We performed a comparison between Microsoft Purview Information Protection and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Before using it, we had a lot of unlabeled data, and the tool helped us quickly and accurately label a large number of documents."
"We can restrict access or specify who can see sensitivity labels, which can be based on the classification level. We can encrypt restricted content and limit who can see that from an internal view, too, so Purview is a powerful tool."
"The UI is user-friendly, and I have observed that it improves further each year."
"Incorporating data loss prevention capabilities built into the Microsoft platform to endpoints, such as Windows 10 and Windows 11 computers, can also help prevent data loss and is highly advantageous."
"It ensures that sensitive data is automatically safeguarded, even for email attachments, regardless of the user or device."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Sentinel pricing is good"
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Microsoft can improve the affordability of Purview Information Protection by offering it at a lower cost."
"Our primary concern is third-party application visibility. Many people choose other DLP tools, as they can search the Office 365 suite and detect sensitive information across thousands of other apps. The product is weak compared to the competitors on the DLP front, but the classification is good; the tool needs a bit more maturation."
"There is potential for more integration in the use of AI."
"Microsoft Purview Information Protection can improve in terms of scan concurrency and scan processing time."
"There is room for improvement with the policy tips feature."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"I think the number one area of improvement for Sentinel would be the cost."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sentinel's reporting is complex and can be more user-friendly."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
More Microsoft Purview Information Protection Pricing and Cost Advice →
Microsoft Purview Information Protection is ranked 19th in Microsoft Security Suite with 5 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 86 reviews. Microsoft Purview Information Protection is rated 7.8, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Information Protection writes "Provides protection across multiple environments, can classify data and represent it graphically, and has the option for customer-managed teams to encrypt and manage data". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Information Protection is most compared with Microsoft Purview Data Governance, Microsoft Defender XDR, Varonis Platform, BigID and Microsoft Purview eDiscovery, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Purview Information Protection vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.