LogPoint vs. Microsoft Sentinel

LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.

Incentivized

I recommend Microsoft Sentinel for effective threat detection and response. It is a great SIEM and SOAR solution for businesses, and we have used it effectively, which is why I recommend it. Since it works across on-premises and multi-cloud environments, it is ideal for businesses of all sizes. Being AI-equipped and its ability to handle threat analytics make it irresistible.

Incentivized

• Technical support team is fast and competent
• License management and cost
• Log parsing
• New logs can be provided to the support team for parser creation
• High Availability architecture does not cost more

• I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular.
• The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel.

Incentivized

• Providing a full Cloud solution
• Having more documentation for complex deployment

Incentivized

• I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native.
• It should improve ML and AI capabilities.
• I find its documentation a little bit difficult to understand at the start. So the words should be simple.

Incentivized

We are confident with the solution and we are using it daily

Incentivized

it does the job reasonably well

Incentivized

Overall, LogPoint is pretty easy to get started with but faces issues with specific things (syslog on custom ports, script log collection, etc.).

Incentivized

The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.

Incentivized

LogPoint support is outstanding. They are incredibly helpful, and on occasions have proactively identified issues with our setup, and logged cases on our behalf before we had even noticed there was a problem. If there is a search we need to write that is beyond our skills, LogPoint support can typically write it for us within a couple of days. They are always very responsive, and I am yet to have a bad support experience.

Incentivized

Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.

Incentivized

Really nice person with huge skills on LogPoint

Incentivized

LogPoint is easier to implement and less expensive.

Incentivized

Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.

Incentivized

N/A

(Cannot skip without answer)

Did not use professional services

Incentivized

• Keep the same team to manage more IT resources
• Having a better logs visibility

Incentivized

• As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.

Incentivized