We performed a comparison between Microsoft Entra ID Protection and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I use conditional access most of the time."
"The solution helps us with authentication."
"The tool is simple and you can find a lot of tutorials, and videos on YouTube that can help you."
"The reverse proxy feature provides additional security that is not available in other solutions."
"The primary and most valuable aspect of Azure AD identity is its ability to function seamlessly on both on-premise and cloud infrastructure, eliminating the need for extensive updates. However, this dual solution can pose vulnerabilities that require substantial support and security measures in the on-premise environment. Despite the challenges, it is currently not feasible to completely abandon AD, especially for companies in the sales and energy sectors. The integration with Microsoft Defender is crucial for enhancing security, making identity and security the primary focus and purpose of Azure AD."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel pricing is good"
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The solution is not optimized to work with Mac devices on a granular level. They work seamlessly with Windows but have a lot to improve to work with Mac devices. It also needs to improve stability and scalability."
"Azure AD could improve by enhancing the availability of specialized courses for security, such as NETSCOUT security or other relevant certifications. It would be beneficial to have specific courses for security, to provide in-depth knowledge and skills related to Azure AD. While there are micro-learning resources available for various concepts, many people in the IT industry may not have the time to go through all the courses to properly configure and utilize Azure Active Directory. Simplifying the implementation process and making it easier for individuals to join a company with Azure AD could also be considered areas for improvement."
"The solution's sync should be faster since it can take about 30 minutes to two hours to complete a simple sync. The tool needs to sync instantly. It also needs to improve scalability, support, and stability."
"Integrating some notifications, not necessarily all, but at least for important events or alerts, would be beneficial as it would function as a team solution or something similar."
"Identity labeling and sensitivity needs improvement."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"There is room for improvement in entity behavior and the integration site."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We'd like to see more connectors."
More Microsoft Entra ID Protection Pricing and Cost Advice →
Microsoft Entra ID Protection is ranked 13th in Microsoft Security Suite with 5 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 86 reviews. Microsoft Entra ID Protection is rated 8.4, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Entra ID Protection writes "Enables smooth user sign-on experience, seamlessly deployment, and scales well". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Entra ID Protection is most compared with Microsoft Defender for Identity, CrowdStrike Identity Protection, BloodHound Enterprise, Microsoft Entra Permissions Management and Intercede MyID, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Entra ID Protection vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.