We performed a comparison between Microsoft Purview Data Governance and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It starts off with records management, insider risk management, and information protection. And there is the discovery of the clouds, and we can get analytics on that as well, so that we know which user is using which cloud application and for how much time. The Activity explorer tells us which user was transferring out what data at what moment and on which device, including the serial number."
"It is very easy to learn the interface, and it is very user-friendly."
"I think Purview does as good a job...I'll say that it is as stable as the data governance maturity that exists within an organization. It can't be more stable than that."
"The e-discovery search is useful."
"The most valuable feature is the tracking activity and device onboarding."
"The cataloging tool is definitely the most valuable... It tells you about all the data you have in your tables, which helps people understand our data. We now know what data we have."
"I use the tool in projects as a medium to provide information as reports to the stakeholders."
"Data segregation is the most valuable feature."
"Free ingestion for Azure logs (with E5 licence)"
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"Two features are unsupported—custom insights and the DLP component—that would be beneficial to me as a consultant and for the customer in terms of security and monitoring. Regarding security, DLP would provide a more granular level of data masking. Custom insights would offer more detailed monitoring and alerts that can notify customers of failures or anything requiring urgent action."
"We've had a few issues with the scanner. It runs perfectly one day, and on another day, it will run the whole night. It's probably related to the rules. If I set some compliance rules and apply the rules to any column, I can't delete it. I have to disable it and reactivate it."
"Enhancing the tool's capability to connect to multiple sources would be valuable."
"Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options."
"The technical support has room for improvement."
"The product needs improvement to edit the number of assets. It needs to be more inuitive as well."
"There are some limitations with regard to the lineage of data from different parts of the system."
"Purview's data connector platform for non-Microsoft data sources is good, but there is some functionality that hasn't been developed yet. There are some servers that it can't connect to yet, because they're still in a trial process."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
More Microsoft Purview Data Governance Pricing and Cost Advice →
Microsoft Purview Data Governance is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Purview Data Governance is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Data Governance writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Data Governance is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Fortinet FortiSIEM. See our Microsoft Purview Data Governance vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.