• Home
  • Microsoft Purview vs. Microsoft Sentinel

Microsoft Purview vs Microsoft Sentinel comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Purview

Read 48 Microsoft Purview reviews
4,772 views|2,393 comparisons
82% willing to recommend
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
5,194 views|2,993 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Purview vs. Microsoft Sentinel
March 2024
Executive Summary

We performed a comparison between Microsoft Purview and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Purview vs. Microsoft Sentinel Report (Updated: March 2024).
Download the complete report
768,886 professionals have used our research since 2012.
Featured Review
Afeez Olaboye
Helps protect data across multi-platform environments, connects to a wide range of devices, and helps us stay compliant
Ensuring data protection across multi-cloud and multi-platform environments through Purview is crucial for us. Currently operating on Azure and... Read more →
Sachin Paul
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Instead of having to manually write down which tables and columns exist and then describe them, you can do that process in one go, by simply connecting to a source. That's a huge time-saver and a great benefit of Purview.""My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.""I really like the entire system for auto-labeling content. It's a very refined system. I use the Keyword Query Language to define refined string-based metadata, and then I can really go deep into the specific data with the specific properties labeled in such and such a way.""I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly.""The time to onboard is pretty short.""It gives you the opportunity to know your data and apply policies around it. If those policies are flouted, you can always track what's happening. You have options such as alerting the person who is committing that action, or you can take automatic action by blocking, for example, an email that is been sent externally. It's very useful.""Has a good interface and is reasonably priced.""The labeling is the most valuable feature for the companies I'm installing it for. Some of them have several thousand staff, and their concerns are around confidential or private data being shared. The labels and the policies involved with them give them that initial visibility."

More Microsoft Purview Pros →

"We are able to deploy within half an hour and we only require one person to complete the implementation.""Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent.""Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications.""Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents.""It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things.""Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions.""The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."

More Microsoft Sentinel Pros →

Cons
"While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated.""We've had a few issues with the scanner. It runs perfectly one day, and on another day, it will run the whole night. It's probably related to the rules. If I set some compliance rules and apply the rules to any column, I can't delete it. I have to disable it and reactivate it.""It could reduce pricing to encourage usage.""The product needs improvement to edit the number of assets. It needs to be more inuitive as well.""Reflecting organizational changes within Purview is impractical.""Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question.""If we could have a view something like we have in CrowdStrike—which is, I believe, the biggest competitor to Microsoft when it comes to security—a node nodal view, which we also have in Defender, that would make it a more complete, one-stop solution. That would save a lot of time for the admins and the engineers.""As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less."

More Microsoft Purview Cons →

"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it.""Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks.""We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel.""We'd like also a better ticketing system, which is older.""I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us.""Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs.""The reporting could be more structured."

More Microsoft Sentinel Cons →

Pricing and Cost Advice
  • "The pricing is moderate. It's not too expensive, but it's not the most competitive."
  • "Microsoft Purview is the best option I have encountered when it comes to price. Maybe some of my information is outdated, but Microsoft offered it so that you could use it almost without paying."
  • "There is some competition out there, but the other solutions are quite expensive. They are enterprise tools that are a bit more mature but the license costs $100,000 for some of them. Purview is pay-per-use and a lot of companies are interested in that."
  • "Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price."
  • "Its pricing is good in terms of the features that they are providing, but there are many competitors in the market who can easily provide you with similar services at a lesser cost."
  • "The categorization within the licensing could be improved. There are a lot of solutions within Microsoft Purview. If the licensing could be a bit clearer and the solutions could be better categorized according to function and across multiple environments, that would be excellent. The licensing is very confusing."
  • "Price-wise, I think it's very generous and accessible to not just enterprises but small to medium-sized companies as well. I think it's very fair in terms of how they break apart the storage and the actual computing, and that makes it very accessible. So, that is a very big plus for Purview."
  • "Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features."

    • More Microsoft Purview Pricing and Cost Advice →

  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    See Recommendations
    768,886 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Azure Purview?
    Top Answer:It is designed to seamlessly connect to various data sources, which is particularly beneficial for our customers who primarily use Microsoft technologies.
    Read all 21 answers   →
    What is your experience regarding pricing and costs for Microsoft Azure P...
    Top Answer:Currently, the licensing differs for the governance side compared to the risk and compliance side. On the governance side, the charges are based on the usage of Purview, including the data map, data… more »
    Read all 19 answers   →
    What needs improvement with Microsoft Azure Purview?
    Top Answer:Data quality has been a highly requested feature among customers. While it was initially scheduled for release in December last year, I anticipate that this feature will be available soon this year. I… more »
    Read all 20 answers   →
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized by… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    Ranking
    7th
    out of 36 in Microsoft Security Suite
    Views
    4,772
    Comparisons
    2,393
    Reviews
    45
    Average Words per Review
    1,368
    Rating
    7.6
    5th
    out of 36 in Microsoft Security Suite
    Views
    5,194
    Comparisons
    2,993
    Reviews
    60
    Average Words per Review
    1,620
    Rating
    8.4
    Comparisons
    Also Known As
    MS Azure Purview
    Azure Sentinel
    Learn More
    Microsoft
    Microsoft
    Overview

    Microsoft Purview is a unified data governance solution that helps you understand all of your on-premises, multi cloud, and software-as-a-service (SaaS) data and maintain control over its usage. With the Microsoft Purview solution, you can create a detailed, up-to-date map of your data landscape with sensitive data classification, automated data discovery, and end-to-end data lineage. Not only does it enable data curators to easily secure your data, but it also allows data consumers to find valuable, trustworthy data.

    Microsoft Azure Purview is designed with:

    • Data Map: Microsoft Purview Data Map provides the foundation for data discovery and effective data governance. Azure Purview Data Map is a cloud-native PaaS service that captures metadata about enterprise data present in analytics and operation systems on premises and in the cloud.

    • Data Catalog: Microsoft Purview Data Catalog finds trusted data sources by browsing and searching your data assets. The data catalog aligns your assets with business terms and data classification to identify data sources.

    • Data Insights: Microsoft Purview Data Insights gives you an overview of your data estate to help you discover what kinds of data you have and where.

    Microsoft Purview Features

    Microsoft Purview has many valuable key features. Some of the most useful ones include:

    • Automated data discovery, lineage identification, and data classification
    • Insights into the location and movement of sensitive data across your entire data estate
    • Unified map of your data assets and their relationships for more effective data governance
    • Glossary with business and technical search terms to aid data discovery

    Microsoft Purview Benefits

    Some of the benefits of using Microsoft Azure Purview include:

    • Automate and manage metadata from hybrid sources.
    • Classify data using built-in and custom classifiers and Microsoft Information Protection sensitivity labels.
    • Label sensitive data consistently across SQL Server, Azure, Microsoft 365, and Power BI.
    • Easily integrate all your data systems using Apache Atlas APIs.
    • Search for data using technical or business terms.
    • Easily understand data by browsing associated technical, business, semantic, and operational metadata.
    • Quickly identify the sensitivity level of data.
    • Scan your Power BI environment and Azure Synapse Analytics workspaces with a few clicks.
    • Automatically publish all discovered assets and lineage to the Purview Data Map.
    • Connect Microsoft Azure Purview to Azure Data Factory instances to automatically collect data integration lineage.
    • Quickly determine which analytics and reports already exist without reinventing the wheel.

    Reviews from Real Users

    PeerSpot reviewer Kelly B., Solution Specialist at LobsterPot Solutions, says, “We're building a new system from scratch for our clients and wanted to include data governance. Their solution is hosted in Azure and it seemed logical to go with something that fits with that. Purview has a pretty good interface and I'm satisfied with what the solution does and the price it's being sold at. It integrates well with Azure technologies.” She also adds, “The initial setup was very easy, that's part of the appeal.”

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Sample Customers
    Information Not Available
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Top Industries
    REVIEWERS
    Financial Services Firm21%
    University11%
    Computer Software Company11%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company14%
    Financial Services Firm13%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business34%
    Midsize Enterprise20%
    Large Enterprise46%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    Buyer's Guide
    Microsoft Purview vs. Microsoft Sentinel
    March 2024
    Free Report: Microsoft Purview vs. Microsoft Sentinel
    Find out what your peers are saying about Microsoft Purview vs. Microsoft Sentinel and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,886 professionals have used our research since 2012.

    Microsoft Purview is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 85 reviews. Microsoft Purview is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Fortinet FortiSIEM. See our Microsoft Purview vs. Microsoft Sentinel report.

    See our list of best Microsoft Security Suite vendors.

    We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.