Overview
Product Information on Microsoft Sentinel
What is Microsoft Sentinel?
Microsoft Sentinel Pricing
Overall experience with Microsoft Sentinel
“Automation With Logic Apps Shines, But GUI Features Remain Limited In Sentinel”
“Integration with Microsoft Smooth, Third-Party and Querying Hinder Experience”
About Company
Company Description
Microsoft enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft is dedicated to advancing human and organizational achievement. Microsoft Security helps protect people and data against cyberthreats to give peace of mind.
Company Details
Do You Manage Peer Insights at Microsoft?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Microsoft Sentinel
Reviewer Insights for: Microsoft Sentinel
Deciding Factors: Microsoft Sentinel Vs. Market Average
Performance of Microsoft Sentinel Across Market Features
Microsoft Sentinel Likes & Dislikes
KQL is awesome to work with, and easy to pick up and start working with. There are always other things you can really dive into to improve your skills, like functions or setting up ASIM tables to format your data. The transformations on a data collection rule make it very easy to bring in just the data that you need, even if you do pay a bit for some transformation if you are dropping a lot of data.
It is easu to integrate with Microsoft envioronments, both cloud and on-premise
Microsoft Sentinel offers the most efficient threat detection features which makes it possible for us to capture even the most hidden and advanced security threats. It has powerful threat investigation and analytics features powered by AI, allowing us to gather all the information we need about a specific threat and this allows us to respond to the threats the right way. Microsoft Sentinel has automation features which have allowed us to setup custom threat response workflows to automatically resolve threats as soon as they are detected. It provides us with clear threat reports that allow us to find connections between related threats making it easy to take all the necessary measures to avoid the threats from ever happening again.
Some of the areas of the main page just do not work as expected. For example, on an entity, you can click on it and there is an Insights tab that almost never loads information. The investigation page is almost worthless as well. I love Sentinel for the automation, but the GUI features are just not there, and with the migration into Defender, I don't see them being updated.
What I dont like at all is the thir-party integration, the associated costs when integrating new sources, and keeping in mind that every GB used must be included in the budget. On the other hand, theres the issue of queries, for which you must have knowledge of KQL
For the entire period we have been working with Microsoft Sentinel, we have not seen any issues to report or anything that we dislike. All its features are very responsive and work incredibly perfect for us.
Top Microsoft Sentinel Alternatives
Peer Discussions
Microsoft Sentinel Reviews and Ratings
- MANAGER, IT SECURITY AND RISK MANAGEMENT50M-1B USDManufacturingReview Source
Automation With Logic Apps Shines, But GUI Features Remain Limited In Sentinel
Sentinel is by far my favorite SIEM. We migrated away from another vendor and have been all in on Sentinel for about 2 years now. Being able to use Logic apps for automation is great and I just find KQL to be far more intuitive than dealing with SPL, which is likely because the same skills can be used on other various logs in Azure for Diagnostics. - Senior Network Engineer50M-1B USDTelecommunicationReview Source
Boost security with Microsoft Sentinel's advanced threat detection, intelligence and management features.
We have been using Microsoft Sentinel for a while now to handle security threats management operations and the experience has been very productive. Microsoft Sentinel provides us with a range of very powerful security management features that allow us to analyze, detect, investigate and respond to security threats thoroughly. With its advanced threat detection features, we have been able to stay alert and capture all suspicious security activities before they cause any harm. Microsoft Sentinel offers us outstanding threat intelligence features that allow us to investigate all detected threats, making it easy to understand their root causes, their origin and the best way to respond to them. - Psychoanalyst, Psychotherapist Membro Or50M-1B USDHealthcare and BiotechReview Source
Enhance data security with Microsoft Sentinel's powerful threat detection features.
Microsoft Sentinel has been a very reliable security enhancement tool for us that allows us to keep all our data and resources safe from security threats. It has been providing with very effective security threat analytics and detection features which help us to discover any threats and respond to them quickly. With Microsoft Sentinel, it has been easily possible for us to achieve and maintain a safe working environment for everyone and to keep our data safeguarded from all sorts of security threats. - Manager Of It Services50M-1B USDBankingReview Source
AI-Driven Sentinel Enhances Security Efficiency, Yet Presents Learning And Cost Challenges
Microsoft Sentinel helps you spot, investigate and prevent threats and cyberattacks. it acts as a SIEM and SOAR, which gathers the data and prepares automated responses. As a cloud-native solution, you do not need to maintain a physical server to run Microsoft Sentinel. It connects to different tools like Microsoft 365, AWS, GCP which helps to monitor security alerts in one single place. It has the ability to take required action whenever required using the playbook, which saves the time and effort of security team members of organization. As the solution comes with AI-driven capabilities that help to enhance the security posture of an organization by mitigating or neutralizing threats before any damage is done. - Manager, IT Security and Risk Management50M-1B USDBankingReview Source
Copilot Integration in Microsoft Sentinel Transforms Incident Investigation Process
Microsoft Sentinel is one of the next generation SIEM platform that offers core SIEM capabilities along with AI powered features. With Copilot integration, we can speed up the incident investigation as Copilot generates incident summary, readymade email template and much more. The advanced KQL is very powerful for investigating and correlating logs. We can even use sql functions like join, union to perform threat hunting, use in rules for real time detections etc.