We performed a comparison between Microsoft Sentinel and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The machine learning and artificial intelligence on offer are great."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"It's pretty powerful and its performance is pretty good."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The tool is simple to use."
"It makes everything easier by automating some tasks and growing with our needs."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The troubleshooting has room for improvement."
"I think the number one area of improvement for Sentinel would be the cost."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"I would like to see a better reporting work structure on the dashboard."
"The solution does not allow outsourced authorizations."
"I rate Sentinel a six out of ten for scalability."
"It is an ancient product."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"There is no integration in the web-side of the tool."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
Microsoft Sentinel is ranked 2nd in Security Information and Event Management (SIEM) with 86 reviews while Sentinel is ranked 16th in Security Information and Event Management (SIEM) with 15 reviews. Microsoft Sentinel is rated 8.2, while Sentinel is rated 7.6. The top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security, whereas Sentinel is most compared with IBM Security QRadar, Splunk Enterprise Security, Google Chronicle Suite, Wazuh and LogRhythm SIEM. See our Microsoft Sentinel vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.