Item: Microsoft Sentinel
Rating: 8
Author: Verified User

Overall Satisfaction with Microsoft Sentinel

Use Cases and Deployment Scope

We use it to aggregate alerts from different technologies. We look for a deposit target to ingest all our logs and we decided to go with the Microsoft stack.

Pros and Cons

Pros

It's very good to ingest logs. It's easy.
I also like the built-in libraries for detection.

Cons

I would like to be easier to whitelist alerts when I have a lot of noise from second and technology.

Return on Investment

Positive: It's much easier to investigate the logs.
Negative: I have many more logs to investigate.

Sources

Mostly Microsoft XDR, Entra ID and the Microsoft stack.

I didn't do sub, third party did, but it seems quite straightforward.

Investigation Tools

I use it as a guy CM, so I image like a sock would work.

It's buggy, but well suited if you use the full Microsoft stack. So if you use X-D-R-E-D-R is buggy easy to investigate to alerts. Sometimes when you ingest log from different technologies it might be harder.

Microsoft Sentinel Feature Ratings

Comments

Please log in to join the conversation

Microsoft Sentinel Review

Overall Satisfaction with Microsoft Sentinel

Use Cases and Deployment Scope

Pros and Cons

Pros

Cons

Return on Investment

Sources

AI and ML

Investigation Tools

Key Insights

Do you think Microsoft Sentinel delivers good value for the price?

Are you happy with Microsoft Sentinel's feature set?

Did Microsoft Sentinel live up to sales and marketing promises?

Did implementation of Microsoft Sentinel go as expected?

Would you buy Microsoft Sentinel again?

Likelihood to Recommend

Microsoft Sentinel Feature Ratings

Comments

More Reviews of Microsoft Sentinel

Microsoft Sentinel