Microsoft Sentinel

Microsoft Sentinel

Microsoft Sentinel

144 Reviews and Ratings

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Microsoft Sentinel	Score 8.7 out of 10	N/A	Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.	$2.46 per GB ingested

Pricing

Microsoft Sentinel

Editions & Modules

Azure Sentinel: $2.46
per GB ingested
100 GB per day: $123.00
per day
200 GB per day: $221.40
per day
300 GB per day: $319.80
per day
400 GB per day: $410.00
per day
500 GB per day: $492.00
per day
More than 500 GB per day: $492.00 + $98.40
per day/plus each additional 100 GB increment

Offerings

Pricing Offerings
Microsoft Sentinel
Free Trial
Yes
Free/Freemium Version
No
Premium Consulting/Integration Services
No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Microsoft Sentinel
Considered Both Products	Microsoft Sentinel Verified User Manager Chose Microsoft Sentinel Most of our landscape, both on prem and cloude, is based in Microsoft technologies, while the unification of tools implies some risk, decreasing the vendor levels simplify integrations, and by scale, help us to reduce costs too. Yes, the tool itself is a good contender, but the … Incentivized Helpful? Harshit Lal security consultant Chose Microsoft Sentinel it is easy to use Microsoft Sentinel and has faster deployment and advanced artificial intelligence than splunk Incentivized Helpful? Verified User Technician Chose Microsoft Sentinel They are for different use cases, field effect helps us monitor network traffic and decide what to do with it while Microsoft Defender Threat Intelligence allows more robust monitoring and control over 365 variables such as emails that come in and out and Entra ID information. Incentivized Helpful? Mohamad Islam Hamadieh SOC Engineer Chose Microsoft Sentinel Microsoft Sentinel feels on another different level from these solutions , all in the cloud . No need for troubleshooting , deployment or upgrades. Constant updates from the vendor and good support Incentivized Helpful? Verified User Consultant Chose Microsoft Sentinel Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and … Incentivized Helpful? IS Ian Stuebe Project Manager Chose Microsoft Sentinel We decided to go with Microsoft Sentinel because it works really well with Microsoft tools we are already using. Microsoft Sentinel's intelligent features detect and resolve problems more quickly than Sumo Logic. It also allows us to pay for what we use and grow as we need. … Helpful? Verified User Analyst Chose Microsoft Sentinel Well, primarily we use different stuff like CrowdStrike. We use different sign-on features. We primarily use those different products because we support a wider ecosystem. Incentivized Helpful? RD Richard Dornhart National Security Practice Manager Chose Microsoft Sentinel Splunk, Google, SecOps. I look at how it stacks up based on the fact that it's the primary solution that we sell. So I think it stacks up really well. Why do we select it? Well, we selected it primarily because we're a very large Microsoft partner. The technology is very good … Incentivized Helpful? Verified User Director Chose Microsoft Sentinel Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it. Incentivized Helpful? HP Himanshu Pawar Manager Chose Microsoft Sentinel In my opinion, Microsoft Sentinel is much more reliable and Trustworthy. They are a bigger name with bigger scope of use. Incentivized Helpful? Verified User Analyst Chose Microsoft Sentinel We use intune to protect endpoints and we pull logs from all the endpoints through the intune connector into the Microsoft Sentinel SIEM and that way we can run rules on those logs to find anomalies. Helpful? Verified User Engineer Chose Microsoft Sentinel Elastic seems to have a much better interface for log search and is able to filter out noise. Microsoft Sentinel also appears to generate a lot of false positives. Incentivized Helpful? Verified User Manager Chose Microsoft Sentinel Prior to using Sentinel, we were using Splunk specifically Splunk Enterprise Security and Splunk Cloud, so their on-prem and their cloud-based products. We switched originally for cost reasons, specifically cost control, but I have found that the ability to create reports, the … Incentivized Helpful? Verified User Employee Chose Microsoft Sentinel Elastic is some carbon for various use cases. So because Elastic is a very, very wrong history in the market. So Sentinel is very recent for products from my understanding. Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel Well, we didn't select, we selected Sentinel for our Azure stuff, our Microsoft stuff, but we do use a different SIEM for the other stuff still. Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel We've used Splunk before, but it really is just pick your poison. They're all very similar. Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel Based on the overall infrastructure configuration that we have and also after analysing various solutions provided by Microsoft Sentinel, we came to a conclusion that the Microsoft Sentinel is the best option for us to help us in overall threat detection on our custom servers, … Incentivized Helpful? Verified User Analyst Chose Microsoft Sentinel The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. … Incentivized Helpful? Namandeep Bhatia Co Founder & Chief Technology Officer Chose Microsoft Sentinel We checked, McAfee Enterprise Security Manager (ESM). In my opinion, Microsoft Sentinel is beter wit AI capacity and good community. Incentivized Helpful? Ajay Sehgal Project Manager Chose Microsoft Sentinel Sentinel AI makes it a better choice. Also, its flexibility and customization make it a bit more costly than other competitors. Incentivized Helpful? EB Edward Broderick CISO Chose Microsoft Sentinel I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate … Incentivized Helpful? Verified User Director Chose Microsoft Sentinel The SecureWorks product is a more mature product. We prefer the SecureWorks product over Microsoft Sentinel at this point. Incentivized Helpful? Verified User General Manager Chose Microsoft Sentinel As mentioned, the product was part of the purchase of several Microsoft Suites that we did earlier last year and with 200 licenses included, we can exclude those from the other SIEM and SOAR product, it just work well with the Microsoft's environment that we partially have Is … Incentivized Helpful? Verified User Consultant Chose Microsoft Sentinel ArcSight is an on-prem solution that has a different approach than Sentinel. In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that … Incentivized Helpful? Glenn H. Miller Chief Engineer Chose Microsoft Sentinel We don't need to maintain a third-party SaaS solution or spend any time integrating it since Microsoft Sentinel is the ideal option to give a single point of attack detection and alert monitoring. Incentivized Helpful?

Features

Microsoft Sentinel

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	Microsoft Sentinel 7.9 26 Ratings 0% below category average
Centralized event and log data collection	8.626 Ratings
Correlation	7.926 Ratings
Event and log normalization/management	7.726 Ratings
Deployment flexibility	7.124 Ratings
Integration with Identity and Access Management Tools	7.824 Ratings
Custom dashboards and workspaces	7.926 Ratings
Host and network-based intrusion detection	7.622 Ratings
Data integration/API management	7.224 Ratings
Behavioral analytics and baselining	7.622 Ratings
Rules-based and algorithmic detection thresholds	8.224 Ratings
Response orchestration and automation	8.123 Ratings
Reporting and compliance management	9.04 Ratings
Incident indexing/searching	8.524 Ratings

Best Alternatives
	Microsoft Sentinel
Small Businesses	LevelBlue USM Anywhere Score 7.5 out of 10
Medium-sized Companies	Sumo Logic Score 9.3 out of 10
Enterprises	Sumo Logic Score 9.3 out of 10
All Alternatives	View all alternatives

User Ratings
	Microsoft Sentinel
Likelihood to Recommend	8.6 (53 ratings)
Likelihood to Renew	7.1 (2 ratings)
Usability	6.5 (7 ratings)
Support Rating	8.0 (3 ratings)
Professional Services	5.0 (1 ratings)

User Testimonials
	Microsoft Sentinel
Likelihood to Recommend	Microsoft Microsoft Sentinel excels in centralized monitoring, AI-driven threat detection, and automation, but improvements in cost transparency, user experience, third-party integrations, and support for emerging technologies could make it even more effective. Addressing these areas would enhance its appeal for small-to-medium businesses, large enterprises, and organizations with complex or specialized IT environments. Incentivized Verified User Anonymous Read full review
Pros	Microsoft I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular. The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel. Incentivized Verified User Anonymous Read full review
Cons	Microsoft I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native. It should improve ML and AI capabilities. I find its documentation a little bit difficult to understand at the start. So the words should be simple. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	Microsoft it does the job reasonably well Incentivized Verified User Anonymous Read full review
Usability	Microsoft The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer. Incentivized Flavio Pereira Analista de sistemas Read full review
Support Rating	Microsoft Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Microsoft We decided to go with Microsoft Sentinel because it works really well with Microsoft tools we are already using. Microsoft Sentinel's intelligent features detect and resolve problems more quickly than Sumo Logic. It also allows us to pay for what we use and grow as we need. While Sumo Logic is good at analyzing data, Microsoft Sentinel fits our needs. IS Ian Stuebe Project Manager Read full review
Professional Services	Microsoft Did not use professional services Incentivized MB Michael Bobo IT Director Read full review
Return on Investment	Microsoft As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team. Incentivized Verified User Anonymous Read full review
ScreenShots	Microsoft Sentinel Screenshots