We performed a comparison between Microsoft Defender Threat Intelligence and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product provides efficient email security for sending links and file attachments."
"They have a very transparent roadmap for the product."
"Microsoft Defender Threat Intelligence assesses machines for vulnerabilities and gives remediations."
"You can use it to monitor third parties and ensure they are not under threat attacks. It is beneficial in the GRC model."
"The technical support services are excellent."
"I rate the tool's stability a ten out of ten."
"The user interface is pretty user-friendly."
"The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The pricing of the product is excellent."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The automation feature is valuable."
"The connectivity and analytics are great."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"Having up-to-date documentation and real-time reflections in all portals would be beneficial to keep users informed about any changes. Additionally, the frequent changes in Microsoft's UI and the movement of features between different products in the set pose difficulties."
"The price could be improved."
"I would like for there to be extra confirmation that there aren't viruses. Even if the virus detection software is always running there could be hidden applications that are using the computer."
"The stability of the product is an area of concern where improvements are required."
"The software is expensive."
"There could be AI functionality included for features like reporting and dashboard preparation."
"The tool's onboarding of users that use on-premise or hybrid environments needs to be improved."
"Microsoft Defender Threat Intelligence is evolving and needs to fix and enhance numerous issues like stability and licensing. The continuous rebranding and licensing changes are confusing."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"I would like to see more AI used in processes."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
More Microsoft Defender Threat Intelligence Pricing and Cost Advice →
Microsoft Defender Threat Intelligence is ranked 16th in Microsoft Security Suite with 24 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Defender Threat Intelligence is rated 8.4, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Defender Threat Intelligence writes "A tool that offers endpoint protection with low maintenance costs". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Defender Threat Intelligence is most compared with STAXX, Cisco Threat Grid, ThreatConnect Threat Intelligence Platform (TIP), VirusTotal and Splunk Mission Control, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Defender Threat Intelligence vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.