We performed a comparison between Microsoft Intune and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."While Microsoft Intune boasts a wide range of features, its user-friendliness and bundled licensing cost are key considerations for me."
"Application deployment and keeping the devices secure no matter where they are, by having this cloud solution — that has been great."
"The central administration con dashboard is very easy to use and provides very good oversight on all that needs to be monitored."
"It provides control over all mobile devices that are being connected to the corporate network."
"For Windows services, there are multiple options within Intune to modernize it to be more internet-facing and dynamic."
"It allows our clients to have the confidence to centrally manage policies for security. It helps them in securing the organization from a technology aspect."
"We are a remote company, and the product helps us manage the global endpoints. It helps us natively manage the endpoints in the cloud from anywhere."
"It's easy to deploy a configuration or policy to a system, especially when you don't have Azure AD. Now we are talking to all these small and medium-sized customers who don't necessarily have an on-premise Windows Active Directory. If they have invested in Office 365 Premium, this functionality becomes available to them."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"There is improvement needed in integrating with the installed Office solutions versions, such as Office 2019. The Office 365 integrates without a problem."
"The documentation about the custom image setup could be better. Although Microsoft provides the steps to configure Intune or set up or deploy Intune, it doesn't have much information related to custom images. If you ask, "how can we deploy the custom image?" There is no information. The steps they mention ask you to connect to your on-premises environment or create your own image on the cloud itself once there is connectivity. But I needed to go to multiple websites to get all this information. I had to figure out how to upload the custom image if you want to use the on-premise custom image for Cloud PC. If you have the proper subscription, you must have the right access, like global admin or owner. Then you can add your custom image to that. There are no steps mentioned over there. Microsoft Intune doesn't have Chrome browser support. I would like to have that support because they will want it if we pitch the product to clients."
"There is no catalog for mobile access management (MAM) security."
"There are a couple of issues with stability."
"I wanted to check if there is any provision at the Intune level to restrict certain things, such as a website, but unfortunately, that feature is available only in Microsoft Defender. Intune has web filtering capabilities, but they are only useful for protection from malicious websites, whereas we would like to be able to restrict a website. For example, YouTube is a clean website. No one would identify it as a malicious website, but if we want to stop the end-users from going to that website, we have to go for another product, such as Microsoft Defender or another third-party proxy solution. It would be great if this capability is included in Intune."
"Microsoft Intune lacks the ability to provide seamless remote assistance or remote control."
"They need to integrate more with security options."
"The pricing could be improved."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The product can be improved by reducing the cost to use AI machine learning."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The playbook is a bit difficult and could be improved."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
Microsoft Intune is ranked 3rd in Microsoft Security Suite with 165 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Intune is rated 8.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, Microsoft Entra ID and SOTI MobiControl, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Intune vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.