KnowBe4 PhishER/PhishER Plus vs. Microsoft Sentinel

Microsoft Sentinel

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
KnowBe4 PhishER/PhishER Plus	Score 8.9 out of 10	N/A	PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.	$0.75 per month (billed annually) per seat
Microsoft Sentinel	Score 8.6 out of 10	N/A	Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.	$2.46 per GB ingested

Pricing

KnowBe4 PhishER/PhishER Plus

Microsoft Sentinel

Editions & Modules

3001-5000 Monthly Pricing Per Seat: $0.75
per month (billed annually) per seat
501-1000 Monthly Pricing Per Seat: $1.15
per month (billed annually) per seat
101-500 Monthly Pricing Per Seat: $1.50
per month (billed annually) per seat

Azure Sentinel: $2.46
per GB ingested
100 GB per day: $123.00
per day
200 GB per day: $221.40
per day
300 GB per day: $319.80
per day
400 GB per day: $410.00
per day
500 GB per day: $492.00
per day
More than 500 GB per day: $492.00 + $98.40
per day/plus each additional 100 GB increment

Offerings

Pricing Offerings
KnowBe4 PhishER/PhishER Plus	Microsoft Sentinel
Free Trial
No	Yes
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

For organizations with over 1,000 seats, contact sales for a quote.

—

More Pricing Information

Pricing Info

Community Pulse
	KnowBe4 PhishER/PhishER Plus	Microsoft Sentinel
Considered Both Products	KnowBe4 PhishER/PhishER Plus MC Matt Carr Identity and Access Administrator Chose KnowBe4 PhishER/PhishER Plus We were comparing the two and KnowBe4 PhishER won out on both ease of implementation and price. Incentivized Helpful? KO Krystal Otten Security Engineer Chose KnowBe4 PhishER/PhishER Plus None. Incentivized Helpful?	Microsoft Sentinel Glenn H. Miller Chief Engineer Chose Microsoft Sentinel We don't need to maintain a third-party SaaS solution or spend any time integrating it since Microsoft Sentinel is the ideal option to give a single point of attack detection and alert monitoring. Incentivized Helpful?

Features

KnowBe4 PhishER/PhishER Plus

Microsoft Sentinel

Incident Response Platforms

Comparison of Incident Response Platforms features of Product A and Product B
	KnowBe4 PhishER/PhishER Plus 7.8 116 Ratings 13% below category average	Microsoft Sentinel - Ratings
Company-wide Incident Reporting	7.095 Ratings	00 Ratings
Integration with Other Security Systems	7.692 Ratings	00 Ratings
Centralized Dashboard	8.5115 Ratings	00 Ratings
Machine Learning to Prevent Incidents	7.798 Ratings	00 Ratings
Live Response for Rapid Remediation	8.398 Ratings	00 Ratings

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	KnowBe4 PhishER/PhishER Plus - Ratings	Microsoft Sentinel 8.0 31 Ratings 2% above category average
Centralized event and log data collection	00 Ratings	8.630 Ratings
Correlation	00 Ratings	8.431 Ratings
Event and log normalization/management	00 Ratings	8.031 Ratings
Deployment flexibility	00 Ratings	6.929 Ratings
Integration with Identity and Access Management Tools	00 Ratings	8.329 Ratings
Custom dashboards and workspaces	00 Ratings	8.031 Ratings
Host and network-based intrusion detection	00 Ratings	8.126 Ratings
Data integration/API management	00 Ratings	7.929 Ratings
Behavioral analytics and baselining	00 Ratings	8.027 Ratings
Rules-based and algorithmic detection thresholds	00 Ratings	8.429 Ratings
Response orchestration and automation	00 Ratings	8.428 Ratings
Reporting and compliance management	00 Ratings	7.35 Ratings
Incident indexing/searching	00 Ratings	8.429 Ratings

Best Alternatives
	KnowBe4 PhishER/PhishER Plus	Microsoft Sentinel
Small Businesses	ThreatDown, powered by Malwarebytes Score 9.4 out of 10	LevelBlue USM Anywhere Score 7.7 out of 10
Medium-sized Companies	CrowdStrike Falcon Score 9.1 out of 10	Sumo Logic Score 8.8 out of 10
Enterprises	CrowdStrike Falcon Score 9.1 out of 10	Sumo Logic Score 8.8 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	KnowBe4 PhishER/PhishER Plus	Microsoft Sentinel
Likelihood to Recommend	9.3 (118 ratings)	8.7 (53 ratings)
Likelihood to Renew	8.7 (7 ratings)	6.8 (2 ratings)
Usability	8.6 (32 ratings)	6.5 (7 ratings)
Availability	8.2 (1 ratings)	- (0 ratings)
Performance	8.2 (1 ratings)	- (0 ratings)
Support Rating	8.6 (5 ratings)	8.0 (3 ratings)
Implementation Rating	8.5 (3 ratings)	- (0 ratings)
Configurability	7.7 (8 ratings)	- (0 ratings)
Contract Terms and Pricing Model	9.1 (1 ratings)	- (0 ratings)
Ease of integration	9.1 (2 ratings)	- (0 ratings)
Product Scalability	8.2 (1 ratings)	- (0 ratings)
Professional Services	8.2 (1 ratings)	5.0 (1 ratings)
Vendor post-sale	8.2 (1 ratings)	- (0 ratings)
Vendor pre-sale	9.1 (1 ratings)	- (0 ratings)

User Testimonials
	KnowBe4 PhishER/PhishER Plus	Microsoft Sentinel
Likelihood to Recommend	KnowBe4 PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign. Incentivized Verified User Anonymous Read full review	Microsoft It's certainly well-suited in environments that rely heavily on Microsoft products, and it's well-suited for environments where you have other business drivers to go to the E5 license. If I were to say where I would not and why, I only gave it a seven on the recommendation, that answer would probably vary if you already owned E5 or not. It's extremely expensive. And if there are other alternatives, if you don't have any other driving reason to go to E5, I would coach you not to go to Microsoft Sentinel. But if you're there, it's a fantastic property. It's certainly part of the cost argument for moving to E5, but it's only a part. It can't by itself justify the move to E5. Incentivized Verified User Anonymous Read full review
Pros	KnowBe4 One platform that integrates reported emails and using PhishFlip to educated staff. Automation to remove malicious emails from mailboxes. Instantly report back to users if an email is safe or malicious. Easily review vital technical information to help you make a decision if an email is a threat. Allow comments to be left from staff and IT. Incentivized AT Andy Tran IT Security Analyst Read full review	Microsoft It's the scale. Having built-in detections and vulnerabilities and the ability to see into the traffic flows is absolutely key. Look at it from my perspective as network security. We want to see what's going on east, west, between all the kinds of subscriptions and the tenants. We don't have that. We don't have that with any other product. Microsoft Sentinel gives us that kind of visibility. Incentivized Verified User Anonymous Read full review
Cons	KnowBe4 Issues with Global Blocklist Email Template Modification - Simplification Target Specific Users vs. Groups PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides. Incentivized BB Bronson Bontrager IT Operations Specialist Read full review	Microsoft An area for improvement is how case management is surfaced within the Microsoft Sentinel experience, as clearer integration into Sentinel workflows would reduce context switching and improve incident handling. There is an opportunity to further expand agentic, autonomous investigation and response capabilities. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	KnowBe4 When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails. Incentivized Verified User Anonymous Read full review	Microsoft it does the job reasonably well Incentivized Verified User Anonymous Read full review
Usability	KnowBe4 I give it an eight for the feature set. While I only give it an eight because the complexity and interconnectedness of the tools mean that there needs to be quite a bit of RTFM to get the most out of the products. Incentivized Verified User Anonymous Read full review	Microsoft Because, as I said, it still lacks a lot of things, like many playbooks outside the Copilot integrations and the actual remediation. For example, for Microsoft Sentinel and SAP, I would want to see Copilot doing a lot of remediations in Microsoft Sentinel at SAPN, like executing the transaction code, maybe creating certain increases, or remediating stuff like that, which is all customized. Incentivized Verified User Anonymous Read full review
Support Rating	KnowBe4 I haven't needed to reach out to support very often, but when I have the responses have been timely and have provided the solutions I have needed. The support has been friendly and have always been able to resolve any issues that have come up. Incentivized Aaron Leupold IT Business Analyst Read full review	Microsoft Microsoft support is one of the highest rated on the market. It has global and multilingual support. Calls can be made over the phone and the solution is virtually instantaneous with the help of Microsoft engineers. It's great! Incentivized Flavio Pereira Analista de sistemas Read full review
Implementation Rating	KnowBe4 It was very simple to implement - with just a few settings needed to connect it to our O365 environment Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Alternatives Considered	KnowBe4 Harmony does not provide security awareness training or simulated phishing emails like KnowB4. However, it does provide a phish alert button & workflow similar to PhishER & we may stop using PhishER because the Phish Alert reports from PhishER don't feed into Harmony to help train it from phishing emails that go through. We got Harmony after KnowB4 because we needed a tool to PREVENT phishing emails from getting to people's inboxes in the first place, which KnowB4 has very little capability for other than PhishER+ blacklists. It is a shame KnowB4 does not have the anti threat phishing prevention like Harmony considering all the email data it has & its existing AI analytic capabilities. Incentivized JB Jeff Boivin Senior Technology & Commissions Specialist Read full review	Microsoft Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively. Incentivized Verified User Anonymous Read full review
Professional Services	KnowBe4 No answers on this topic	Microsoft Did not use professional services Incentivized MB Michael Bobo IT Director Read full review
Return on Investment	KnowBe4 Phish/ER & PAD: Identifying email threats more quickly allowed us to send alert to the users' community in a timely manner based on the pattern of the threat. KnowBe4 Training Campaigns have proven to noticeably increase users' awareness. KnowBe4 Phishing Campaigns made users realize how dangerous and deceiving hacker can be. Incentivized Verified User Anonymous Read full review	Microsoft As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team. Incentivized Verified User Anonymous Read full review
ScreenShots	KnowBe4 PhishER/PhishER Plus Screenshots	Microsoft Sentinel Screenshots