Skip to main content
TrustRadius
Microsoft Sentinel

Microsoft Sentinel
Formerly Azure Sentinel

Overview

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Read more
Recent Reviews
Read all reviews

How Microsoft Sentinel Differs From Its Competitors

Sources

We use Microsoft Sentinel to collect logs from all of our Azure instances. It’s also used for firewall and network application web logs. It is also utilized for all office 365 logs. And behavioral logs.
Not very clear or easy.
Continue reading

Sources

We are taking data from : Intune, Entra ID and Defender for Endpoint , those three are already lots enough resources t handle, especially when you have a small team that manages 200 endpoints.
As all data sources are within the Microsoft's suite, the out of the box settings are documented really …
Continue reading

AI and ML

No we are not using the AI features as there are limitations in the licenses that we bought, even without it, it has been doing a wonderful job for us so far, it will be way better with the AI features, but in the end, we only have bought so much for the licenses, hence the SaaS default is our way …
Continue reading

Investigation Tools

Fortunately, we never reached that stage for the past 2 years, our users have been quite complied with all the Do's and Don'ts that we set from very beginning and it will be a wish to never use them in the future, but looking at the documentation, it is a great process
Continue reading

AI and ML

With 'Entity Behavior' and its machine learning capabilities, we have been able to detect many risky users and other entities which saved a lot of time and effort if otherwise done manually.
While I have a very limited experience with using Azure Open AI in the incident through playbooks, it surely …
Continue reading

Investigation Tools

We have been working on establishing a process to reduce the triaging time by using of incident investigation utilities in Sentinel. For example, we have made a good use of automation rules to define which playbooks to run for many critical and/or repetitive incident categories which helps in …
Continue reading

Sources

All Microsoft Cloud products Palo Alto Barracuda Fortigate Cisco Darktrace BeyondTrust Azure DevOps GitHub CheckPoint F5, etc.
For some products, this went flawless, but other connectors are more complex. Especially when working with systems like the Cisco FirePower or solutions that need to be …
Continue reading

Investigation Tools

Microsoft Sentinel is one of the products that are being used in the investigation phases. Depending on the incident, multiple Microsoft Portals are used to retrieve the required information to investigate an incident. The mapping between resources and events is really powerful and gives a …
Continue reading

Sources

Sentinel pretty much supports logs from most of the well-known vendors. The key log sources that we have been using to pull data to Sentinel are 1. O365 and Azure logs. 2. EDR 3. IAM Stack including PAM, IAG, and SSO 4. Windows-based AD logs 5.Network Detection and Response (NDR).
An API …
Continue reading

AI and ML

Machine Learning at the core of innovation in Microsoft Sentinel. By analyzing your incidents over time and deducing patterns, Microsoft Sentinel can provide you with actionable recommendations and insights to significantly improve the quality of your detections so you can spend less time …
Continue reading

Investigation Tools

Just like other SIEM solutions, Sentinel also comes with its perks and features. The incident timeline widget by MS provides a key insight to the analyst about the major progress of the incident helping him to focus on important things. The similar incident widget again helps the analyst to …
Continue reading

Sources

Cloud Identities
On-Premises Identity events
Azure platform events
Defender and other Microsoft products
On-premises appliances
Linux events
The native microsoft sources are pretty easy to incorporate with the standard integrated data connectors
This same counts towards Azure activity, Azure VMs and …
Continue reading

AI and ML

We make use of UEBA for the correlation between anomalies, especially on the identity platform.

Next to that we use the Fusion rules that will detect multi-stage attack scenarios
Sentinel notebooks are not used a lot at this moment, because of the learning curve
Continue reading

Investigation Tools

We do not rely too much on the investigation tools. Investigation will primarily be done with investigation with KQL Queries. The investigation dashboard is looked into to identify the entities and a first overview of the timeline. After that we construct our own timeline by using our own queries
Continue reading

Sources

Here are some of the primary sources from which Microsoft Sentinel can collect data:
  1. Microsoft 365 Services: Data from Microsoft 365 services, including Exchange Online, SharePoint, Teams, and Azure Active Directory, were ingested to monitor email, document, and user activities.
  2. Azure Services: Data …
Continue reading

Investigation Tools

1. Data Query and Search: Microsoft Sentinel provided a powerful query language that allowed analysts to search and filter security data from various sources.
Impact: Analysts quickly retrieved relevant data, which resulted in reducing the time it takes to gather evidence and establish the scope of …
Continue reading

Sources

We pull data from On-Premises Sources and also from Custom Data Sources (using API)
When setting up these connectors, the process was relatively straightforward and well-documented. Microsoft Sentinel provides a user-friendly interface within the Azure portal, making it easy to configure data …
Continue reading

AI and ML

I Feel this feature gives Microsoft Sentinel an advantage from competitors. Because of this feature Microsoft Sentinel becomes more expensive than its competitor. We are yet to use this feature widely.
Continue reading

Investigation Tools

Microsoft Sentinel's investigation tools have had a positive impact on our incident investigation process. It made our investigations faster, more accurate, and more proactive, ultimately strengthening our organization's ability to detect threats effectively.
Continue reading

AI and ML

I think, this feature gives it upperhand from competitors and hence high pricing. We used: 1. Anomaly Detection : Microsoft Sentinel can generate alerts for potential anomalies. For example, it can identify unusual login patterns, data access, or network traffic. 2. Behavioural Analytics: By …
Continue reading

Investigation Tools

We can identify hazards in our environment, create incidents and triage them, monitor threats in real time, and do extensive investigations using AI functions. Cyber-attack mitigation. Information security, along with automation, is something that every organization requires right now, and …
Continue reading

Sources

We gather data from different data connectors such as Firewall, Endpoints, Servers, Amazon Web Services, Hypervisors, and more. There's a comprehensive list in the official documentation that helps to assess the possible integrations that can be made when it comes to deploying the product in the …
Continue reading

AI and ML

Threat detection in Microsoft Sentinel can be enhanced by AI and Machine Learning. It's something mainly based on the User Behaviour Analytics concept when it comes to machine learning, and it's heuristic counterpart helps to detect threats and respond to malicious behavior while correlating …
Continue reading

Investigation Tools

Microsoft Sentinel’s investigation tools really enhance the whole analysis process with its timeline bookmarks while not only correlating events just like any other SIEM but also integrating something that comes directly from the SOAR world, which means correlating incidents and highlighting …
Continue reading

Investigation Tools

The tool to look for any type of notification that anybody's trying to get into your boundary. When somebody gets a notification, they click on that notification and see what all systems were affected by the possible compromise. So being able to drill down to look at the root cause or whatever …
Continue reading

Sources

It's a Proofpoint email security then from my Palo Alto firewalls and from a graph and active directly. So all those, I can say network devices and endpoint devices, my XDR solution.
It takes little time because getting the resources in the market is quite challenging. When we started, because it …
Continue reading

Sources

Multiple. We have email ingest, all of the O365 stuff and our firewalls, mainly.
It wasn't that hard. It was just dropping the data and then pipelining it in, so it's not that bad.
Continue reading

AI and ML

Yes, we're using it right now just on the Microsoft stuff, since that's all it does. So if it were to branch out, we'd love it to do more networking and add behavioral and machine learning analytics around all of their data sources, not just Microsoft agnostic. We've successfully deployed it into …
Continue reading

Investigation Tools

They're pretty good. Their workbooks are where they really live up to a lot of their consolidation of data, so it's really good. Definitely made it a little bit easier in some questions, it's been good.
Continue reading

Sources

Other than the Microsoft Suite, like the Defender, Azure and all these, they get fed. We got Meraki, we got Cisco Umbrella, we got Windows Locks, we got Azure Arc getting fed into Sentinel as well.
Continue reading

Investigation Tools

We use it whenever there's an incident with medium and high. If we get an alert a query or something, we just look it up and see what are the lock from source destination, IP port, it's very helpful. You have everything in one place. Saved me time.
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features
  • Centralized event and log data collection (14)
    8.6
    86%
  • Correlation (14)
    8.4
    84%
  • Event and log normalization/management (14)
    8.2
    82%
  • Custom dashboards and workspaces (14)
    7.4
    74%

Reviewer Pros & Cons

View all pros & cons
Verified User
Director in Information Technology
Insurance Company, 201-500 employees
Verified User
General Manager in Information Technology
Automotive Company, 1001-5000 employees
Return to navigation

Pricing

View all pricing

Azure Sentinel

$2.46

Cloud
per GB ingested

100 GB per day

$123.00

Cloud
per day

200 GB per day

$221.40

Cloud
per day

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.microsoft.com/en…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Microsoft Sentinel: Monitoring health and integrity of analytics rules

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.4
Avg 7.8
Return to navigation

Product Details

What is Microsoft Sentinel?

Microsoft Sentinel is a security operations center (SOC) solution used to uncover sophisticated threats and respond with a security information and event management (SIEM) solution for proactive threat detection, investigation, and response. It eliminates security infrastructure setup and maintenance, and elastically scales to meet the user's security needs.

Helps users to protect the digital estate: Secures the digital estate with scalable, integrated coverage for a hybrid, multicloud, multiplatform business.

Microsoft intelligence to Empower SOC: Optimizes SecOps with advanced AI, security expertise, and threat intelligence.

Detection, investigation and Response: A unified set of tools to monitor, manage, and respond to incidents.

Cost of ownership: A cloud-native SaaS solution to reduce infrastructural costs.

Microsoft Sentinel Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection
  • Supported: Log retention
  • Supported: Data integration/API management
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Response orchestration and automation
  • Supported: Incident indexing/searching

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities

Microsoft Sentinel Videos

Playlist for Microsoft Sentinel videos
Microsoft Sentinel: Monitoring health and integrity of analytics rules

Microsoft Sentinel Competitors

Microsoft Sentinel Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Splunk Enterprise Security (ES), IBM Security QRadar SIEM, and Securonix Next-Generation SIEM are common alternatives for Microsoft Sentinel.

Reviewers rate Deployment flexibility highest, with a score of 9.2.

The most common users of Microsoft Sentinel are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(68)

Attribute Ratings

Reviews

(1-22 of 22)
Companies can't remove reviews or game the system. Here's why
May 10, 2024

Microsoft Sentinel Review

Verified User
Director in Information Technology
Insurance Company, 201-500 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (10)
52%
5.2
Centralized event and log data collection
60%
6.0
Correlation
50%
5.0
Event and log normalization/management
70%
7.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
60%
6.0
Custom dashboards and workspaces
50%
5.0
Log retention
40%
4.0
Behavioral analytics and baselining
50%
5.0
Rules-based and algorithmic detection thresholds
50%
5.0
Incident indexing/searching
30%
3.0
December 06, 2023

Surpassingly really good tool and a very interactive dashboard

Verified User
General Manager in Information Technology
Automotive Company, 1001-5000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
80%
8.0
Centralized event and log data collection
80%
8.0
Correlation
70%
7.0
Event and log normalization/management
80%
8.0
Deployment flexibility
80%
8.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
80%
8.0
Log retention
80%
8.0
Data integration/API management
70%
7.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
80%
8.0
Incident indexing/searching
80%
8.0
November 13, 2023

SIEM means Sentinel

Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Atidan (Information Technology & Services, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
80.76923076923077%
8.1
Centralized event and log data collection
90%
9.0
Correlation
80%
8.0
Event and log normalization/management
80%
8.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
70%
7.0
Host and network-based intrusion detection
60%
6.0
Log retention
60%
6.0
Data integration/API management
70%
7.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
90%
9.0
Response orchestration and automation
90%
9.0
Incident indexing/searching
90%
9.0
October 27, 2023

Why you should start using Microsoft Sentinel today.

Rogier Dijkman | TrustRadius Reviewer
Rogier Dijkman
Principal Consultant Cloud Security
Nedscaper (Information Technology & Services, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
76.15384615384615%
7.6
Centralized event and log data collection
100%
10.0
Correlation
100%
10.0
Event and log normalization/management
70%
7.0
Deployment flexibility
80%
8.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
N/A
N/A
Log retention
100%
10.0
Data integration/API management
80%
8.0
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
100%
10.0
Response orchestration and automation
100%
10.0
Incident indexing/searching
100%
10.0
October 24, 2023

Sentinel: Your one stop SIEM for cloud for Bird's Eyes by MS.

Verified User
Analyst in Information Technology
Electrical & Electronic Manufacturing Company, 5001-10,000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
76.92307692307692%
7.7
Centralized event and log data collection
80%
8.0
Correlation
70%
7.0
Event and log normalization/management
60%
6.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
70%
7.0
Custom dashboards and workspaces
50%
5.0
Host and network-based intrusion detection
80%
8.0
Log retention
80%
8.0
Data integration/API management
80%
8.0
Behavioral analytics and baselining
70%
7.0
Rules-based and algorithmic detection thresholds
90%
9.0
Response orchestration and automation
100%
10.0
Incident indexing/searching
70%
7.0
October 23, 2023

Microsoft Sentinel, the scaleable cloud-native SIEM platform

Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
71.53846153846155%
7.2
Centralized event and log data collection
80%
8.0
Correlation
80%
8.0
Event and log normalization/management
60%
6.0
Deployment flexibility
50%
5.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
50%
5.0
Log retention
70%
7.0
Data integration/API management
80%
8.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
70%
7.0
Response orchestration and automation
60%
6.0
Incident indexing/searching
90%
9.0
October 19, 2023

Unleashing the Power of Data for Seamless Security Investigations

Verified User
Executive in Professional Services
Marketing & Advertising Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
80.76923076923077%
8.1
Centralized event and log data collection
80%
8.0
Correlation
70%
7.0
Event and log normalization/management
80%
8.0
Deployment flexibility
90%
9.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
80%
8.0
Log retention
80%
8.0
Data integration/API management
80%
8.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
70%
7.0
Response orchestration and automation
80%
8.0
Incident indexing/searching
90%
9.0
October 02, 2023

Review of Microsoft Sentinel

Verified User
Account Manager in Customer Service
Internet Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
77.6923076923077%
7.8
Centralized event and log data collection
80%
8.0
Correlation
80%
8.0
Event and log normalization/management
70%
7.0
Deployment flexibility
70%
7.0
Integration with Identity and Access Management Tools
70%
7.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
80%
8.0
Log retention
70%
7.0
Data integration/API management
80%
8.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
90%
9.0
Incident indexing/searching
80%
8.0
September 22, 2023

One stop solution for all security needs. Transforming Security with AI and Automation

Namandeep Bhatia | TrustRadius Reviewer
Namandeep Bhatia
Co Founder & Chief Technology Officer
Pickright Technologies (Financial Services, 11-50 employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (9)
73.33333333333333%
7.3
Centralized event and log data collection
80%
8.0
Correlation
70%
7.0
Event and log normalization/management
70%
7.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
70%
7.0
Log retention
70%
7.0
Data integration/API management
70%
7.0
Response orchestration and automation
80%
8.0
Incident indexing/searching
70%
7.0
September 20, 2023

Excellent cloud security solution with intelligent analytics and automation offered by Microsoft.

Glenn H. Miller | TrustRadius Reviewer
Glenn H. Miller
Chief Engineer
Helix Energy Solutions Group (Oil & Energy, 1001-5000 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
85.38461538461539%
8.5
Centralized event and log data collection
90%
9.0
Correlation
80%
8.0
Event and log normalization/management
90%
9.0
Deployment flexibility
90%
9.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
90%
9.0
Log retention
80%
8.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
90%
9.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
80%
8.0
Incident indexing/searching
90%
9.0
September 20, 2023

A big SIEM or a little SOAR?

Verified User
Analyst in Information Technology
Information Technology & Services Company, 11-50 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
84.61538461538461%
8.5
Centralized event and log data collection
80%
8.0
Correlation
100%
10.0
Event and log normalization/management
80%
8.0
Deployment flexibility
90%
9.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
60%
6.0
Host and network-based intrusion detection
70%
7.0
Log retention
90%
9.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
100%
10.0
Rules-based and algorithmic detection thresholds
90%
9.0
Response orchestration and automation
80%
8.0
Incident indexing/searching
90%
9.0
September 13, 2023

Microsoft Sentinel Review

Verified User
Employee in Information Technology
Information Technology & Services Company, 5001-10,000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 13, 2023

Microsoft Sentinel Review

Verified User
Consultant in Information Technology
Information Technology & Services Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 13, 2023

Microsoft Sentinel Review

Verified User
Analyst in Information Technology
Hospital & Health Care Company, 5001-10,000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 13, 2023

Microsoft Sentinel Review

GC
Gianni Castaldi
Security Consultant
Kustoworks (Information Technology & Services, 1-10 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 12, 2023

Microsoft Sentinel

Verified User
Employee in Other
Information Technology & Services Company, 10,001+ employees
Score 8 out of 10
Vetted Review
ResellerIncentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 12, 2023

Microsoft Sentinel Review

Verified User
Engineer in Information Technology
Electrical & Electronic Manufacturing Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
September 12, 2023

Microsoft Sentinel Review

Verified User
Advisor in Information Technology
Entertainment Company, 5001-10,000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (13)
N/A
N/A
Centralized event and log data collection
N/A
N/A
Correlation
N/A
N/A
Event and log normalization/management
N/A
N/A
Deployment flexibility
N/A
N/A
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
N/A
N/A
Host and network-based intrusion detection
N/A
N/A
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Incident indexing/searching
N/A
N/A
July 06, 2023

Excellent solution for attack detection and raising alarms

Verified User
Engineer in Information Technology
Leisure, Travel & Tourism Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (14)
87.14285714285714%
8.7
Centralized event and log data collection
90%
9.0
Correlation
90%
9.0
Event and log normalization/management
90%
9.0
Deployment flexibility
90%
9.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
90%
9.0
Log retention
80%
8.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
90%
9.0
Reporting and compliance management
90%
9.0
Incident indexing/searching
90%
9.0
August 16, 2021

Sentinel Has Come A Long Way

MB
Michael Bobo
IT Director
Martin Retail Group (Marketing & Advertising, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (14)
88.57142857142858%
8.9
Centralized event and log data collection
100%
10.0
Correlation
100%
10.0
Event and log normalization/management
90%
9.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
100%
10.0
Custom dashboards and workspaces
80%
8.0
Host and network-based intrusion detection
80%
8.0
Log retention
90%
9.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
90%
9.0
Rules-based and algorithmic detection thresholds
90%
9.0
Response orchestration and automation
90%
9.0
Reporting and compliance management
90%
9.0
Incident indexing/searching
90%
9.0
July 22, 2021

One of the best cloud security solutions with intelligent analytics and automation.

Flavio Pereira | TrustRadius Reviewer
Flavio Pereira
Analista de sistemas
Nestlé (Food & Beverages, 10,001+ employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (14)
96.42857142857142%
9.6
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
100%
10.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
100%
10.0
Host and network-based intrusion detection
100%
10.0
Log retention
90%
9.0
Data integration/API management
100%
10.0
Behavioral analytics and baselining
90%
9.0
Rules-based and algorithmic detection thresholds
100%
10.0
Response orchestration and automation
100%
10.0
Reporting and compliance management
100%
10.0
Incident indexing/searching
90%
9.0
July 22, 2021

Azure Sentinel is your go to solution for your Azure resources

Verified User
Manager in Information Technology
Information Technology & Services Company, 201-500 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Microsoft Sentinel Feature Ratings
Security Information and Event Management (SIEM) (14)
97.85714285714286%
9.8
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
100%
10.0
Deployment flexibility
90%
9.0
Integration with Identity and Access Management Tools
100%
10.0
Custom dashboards and workspaces
100%
10.0
Host and network-based intrusion detection
90%
9.0
Log retention
100%
10.0
Data integration/API management
100%
10.0
Behavioral analytics and baselining
100%
10.0
Rules-based and algorithmic detection thresholds
100%
10.0
Response orchestration and automation
100%
10.0
Reporting and compliance management
100%
10.0
Incident indexing/searching
100%
10.0
Return to navigation