The security team's main challenge is to analyze thousands of critical alerts from various cloud protection tools and find the most important ones. The Offensive Security Engine™ in CNS applies an attacker's mindset to automatically and securely simulate cloud infrastructure intrusions to test the exploitability of vulnerabilities found by agentless CNAPP.
You get proof of usability that helps distinguish critical warnings from hypothetical attack scenarios.

An exciting feature of CNS is secrets scanning, which can identify over 750 types of secrets and credentials hard-coded into repositories.

Compromised credentials remain one of the leading causes of cloud security failures. They are an entry point for attackers who have automated means of alerting when such credentials are placed in text-to-code repositories.

Another way attackers use credentials and secrets is to simply authenticate themselves rather than hacking your cloud accounts. CNS periodically scans the organization's public and private repositories and the public repositories of the involved developers to prevent leaks of secrets and credentials.

CSPM (Cloud Security Posture Management) identifies misconfigured cloud resources and ensures compliance with industry standards. Agentless onboarding starts asset inventory within minutes of connecting to a cloud account.
With over 2,000 built-in checks, CNS ensures that any newly created and misconfigured cloud resource—cloud instance, container, etc.—is identified in near real-time.
Users can create their policies using simple Rego scripts to meet compliance requirements unique to their organization.
Of course, easy-to-understand dashboards will provide real-time compliance assessment against multiple standards such as NIST, CIS, MITER, and more.

Kubernetes is a widely used container orchestration platform known for its indecipherable configurations, which often present unique security challenges for containerized workloads. KSPM goes far beyond CSPM, which needs to be better suited to the intricacies of Kubernetes network configurations and interconnected communications.

KSPM capabilities within Cloud Native Security provide complete visibility into Kubernetes workloads, nodes, pods, containers, and APIs, enabling continuous monitoring and assessment of Kubernetes security health. CNS includes information on your compliance status, including CIS Benchmarks for EKS, GKE, and AKS, managed K8s services from three leading cloud providers, and the CIS Kubernetes Framework.

With SentinelOne, customers can create cluster security policies, identify roles with redundant permissions, and discover namespaces marked appropriately to ensure compliance with Kubernetes-specific module security standards.

Vulnerabilities in container images can lead to unauthorized access, data leakage, and more. CNS now includes vulnerability scanning of container images in your ECS and EKS clusters to help manage risk more efficiently.
The solution creates a software specification (SBOM) — a detailed list of components, libraries, and dependencies inside the container. In addition, CNS provides a graphical visualization of K8s clusters, business services, and images.
Together, these features:

For example, consider a public cloud computing instance such as Amazon EC2, Azure VM, or Google Cloud Compute Engine. There are potentially very valid reasons for creating a public instance with access to the Internet. However, let's imagine these instances run with serious vulnerabilities and widely available exploit packages.

In this case, SecOps will want to prioritize response actions, such as updating the host OS image, to address the vulnerability before it is exploited. Graph Explorer (which will be described later) can also speed up investigations by visualizing the relationship between misconfiguration and vulnerability.

IaC golden templates perfectly prevent resource misconfigurations from entering the DevOps pipeline by providing consistent, repeatable, and appropriate configurations codified according to best practices.

The IaC scanning capabilities in CNS allow you to scan templates and detect misconfigurations before they reach production. CNS proactively detects issues in IaC templates and configuration files of containers such as Terraform, CloudFormation, and Kubernetes (in Helm and manifests).

Graph Explorer facilitates Verified Exploit Path research by visually analyzing the potential damage to cloud resources affected by the identified vulnerability. It also includes a convenient, intuitive query authoring tool with a visual interface that allows users to quickly create and apply custom policies to a specific group of resources with a few clicks.

The Singularity Platform offers comprehensive threat prevention, detection, and response that is easy to use and can be applied in complex enterprise environments.

Singularity combines SentinelOne's high-performance endpoint (EDR, Endpoint Detection & Response), cloud (CNAPP, Cloud Native Application Protection Platform), and credential (ITDR, Identity Threat Detection & Response) solutions. Enterprises can mix and match these solutions to their specifications; all managed from a single console and security data lake.

Security professionals need visibility of every relevant, actionable event across the enterprise security system to enrich investigations with the necessary context and provide the means to search for alerts from cross-source telemetry data.

To meet this need, the Singularity platform leverages a centralized security data lake that receives data telemetry from our endpoints, cloud and accounting solutions, and a growing list of third-party security tools and sources used by our customers.

Singularity Data Lake enables information security professionals to contextually visualize and automatically respond to critical security threat messages using a single cloud repository. It offers the most extended data retention period and the highest cost efficiency of any provider on the market.

Used by the largest and most authoritative partners in IR and MDR, the Singularity platform provides a rapid return on investment and a forward-looking solution that will continuously evolve to meet customers' ever-growing cybersecurity needs.