catch such instances. Basically, it is for security and monitoring purposes.
We use the solution for security posture management. It's a safeguard for our cloud. It helps flag misconfiguration or any kind of vulnerability. There are also remediation capabilities, although we're only subscribed to alerts.
We use the solution for security and monitoring. It helps maintain compliance standards. Multiple policies can be mapped and evaluated and alerts can trigger your attention.
We use the solution for monitoring the security of our infrastructure. It helps us identify all the vulnerabilities.
We mainly use PingSafe for cloud security.
I am working with AWS. I'm a junior cloud engineer and on the client side, we use this software for security. We use this just for scanning all across the AWS environment for any bug, vulnerability, or high risk security issues, and we have to resolve these issues. The solution offers us low to critical alerts and our work depends on these alerts. If it is a critical alert, we have to resolve things as soon as possible.
We have AWS for most of our infrastructure, however, we don't have a dedicated security team. There are a lot of potential vulnerabilities which we are concerned about. We use PingSafe for security. For example, if there are open ports or incorrect configurations, we would get alerted and could fix them.
We use PingSafe as a cloud security posture management tool. PingSafe is integrated with our GCP, Azure, and AWS accounts. It will identify all the misconfigurations and security issues on all these cloud platforms and alert us. In addition to the CSPM capabilities, PingSafe has several other features like vulnerability management, container security, Kubernetes security posture management, and secret scanning All of these features are bundled inside PingSafe. It combines all the telemetry from the cloud, containers, and the Kubernetes platform. The vulnerability scanners are connected to the registries and give us a holistic picture of what else is vulnerable versus all the dummy data others would give.
We use PingSafe as a cloud-native application protection platform. It scans all our accounts to identify any loopholes or vulnerabilities. We get the results and recommended resolutions. It provides reports with all the minute details. For example, it might tell us there is an admin user with access that might increase the risk. PingSafe gives a comprehensive overview of anything about our cloud posture. We scan an Azure or AWS account, and PingSafe tells us the particular route an attacker might take and the risks. We use it extensively because it provides information on everything that could lead to a disaster. We're scanning 20 to 25 database accounts, with no more than 20 users.
My company does utility energy disaggregation. We use PingSafe for vulnerability management and to limit our exposure to attacks. PingSafe scans our AWS cloud environment and provides detailed analysis. It can identify enabled ports or anything that isn't completely integrated with our security. PingSafe gives us the details, and we only need to follow their instructions to ensure the vulnerabilities are fixed. My company handles a lot of customer data for US and European clients. GDPR and SOC 2 standards require that we are almost completely free of vulnerabilities. We also have a PingSafe safety score and report that we can provide to our customers. PingSafe is integrated with our AWS environment, and it monitors a few customer-critical applications. Two people at my company use PingSafe. I am on the IT security side, and another person from the platform security side uses it.
We use PingSafe to check for misconfigurations and vulnerabilities in new infrastructure or applications we deploy on AWS. All of our accounts are integrated. When we deploy new services, it highlights any misconfiguration or lack of encryption. We return to our applications and try to fix the issues immediately. The company has about 25 PingSafe users across three teams and five cloud environments, including production. PingSafe covers all five.
We primarily use PingSafe for cloud security posture management, but the solution also provides other capabilities, like infrastructure-as-code scanning. It identifies hard-coded secrets in the source code and covers Kubernetes security. About 25 members of the security and DevOps teams use the solution. We have integrated all of PingSafe's CWPP, CSPM, application security, and container scanning features into Jira. It's more of a vulnerability management tool for us. All the issues PingSafe identifies flow into Jira, and we have several dashboards that provide an overview of open security issues.
The company purchased PingSafe primarily for container security and IoC scanning. We also were looking into image scanning for Docker components. Now, we have enabled secret scanning and the Cisco pipeline as well. We are mostly dealing with code-level security issues the organization might have. There are issues in TerraForm and whatever else we see in our DevOps pipeline.
PingSafe is our primary security monitoring tool used for identifying vulnerabilities and misconfiguration.
We use PingSafe as our Cloud Security Posture Management tool.
We utilize PingSafe for Cloud Security Posture Management and real-time cloud configuration monitoring. PingSafe identifies vulnerabilities at the resource level and generates reports. It also includes defense modules that investigate potential exposure of secrets in public or private repositories. Additionally, the scanning module can identify vulnerabilities and analyze how they correspond to and impact other modules. We chose PingSafe as our cloud security solution for its ability to identify misconfigurations, both intentional and unintentional, within our infrastructure. Additionally, PingSafe generates reports that facilitate security compliance audits and help us identify inactive user accounts. It further integrates with our Jira instance, allowing for seamless data visualization on our security dashboard.
We use PingSafe to identify cloud security misconfigurations, ensuring compliance with Cloud Security Posture Management and Cloud Workload Protection Platform best practices, as well as relevant regulations in India. We also integrate PingSafe with our GitHub repositories that store our hard-coded secrets.
The solution closes the gaps in cloud infrastructure. We can find any gaps that exist and what possible attack factors may be. Everything is gathered together and removed. So we primarily use it for cloud security assessment.
PingSafe offers a variety of functionalities, including cloud configuration assessment and detailed misconfiguration reports. It automates vulnerability scanning, saving us time and effort. Additionally, PingSafe allows us to filter compliance-related findings and provides consolidated reports for a comprehensive view. Furthermore, PingSafe can conduct customized posture management research for Cloud Posture Management initiatives. This eliminates the need for complex, independent research. Finally, PingSafe helps us understand our readiness for specific security certifications.
PingSafe is a cloud posture management solution. Initially, it focused on helping us understand and assess our compliance posture and cloud configuration for workloads, etc. There are three key use cases for PingSafe: * Continuous Configuration Monitoring: This ensures 24/7 oversight of configurations and identifies any issues as they arise. * Asset Visibility: Gain immediate visibility of all cloud assets upon deployment and ensure they are properly tracked within the system. * Container Security: Assess vulnerabilities in Docker clusters and other containerized environments based on compliance requirements.
We currently use PingSafe for cloud security posture management, leveraging both the CWP module and the authentication security tab. While we regularly utilize these features, we're planning to onboard the cloud detection and response module, along with the ISIS scanning functionality. We implemented PingSafe as a secondary control measure to complement our existing security posture. In our Prisma Cloud environment, we have a detection score threshold set at 70 or above. As PingSafe was a new entrant in the market, we wanted to evaluate its capabilities. Fortunately, PingSafe's unique features and policies proved valuable. For instance, PingSafe detected an alert when a developer accidentally committed VS Code files to a public GitHub repository. This helped us promptly remove the VS code from GitHub.
We are using PingSafe for cloud posture management and cloud workload protection. Apart from this, it also provides alerts from infrastructure as code. If the tool finds any misconfiguration, it triggers that as an alert, and that gets collected in Jira.
Our PingSafe use cases depend on the type of SQL server we use. Currently, we need to check all cloud-based configurations directly. PingSafe helps us identify SQL configurations on our local PCs.
It's a cloud-based SaaS tool. It's a cloud security partnership management tool. It gives you an overview of misconfigurations, Kubernetes security, Docker security, vulnerability scanning, and secret scanning.
PingSafe offers the flexibility to create a customized solution that fits our specific needs. It's a comprehensive tool encompassing the central elements—PSC, PPP, and more.