We performed a comparison between Microsoft Purview Data Governance and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
"The custom classifications are one of the most valuable features."
"The best part is that I can create classifications per my requirements. I use it to classify multiple platforms like AWS, GCP, Azure, and different file sharing systems."
"Microsoft Purview is extremely stable."
"My favorite Purview feature is auto-scanning. Once we set up Purview, we can automatically scan multiple data sources when new data comes into specific databases, like SQL and Oracle. We don't need to rediscover the new data or do anything manually because it automatically happens."
"I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly."
"The e-discovery search is useful."
"The cataloging tool is definitely the most valuable... It tells you about all the data you have in your tables, which helps people understand our data. We now know what data we have."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The pricing of the product is excellent."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"There are negatives to the compliance aspect of Purview in that you get a lot of false positives with some of the native scanning and rules in the platform. A lot of them need tweaking to get a more realistic handle on what data there is."
"Some of the menu headings may not be easy to understand for some people."
"The technical support has room for improvement."
"Two features are unsupported—custom insights and the DLP component—that would be beneficial to me as a consultant and for the customer in terms of security and monitoring. Regarding security, DLP would provide a more granular level of data masking. Custom insights would offer more detailed monitoring and alerts that can notify customers of failures or anything requiring urgent action."
"We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team."
"There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good."
"Although you can explore the data, that creates a great interest in data lineage or the data flow. How does it go from a source to a platform to a Power BI report, for example? It is possible, to some extent, to see that with Purview, but the lineage feature requires some manual work on the development side or more work from Microsoft to improve on it."
"It could reduce pricing to encourage usage."
"The reporting could be more structured."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The solution could improve the playbooks."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
More Microsoft Purview Data Governance Pricing and Cost Advice →
Microsoft Purview Data Governance is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Purview Data Governance is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Data Governance writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Data Governance is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Fortinet FortiSIEM. See our Microsoft Purview Data Governance vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.