TrustRadius

Microsoft Sentinel vs. Palo Alto Networks Cortex XSOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Microsoft Sentinel
Score 8.5 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Palo Alto Networks Cortex XSOAR
Score 7.4 out of 10
N/A
Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.N/A
Pricing
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Editions & Modules
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
No answers on this topic
Offerings
Pricing Offerings
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Considered Both Products
Microsoft Sentinel
Verified User
Manager
Chose Microsoft Sentinel
Prior to using Sentinel, we were using Splunk specifically Splunk Enterprise Security and Splunk Cloud, so their on-prem and their cloud-based products. We switched originally for cost reasons, specifically cost control, but I have found that the ability to create reports, the …
Palo Alto Networks Cortex XSOAR

No answer on this topic

Features
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Microsoft Sentinel
7.2
23 Ratings
8% below category average
Palo Alto Networks Cortex XSOAR
-
Ratings
Centralized event and log data collection8.123 Ratings00 Ratings
Correlation6.923 Ratings00 Ratings
Event and log normalization/management7.023 Ratings00 Ratings
Deployment flexibility6.921 Ratings00 Ratings
Integration with Identity and Access Management Tools6.821 Ratings00 Ratings
Custom dashboards and workspaces7.223 Ratings00 Ratings
Host and network-based intrusion detection5.719 Ratings00 Ratings
Data integration/API management6.721 Ratings00 Ratings
Behavioral analytics and baselining6.619 Ratings00 Ratings
Rules-based and algorithmic detection thresholds7.621 Ratings00 Ratings
Response orchestration and automation7.520 Ratings00 Ratings
Reporting and compliance management9.04 Ratings00 Ratings
Incident indexing/searching7.821 Ratings00 Ratings
Best Alternatives
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Small Businesses
AlienVault USM
AlienVault USM
Score 6.7 out of 10

No answers on this topic

Medium-sized Companies
Sumo Logic
Sumo Logic
Score 8.9 out of 10
Splunk SOAR
Splunk SOAR
Score 9.2 out of 10
Enterprises
Sumo Logic
Sumo Logic
Score 8.9 out of 10
Microsoft Sentinel
Microsoft Sentinel
Score 8.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
8.3
(51 ratings)
8.2
(8 ratings)
Likelihood to Renew
8.2
(1 ratings)
10.0
(1 ratings)
Usability
6.9
(6 ratings)
-
(0 ratings)
Support Rating
8.0
(3 ratings)
-
(0 ratings)
Implementation Rating
-
(0 ratings)
10.0
(1 ratings)
Professional Services
5.0
(1 ratings)
-
(0 ratings)
User Testimonials
Microsoft SentinelPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
Microsoft
We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.
IS
Ian Stuebe
Project Manager
Read full review
Palo Alto Networks
XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a
problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click
of a button.
●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real
emails, resulting in compromise through human error.
●Security Teams aren’t able to follow set processes while responding to phishing alerts.
They must coordinate across email inboxes, threat intel, NGFW, ticketing, and
other tools. Each tool has different consoles, data conventions, and contexts,
making it difficult for security teams to fill in the gaps while minimizing
errors. XSOAR is less suited for analyzing traffic.
Verified User
Anonymous
Read full review
Pros
Microsoft
  • I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular.
  • The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel.
Verified User
Anonymous
Read full review
Palo Alto Networks
  • Automation with immediate security responses.
  • Comprehensive phishing protection and increased email protection.
  • Analysis and reporting feature.
  • Intuitive and easy-to-view panels.
  • Alerts by email and sms of incidents for the administration.
  • Centralized monitoring.
Verified User
Anonymous
Read full review
Cons
Microsoft
  • I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native.
  • It should improve ML and AI capabilities.
  • I find its documentation a little bit difficult to understand at the start. So the words should be simple.
Verified User
Anonymous
Read full review
Palo Alto Networks
  • The XSOAR bot creates a lot of noise on the summary page of any XSOAR incident. Although the filter is available to reduce the view, by default this should not be visible cluttering the whole scenario.
  • The interface has too much data on a single pane. I would love to have many buttons to just click and do stuff.
  • Also, I would love to have search areas more interactive and easier to navigate.
SC
Sarthak Chand
Information Security Manager
Read full review
Likelihood to Renew
Microsoft
No answers on this topic
Palo Alto Networks
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Verified User
Anonymous
Read full review
Usability
Microsoft
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Flavio Pereira | TrustRadius Reviewer
Flavio Pereira
Analista de sistemas
Read full review
Palo Alto Networks
No answers on this topic
Support Rating
Microsoft
Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Verified User
Anonymous
Read full review
Palo Alto Networks
No answers on this topic
Implementation Rating
Microsoft
No answers on this topic
Palo Alto Networks
It was much easier than we all anticipated.
Verified User
Anonymous
Read full review
Alternatives Considered
Microsoft
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.
Verified User
Anonymous
Read full review
Palo Alto Networks
The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
RS
Raphael Soares
CTO (Chief Technical Officer)
Read full review
Professional Services
Microsoft
Did not use professional services
MB
Michael Bobo
IT Director
Read full review
Palo Alto Networks
No answers on this topic
Return on Investment
Microsoft
  • As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
Verified User
Anonymous
Read full review
Palo Alto Networks
  • Demisto has Eased malware analysis and threat hunting
  • With Demisto, it is simple to create playbooks and scripts
  • This is helped automate policy configurations on our PA firewalls through Panorama
DS
Read full review
ScreenShots

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities