Sold by: SentinelOne
Deployed on AWS
Free Trial
AWS Free Tier
Block attacks and secure your entire cloud with SentinelOne Singularity Cloud Security, an AI-powered CNAPP providing deep visibility and robust, real-time protection to defend your AWS environment from initial access to mission target. It unifies proactive exposure management, and real-time protection to safeguard your AWS infrastructure, workloads (VMs, containers), and data with AI-powered detection and automated response. Try Cloud Security for free!
4.6
Overview
Video
Detect and Block an Attack in Under 1 Minute
Video
Cloud Native Security Overview
Block attacks and secure your entire cloud environment with SentinelOne Singularity Cloud Security, a comprehensive, AI-powered Cloud-Native Application Protection Platform (CNAPP). Our platform provides deep visibility and robust security from build time to runtime, with all security findings natively integrated into the Singularity Data Lake for investigation and custom detection. Safeguard your AWS cloud infrastructure and workloads against modern threats with our unified, real-time protection.
Our Comprehensive AI-Powered CNAPP is comprised of three key products designed to secure your entire cloud stack:
- Our agentless Cloud Native Security provides proactive exposure management capabilities that prevent attackers from gaining a foothold in your AWS environment with:
Offensive Security Engine: Reduce your cloud attack surface by simulating external exploits to produce Verified Exploit Paths to prioritize the expsoures that are truly reachable by an outside attacker.
Cloud Security Posture Management (CSPM): Continuously monitor and manage the security of your AWS configurations to prevent public exposure and ensure compliance.
Secrets Scanning: Identify more than 750 types of secrets across public and private repositories.
Cloud Infrastructure Entitlements Management (CIEM): Detect and manage excessive or unused permissions to mitigate the risk of privilege escalation.
Infrastructure as Code (IaC) Scanning: Scan and secure your IaC templates and images, including secrets and vulnerabilities, before deployment.
Cloud Detection and Response: Leverage our AI SIEM and forensics capabilities for advanced threat hunting and rapid incident response across your cloud.
- Cloud Workload Security is a real-time, AI-powered Cloud Workload Protection Platform (CWPP) for servers, virtual machines (VMs), and containers across public and private clouds. Built for the modern cloud, it helps you:
Detect and Stop Threats: Automatically stop runtime threats like ransomware, zero-days, and fileless attacks in real time without performance impact.
Accelerate Threat Hunting: Gather forensic data and telemetry for deep, comprehensive threat hunting and analysis.
Ensure Stability: Experience unmatched stability and performance without kernel panics, thanks to our lightweight, patented agent.
- Cloud Data Security provides AI-powered malware detection for cloud object storage, including Amazon S3 and file storage services like Amazon FSxN and NetApp. This product ensures that your data is always protected:
Real-Time Scanning: Detect malware, including zero-days, in milliseconds with scanning done directly in your own cloud environment.
Automated Action: Take immediate, automated action against threats, including quarantine and encryption.
AI Model Protection: Safeguard your AI models and pipelines deployed on services like Amazon SageMaker and Amazon Bedrock with our AI Security Posture Management (AISPM).
Additional SentinelOne integrations with AWS Services:
AWS CloudTrail: SentinelOne ingests AWS CloudTrial activity logs to identify and remediate cloud misconfigurations. By analyzing API and resource changes in real time, SentinelOne uncovers suspicious behaviors like unauthorized IAM change that create security gaps.
AWS Security Hub: Consolidates SentinelOne's deep security findings and context into AWS Security Hub for a single pane of glass and automated, high-fidelity response.
AWS Config: Uses AWS Config data to provide continuous compliance monitoring, track configuration changes over time, and ensure your cloud assets remain secure and auditable.
Amazon GuardDuty: Enriches Amazon GuardDuty's network and account-level threat detections with SentinelOne's detailed workload telemetry for more accurate correlation and faster threat hunting.
Get started
Verify exploitable risk and stop runtime threats with the most comprehensive and integrated CNAPP solution today. Simply click on the Request private offer button on this page to begin your procurement process.
Highlights
- Unified Visibility: Powered by Singularity Data Lake and Purple AI, customers can have a complete view of their security issues across endpoint, identity, and cloud
- Attacker's Mindset: Prioritize cloud health and remediation with evidence-based Verified Exploit Paths™ from code to multi-cloud environments.
- AI-Powered Threat Detection and Protection: Secure cloud and container workloads with real-time protection and forensic visibility.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Pricing available upon request. | Contact SentinelOne for custom pricing. | $20,000.00 |
Vendor refund policy
No refunds are available for this solution.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support is available for this solution. For custom pricing contact sales@sentinelone.com .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
SentinelOne brings together all the different security tools into one smart, AI-driven platform (Singularity) that can stop, contain, and even reverse cyberattacks across all of a company's devices, cloud services, and user identities.
Unlock enterprise-wide security for your AWS environment with SentinelOne Singularity Platform. This AI-powered solution provides real-time threat detection and automated response across your infrastructure, ensuring continuous protection at infinite scale. By autonomously securing endpoints, cloud workloads, and identity, SentinelOne delivers total visibility while eliminating security silos. Integrate seamlessly with AWS and leverage our unified data lake and Purple AI to accelerate investigations and gain deeper insights. Secure your AWS cloud and focus on innovation with the speed and efficiency of AI.
Purple AI Model Context Protocol (MCP) Server provides secure, seamless integration between the Singularity Platform and any AI framework or large language model. Acting as a universal translator and intelligence hub, it empowers developers and partners to build custom agentic AI experiences powered by the full context and analytics of the SentinelOne platform. The open-source Purple AI MCP Server is available today on GitHub and will also be deployable as an EKS and through Amazon Bedrock, using Agent Core. Users will need to have an active deployment of SentinelOne console and be able to obtain the SentinelOne Singularity Console token and url to be able to deploy and use the Purple AI MCP server.
SentinelOne Singularity AI SIEM revolutionizes your security operations on AWS. Eliminate the skyrocketing ingestion costs and data overloads of legacy SIEMs by utilizing Observo AI to filter data volumes. This provides a deeper, richer dataset, enabling smarter and more accurate detections, accelerated generative AI investigations, and precise responses with Singularity Hyperautomation. AI SIEM is fundamentally shifting the role of security analyst from manual, repetitive tasks to strategic defense. Empower your team to accelerate investigations and mitigate critical risks with a fast, scalable, and intelligent SIEM built for the Autonomous SOC.
![SentinelOne Endpoint Protection [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/f082fa4f-9b6f-4693-a718-62fac6bbce3e.PNG)
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects, responds and hunts attacks across all major vectors.
Customer reviews
reviewer2796903
Cloud security has strengthened daily threat detection and protects sensitive code secrets
Reviewed on Jan 13, 2026
Review provided by PeerSpot
What is our primary use case?
I use cloud security in cybersecurity, where it plays one of the major roles in my career. Things that cannot be safeguarded in a normal environment are what I have been utilizing, such as information that one person can trust.
Therefore, I must say that cloud security is one of my major architectures that I am using in my day-to-day work environment.
What is most valuable?
What I appreciate the most about it is its high performance and the way it simplifies tasks, along with the optimization as well.
The Secret Scanning feature in SentinelOne Singularity Cloud Security is one of the coolest features I have ever worked with, as it primarily functions through its Singularity Cloud Native Security. It is designed to find any kind of sensitive data that developers accidentally leave in their code, which leads to major causes of cloud breaches. The Secret Scanning feature offers a wide scope of coverage, as it does not only look for passwords; it is designed to detect over 800 types of secrets, including API keys, and the tool itself scans across the entire development life cycle to catch any kind of secrets before they reach production.
When it comes to Drift Detection in SentinelOne Singularity Cloud Security , I think it is one of the critical features within its application protection platform. Its configuration mainly focuses on infrastructure as code versus the actual live environment. The coolest feature is that it detects when someone manually tries to change a setting in the cloud console that was not in the original code, and it also has a binary drift option for containers and Kubernetes .
What needs improvement?
Regarding the downsides of cloud security, I do not have much negative to discuss about cloud security, because it is one of the helpful features that I work on in my daily life. However, I would say one drawback is that data breaches can easily happen in cloud security, and it has some limited visibility. That is also one of the drawbacks I would mention, and in my team, some people are telling me that we are facing some compliance issues in cloud security as well.
When I discuss the easily happening data breaches in cloud security, it is all stored in the cloud environment, so anyone who has access to cloud can easily breach the data. It is also easily vulnerable to theft through breaches or any kind of malware or accidental exposures. I would say that attacking cloud storage is quite easy compared to other things.
For how long have I used the solution?
I have been using it in my career for around 4.10 years.
What do I think about the stability of the solution?
I can say that there is nothing unstable about SentinelOne Singularity Cloud Security, as there is no lagging, crashing, or downtime.
What do I think about the scalability of the solution?
I would rate the scalability of SentinelOne Singularity Cloud Security as high, as it operates in a cloud-native architecture that is highly scalable for any kind of organization, ranging from small businesses to global enterprises with thousands of devices.
How are customer service and support?
I have not contacted any technical support for SentinelOne Singularity Cloud Security so far.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
How was the initial setup?
I would say that the initial deployment for SentinelOne Singularity Cloud Security is really easy compared to other things in cloud computing, especially with public platform models.
When I deployed it for the first time, it took me around an hour or less, but sometimes, due to its complexity, it may take a day.
What about the implementation team?
When it comes to the number of people required for deployment, technically speaking, a single person can deploy the cloud environment, but the number of people involved depends entirely on the scale of my organization. So, while it is possible to deploy a cloud environment with a single person, it also depends on the organization.
What's my experience with pricing, setup cost, and licensing?
Regarding the pricing for SentinelOne Singularity Cloud Security, I do not think it is something I can compare.
Which other solutions did I evaluate?
When I compare them, I prefer Akamai more.
The reason I prefer Akamai more is that Akamai is the best. Both have excellent performance, but Akamai offers strong performance in terms of security. Furthermore, it efficiently manages unwanted bots, making Akamai the best compared to cloud security or any other software out there.
What other advice do I have?
Regarding how SentinelOne Singularity Cloud Security Runtime Protection compares to Akamai in terms of adaptability to new and unknown threats, it depends on what you are protecting. I do not think I can compare them while they overlap in cloud security, as they both perform different roles in the cyber stack. For SentinelOne Singularity Cloud Security, its priority is to secure the endpoint, while for Akamai, its main primary task is to protect network and application security. I would rate this review overall as a 9.
GANESAN K
Cloud security has improved as I gain unified visibility and detect misconfigurations across platforms
Reviewed on Jan 13, 2026
Review from a verified AWS customer
What is our primary use case?
I have worked on two use cases for this product regarding its major purposes. One is that end-users want to check posts in their multi-cloud environment, where they have AWS , Azure , and Google Cloud . They were asking for multiple security checks based on compliances across each platform, as AWS has its own compliance checks and Azure has its own compliance checks, but they needed to verify if configurations comply with standards such as NIST or MITRE. That was the major concern for the team. They have many compliances because they were operating projects around the world, so they had to comply with GDPR, HIPAA, and CERT-In, and in Australia they also have some projects with additional compliance requirements. For that reason, they looked for this product, and I was able to analyze all their environments. I was able to integrate their AWS accounts, Azure accounts, and Google accounts to SentinelOne Singularity Cloud Security . I was able to showcase how it provides security ratings of each instance or each container. I was also able to showcase misconfigurations, such as instances where a particular configuration was given on a temporary basis but was not removed afterward. I was able to identify these issues and make them aware of them. I was also able to provide fixes and references to fixes using SentinelOne Singularity Cloud Security .
What is most valuable?
The biggest benefit of SentinelOne Singularity Cloud Security is that it has a good AI-based analytics engine that helps with the detection part by providing full visibility. I was able to see all the configurations that were made, all the permissions that were being given on IAM roles, user role-based access, and everything in SentinelOne Singularity Cloud Security on a granular basis and across multiple cloud environments.
From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions.
What needs improvement?
Regarding built-in integrations in the product, the integration part can be improved by having more third-party vendors because SentinelOne Singularity Cloud Security is much more focused on premium vendors and premium OEMs. Most customers will be using common platform vendors, but some will be using customized solutions or SMB-level customers may be utilizing custom or new vendors. If possible, they can improve their API integrations with all other platforms. To provide a small example, in the South or APEX region, SonicWall is one of the key players in providing network security, but SentinelOne Singularity Cloud Security does not have any integrations for SonicWall. Also, with Zoho, there is not much of an integration part that the end-user would expect.
The main improvement needed is the integration part with other third-party vendors. Also, they can support multiple platforms and provide support for multiple platforms in terms of features.
Response time can be improved because not all things are perfect in every product, whether CrowdStrike or Trend Micro. In some cases, I have felt that the response time could have been better. Regarding response to an attack or incident, in most cases, SentinelOne Singularity Cloud Security has helped me and has also provided a good reactive approach. Even if the endpoint gets compromised, there is rollback functionality. If it provides rollback, it would be able to provide the rollback functionality based on other platforms, such as Linux and Mac platforms. This would allow me to achieve something that no other competitive product is giving. Regarding response time, it can be improved.
For how long have I used the solution?
I have been working with SentinelOne Singularity Cloud Security for the past one and a half years.
How are customer service and support?
I would say support is excellent. I would give them a rating of 9.5 to 10 because they are providing prompt support, and in my experience, I have never encountered a junior person or someone without knowledge coming into support from SentinelOne. In the support part, they are doing a great job.
How would you rate customer service and support?
Positive
How was the initial setup?
It needs some time to install. For the complexity, I would give around six or seven on a scale of ten, where ten is more complex and zero is simple.
Which other solutions did I evaluate?
In some cases, SentinelOne Singularity Cloud Security is better than Trend Micro. In detection and visibility control, it is much better than both Trend Micro and Fortinet. Fortinet is just now evolving and has entered the market, but I do not see many references for this particular CNAPP solution.
What other advice do I have?
From the customer and end-user point of view, they were able to have visibility throughout their cloud infrastructures, whether on AWS, Azure, or GCP. They were able to get complete visibility and identify the loopholes present in their cloud infrastructure solutions. My overall rating for this product is eight out of ten.
Devisri V.
Effortless to Use and Highly Intuitive
Reviewed on Jan 09, 2026
Review provided by G2
What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its ease of use combined with a very streamlined and intuitive implementation. The platform provides strong visibility and protection across cloud workloads without adding operational complexity. Its unified console, automated threat detection, and clear insights make it easier for engineering and security teams to quickly deploy, manage, and respond to risks at scale while maintaining a strong security posture.
What do you dislike about the product?
I don’t have any major dislikes, but like many powerful security platforms, SentinelOne Singularity Cloud Security can require time to fully understand and tune advanced features for specific environments. Some configurations and alerts may need fine-tuning to reduce noise and better align with an organization’s workflows. That said, this is typical of robust security solutions and improves with experience and customization.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security helps solve the challenge of securing cloud workloads and environments at scale while maintaining visibility and control. It addresses risks such as misconfigurations, runtime threats, and unauthorized access across dynamic cloud infrastructures. By providing centralized monitoring, automated threat detection, and rapid response capabilities, it reduces operational overhead, improves incident response time, and allows teams to confidently scale cloud services without compromising security or customer trust.
Shruti J.
Comprehensive Cloud Security with Strong Visibility and Automation
Reviewed on Jan 06, 2026
Review provided by G2
What do you like best about the product?
What I like best about SentinelOne Singularity Cloud Security is its strong AI-driven threat detection and automated response, which significantly reduces the need for manual intervention and helps security teams respond to incidents faster. The platform offers centralized visibility across cloud workloads and environments, making it easier to manage security in hybrid and multi-cloud setups. Its automation helps minimize alert fatigue while still providing deep insights into risks and misconfigurations, and it integrates well with major cloud providers and existing security workflows. Overall, it strengthens cloud security posture while improving efficiency for security teams.
What do you dislike about the product?
What I dislike about SentinelOne Singularity Cloud Security is that the initial setup and policy configuration can be complex and time-consuming, especially for teams without deep cloud security expertise. Alert tuning and reducing false positives may require ongoing effort, and some areas of the dashboard are not as intuitive as they could be. Additionally, the platform can feel expensive or heavy for smaller environments, and there are occasional limitations around reporting, search, or overall usability that could be improved.
What problems is the product solving and how is that benefiting you?
SentinelOne Singularity Cloud Security solves visibility gaps and risk blind spots across cloud environments by unifying posture, workload protection, and threat detection in one platform. It automates security monitoring and compliance, reducing manual effort and response time. This helps me quickly identify and remediate vulnerabilities, enforce secure configurations, and protect cloud workloads from attacks. As a result, it improves overall cloud security posture and lowers operational risk.
Nirmesh Solanki
Cloud risk visibility has improved security operations but onboarding still needs refinement
Reviewed on Dec 19, 2025
Review from a verified AWS customer
What is our primary use case?
We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period. We attempted to onboard it and used it for application security and to track vulnerability management. However, as we are part of the Danaher organization and one of the operating companies under it, they decided to move to a different vendor, resulting in this short period of usage.
SentinelOne Singularity Cloud Security was implemented across our multi-cloud infrastructure, with all of these infrastructures integrated into the platform. The solution pulled all accounts and subscriptions from AWS and Azure , providing a consolidated view of our entire infrastructure. Within those infrastructures, it ran agentless scanning and could identify any vulnerabilities, malware, or risks associated with our infrastructure resources.
SentinelOne Singularity Cloud Security was user-friendly and not difficult to understand in terms of how the application works. The integration process was pretty straightforward. We integrated with AWS , Azure , and Google, though integration with Google required significant workarounds involving Terraform . Once the integration was completed, the process became straightforward. The onboarding process for accounts was somewhat tedious, but apart from that aspect, everything was straightforward.
What is most valuable?
The visibility provided by SentinelOne Singularity Cloud Security around infrastructure was very valuable. The platform has levels that notify you of information-level risks, and these notifications increase as risks escalate, such as when malware is detected. The system continuously defines and alerts you about risks. There are mechanisms where you can integrate with messaging tools and notifications according to your preferences, which helps you get notified on a priority basis. You can configure how often you want to receive notifications based on whether a risk is medium or high priority. We were working on configuring these features when we stopped because we were moving to another tool.
From a security operations perspective, SentinelOne Singularity Cloud Security played an important role. I work with the infrastructure team and closely work with the Infosec team, which is the primary security team. They relied on all the risks and alerts from the platform and worked on how to remediate them and determine whether patching was required. All remediation decisions were based on the initial visibility of any infrastructure risk provided by this application.
The secret scanning feature in SentinelOne Singularity Cloud Security is very important. When we create new accounts or onboard new accounts for any business unit, we gain visibility into what exactly that team is doing and what risks are associated with their activities. As a platform engineer, I work with multiple business units who want to work on Kubernetes or Docker solutions in test environments or sandboxes. When we create an account for a business unit without segmentation around what connects to what, SentinelOne Singularity Cloud Security runs scanning and provides visibility. For example, if a developer creates a vulnerable Jenkins instance, the SOC team and I get a better view of the risks associated with instances that the developer team is working on, even though the developers themselves may not be aware of those risks.
What needs improvement?
We did not try to use the threat investigations feature from SentinelOne Singularity Cloud Security.
Drift detection with respect to infrastructure code is important. When somebody makes changes to infrastructure code, it creates a drift and lets you know what changes have been made at the infrastructure level.
The first downside of SentinelOne Singularity Cloud Security was the onboarding process, which was very challenging and took a lot of time. We faced many challenges around onboarding accounts. However, once we got past that initial phase, everything became pretty straightforward and we did not have any issues.
For how long have I used the solution?
We used SentinelOne Singularity Cloud Security for approximately one year during a nine-month period.
What do I think about the stability of the solution?
I have not observed any lagging, crashing, downtime, or any sort of instability with SentinelOne Singularity Cloud Security.
What do I think about the scalability of the solution?
We did not attempt to scale extensively with SentinelOne Singularity Cloud Security. As of the time we used it, the application was working fine. Since we did not use it for a longer period of time, we did not face any challenges in terms of scalability.
How are customer service and support?
The maintenance part of SentinelOne Singularity Cloud Security was not very challenging. The platform had some bugs in between, but when we reached out to support, they helped us and indicated that the issue would be resolved. They could reach out to the engineering team and provided us with a resolution in one to two weeks if the bug was not critical. We did not face any challenges with support or maintenance.
The speed of opening a ticket with SentinelOne Singularity Cloud Security support is good. However, there were some cases where getting a support agent on a call was a little difficult.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We moved to another application after discontinuing SentinelOne Singularity Cloud Security. We are now using Palo Alto's application called Prisma. Prisma is also going to be rebranded into Cortex , which is probably going to be released next year. Currently, all operating companies under Danaher, which we are part of, are using Palo Alto Prisma.
The company went with Prisma because within multiple operating companies, there is a significant footprint of Palo Alto devices for firewalls and endpoint firewalls on-premise. Since Prisma is also a Palo Alto product, it integrates natively with their existing applications. SentinelOne Singularity Cloud Security operated through the cloud, while Prisma also provides risk assessment for on-premise devices, which is an additional capability. This is the reason why Prisma is preferred currently.
How was the initial setup?
I was not part of the onboarding process, so I do not know how difficult or challenging the implementation was. However, I did not observe any issues or discussions within the team indicating that implementation of SentinelOne Singularity Cloud Security was difficult.
What other advice do I have?
I have not tried using the Offensive Security Engine feature. My overall rating for SentinelOne Singularity Cloud Security is seven out of ten.