We performed a comparison between Microsoft Purview eDiscovery and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning wasn't half bad. I really like that part. I thought it was novel. It pretty much automated it, once you trained the model."
"I think eDiscovery Premium has made dealing with data from Teams much more accessible than any other platform."
"The tool has been beneficial. Some of our previous users left the organization without sharing the information they had at a personal level. This information was related to the organization, and they didn't disclose it. Thanks to the product, it's easy for me to search and find out what communication a specific user has done, whether it's from SharePoint or any other platform. With Microsoft Purview eDiscovery, we can easily retrieve and restore this data."
"The connectivity and analytics are great."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"I see two significant challenges with many of my clients. One is that there are some functionality gaps compared to specialized tools in the legal industry, like a legal hold tool or a document review tool. They have features that Purview eDiscovery lacks. Those gaps create a situation where I almost have to do things twice. I need to collect all my data in eDiscovery and ship it to another platform to complete the review."
"Purview eDiscovery works, but it's not entirely perfect. There were times when search results would get hung up or error codes would be presented and we'd have to contact Microsoft to get that sorted out."
"Microsoft Purview eDiscovery should be cheaper."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The reporting could be more structured."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
Microsoft Purview eDiscovery is ranked 25th in Microsoft Security Suite with 3 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 86 reviews. Microsoft Purview eDiscovery is rated 7.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview eDiscovery writes "It has improved visibility and simplified data review, but it lacks many features found in specialized tools". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview eDiscovery is most compared with Google Vault, Microsoft Purview Data Governance, Veritas Enterprise Vault.cloud, Varonis Platform and Exterro, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Purview eDiscovery vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.