Microsoft Sentinel

Microsoft Sentinel

Microsoft Sentinel

66 Reviews and Ratings

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Microsoft Sentinel	Score 8.4 out of 10	N/A	Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.	$2.46 per GB ingested

Pricing

Microsoft Sentinel

Editions & Modules

Azure Sentinel: $2.46
per GB ingested
100 GB per day: $123.00
per day
200 GB per day: $221.40
per day
300 GB per day: $319.80
per day
400 GB per day: $410.00
per day
500 GB per day: $492.00
per day
More than 500 GB per day: $492.00 + $98.40
per day/plus each additional 100 GB increment

Offerings

Pricing Offerings
Microsoft Sentinel
Free Trial
Yes
Free/Freemium Version
No
Premium Consulting/Integration Services
No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Microsoft Sentinel
Considered Both Products	Microsoft Sentinel Verified User General Manager Chose Microsoft Sentinel As mentioned, the product was part of the purchase of several Microsoft Suites that we did earlier last year and with 200 licenses included, we can exclude those from the other SIEM and SOAR product, it just work well with the Microsoft's environment that we partially have Is … Incentivized Helpful? Yash Mudaliar Associate Lead Security Admin Chose Microsoft Sentinel Sentinel has a huge advantage of being the first cloud native SIEM which prevents a lot of deployment and technical overhead in comparison to the traditional SIEMs which requires a heavy software installation and even agent deployment in some scenarios. Not only this, Sentinel … Incentivized Helpful? Verified User Analyst Chose Microsoft Sentinel The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. … Incentivized Helpful? Verified User Consultant Chose Microsoft Sentinel ArcSight is an on-prem solution that has a different approach than Sentinel. In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that … Incentivized Helpful? Namandeep Bhatia Co Founder & Chief Technology Officer Chose Microsoft Sentinel We checked, McAfee Enterprise Security Manager (ESM). In my opinion, Microsoft Sentinel is beter wit AI capacity and good community. Incentivized Helpful? Glenn H. Miller Chief Engineer Chose Microsoft Sentinel We don't need to maintain a third-party SaaS solution or spend any time integrating it since Microsoft Sentinel is the ideal option to give a single point of attack detection and alert monitoring. Incentivized Helpful? Verified User Analyst Chose Microsoft Sentinel Microsoft Sentinel really goes the extra mile when it comes to an SIEM that slowly improves toward a proper SOAR, this may be the best selling point of the entire solution. Highly scalable, cloud-based, and nearly perfect when dealing with Microsoft-based infrastructures, … Incentivized Helpful? Verified User Employee Chose Microsoft Sentinel No, this is the only one. Incentivized Helpful? Verified User Analyst Chose Microsoft Sentinel Most of those have been out in the industry for a longer time, so they have a lot more user friendliness to them. So I'd say it's in the mix. It's just not as high as it should be or I would expect it to be. Incentivized Helpful? Verified User Employee Chose Microsoft Sentinel Previous to Azure Sentinel, we were using the McAfee SIM and it just wasn't keeping up with the times and that was the choice of moving to Azure Sentinel. Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel We just stick with Sentinel because it works well with our Suite Office 65. Incentivized Helpful? Verified User Advisor Chose Microsoft Sentinel Elasticsearch, we did a demo about it. Also the CrowdStrike platform, we got a demo on it. How did they compare? I think Elasticsearch, for us, it's more hard to configure. Microsoft Sentinel is pretty straight to the point. We turn on stuff, it's plug-and-play. CrowdStrike, … Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel As the vast majority of our users have Windows machine and uses all 365 cloud features, we finally decided not to implement any 3rd party security solutions on desktops/laptops in order to keep our infrastructure simple. In this case, Microsoft Sentinel is the best way to … Incentivized Helpful?
Top Pros	Pro Ms products Pro False positives Pro Fast deployment
Top Cons	Minus Third party Minus Third party tools Minus Able to monitor

Features

Microsoft Sentinel

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	Microsoft Sentinel 8.4 14 Ratings 7% above category average
Centralized event and log data collection	8.614 Ratings
Correlation	8.414 Ratings
Event and log normalization/management	8.214 Ratings
Deployment flexibility	9.213 Ratings
Integration with Identity and Access Management Tools	8.513 Ratings
Custom dashboards and workspaces	7.414 Ratings
Host and network-based intrusion detection	7.613 Ratings
Data integration/API management	8.214 Ratings
Behavioral analytics and baselining	8.712 Ratings
Rules-based and algorithmic detection thresholds	8.513 Ratings
Response orchestration and automation	8.414 Ratings
Reporting and compliance management	9.04 Ratings
Incident indexing/searching	8.614 Ratings

Best Alternatives
	Microsoft Sentinel
Small Businesses	AlienVault USM Score 8.0 out of 10
Medium-sized Companies	InsightIDR Score 8.6 out of 10
Enterprises	InsightIDR Score 8.6 out of 10
All Alternatives	View all alternatives

User Ratings
	Microsoft Sentinel
Likelihood to Recommend	8.6 (21 ratings)
Usability	7.3 (4 ratings)
Support Rating	8.0 (3 ratings)
Professional Services	5.0 (1 ratings)

User Testimonials
	Microsoft Sentinel
Likelihood to Recommend	Microsoft Sentinel is the best "cloud-native" in the market yet, so if the organization has a cloud presence (which almost everyone has) then Sentinel is the right choice for having a single pane of glass for all your security monitoring needs. Sentinel is a very good tool for log analysis and event management purposes as well. With KQL and ASIM parsers, organizations can retrieve invaluable insights even from the most complex data. And of course, Sentinel is a great choice for automating the incident response process to a very good extent. Incentivized Yash Mudaliar Associate Lead Security Admin Read full review
Pros	Microsoft It has a native integration with all Microsoft products, from Entra to Azure, Microsoft 365 Being built upon native Azure functionality benefits in automation and infrastructual solutions The KQL language is relatively easy to learn and powerful. Microsoft is listening very careful to the customers and develops new functionality at a fast pace Incentivized Verified User Anonymous Read full review
Cons	Microsoft It takes some time to learn how to use and install it properly, and it does not connect effectively with external PaaS systems such as Salesforce CRM, Salesforce Commerce Cloud, and so on. Microsoft can simplify the display of the logs to make them easier to study, and the user interface occasionally delays, which can also be enhanced. Incentivized Glenn H. Miller Chief Engineer Read full review
Usability	Microsoft The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer. Incentivized Flavio Pereira Analista de sistemas Read full review
Support Rating	Microsoft Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Microsoft The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. Additionally, leveraging Threat Intel from Microsoft itself gives a sense of security, given their years of experience in the collection of intel. The AI and Machine learning features provided by MS is one of the finest. Incentivized Verified User Anonymous Read full review
Professional Services	Microsoft Did not use professional services Incentivized MB Michael Bobo IT Director Read full review
Return on Investment	Microsoft Microsoft Sentinel is a good investment, especially when sided with other solutions such as Microsoft 365 Defender, as it provides 360° protection on every level of the infrastructure. When deployed on infrastructures that have never had an SIEM, Microsoft Sentinel helps to assess vulnerabilities and misconfigurations. As with any other SIEM, Microsoft Sentinel basically eliminates the need to put effort into every single platform (like EDR, NDR, XDR) and converge that effort on a single product that correlates and orchestrates the rest. Incentivized Verified User Anonymous Read full review
ScreenShots	Microsoft Sentinel Screenshots