1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel
Review of Microsoft Sentinel
October 02, 2023

Review of Microsoft Sentinel

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

Microsoft Sentinel is currently being used as our one stop where our team monitors all alerts we get on our Azure resources. Since everything is on a single platform it makes it easier to keep a track and prioritise on the alerts.
  • Threat Detection and faster Analysis
  • Security Automation and architecture improvement
  • Onboarding and integration with client/our system can be simplified so that it can be used by everyone.
  • Integration takes longer if software is hosted outside.
  • The logs of softwares hosted in-house has room for improvement
  • Can save on costs as a single platform offers more options.
  • Resources required to manage threats have reduced.
We pull data from On-Premises Sources and also from Custom Data Sources (using API)
When setting up these connectors, the process was relatively straightforward and well-documented. Microsoft Sentinel provides a user-friendly interface within the Azure portal, making it easy to configure data sources and integrate them into our security monitoring workflow.
I Feel this feature gives Microsoft Sentinel an advantage from competitors. Because of this feature Microsoft Sentinel becomes more expensive than its competitor. We are yet to use this feature widely.
Microsoft Sentinel's investigation tools have had a positive impact on our incident investigation process. It made our investigations faster, more accurate, and more proactive, ultimately strengthening our organization's ability to detect threats effectively.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

It is good for real-time monitoring, detection of cyber threats. Microsoft Sentinel is not very recommended if you have the software hosted outside.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
7.8
Centralized event and log data collection
8
Correlation
8
Event and log normalization/management
7
Deployment flexibility
7
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
8
Host and network-based intrusion detection
8
Log retention
7
Data integration/API management
8
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
9
Incident indexing/searching
8

Using Microsoft Sentinel

This seems to be a good product but since most of our implementations are outside azure it takes time.
ProsCons
Like to use
Requires technical support
Slow to learn
Cumbersome
Lots to learn
  • Log Ingestion and Data Collection
  • Querying and Searching Data
  • Custom Alert Rule
  • Resource Scaling