We performed a comparison between Microsoft Purview and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Instead of having to manually write down which tables and columns exist and then describe them, you can do that process in one go, by simply connecting to a source. That's a huge time-saver and a great benefit of Purview."
"My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
"I really like the entire system for auto-labeling content. It's a very refined system. I use the Keyword Query Language to define refined string-based metadata, and then I can really go deep into the specific data with the specific properties labeled in such and such a way."
"I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly."
"The time to onboard is pretty short."
"It gives you the opportunity to know your data and apply policies around it. If those policies are flouted, you can always track what's happening. You have options such as alerting the person who is committing that action, or you can take automatic action by blocking, for example, an email that is been sent externally. It's very useful."
"Has a good interface and is reasonably priced."
"The labeling is the most valuable feature for the companies I'm installing it for. Some of them have several thousand staff, and their concerns are around confidential or private data being shared. The labels and the policies involved with them give them that initial visibility."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated."
"We've had a few issues with the scanner. It runs perfectly one day, and on another day, it will run the whole night. It's probably related to the rules. If I set some compliance rules and apply the rules to any column, I can't delete it. I have to disable it and reactivate it."
"It could reduce pricing to encourage usage."
"The product needs improvement to edit the number of assets. It needs to be more inuitive as well."
"Reflecting organizational changes within Purview is impractical."
"Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question."
"If we could have a view something like we have in CrowdStrike—which is, I believe, the biggest competitor to Microsoft when it comes to security—a node nodal view, which we also have in Defender, that would make it a more complete, one-stop solution. That would save a lot of time for the admins and the engineers."
"As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"We'd like also a better ticketing system, which is older."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The reporting could be more structured."
Microsoft Purview is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 85 reviews. Microsoft Purview is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Fortinet FortiSIEM. See our Microsoft Purview vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.