One tool to oversee it all
December 11, 2025

One tool to oversee it all

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

Complex technological landscapes demand an orchestation tool to collect all the inputs, equalize the different formats and languages, and present the information in a way that is usefull to know what is happening. Microsoft Sentinel help us to look in one place, correlate, make zoom in and out and finally understand the action within our organization in such way that we can take action if needed

Pros

  • Correlate
  • Unify formats
  • Report

Cons

  • Native integrations
  • Visual presentation
  • Initial setup
  • You cannot protect what you cannot see
  • Almost seamless integration with standard components
  • Unique control tower with clear reporting
Operative Systems, Data bases, software applications, both developed in house or adquired, proxys, firewalls, network devices in general, antivirus, cloud environment, microsoft 365 services, were has been particulary usefull, since most of our users activity is registered and unsual logs had help us to identify and respond to real threat situations
In standard platform is pretty straighforward, it allows you to focus only were is needed.
No, we relly on a different tool to acomplish this activities, basically because we continued using our current security partner service to do so. Probably this is something that we are going to explore in the short team, to look for synergies or budget efficiencies, hope to let you know soon!
Microsoft Sentinel is a world class tool to understand what is happening on your landscape, has great integrations, at a native level for most inputs that you may have, presents the info in a clear and consolidated way, and for sure will be in the short list of every big company SIEM tool options
Again, this particular feature is outsourced with our security partner, but would like to explore it deeper in the short term
Most of our landscape, both on prem and cloude, is based in Microsoft technologies, while the unification of tools implies some risk, decreasing the vendor levels simplify integrations, and by scale, help us to reduce costs too. Yes, the tool itself is a good contender, but the complete portfolio of a major supplier is the real deal from my perspective

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

I can only speak from my perspective, that is really positive. We have a complex landscape, with multiple platforms, different Operative Systems, in extended time zones, and has proof to be a great fit. In a simpler scenario, with fewer and homogenous sources, probably you could find a more afordable tool.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
8.3
Centralized event and log data collection
9
Correlation
9
Event and log normalization/management
10
Deployment flexibility
7
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
7
Host and network-based intrusion detection
9
Log retention
9
Data integration/API management
8
Behavioral analytics and baselining
7
Rules-based and algorithmic detection thresholds
7
Response orchestration and automation
9
Incident indexing/searching
8

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel