We performed a comparison between Microsoft Entra ID and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is Conditional Access, and we use it extensively."
"It's a very intuitive platform. It's easy to create groups and add people."
"It is a very straightforward implementation."
"The solution has some great features, such as identity governance, and user self-service. The Outlook application is very good and is used by a lot of people even if they are using Google services."
"The visibility and control for permission management are excellent."
"The solution adds an extra layer of security."
"The solution offers business to business and client to business support."
"Azure Active Directory features have helped improve our security posture. The remote working has been a massive help during the pandemic."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The machine learning and artificial intelligence on offer are great."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The visibility in the GUI is not good for management. There are a lot of improvements that could make it better. It should be more user-friendly overall. It is not user-friendly because everything keeps changing on the platform. I can understand it because I know the platform, am familiar with it, and use it every day. However, for a lot of clients, they don't use it every day or are not familiar with it, so it should be more user friendly."
"I want to be able to identify the audiences effectively and manage them."
"Sometimes, the notifications and alerts are not delivered properly, and we end up missing them. Also, the overall graphical user interface needs to be improved."
"They can combine conditional access for user actions and application filtering. Currently, they are separated, and we cannot mix the two. I do not know how it would be possible, but it would be interesting."
"I would like to see a better delegation of access. For instance, we want to allow different groups within the company to manage different elements of Azure AD, but I need more granularity in delegating access."
"When you fix the rules and permissions, working directly on the manifest, you really need to have in-depth knowledge. If there were a graphical user interface to update the manifest, that would be good."
"There are issues using it with ADFS."
"Microsoft Authenticator is as easy as Google Authenticator, but it is not open to all types of applications. Google Authenticator is integrated with other third-party platforms and applications, whereas Microsoft Authenticator is not. It should have more integration with third-party platforms and applications."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The playbook is a bit difficult and could be improved."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Sentinel's reporting is complex and can be more user-friendly."
"One key area that can be improved is by building a strong integration with our XDR platform."
Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Entra ID is rated 8.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Cisco Duo and Yubico YubiKey, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Entra ID vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.