Likelihood to Recommend Kibana integrates seamlessly with Elastic Search which gives us access to parse and analyze data generated from our systems in order to make decisions. Also, Kibana helps us create insightful reports and dashboards that give us insights into the end-users usage on the system and helps us find the root cause of issues as well.
Read full review Sentinel is the best "cloud-native" in the market yet, so if the organization has a cloud presence (which almost everyone has) then Sentinel is the right choice for having a single pane of glass for all your security monitoring needs. Sentinel is a very good tool for log analysis and event management purposes as well. With KQL and ASIM parsers, organizations can retrieve invaluable insights even from the most complex data. And of course, Sentinel is a great choice for automating the incident response process to a very good extent.
Read full review Pros Fast searches with powerful index. Beautiful data visualizations. Real-time observability. Read full review It has a native integration with all Microsoft products, from Entra to Azure, Microsoft 365 Being built upon native Azure functionality benefits in automation and infrastructual solutions The KQL language is relatively easy to learn and powerful. Microsoft is listening very careful to the customers and develops new functionality at a fast pace Read full review Cons Some performance issues with large datasets. Linking to dashboards makes extremely long urls. Lack of reports. Read full review It takes some time to learn how to use and install it properly, and it does not connect effectively with external PaaS systems such as Salesforce CRM, Salesforce Commerce Cloud, and so on. Microsoft can simplify the display of the logs to make them easier to study, and the user interface occasionally delays, which can also be enhanced. Read full review Usability The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review Support Rating We did not use the official Kibana support. Documentation was easy enough to follow.
Read full review Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review Alternatives Considered Kibana has a better usability experience, the core features I was using existed in all of them. I liked more in Kibana how you can easily create dashboards, charts, and reports without the need to be a tech person.
Read full review The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. Additionally, leveraging Threat Intel from Microsoft itself gives a sense of security, given their years of experience in the collection of intel. The AI and Machine learning features provided by MS is one of the finest.
Read full review Professional Services Did not use professional services
Read full review Return on Investment Issues that affect checkout experiences for customers are able to be prioritized and solved quickly. We are able to more efficiently use resources due to the automation of reporting alerts. Decreasing employee resources needed. Visualization allows us to quickly share issues and explain to coworkers in order to escalate issues that can cost our bottom line. Read full review Microsoft Sentinel is a good investment, especially when sided with other solutions such as Microsoft 365 Defender, as it provides 360° protection on every level of the infrastructure. When deployed on infrastructures that have never had an SIEM, Microsoft Sentinel helps to assess vulnerabilities and misconfigurations. As with any other SIEM, Microsoft Sentinel basically eliminates the need to put effort into every single platform (like EDR, NDR, XDR) and converge that effort on a single product that correlates and orchestrates the rest. Read full review ScreenShots Microsoft Sentinel Screenshots