We performed a comparison between IBM Cloud Pak for Security and Microsoft Sentinel based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Akamai, Cisco and others in Cloud and Data Center Security."The interface is good and very user-friendly."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The product can integrate with any device."
"Lacks sufficient technical support."
"The on-prem log sources still require a lot of development."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"The AI capabilities must be improved."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
IBM Cloud Pak for Security is ranked 22nd in Cloud and Data Center Security with 1 review while Microsoft Sentinel is ranked 2nd in Security Information and Event Management (SIEM) with 86 reviews. IBM Cloud Pak for Security is rated 0.0, while Microsoft Sentinel is rated 8.2. The top reviewer of IBM Cloud Pak for Security writes "Great user-friendly interface; provides many functionalities and many free applications ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". IBM Cloud Pak for Security is most compared with IBM Security QRadar and IBM Resilient, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.