We performed a comparison between Microsoft Purview Data Governance and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like Purview's data discovery features. It automatically scans and identifies all the fields. In the last project, the customer required us to have some of the codes we specified in this, and we had to structure the codes in a specific way. We can define the structure."
"We can prevent, block, or audit however we like."
"My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
"I really like the entire system for auto-labeling content. It's a very refined system. I use the Keyword Query Language to define refined string-based metadata, and then I can really go deep into the specific data with the specific properties labeled in such and such a way."
"The product has helped us save both time and money."
"I use the tool in projects as a medium to provide information as reports to the stakeholders."
"It is very easy to learn the interface, and it is very user-friendly."
"It has notable features for maximizing the value of your data. The data discovery and the data analytics parts are great both on-premises and on-cloud."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team."
"Blueprints and landing zones like we have in Azure would be great to see in Purview. The solution could offer a baseline or blueprint of recommended settings for compliance regulations such as GDPR and ISO, which could be applied with a simple switch in the options."
"The product must provide better integrations with OS X and iOS."
"I'd like to see them improve the training for implementing this type of solution."
"The overall cost of deploying this solution could be better. It seems that middle and small-sized organizations are not completely happy with deploying this solution in terms of the cost. It would be good if they concentrate on the cost part."
"I would like to have complete video documentation for training."
"Overcoming certain control issues would significantly enhance our overall satisfaction."
"Privacy features should be integrated into the core product rather than offered as optional add-ons, as privacy is not a luxury but a fundamental requirement."
"Sentinel's reporting is complex and can be more user-friendly."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"I think the number one area of improvement for Sentinel would be the cost."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
More Microsoft Purview Data Governance Pricing and Cost Advice →
Microsoft Purview Data Governance is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Purview Data Governance is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Data Governance writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Data Governance is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Fortinet FortiSIEM. See our Microsoft Purview Data Governance vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.