Microsoft Sentinel Review
Updated July 24, 2025

Microsoft Sentinel Review

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

A lot of things related to what can be installed. Emails pretty much to make sure that bad actors don't add up within our perimeter.

Pros

  • Every time when I try to install something I really like it doesn't let me do it. So it's a pro.

Cons

  • The biggest con I can tell that it's actually consumes quite a lot of CPU power and energy on my laptop.
  • definitely positive
That would be source number one. Something related networking and something from emails. I don't know exactly where it's from. Probably from APIs.
I don't remember. It was a while ago, but I don't remember any issue, which is a good thing.
I think we were forced to try it, but I am not aware of any positive or negative outcomes.
I don't, but other people do. And since I know that they use it, that's actually a good thing for Sentinel.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

No

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

When someone is trying to solve a problem and try to install on his laptop or on the server something inappropriate, which could be from questionable sources, Sentinel doesn't let to do it. Another thing is, I think it's Sentinel job to when someone fiddle with system settings and to try to circumvent enterprise management of their hardware. I think Sentinel prohibited the thing too, but I don't remember exactly these two would be the most important features.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
Not Rated
Centralized event and log data collection
Not Rated
Correlation
Not Rated
Event and log normalization/management
Not Rated
Deployment flexibility
Not Rated
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
Not Rated
Host and network-based intrusion detection
Not Rated
Log retention
Not Rated
Data integration/API management
Not Rated
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
Not Rated
Response orchestration and automation
Not Rated
Incident indexing/searching
Not Rated

Using Microsoft Sentinel

1000 - I would say that thousands of people benefit from Sentinel Automated Incident Response (SOAR Capabilities) along with the whole organization. I'm talking about users not admins.
10 - I don't know exact number this is a guess. These admins and analysts work on other things as well.
  • Orchestration of Preventative Actions
  • Detection and Alerting
  • Endpoint Isolation for Malware Detection
  • Security Logs management and analysis
  • using the logs for performance issues analysis
  • Better threat intelligence
  • Better Orchestration of Preventative Actions
it does the job reasonably well

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel