Microsoft Sentinel Review
September 13, 2023
Microsoft Sentinel Review
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Sentinel
Well, it's our SIEM, so it does all our correlation engines and data gathering, and we do a lot of querying in it.
- It really does do a very good job of collecting end user data or end user and device data to correlate against.
- Their UEBA really needs to grow out of the Microsoft space.
- I think they need to be a little bit more friendly using their workbooks, so that's probably where I see it should grow.
- Positive is that we're able to reach into more systems and grab more granular data.
Multiple. We have email ingest, all of the O365 stuff and our firewalls, mainly.
It wasn't that hard. It was just dropping the data and then pipelining it in, so it's not that bad.
Yes, we're using it right now just on the Microsoft stuff, since that's all it does. So if it were to branch out, we'd love it to do more networking and add behavioral and machine learning analytics around all of their data sources, not just Microsoft agnostic. We've successfully deployed it into the environment. We haven't seen a huge ROI yet, but we do like the interface and a lot of other teams are actually using it as well. So it's been a good introduction to our environment.
They're pretty good. Their workbooks are where they really live up to a lot of their consolidation of data, so it's really good. Definitely made it a little bit easier in some questions, it's been good.
Most of those have been out in the industry for a longer time, so they have a lot more user friendliness to them. So I'd say it's in the mix. It's just not as high as it should be or I would expect it to be.
Do you think Microsoft Sentinel delivers good value for the price?
Yes
Are you happy with Microsoft Sentinel's feature set?
Yes
Did Microsoft Sentinel live up to sales and marketing promises?
No
Did implementation of Microsoft Sentinel go as expected?
No
Would you buy Microsoft Sentinel again?
Yes