CloudSOC CASB is a cloud access security broker developed by Elastica and now owned and supported by Broadcom, since Broadcom acquired Symantec, who acquired Elastica as part of Blue Coat in 2015.
N/A
Microsoft Sentinel
Score 8.6 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
If you want to extend your Endpoint DLP to cloud: Apps, Web & Email, Then CloudSOC DLP detection Services help you to control with clouds apps & DLP detection Services with WSS help you to control all web. Also, cloud DLP detection services for Email will help you to control visibility & control over Office 365 Exchange, On prem-exchange & Gmail. In the case of other email services- we need to consider other solutions like Forcepoint One.
It's certainly well-suited in environments that rely heavily on Microsoft products, and it's well-suited for environments where you have other business drivers to go to the E5 license. If I were to say where I would not and why, I only gave it a seven on the recommendation, that answer would probably vary if you already owned E5 or not. It's extremely expensive. And if there are other alternatives, if you don't have any other driving reason to go to E5, I would coach you not to go to Microsoft Sentinel. But if you're there, it's a fantastic property. It's certainly part of the cost argument for moving to E5, but it's only a part. It can't by itself justify the move to E5.
As we know real data protection starts with Data Detection It helps us in the detection of any data like related to GDPR, Source Code, Designs, Financial Plans, SSN, IDs, etc.
All Channel coverage - Cloud , Email Data at rest, in-use, in-motion.
Data Formats- Described data, Structured & Unstructured Data image forms like presentation formats, Text & Markup, word processing, Spreadsheet formats, graphic formats, etc.
Machine Learning - Proximity, Derivative, Partial, Pattern, Large data sets, Distributed, Dynamic embedded.
It's the scale. Having built-in detections and vulnerabilities and the ability to see into the traffic flows is absolutely key. Look at it from my perspective as network security. We want to see what's going on east, west, between all the kinds of subscriptions and the tenants. We don't have that. We don't have that with any other product. Microsoft Sentinel gives us that kind of visibility.
An area for improvement is how case management is surfaced within the Microsoft Sentinel experience, as clearer integration into Sentinel workflows would reduce context switching and improve incident handling.
There is an opportunity to further expand agentic, autonomous investigation and response capabilities.
Because, as I said, it still lacks a lot of things, like many playbooks outside the Copilot integrations and the actual remediation. For example, for Microsoft Sentinel and SAP, I would want to see Copilot doing a lot of remediations in Microsoft Sentinel at SAPN, like executing the transaction code, maybe creating certain increases, or remediating stuff like that, which is all customized.
Microsoft support is one of the highest rated on the market. It has global and multilingual support. Calls can be made over the phone and the solution is virtually instantaneous with the help of Microsoft engineers. It's great!
We were using Broadcom Symantec Endpoint security Enterprise, Hybrid subscription services & DLP solution at prem, which helped us in CloudSoC CASB Use Case & we have seen PoC of same, which was easy to integrate with existing security architectures. Overall they have offered us the best commercial in comparison with competitors.
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
Securing the digital transformation. CloudSOC CASB helps the organization's Digital journey by reducing complexities & poor experience of end-users.
Cloud SOC helps us to comply with multiple Compliance like HIPPA, PCI-DSS, GDPR, etc.
Security breaches cause billion-dollar losses to enterprises, CloudSOC will help to assist in the best industry practice by having predefined templates specifically for each industry.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
