Microsoft Sentinel Review
August 12, 2024

Microsoft Sentinel Review

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

The specific use case for us is trying to operate a secure environment, which is also an open environment. Being a university, we kind of have to allow staff and students to be able to look at a whole bunch of stuff we don't necessarily want them to. So we need to have a solution which allows us to secure our data but also allow our users to get on with their core business of teaching and research.

Pros

  • I think visibility is good, so visualization of what's going on in the network to allow us to see what's happening, what's not.

Cons

  • I think opposite edge to visualization is are we really seeing everything that's going on. On the network? Not sure. I guess flipping the coin one side is, look, it's great to be able to see a lot of stuff.
  • I think positive because we don't have to, like I said, we can just focus on the one thing and not have to worry about dealing with individual bits and pieces all over the place.
I am unsure
I'm not that hands on with it, so I don't know. I need to be, clearly I need to go and spend some more time with it now that I'm no longer an executive. I can actually do some real work again.
Looking at an event, it's a lot easier to track through an event rather than having to either people with a bit of paper or sticking it in a word or Excel or something crappy like that. And trying to, again, grabbing a bit from here, a bit from there, try and track down where it all went. So having, I did that seamless integrated environment to investigate an event. Hopefully not incident in just kind of makes life easier.

Do you think Microsoft Sentinel delivers good value for the price?

Not sure

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

if you're already a Microsoft shop, the integration, it's kind of seamless, pretty easy. If you are using lots of esoteric non-standard environments, weird Ask Linux deployments, running all kinds of odd services. I'm not sure about Control systems environment generally most things don't play well in control systems. Not sure. That's kind of an, "I'd probably want to know more" before I talked about that.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
Not Rated
Centralized event and log data collection
Not Rated
Correlation
Not Rated
Event and log normalization/management
Not Rated
Deployment flexibility
Not Rated
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
Not Rated
Host and network-based intrusion detection
Not Rated
Log retention
Not Rated
Data integration/API management
Not Rated
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
Not Rated
Response orchestration and automation
Not Rated
Incident indexing/searching
Not Rated

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel