Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment.

Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that.

Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit.

Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

View full review »

The most valuable features are its smart analysis that spots potential issues, smooth connections with Microsoft tools, and the way it uses cloud and machine learning to amp up threat detection. It also makes everything easier by automating some tasks and growing with our needs.

View full review »

It is a good product. The tool is simple to use.

View full review »

The most valuable feature of Sentinel is the dashboard. They come up with certain shop metrics and Azure ID-related dashboards. We mostly utilize the in-built use cases.

View full review »

One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. 

Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this. 

View full review »

The native integration with out-of-the box format is hassle free and allows data to be used advantageously. 

Transactional user information improves security, prevents fraud, and promotes best practices. 

View full review »

Sentinel provides security features on the cloud, and we have many cloud servers. The solution lets us get all the logs properly and regularly monitor customer infrastructure.

View full review »

Sentinel's GUI design is similar to Microsoft Windows. If you are comfortable with using Windows, you will be comfortable using Sentinel because their icons are similar. Sentinel's integration is pretty easy.

Sentinel's management is very easy because Microsoft guides everything through icons, design, and documentation. The solution's model is pretty good. The solution's Kusto Query Language (KQL) execution time is pretty good.

One good thing I like about Sentinel is its automation. You can automatically respond to the incident via the logic app. You don't need to know about coding and complexity. Everyone who uses Sentinel in my circle has been praising the solution.

View full review »

The use cases that it was made for, such as server monitoring, worked very well.

View full review »

The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this. 

View full review »

The query tool of the web UI is so cool! (Lucene-based, filters-based on taxonomy). The web interface gives you the ability to design, at query time, a simple report on the fly.

Support from provider its great, good experience with helpdesk.

View full review »

<ul> <li>Correlation Engine simpleness</li> <li>Visual agent deployment</li> <li>Stream based solution performed by iscale bus (no latency due to the database layer) </li> </ul> View full review »

Anomaly dashboards, search/filters features.

Anomaly dashboard provides possibility to find 0-day attacks. This feature is built based on the second-search/filters. It's great and very useful, because I would first find out if search/filter can give me the data that I needed. If not, I have possibility to change it, e.g. using regex or do search/filter fine-tuning. And when I have search/filter tested and know that it will catch information that I want see on chart, then I implement search/filter in new Anomaly dashboard.

The great idea is also fact that I can receive anomaly alerts via email. I don't need to watch charts all the time.

View full review »

The most valuable feature of this solution is that it provides a central locking system for many event sources.

View full review »

Scalability is the best feature.

View full review »

Correlation rules - The correlation engine allows our clients to generate rules more efficiently. For example: the company has a policy which said that all connections to the databases can only be done by internal connection. So you can correlate the VPN logs, FW logs, dB logs to alert when this policy has been breached. View full review »