TrustRadius

Microsoft Defender for Cloud vs. Microsoft Sentinel

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Microsoft Defender for Cloud
Score 8.4 out of 10
N/A
Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.N/A
Microsoft Sentinel
Score 8.3 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Pricing
Microsoft Defender for CloudMicrosoft Sentinel
Editions & Modules
No answers on this topic
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
Offerings
Pricing Offerings
Microsoft Defender for CloudMicrosoft Sentinel
Free Trial
YesYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Microsoft Defender for CloudMicrosoft Sentinel
Considered Both Products
Microsoft Defender for Cloud
SL
Shreyas Limaye
Senior Cloud Engineer
Chose Microsoft Defender for Cloud
It provides great Integration with the existing resources. As we don’t have to worry about the compatibility of the product with our resources.
Microsoft Sentinel
Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Chose Microsoft Sentinel
Sentinel has a huge advantage of being the first cloud native SIEM which prevents a lot of deployment and technical overhead in comparison to the traditional SIEMs which requires a heavy software installation and even agent deployment in some scenarios. Not only this, Sentinel …
Verified User
Consultant
Chose Microsoft Sentinel
ArcSight is an on-prem solution that has a different approach than Sentinel.

In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that …
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Features
Microsoft Defender for CloudMicrosoft Sentinel
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Microsoft Defender for Cloud
-
Ratings
Microsoft Sentinel
8.0
15 Ratings
3% above category average
Centralized event and log data collection00 Ratings8.215 Ratings
Correlation00 Ratings7.815 Ratings
Event and log normalization/management00 Ratings8.015 Ratings
Deployment flexibility00 Ratings8.614 Ratings
Integration with Identity and Access Management Tools00 Ratings8.014 Ratings
Custom dashboards and workspaces00 Ratings7.015 Ratings
Host and network-based intrusion detection00 Ratings7.613 Ratings
Data integration/API management00 Ratings8.214 Ratings
Behavioral analytics and baselining00 Ratings8.013 Ratings
Rules-based and algorithmic detection thresholds00 Ratings7.814 Ratings
Response orchestration and automation00 Ratings8.414 Ratings
Reporting and compliance management00 Ratings9.04 Ratings
Incident indexing/searching00 Ratings7.615 Ratings
Best Alternatives
Microsoft Defender for CloudMicrosoft Sentinel
Small Businesses

No answers on this topic

AlienVault USM
AlienVault USM
Score 8.1 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.4 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Microsoft Defender for CloudMicrosoft Sentinel
Likelihood to Recommend
8.4
(34 ratings)
8.3
(23 ratings)
Usability
-
(0 ratings)
7.3
(4 ratings)
Support Rating
-
(0 ratings)
8.0
(3 ratings)
Professional Services
-
(0 ratings)
5.0
(1 ratings)
User Testimonials
Microsoft Defender for CloudMicrosoft Sentinel
Likelihood to Recommend
Microsoft
Microsoft Defender is very good while we are enhancing our organization's security, and it is very useful in getting threat alerts and vulnerabilities that can harm our system and users. It is recommended to use this to improve overall security and threat protection of our users and organization. With the help of Microsoft Defender, we get fully covered and secured.
Apoorv Tiwari | TrustRadius Reviewer
Apoorv Tiwari
Cloud Engineer
Read full review
Microsoft
Well, it's definitely suited to log in monitor most of the normal security infrastructure and collect security telemetry. It also extends well to Microsoft's entire suite with regards to data collection for things like Office 365, Power BI, power apps, and the like. It is also pretty good at collecting information from homegrown applications, especially if you're building in Azure.
EB
Read full review
Pros
Microsoft
  • detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
  • The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
  • The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
  • It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.
Verified User
Anonymous
Read full review
Microsoft
  • Sentinel is by far the most efficient tool in supporting the highest number of solutions and products when it comes to data connection (or ingestion) and that too in the least complex manner possible. Most of the data connectors in Sentinel are very easy to configure and deploy.
  • Incident Management is undoubtedly one of the main USPs of Sentinel. With an easy-to-use UI, variety of utilities (adding tasks, manual triggering of playbooks, activity logs etc.) and provision of having an investigation map from the incident details page, Sentinel clearly stands out in this area.
  • I personally love the feature of integrating 'Threat Intelligence' to Sentinel from a free and one of the most reliable sources, Microsoft itself. This not only saves time for an analyst in checking the reputation of an entity but also allows to take actions on the suspicious entities at earliest.
Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Read full review
Cons
Microsoft
  • 'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them.
  • The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident.
  • There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool.
Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Read full review
Microsoft
  • It takes some time to learn how to use and install it properly, and it does not connect effectively with external PaaS systems such as Salesforce CRM, Salesforce Commerce Cloud, and so on.
  • Microsoft can simplify the display of the logs to make them easier to study, and the user interface occasionally delays, which can also be enhanced.
Glenn H. Miller | TrustRadius Reviewer
Glenn H. Miller
Chief Engineer
Read full review
Usability
Microsoft
No answers on this topic
Microsoft
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Flavio Pereira | TrustRadius Reviewer
Flavio Pereira
Analista de sistemas
Read full review
Support Rating
Microsoft
No answers on this topic
Microsoft
Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Verified User
Anonymous
Read full review
Alternatives Considered
Microsoft
We used to use Symantec and McAfee. It's been mostly defenders since, gosh, the last eight to 10 years. So we're a small organization. We don't have a lot of folks, so single-painted glass is really important to be able to see the whole environment in a single place. And the Microsoft tooling gives us that.
Verified User
Anonymous
Read full review
Microsoft
The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. Additionally, leveraging Threat Intel from Microsoft itself gives a sense of security, given their years of experience in the collection of intel. The AI and Machine learning features provided by MS is one of the finest.
Verified User
Anonymous
Read full review
Professional Services
Microsoft
No answers on this topic
Microsoft
Did not use professional services
MB
Michael Bobo
IT Director
Read full review
Return on Investment
Microsoft
  • It creates a great insight in all assets that are available
  • The CSPM makes sure that certain risk that might have been missed are addressed
  • Being able to query across the data gives great insights in threats and possible vulernabilties for CVEs
Verified User
Anonymous
Read full review
Microsoft
  • Less overhead on integration of cloud-native logging
  • The KQL language is very helpful since it can be used for security and operational monitoring but as well for workbooks and dashboarding
  • A large community developing solutions is very helpful for a quick adoption
Verified User
Anonymous
Read full review
ScreenShots

Microsoft Defender for Cloud Screenshots

Screenshot of Remediation of critical issues in codeScreenshot of Cloud security benchmark mapped to industry FramworksScreenshot of Prioritization of critical risks with contextual threat analysisScreenshot of Workload protectionScreenshot of Unified DevOps VisibilityScreenshot of Visualizations to improve security posture proactively

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities