We performed a comparison between Microsoft Purview eDiscovery and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool has been beneficial. Some of our previous users left the organization without sharing the information they had at a personal level. This information was related to the organization, and they didn't disclose it. Thanks to the product, it's easy for me to search and find out what communication a specific user has done, whether it's from SharePoint or any other platform. With Microsoft Purview eDiscovery, we can easily retrieve and restore this data."
"I think eDiscovery Premium has made dealing with data from Teams much more accessible than any other platform."
"The machine learning wasn't half bad. I really like that part. I thought it was novel. It pretty much automated it, once you trained the model."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The automation feature is valuable."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"I see two significant challenges with many of my clients. One is that there are some functionality gaps compared to specialized tools in the legal industry, like a legal hold tool or a document review tool. They have features that Purview eDiscovery lacks. Those gaps create a situation where I almost have to do things twice. I need to collect all my data in eDiscovery and ship it to another platform to complete the review."
"Purview eDiscovery works, but it's not entirely perfect. There were times when search results would get hung up or error codes would be presented and we'd have to contact Microsoft to get that sorted out."
"Microsoft Purview eDiscovery should be cheaper."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The solution could improve the playbooks."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
Microsoft Purview eDiscovery is ranked 26th in Microsoft Security Suite with 3 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 86 reviews. Microsoft Purview eDiscovery is rated 7.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview eDiscovery writes "It has improved visibility and simplified data review, but it lacks many features found in specialized tools". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview eDiscovery is most compared with Google Vault, Microsoft Purview Data Governance, Veritas Enterprise Vault.cloud, Smarsh eDiscovery and Exterro, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Purview eDiscovery vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.