Microsoft Sentinel Review
September 13, 2023
Microsoft Sentinel Review
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Sentinel
We use a centralized sim where we collect all the logs from our Microsoft SaaS products and from our environment network and endpoint. We also use Microsoft Defender 365 and Microsoft Defender Endpoint Security. Through the center we monitor the environment, and we have the rules in, so our security analyst watches the dashboard, and based on the alerts we built FI and incident response from the defender console, Sentinel console.
- It's good in form of the integration with the Microsoft native products like Defender or Office 365 and some of the queue, the complete visibility because if we are using the Microsoft product suite as the operating system on the endpoint and the Microsoft Defender and those things, so its is a complete end to end visibility, not just for as a sim but complete visibility of our identity. We are also having Azure ready. It gives more visibility, the users, the endpoint, and my SaaS services like the teams or I can say Outlook. I get a good visibility and the next good thing is I can mitigate the threat in real time. I can write the playbook and I can do the hunting. One of the good things Defender, I see the hunting in the playbooks. So my form analyst where from one place where I could do the monitoring, triage response, and mitigation.
- Some of the integration though it provides integration to most of the technologies, but I still think it is a scope of integration, scope for implementing the integration area so that I can integrate all the design sources to the central. Right now I experienced some challenges with my team with that.
- I can say it's one of the leading SaaS where the time to implementation is very fast. Within a few days I did start seeing the return on investment. So that's the one good thing I see about the Sentinel.
It's a Proofpoint email security then from my Palo Alto firewalls and from a graph and active directly. So all those, I can say network devices and endpoint devices, my XDR solution.
It takes little time because getting the resources in the market is quite challenging. When we started, because it was relatively new in the market, we didn't get the SMEs, Subject metrics experts, who have good hands-on experience on the defender. That's one of the aspects.
It's pretty good. It cues good visibility and faster response time to my analyst. So it's definitely both.
Do you think Microsoft Sentinel delivers good value for the price?
Yes
Are you happy with Microsoft Sentinel's feature set?
Yes
Did Microsoft Sentinel live up to sales and marketing promises?
Yes
Did implementation of Microsoft Sentinel go as expected?
Yes
Would you buy Microsoft Sentinel again?
Yes