Microsoft Sentinel Review
April 30, 2025

Microsoft Sentinel Review

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

We use it as a central SIM to collect all of these security alerts from our customers. It overcomes the fact that you need some sort of way to centrally collect it, so the SIM will be your central collector.

Pros

  • I think the unification integration really, really works well with Microsoft Defender.

Cons

  • I would say it could improve in collecting network logs better at a lower cost with better integration, easier integration. So the support for collection of network logs would be something they should approve.
  • It's had a very positive impact. That's why I'm also recommending it. It really helped us scale our business.
We have a lot of sources. We have, I would say over 50 sources, so anywhere from on-prem data devices, endpoints, identities, cloud apps. So I would say we have a lot of them configured.
That's a question really per connector. Some connectors are hard, some are easy. I must say. Coming back to the improvement question, the networking side is pretty tough.
Yeah, so we use the AI and what do we use it for? Mostly for improving detection so that it triggers some things that it thinks are attacks and so that helps us provide better detections.
Yeah, so we use the list view a lot with the incidents, but also the graph view where we dive deeper into a problem. It made it easier. Yeah, certainly the graph made it easier.
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

If a company has a Microsoft First strategy and is very much already in the cloud, then Sentinel is well positioned.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
Not Rated
Centralized event and log data collection
Not Rated
Correlation
Not Rated
Event and log normalization/management
Not Rated
Deployment flexibility
Not Rated
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
Not Rated
Host and network-based intrusion detection
Not Rated
Log retention
Not Rated
Data integration/API management
Not Rated
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
Not Rated
Response orchestration and automation
Not Rated
Incident indexing/searching
Not Rated

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel