Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Proofpoint Email Protection
Score 8.5 out of 10
N/A
Proofpoint Email Protection is available as an on-premise or cloud based solution and blocks unwanted, malicious and impostor emails with granular search capabilities and visibility into all messages. Outbound controls include encryption and data loss prevention, while continuity capabilities ensure business communications can continue as normal in the event of an email outage. With Proofpoint's Email Protection, you can protect your people, data, and brand from today’s threats…
We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.
Well suited: Proofpoint does a pretty good job at protecting us from spam emails. I was able to block a lot of emails coming from SendGrid by blocking SendGrid emails with a custom spam filter. However, SendGrid has a lot of legit emails too so I was able to create another rule to allow those emails from certain people, then block the rest. That way business need was met but spam emails are blocked. Less Appropriate If you are trying to monitor internal to internal emails Proofpoint is probably a little over featured for that.
I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular.
The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel.
I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native.
It should improve ML and AI capabilities.
I find its documentation a little bit difficult to understand at the start. So the words should be simple.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Very robust and solid product in protecting our emails. The engineers who assisted with our implementation was very knowledgable and great to work with. Easy to use by end-users. Administration and management are also easy for IT. Great dashboard and reporting tools for business reviews.
We use ProofPoint support quite often to fix issues and assist with setting up features and rules. Each time we have created a ticket, they have been very helpful and respectful. Each ticket has been treated with the appropriate SLA time and attention. We also enjoy the regular check-ins from the engineers when tickets are open but we get busy with other tasks.
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.
We previously used halon anti-spam, which lasted us well until our organization really started to grow and it was not able to keep up with the amount of mail we were receiving. The support is also nothing compared to Proofpoint's professional services offering. Halon was also not able to have the complex rules that Proofpoint can offer.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
Having easy-to-reach backups of all employee emails has made Proofpoint worth it by itself. That plus the countless times that spam/malicious emails did not make it through to the intended person that could have potentially cost the organization a lot of money.
