1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel
Why you should start using Microsoft Sentinel today.
October 27, 2023

Why you should start using Microsoft Sentinel today.

Rogier Dijkman | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

We are using Microsoft Sentinel as our main SIEM solution at Nedscaper for managing out customers that are onboarded to our MXDR service. The main challenge is distributing analytics rules, playbooks, watchlists, and other artifacts at scale without implementing complex deployment pipelines in either GitHub or Azure DevOps. There are several options available, like Azure Lighthouse or using the Microsoft Sentinel Workspace Manager (Preview). Both have their pros and cons on both authentication levels, as scalability and support in artifacts that can be synchronized.
  • Correlating Security Data.
  • Automated response.
  • Threat Intelligence mapping.
  • Performance on data ingestion.
  • Performance on query data.
  • Normalizing data.
  • Productivity in out SOC went up.
  • More control over environments.
All Microsoft Cloud products Palo Alto Barracuda Fortigate Cisco Darktrace BeyondTrust Azure DevOps GitHub CheckPoint F5, etc.
For some products, this went flawless, but other connectors are more complex. Especially when working with systems like the Cisco FirePower or solutions that need to be queried through a FunctionApp makes the implementation more fragile.
N/A
Microsoft Sentinel is one of the products that are being used in the investigation phases. Depending on the incident, multiple Microsoft Portals are used to retrieve the required information to investigate an incident. The mapping between resources and events is really powerful and gives a detailed overview of the incidents.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

Microsoft Sentinel is a great fit for any environment running Microsoft systems, either on-premises or cloud The integration between the Microsoft SaaS products and Sentinel is great and easy to configure. Nowadays, more and more 3rd solution providers are creating an integration with Microsoft Sentinel to easily onboard their products through the Content Hub.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
9.0
Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
7
Deployment flexibility
8
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
8
Host and network-based intrusion detection
Not Rated
Log retention
10
Data integration/API management
8
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
10
Response orchestration and automation
10
Incident indexing/searching
10

Using Microsoft Sentinel

40 - Most people who are using Microsoft Sentinel in our organization are working in our SOC or work as a Cloud Security Consultant. The consultants are primarily supporting our customers in implementing, configuring, and using Microsoft Sentinel. We regularly provide workshops and webinars on how to get the most out of the product.