Item: Microsoft Sentinel
Rating: 9
Author: Ian Stuebe

Overall Satisfaction with Microsoft Sentinel

Use Cases and Deployment Scope

We track all our systems to protect them from any threats with Microsoft Sentinel. Before Microsoft Sentinel, it was challenging to monitor our systems and fix security issues and threats fast and in time to keep our data safe. Faster alerts are easy to obtain, and we can react and correct them more quickly to protect our data.

Pros and Cons

Pros

Keeps Everything in one place
Smart threat detection
Automatic response to threats
Clear visuals and reports

Cons

Setting up automation is complicated
Too many alerts at first
complicated permissions setup

Return on Investment

We catch problems faster
Everything is in one place
Less manual work for the team
Good return on investment

Sources

We are importing data into Microsoft Sentinel from a number of sources, including our firewalls, Azure, Microsoft 365, and even our on-site servers. We also use it to connect external servers, such as AWS. It helps us see everything in one place and stay ahead of threats. and stop security issues from arriving in our systems on time.

It was a step-by-step process to set up connectors in Microsoft Sentinel. After deciding which data source to connect, we connected them using the Azure portal. We also made sure that we had the right permissions we needed to do it. Certain connectors were simple because they were integrated, while others required additional setup, making them challenging.

AI and ML

Yes, we use Microsoft Sentinel’s smart AI tools to catch unusual or suspicious activity that might be difficult to spot otherwise. It helps cut down on false alarms by checking information from different places. This speeds up the process of identifying issues, determining what's happening, and resolving problems before they become problematic.

Investigation Tools

We use tools provided by Microsoft Sentinel to see and understand security issues. It helps us understand the level of the problems and how they arrived in our system. We address problems more quickly and effectively because we act directly from the tool. So yes, the process is simple but can be hard for beginners.

Alternatives Considered

Sumo Logic

We decided to go with Microsoft Sentinel because it works really well with Microsoft tools we are already using. Microsoft Sentinel's intelligent features detect and resolve problems more quickly than Sumo Logic. It also allows us to pay for what we use and grow as we need. While Sumo Logic is good at analyzing data, Microsoft Sentinel fits our needs.

Key Insights

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

Other Software Used

Miro, SAP Sales Cloud, Webex Meetings

Likelihood to Recommend

We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.

Microsoft Sentinel Feature Ratings

Comments

Please log in to join the conversation

Smart features that save time