Microsoft Corporation

Microsoft Sentinel

Composite Score

8.3 /10

CX Score

8.5 /10

55 Reviews Write a Review

Claim Software

What is Microsoft Sentinel?

Modernize your security operations center (SOC) with Microsoft Sentinel. Uncover sophisticated threats and respond decisively with an intelligent, comprehensive security information and event management (SIEM) solution for proactive threat detection, investigation, and response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing costs as much as 48 percent compared to legacy SIEM solutions.

Company Details

Need Assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Get Assistance

Awards & Recognition

Microsoft Sentinel won the following awards in the Security Information and Event Management category

Filter By

2024 Data Quadrant Gold Medalist

Latest Award, 2024

2024 Emotional Footprint Champion

2024

Product Impact

2024

2023 Data Quadrant Gold Medalist

2023

0 Top Rated Capabilities

2 Top Rated Features

2023

Microsoft Sentinel Ratings

Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard to access more information on Microsoft Sentinel.

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

86 Likeliness to Recommend

98 Plan to Renew

75 Satisfaction of Cost Relative to Value

{y}

{name}

Emotional Footprint Overview

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

+84 Net Emotional Footprint

The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.

How much do users love Microsoft Sentinel?

2% Negative

4% Neutral

94% Positive

Pros

Performance Enhancing
Reliable
Security Protects
Enables Productivity

Feature Ratings

Average 77

Scalability and Network Performance

Security Threat Visibility

Analytics and Reporting

Incident Management and Remediation

Data Security and Retention

Threat Intelligence

Orchestration Automation and Response (NG)

Big Data Analytics

Log Collection

Correlation

Business Intelligence Tools

Vendor Capability Ratings

Average 76

Breadth of Features

Ease of Implementation

Ease of IT Administration

Quality of Features

Ease of Data Integration

Usability and Intuitiveness

Business Value Created

Product Strategy and Rate of Improvement

Vendor Support

Ease of Customization

Availability and Quality of Training

Microsoft Sentinel Reviews

Role: Information Technology
Industry: Technology
Involvement: IT Leader or Manager

Validated Review

Anonymous Reviewer

Submitted Oct 2020

Combat virtual threats automatically.

Likeliness to Recommend

9 /10

Pros

Helps Innovate
Reliable
Performance Enhancing
Enables Productivity

Alexander A.

Role: Information Technology
Industry: Healthcare
Involvement: Business Leader or Manager

Validated Review

Verified Reviewer

Submitted Aug 2020

Azure Sentinel soars above other SIEMs!!!

Likeliness to Recommend

10 /10

What differentiates Microsoft Sentinel from other similar products?

Unlike similar products, Azure Sentinel essentially is a central place to analyze your security data, across all parts of your environment. With Sentinel you can consume security related data from almost any source – not just sources inside your Microsoft tenant. Some of its most advanced features include: Ingesting security data from multi-cloud and on-premise environments Analyzing large data volumes Alert triage Log management and storage Threat hunting

What is your favorite aspect of this product?

Azure Sentinel integrates with many other Azure services providing enhanced capabilities for Security Information and Event Management and Security Orchestration and Automation and Response. Also once Azure Sentinel is enabled on your Azure Monitor Log Analytics workspace, every GB of data ingested into the workspace can be retained at no charge for the first 90 days.

What do you dislike most about this product?

Currently there is no trigger in the Azure Sentinel connector when a new Azure Sentinel incident is created. It would be good to have it. This way we could integrate and automate with the other Microsoft security products (MCAS, WDATP, Azure ATP, etc.) and also with an ITSM tool like Service Now. The idea is to have a playbook run automatically whenever a new incident is created in Sentinel to: - create an incident in Service Now - send an email notification

What recommendations would you give to someone considering this product?

If you think about trying this product, it is very simple to unable it on your environment. All you need is the following: An active Azure subscription. A Log Analytics workspace. Contributor or reader permission turned on in the resource group that the workspace belongs to. Once you have that, you can browse to Sentinel within the Azure portal to deploy – then you are ready to begin adding your data connectors.

Pros

Continually Improving Product
Performance Enhancing
Enables Productivity
Unique Features

Role: C-Level
Industry: Banking
Involvement: IT Leader or Manager

Validated Review

Anonymous Reviewer

Submitted Aug 2020

This was an excellent product

Likeliness to Recommend

9 /10

Pros

Helps Innovate
Caring
Client Friendly Policies
Over Delivered

Microsoft Sentinel

What is Microsoft Sentinel?

Company Details

Need Assistance?

Awards & Recognition

2024 Data Quadrant Gold Medalist

2024 Emotional Footprint Champion

2023 Data Quadrant Gold Medalist

Microsoft Sentinel Ratings

86 Likeliness to Recommend

98 Plan to Renew

75 Satisfaction of Cost Relative to Value

Emotional Footprint Overview

+84 Net Emotional Footprint

How much do users love Microsoft Sentinel?

Pros

Feature Ratings Average rating of all product features, some of which may not be shown below

Scalability and Network Performance The product's ability to scale horizontally and vertically, while employing various methods to reduce any latency impacts from CAN activities.

Security Threat Visibility Integration with security technologies for monitoring, incident analysis, and data enrichment to enable tracking and analysis of related events.

Analytics and Reporting Includes historical & real-time dashboard visualizations, detailed & summary reporting and easy data extraction for data analysis.

Incident Management and Remediation Detection and incident management with preset and customizable remediation capabilities, integration into workflow systems, and optional automatic remediation.

Data Security and Retention Access controls to system data, protection of SIEM data, system access monitoring, external storage integration, and efficient data compression.

Threat Intelligence Security threat intelligence feed integration with ability to update multiple uses and control updating behaviors.

Orchestration Automation and Response (NG) Reduce alert and analyst fatigue by automating response.

Big Data Analytics Use of big data analytics through integration into purpose-built big data tools or native capabilities, incorporating advanced security methods.

Log Collection Collection from firewall and network logs, IDS logs, Windows server logs, web server logs, and various syslog sources.

Correlation Analyze real-time telemetry and detect attacks and other activities of interest

Business Intelligence Tools Includes planning and optimization, centralized console, insight into usage, resource utilization and activities, and BI security.

Vendor Capability Ratings Average rating of all vendor capabilities, some of which may not be shown below

Breadth of Features Users prefer feature rich software that enables them to perform diverse series of tasks. This data expresses user satisfaction with the product's breadth of features.

Ease of Implementation Successfully implementing new software is necessary to realize its full value and promote end user adoption. This data indicates whether or not the product is easy to implement.

Ease of IT Administration This data indicates whether IT personnel will be able to resolve issues and perform configurations efficiently and effectively.

Quality of Features Feature quality is just as important as quantity. Use this data to determine if this product will do what you're purchasing it to do, easily, intuitively, reliably, and effectively.

Ease of Data Integration Use this data to determine whether the product will cause headaches or make data integration easy.

Usability and Intuitiveness End user learning curves cost the organization money. Pay attention to your end users' technical ability to determine how important UX is in your purchase.

Business Value Created Software needs to create value for employees, customers, partners, and, ultimately, shareholders. This data expresses user satisfaction - or lack thereof - with the product's business value.

Product Strategy and Rate of Improvement Vendors who don't stay on top of emerging needs and trends won't enable you to meet your business goals. Use this data to separate innovators from imposters.

Vendor Support The importance of vendor support will vary for each organization depending on internal capabilities, but there will always be issues that only the vendor can resolve.

Ease of Customization Don't get bogged down in a difficult customization; use this data to make sure you can easily achieve the functionality you need for your particular situation.

Availability and Quality of Training Effective and readily available training enables users to get the most out of the software you've chosen. Use this section to make sure your vendor's training programs and materials measure up.

Microsoft Sentinel Reviews

Combat virtual threats automatically.

Likeliness to Recommend

Pros

Alexander A.

Azure Sentinel soars above other SIEMs!!!

Likeliness to Recommend

Pros

This was an excellent product

Likeliness to Recommend

Pros

Most Popular Microsoft Sentinel Comparisons

Trellix Enterprise Security Manager

Splunk Enterprise Security

IBM Security QRadar SIEM

Fortinet FortiSIEM

SolarWinds Security Event Manager

LogPoint SIEM

Feature Ratings

Scalability and Network Performance

Security Threat Visibility

Analytics and Reporting

Incident Management and Remediation

Data Security and Retention

Threat Intelligence

Orchestration Automation and Response (NG)

Big Data Analytics

Log Collection

Correlation

Business Intelligence Tools

Vendor Capability Ratings

Breadth of Features

Ease of Implementation

Ease of IT Administration

Quality of Features

Ease of Data Integration

Usability and Intuitiveness

Business Value Created

Product Strategy and Rate of Improvement

Vendor Support

Ease of Customization

Availability and Quality of Training