TrustRadius: an HG Insights company

Microsoft Sentinel

Score8.6 out of 10

157 Reviews and Ratings

Free Trial

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Categories & Use Cases

Media

Microsoft Sentinel
Microsoft Sentinel
Screenshot of Microsoft Sentinel Capabilities

1 / 3

Key Features

Learn about the best (and worst!) features Microsoft Sentinel has to offer, as determined by TrustRadius' reviewers.
Based on 157 ratings of Microsoft Sentinel's features
View all features

Top Performing Features

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.5

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8.2

Areas for Improvement

  • Data integration/API management

    Ease and quality of data integrations between SIEM and other systems

    Category average: 7.9

  • Reporting and compliance management

    Ease and quality of reporting and compliance functions

    Category average: 8.5

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.3

Reviews

What users are saying about Microsoft Sentinel.
View all reviews

My Experience With Microsoft Sentinel - Great SIEM Capabilities.

Incentivized
Danisa Kaniaru
IT Specialist in Information Technology at Asociación de Internautas (51-200 employees employees)

Use Cases and Deployment Scope

We use Microsoft Sentinel to boost our security, and it works amazingly well. It is our primary SOAR and SIEM solution, ensuring we have the best visibility into our security operations. With the tool in place, detection and responding to threats is easy thanks to its AI capabilities. In addition, it boosts our security by making it easy to collect data from all users, devices, and applications for threat analytics. Finally, it integrates with Microsoft products for better protection and management.

Pros

  • It works well as a SIEM and SOAR solution.
  • It comes with amazing AI threat detection capabilities.
  • It works across on-premises and multi-cloud environments.
  • It offers automated threat response.
  • Works well when it comes to threat analytics.
  • It supports integrations more so with Microsoft products such as MS Azure.

Cons

  • So far Microsoft Sentinel has been awesome. No serious challenges to list.

Return on Investment

  • With Microsoft Sentinel, we protect both on-premises and multi-cloud business environments.
  • The AI features ensures fast and accurate threat detection.
  • With the tool in place, we enjoy automated threat response, which guarantees minimal to no threat-related damage.

Usability

Other Software Used

Zoho Assist, Microsoft 365, Zoho Meeting

Dealing With Cyber Threats With Microsoft Sentinel.

Lilian Hyal
IT Admin in Information Technology at Cybele Systems (11-50 employees employees)

Use Cases and Deployment Scope

We use Microsoft Sentinel to boost our cybersecurity. It is our primary SIEM and SOAR solution, and it's reliable for detecting, investigating, responding to, and remediating cyber threats across our multi-cloud environments. It has greatly increased our security operations by effectively reducing false positives and centralizing security logs.

Pros

  • AI powered threat detection increases accuracy.
  • It automatically responds to threat incidences.
  • Proactive threat hunting adds a layer of security.
  • Comes with great threat intelligence features.
  • Makes monitoring and visualization easy.

Cons

  • We have experienced improper tiering.
  • Limited integration with non Microsoft ecosystems.

Return on Investment

  • Proactive threat hunting is very helpful.
  • Ability to auto responds to threats keeps our infrastructure secure.
  • Threat intelligence helps deal with known and unknown threats.

Usability

Other Software Used

Microsoft Defender for Business, Microsoft Defender XDR, Hornetsecurity Email Encryption

Microsoft Sentinel Review

Incentivized
Sumer Tiwari
IT Director for Security in Information Technology at JBS USA (10,001+ employees employees)

Use Cases and Deployment Scope

We use Microsoft Sentinel as our primary SIM. We have many cloud applications that generate a lot of logs. We ingest all of those in Microsoft Sentinel. From there, we use other technologies to alert us.

Pros

  • Microsoft Sentinel integrates really well with SAP Rise, which is our ERP solution.

Cons

  • I would like to see some alerting options right in Microsoft Sentinel. For example, we have to use applications like PagerDuty and whatnot to then alert us on our cell phones. I wish Microsoft Sentinel would have that out of the box.

Return on Investment

  • It's really hard to justify ROI on anything security-related. You don't know what it has prevented or helped you with. So that's a very hard question to answer because you can't really quantify a number. But I hope it has stopped things from going bad.

Usability

How I use Microsoft Sentinel to keep up in a Multi-client SOC

Incentivized
Kiera Lille
Junior SOC Analyst in Information Technology at Quantum Flairs (501-1000 employees employees)

Use Cases and Deployment Scope

We support a mix of enterprise clients: banks, retail chains with weird legacy systems. So Microsoft Sentinel helps us wrangle all their logs into one place without losing our minds. My main day to day is triaging incidents coming from Microsoft Sentinel analytics and running KQL queries.

Pros

  • We get clean unified views across multiple clients
  • Built in hunting queries and analytics

Cons

  • As a junior analyst, I've struggled a lot with the learning curve. I had to pull off all-nighters at the start, just to wrap my head around Microsoft Sentinel

Return on Investment

  • I can't imagine a world without Microsoft Sentinel for investigations and triaging. The manual hours that would take is bogus
  • Peace of mind for our financial clients who make up the majority of our client base

Usability

Other Software Used

Splunk Enterprise Security, Splunk SOAR

My Experience With Microsoft Sentinel

Incentivized
Chloe Duloue
IT Manager in Information Technology at AOC Blaye Côtes de Bordeaux (51-200 employees employees)

Use Cases and Deployment Scope

We use Microsoft Sentinel as our primary SIEM solution and also for SOAR (Security Orchestration, Automation, and Response) and it has been working well. The tool enhances threat detection thanks to the advanced AI features and it has greatly enhanced our security preparedness and operations. The software not only detects threats but automatically responds to threats thereby streamlining remediation. The real-time response to threat makes it easy to secure and block threats before they can cause harm.

Pros

  • AI-powered threat hunting.
  • Automatic response to threats.
  • Offers real-time response to threats across clouds.
  • It is a great SIEM solution.
  • Works in Multi-cloud and hybrid environments.

Cons

  • Sometimes we get false positives.
  • Not the most affordable.

Return on Investment

  • The AI powered threat hunting ensures accuracy in detection - no threats go undetected.
  • The real-time and automated response ensures we deal with threats fast enough before causing harm such as data loss.
  • Working in multi-cloud and hybrid environment makes it an all in one tool.

Usability

Other Software Used

Microsoft Intune, Microsoft Defender for Cloud, Zoho Forms

Related Products

Products similar to Microsoft Sentinel that may also meet your needs.
All comparisons
IBM Security QRadar SIEM
CompareLearn more
Securonix Next-Generation SIEM
CompareLearn more
Splunk Enterprise Security
CompareLearn more