ADAudit Plus offers real-time monitoring,
user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant. Track all changes to Windows AD objects including users, groups,
computers, GPOs, and OUs. Achieve hybrid AD monitoring with a single, correlated view of all
the activities happening across both on-premises AD and Azure AD. Monitor every user's logon and logoff activity, including…
$595
per year
Microsoft Sentinel
Score 8.7 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Pricing
ManageEngine ADAudit Plus
Microsoft Sentinel
Editions & Modules
Standard
$595
per year
Professional
$945
per year
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
Offerings
Pricing Offerings
ManageEngine ADAudit Plus
Microsoft Sentinel
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
Pricing is dependent on the number of domain controllers and starts at $595/year for the Standard edition, and $945/year for the Professional edition.
Microsoft Sentinel gave us the opportunity to move to pay as you go model. This allows us to determine the value of a log source rather than paying a flat rate for data ingested or hosting a server ourself.
ManageEngine is mostly a "check the box" solution for SIEM systems. We needed something that satisfied our customer and was cost-effective. I would highly rate the system on "worth what paid for". Support is eager to please and prompt. My only issue is that it's mostly based outside the US with helpful, but non-native speakers so it's hard to understand them. I wish they would spring for better help "phone lines" so I'm not dealing with difficult to understand and unclear speakers.
Specifically for Microsoft Sentinel, it's going to have what's next to no value if you're not on Azure. You have to be in as your customer. If you want greater insight into what is going on in your cloud environment, turn Microsoft Sentinel on, but focus on where you enable it. You're not going to turn it on to see everything because it's not like focus on the areas where you are at risk or you believe you're at risk or something that you're, depending on your environment, do you have multiple subscriptions? Do you have a Microsoft Sentinel subscription that you just turned on, but it's not getting the visibility, and then you can alert on stuff that goes out of trend, etc.?
ManageEngine ADAudit Plus changes for user and group management can be looked up in builtin reports
You can build your own reports based on almost every logic you can think of
You have the ability to create alerts based on logic and filters and sendout custom alerts to email, SMS or other means.
First you need to understand the basics of the software, after that the software itself is very helpfull in configuring specific items.
I really love the support that ManageEngine is giving the customer, for all questions I use the chat on their website. This is for me the best remote support I ever saw, and I saw a lot in my 20 years of experience in IT.
Strong integration with the Microsoft security ecosystem allows seamless connection to services such as Microsoft Defender, Microsoft 365, and Azure. This makes it easy to bring together identity, endpoint, and cloud signals to support investigation and detection scenarios.
Effective correlation of alerts and incidents in collaboration with Microsoft Defender XDR helps combine related signals into higher‑fidelity incidents. This reduces noise and improves visibility into attack context, making investigations more efficient.
High scalability for data ingestion and processing enables large volumes of security telemetry to be handled efficiently.
In earlier releases there were quite a few bugs and performance issues. These have since been resolved.
When integrated with the Log360 Suite, it can be confusing on whether EventLog Analyzer or ADAudit Plus are "managing"/"Ingesting" the data from a given endpoint.
I think it's primarily going to be cost, since Microsoft Sentinel uses Microsoft Log Analytics as its base, right? So storing the logs and log retention is very expensive. That might result in users not adopting it as quickly. Second, I think Copilot for security can just do summarization and not many remediation tasks. In the future, we would like to see Copilot create many playbooks, including all box playbooks, to remediate many security issues.
It works great for everything we need and use. Any issues in the software are pretty easy to resolve with tech support. And they are very responsive to resolving issues. Even ones where a fix/patch are required. At present, the software does everything we need it to for compliance, audit, and account review.
ADAudit with its cloud and on prem install option allows any organization to get in on AD report management. Whether you need to report internally only for for external audit controls its a great tool with flexibility to handle most any user or group report capability. Since this also includes m365 integration it enables IT pros to administer usage, license, cost control and permission access to most anything in Microsoft's portfolio. Its a great tool all around for AD integrated access needs.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
The attention to cases or situations with the tool has been exceptional. being able to count on the manufacturer either by mail, call or chat. generate cases directly from the application allows you to have personalized support in order to solve problems that has been able to appear.
The remote setup team helped when i needed it and setup weas very straight forward and easy. The advanced setup for an external db and customizations for our latest version AD environment went pretty easy once they found documentation on customization.
In terms of features, ADAudit Plus offers a comprehensive set of features for monitoring and auditing Active Directory, including real-time alerts, detailed reports, and user behavior analytics. The platform also offers support for multiple platforms, including Windows, UNIX, and Linux, as well as integration with other ManageEngine tools.
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.