Microsoft Sentinel feels so futuristic
July 23, 2025

Microsoft Sentinel feels so futuristic

Mohamad Islam Hamadieh | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

Microsoft Sentinel is used as log management and SIEM tool , the tool replaces legacy on prem SIEMs having all your logs in the cloud.
the tool solves security monitoring and threat hunting problems.
it also enables an integrated automation solution (logic apps) from within the solution it self .
the connectors (log source integrations )usually comes with multiple detection rules and dashboards

Pros

  • Very good UI
  • Very good support to MS log sources
  • Good Threat hunting module
  • Automation through logic apps

Cons

  • Having less rapid changes of terminologies
  • Having less rapid changes in documentation
  • Having better documentation for connectors
  • Made it so easy to integrate MS solutions into SIEM
MS Defender
Office 365
MS WAF
Palo alto FWs
Windows servers
linux servers
Windows VMs in the cloud
It's different for each type ranging from pretty east to a bit complicated
We haven't used AI
we used analytics for threat detection which allowed for different scenarios to be detected that was possible using regular detection rules
The investigation using Kql needs a bit of learning, but once it clicks its very easy and can lead you to what you need with no problems.
the long searching functionality is also very fast compared to other SIEM where it usually takes seconds only to load the required logs.
the log result table can benefit from some UI improvements
Microsoft Sentinel feels on another different level from these solutions , all in the cloud . No need for troubleshooting , deployment or upgrades. Constant updates from the vendor and good support

Do you think Microsoft Sentinel delivers good value for the price?

Not sure

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

Yes

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

A cloud environment with good amount of MS solution.
No regulations that prevent from having the logs on the cloud.
having engineers with kql expertise.
its also provide a very flexible pricing structure where you can increase your allocated MPS as you go , so its suited if the environment is still not sure how much they went to invest into a SIEM solution

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
8.7
Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
6
Deployment flexibility
6
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
9
Host and network-based intrusion detection
10
Log retention
10
Data integration/API management
7
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
10
Response orchestration and automation
8
Incident indexing/searching
10

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel