Microsoft Sentinel Review
August 09, 2024

Microsoft Sentinel Review

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

We bring in all of our Microsoft logging from our E5 licensing for devices and identity and vulnerability information. We're able to correlate all that information together and we found some discrepancies in our traditional sim that Microsoft was able to solve and to get us a little bit more information and help enrich some of that data.

Pros

  • Definitely a lot of the reporting aspect, the ability to customize and pretty much, if you know, I mean you're pretty much the master of your domain depending on what K you query you want to run either for threat hunting or for just querying the logs that you're getting in.

Cons

  • I think the downside that I would say that probably the most is comes along with the pricing model. There are some ways where it's not as competitive as some other vendors.
  • It has helped us out. Right now we mostly only have the three logs coming into it and mostly just taking a look at what we have coming in versus what we're getting out of our other product that we have. It's something if the pricing were to get right, then I'd love to get rid of what we have today all in.
Right now it's all of the free licensed sources that come with our E5 agreement.
Very easy. I mean, it's pretty much once you have all of your licensing set up and everything else, it's just going to ask you for credentials and it literally takes maybe 10 minutes at most.
We've not used the AI features yet. Mostly because we've kind of got a moratorium on all AI at the moment until we have necessary data protection in place that covers.
It's helped us out greatly at the endpoint level. We've been able to extract a lot of information from some of the queries that we run and some of the information that pull in from the logs.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

It's well suited for a pay visibility with the logs that you have into it and permanent responsible ResponsePoint, you're able to do a deep dive from what you're pulling into it. One of the other detriments is you could also be your own if you've got a lot of stuff going into it and you haven't really done any tuning or anything else like that. And you should be getting a lot of garbage in coming into seven as well.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
Not Rated
Centralized event and log data collection
Not Rated
Correlation
Not Rated
Event and log normalization/management
Not Rated
Deployment flexibility
Not Rated
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
Not Rated
Host and network-based intrusion detection
Not Rated
Log retention
Not Rated
Data integration/API management
Not Rated
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
Not Rated
Response orchestration and automation
Not Rated
Incident indexing/searching
Not Rated

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel