We performed a comparison between Microsoft Purview Data Loss Prevention and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There's a good amount of documentation in case you run into any problems."
"It has helped our clients to reduce the time to action on insider threats because it can be integrated."
"One of the valuable features of Purview is the ability to create a legal hold on a user's account within the compliance portal. That's pretty useful when it comes to any litigation or if you want to redeem the content within a mailbox, OneDrive, or a generic public SharePoint site."
"The most valuable features are identifying sensitive data and issuing alerts."
"The auto-labeling feature is definitely the most valuable feature. It goes in and labels the documents for you in different repositories. It covers the Outlook and Exchange repositories along with SharePoint and OneDrive. It is really helpful in those areas."
"Because everything is on Microsoft and we use Azure, integration with the product is easier. That's the most important thing when you use many Microsoft products. It's easier to integrate everything in one place."
"I rate Microsoft Purview Data Loss Prevention's stability a ten out of ten."
"The product can block the uploads to cloud services."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The product can integrate with any device."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Microsoft Purview Data Loss Prevention's licensing is expensive."
"They do not provide language options beyond the ones already available, so our language option is missing."
"There is a lot of ambiguity when you are setting up labels, such as sensitive information labels. It is a little daunting at first if you don't have prior knowledge, and there is a little bit of a learning curve for setting up the labels. Some of the setup wizards could be more helpful from an AI perspective. They can streamline the setup through more AI technologies so that you don't have to jump through so many hoops and different menus and dropdowns. It would be useful to have a setup wizard that is more hands-off and engaging for setting up the information type labels. If you tell them this is what we're trying to protect, it should basically start to lead you down that path of best practices. Such a feature would be great."
"There is no AIP for Linux systems. That's a setback. Another thing it's lacking is libraries to work with Python. It has libraries for C# and C++, for example, but not for Python and, these days, Python is very useful."
"The platform can be challenging to navigate and has the potential for improvement."
"The solution should provide better integration with other systems."
"There is a need for improvements, particularly in ensuring that file-based recognition is more reliable and comprehensive."
"I would like Microsoft Purview Data Loss Prevention to be on the source code or SQL databases. It is difficult to do classification and labeling when you have a third-party source code or a third-party Oracle database. It is seamless when it comes to Microsoft documents but is not so with third-party source codes. Microsoft needs to work on it a little bit more."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"There is room for improvement in entity behavior and the integration site."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The solution could improve the playbooks."
"The product can be improved by reducing the cost to use AI machine learning."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The playbook is a bit difficult and could be improved."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
More Microsoft Purview Data Loss Prevention Pricing and Cost Advice →
Microsoft Purview Data Loss Prevention is ranked 12th in Microsoft Security Suite with 13 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 86 reviews. Microsoft Purview Data Loss Prevention is rated 8.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Data Loss Prevention writes "Automation has given us consistent analytics and improved quality of insights into user activity". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Data Loss Prevention is most compared with Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Amazon Macie, Microsoft Intune and Zscaler DLP, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Purview Data Loss Prevention vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
