Microsoft Sentinel Review
September 12, 2023
Microsoft Sentinel Review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Sentinel
We use it as our SOC tool for all the incidents, automation, and digging through logs, and connecting applications to Sentinel so we can see whatever logs come in from different applications.
- Getting incidents from other applications like Cisco, Meraki, or Umbrella and then ingesting the logs, creating the incident and notification of course, like playbooks.
- Data connectors, for example, Cisco Umbrella. It's either grab all the logs or nothing. We just want to grab certain logs from Umbrella. We can't do it. We have to do a custom data connector. It's just a lot of work for customers.
- Positive is we have a lot of insights or Microsoft 365 in general, like the admin center, defender, compliance, everything gets fed to Sentinel, so it's awesome. That's a very positive thing.
Other than the Microsoft Suite, like the Defender, Azure and all these, they get fed. We got Meraki, we got Cisco Umbrella, we got Windows Locks, we got Azure Arc getting fed into Sentinel as well.
Not yet, no.
We use it whenever there's an incident with medium and high. If we get an alert a query or something, we just look it up and see what are the lock from source destination, IP port, it's very helpful. You have everything in one place. Saved me time.
We just stick with Sentinel because it works well with our Suite Office 65.
Do you think Microsoft Sentinel delivers good value for the price?
Yes
Are you happy with Microsoft Sentinel's feature set?
Yes
Did Microsoft Sentinel live up to sales and marketing promises?
Yes
Did implementation of Microsoft Sentinel go as expected?
Yes
Would you buy Microsoft Sentinel again?
Yes