Microsoft 365 (formerly Office 365) is a Microsoft Cloud subscription service that includes Microsoft Office products (Word, Excel, PowerPoint, OneNote, Outlook, Publisher, and Access). The software can be installed across multiple devices and ensures that users always have the most up-to-date version of the included Office applications.
$5
Per User Per Month
Microsoft Sentinel
Score 8.7 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
ArcSight is an on-prem solution that has a different approach than Sentinel.
In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that …
Elasticsearch, we did a demo about it. Also the CrowdStrike platform, we got a demo on it. How did they compare? I think Elasticsearch, for us, it's more hard to configure. Microsoft Sentinel is pretty straight to the point. We turn on stuff, it's plug-and-play. CrowdStrike, …
Microsoft 365 would be well suited for medium to large enterprises. This is where there are several hundreds or thousands of people. Since most everyone has used one of the applications the learning curve would be reduced. Another reason would be the ability to implement security measures to prevent access to sensitive data. This could justify the cost of an Enterprise license.
Specifically for Microsoft Sentinel, it's going to have what's next to no value if you're not on Azure. You have to be in as your customer. If you want greater insight into what is going on in your cloud environment, turn Microsoft Sentinel on, but focus on where you enable it. You're not going to turn it on to see everything because it's not like focus on the areas where you are at risk or you believe you're at risk or something that you're, depending on your environment, do you have multiple subscriptions? Do you have a Microsoft Sentinel subscription that you just turned on, but it's not getting the visibility, and then you can alert on stuff that goes out of trend, etc.?
Strong integration with the Microsoft security ecosystem allows seamless connection to services such as Microsoft Defender, Microsoft 365, and Azure. This makes it easy to bring together identity, endpoint, and cloud signals to support investigation and detection scenarios.
Effective correlation of alerts and incidents in collaboration with Microsoft Defender XDR helps combine related signals into higher‑fidelity incidents. This reduces noise and improves visibility into attack context, making investigations more efficient.
High scalability for data ingestion and processing enables large volumes of security telemetry to be handled efficiently.
I think it's primarily going to be cost, since Microsoft Sentinel uses Microsoft Log Analytics as its base, right? So storing the logs and log retention is very expensive. That might result in users not adopting it as quickly. Second, I think Copilot for security can just do summarization and not many remediation tasks. In the future, we would like to see Copilot create many playbooks, including all box playbooks, to remediate many security issues.
So far the Microsoft 365 platform provides features and tools that can cater to 100% of present organizations needs considering both technical and business necessities, however most features are not been effectively utilised at present. The current featureset is able to cover for most of the future needs of the business and technical functions.
Microsoft 365 is the gold standard for performing project tasks in a professional environment, enabling the quick transfer and exchange of files and ideas for team members who work locally and remotely. Its suite of tools is familiar and has evolved to being cloud based, allowing for files to be updated in real time from near and far.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
To-date Microsoft 365 platform has offered an amazing uptime and availability percentage per year compared to all other products which provide the stability and overall business resilience of their ecosystem which is a great relief for information technology service entitites which heavy rely on Microsoft offerings as a whole to redeliver their own custom products
The Microsoft 365 tools expects and demands a substantial amount of system resources to operate at optimal level and even more when integrated with other applications which is a downside, however given that external supporting tech factors such as fibre/broadband speed bandwidth, high speed RAM and ample storage resources are allocated the tools work error free providing robust communication
Over the past 8 years of using Microsoft 365, I have noticed that they change vendors often. This always leads to a poor experience in the beginning, then levels out after some time for the company to get things worked out. As a customer, it is really frustrating because I don't have time when something isn't working to have them "look into my issue" and get back with me. They have even closed a ticket I specifically told them to keep open. Your applications are only as good as the support.
The resellers involved with selling Microsoft products are reluctant to provide in person specialist trainings to consumers due to the fact of costs of economies of scale and is not provided free of charge most of the time. In Person trainings needs to be agreed to at the initiation of projects and implementations for better ROI.
The standard training offered with 3rd part resellers are fairly standard and covers the basic workability however the trainings needs to be specifically customised according to unique requirements of the organizations. for example an MSP would need to master specific communications verticals within Microsoft 365 whereas and online store using Microsoft 365 would needs to master a different set of tools within the suite to get the best ROI post implementation.
The Microsoft support partners are more than capable of handling implementations and dealing with unprecedented errors during the implementations. Not part of the implementation though the setup was done with minimum misconfigurations which is evident with present live setup which works fine without any bugs and gaps at present context.
Typically I prefer working with companies with Microsoft 365 as their main tool because they're usually a fast growing company with a global presence. I like using it for work because it's easy to collaborate, share, review, comment, reply in any of the tools. The mobile app for Outlook and Teams are lifesavers when we're constantly traveling and you can join meetings on the mobile Teams to never miss a beat.
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
Microsoft pricing is not very expensive and yet not very cheap as well, and it hovers in between the baseline. The charges are mostly based on the tier level partners who charge based on their individual reputation in the market. Power negotiation will lead to cost effective and attractive pricing
Multiple tools within the same platform have been deployed successfully within different functional technical and non technical teams such as Devops, SOC, NOC, Shared services, Managed services, Global Information technology, Cloud operations, Finance, Administration, human resources and all these teams collaborate while maintaining central uniformity in terms of global standards who are dispersed in different geographical locations with ease
Have not directly obtained professional services from Microsoft but rather obtained specialized services such as implementations and configurations, setting up and integration support with Microsoft authorized suppliers, 3rd parties, and resellers, which has been a pleasant experience. Again the level of delivery quality on professional services is based on the level of hands on exposure of the 3rd party
We have a lot of nonprofit users, so they have a good ROI.
I like the constant updates without having to purchase the software repeatedly.
I used to purchase each Office (insert year here) often, so the software was up to date and had the newest options and connectors. I think my return on investment would have been much better if Microsoft had updated those versions to keep them current; after all, we did pay for them.
Microsoft 365's offering a monthly fee or a discount for a year helps, and you can look at it as a free backup if you have everything set to back up to One Drive. (Cloud-based document filing you can access anywhere ( with an internet connection)—you Can't beat that!)
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
