Microsoft Sentinel Review
May 06, 2025

Microsoft Sentinel Review

Richard Dornhart | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller

Overall Satisfaction with Microsoft Sentinel

Internally we use it to gain visibility around threats within the organization, but primarily we consult with other organizations to deploy and implement Sentinel. We have a managed service built around Sentinel. So we use Sentinel as part of our managed XDR solution that we've developed with Microsoft.

Pros

  • Well, that's a good question. It does a lot, well, probably my engineers would be better positioned to answer that question, but it correlates really well. Security orchestration, it highlights risks in the organization, provides insights to our analysts to respond to threats and it implements well.

Cons

  • The licensing could be a little bit simpler
  • Probably one of my main business objectives is to drive services for our organization. Sentinel provides numerous opportunities for us to drive those services. Implementation, ongoing management, and I think because of our customer base, so interested in SOC services and our focus on Sentinel. Yeah, profitability is our objective and it helps us achieve that.
So all of the M 365 sources.
Yeah, super easy.
Yes, we do. We use them as just part of our day-to-day functionality. It's built in. Massive savings in people time.
We use it in our soc. And then how has that impacted your investigation? Again, it's reduced the time it takes to do an investigation.
Splunk, Google, SecOps. I look at how it stacks up based on the fact that it's the primary solution that we sell. So I think it stacks up really well. Why do we select it? Well, we selected it primarily because we're a very large Microsoft partner. The technology is very good and we partner really well with Microsoft. So it's just simple.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

Scenarios where it's best suited would be organizations looking to consolidate on a platform, gain better visibility of threats in their environment, reduce the amount of time it takes to search for and respond. And then scenarios where it's less appropriate. Well, I guess anything where you're not collecting, where you need to collect large amounts of information to make quick decisions.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
Not Rated
Centralized event and log data collection
Not Rated
Correlation
Not Rated
Event and log normalization/management
Not Rated
Deployment flexibility
Not Rated
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces
Not Rated
Host and network-based intrusion detection
Not Rated
Log retention
Not Rated
Data integration/API management
Not Rated
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
Not Rated
Response orchestration and automation
Not Rated
Incident indexing/searching
Not Rated

Using Microsoft Sentinel

I mean, the only thing I can say, I'll give it a 10, maybe an eight around there. I just have to base it on the fact that we've got lots of customers buying it and using it. So it must be doing something right.
ProsCons
None
None

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel