Overall Satisfaction with Microsoft Sentinel
We are using Microsoft Sentinel as our main SIEM solution at Nedscaper for managing out customers that are onboarded to our MXDR service. The main challenge is distributing analytics rules, playbooks, watchlists, and other artifacts at scale without implementing complex deployment pipelines in either GitHub or Azure DevOps. There are several options available, like Azure Lighthouse or using the Microsoft Sentinel Workspace Manager (Preview). Both have their pros and cons on both authentication levels, as scalability and support in artifacts that can be synchronized.
- Correlating Security Data.
- Automated response.
- Threat Intelligence mapping.
- Performance on data ingestion.
- Performance on query data.
- Normalizing data.
- Productivity in out SOC went up.
- More control over environments.
All Microsoft Cloud products Palo Alto Barracuda Fortigate Cisco Darktrace BeyondTrust Azure DevOps GitHub CheckPoint F5, etc.
For some products, this went flawless, but other connectors are more complex. Especially when working with systems like the Cisco FirePower or solutions that need to be queried through a FunctionApp makes the implementation more fragile.
N/A
Microsoft Sentinel is one of the products that are being used in the investigation phases. Depending on the incident, multiple Microsoft Portals are used to retrieve the required information to investigate an incident. The mapping between resources and events is really powerful and gives a detailed overview of the incidents.
Do you think Microsoft Sentinel delivers good value for the price?
Yes
Are you happy with Microsoft Sentinel's feature set?
Yes
Did Microsoft Sentinel live up to sales and marketing promises?
Yes
Did implementation of Microsoft Sentinel go as expected?
Yes
Would you buy Microsoft Sentinel again?
Yes
Microsoft Sentinel Feature Ratings
Using Microsoft Sentinel
40 - Most people who are using Microsoft Sentinel in our organization are working in our SOC or work as a Cloud Security Consultant. The consultants are primarily supporting our customers in implementing, configuring, and using Microsoft Sentinel. We regularly provide workshops and webinars on how to get the most out of the product.