IBM Guardium is IBM's data security posture management solution, that aims to offer organizations comprehensive visibility, actionable insights and real-time controls to help users comply with regulations, preserve privacy and secure sensitive data no matter where it is stored.
N/A
Microsoft Sentinel
Score 8.6 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Pricing
IBM Guardium
Microsoft Sentinel
Editions & Modules
No answers on this topic
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
Offerings
Pricing Offerings
IBM Guardium
Microsoft Sentinel
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
Pricing is dependent based on data source environment.
IBM Security Guardium is better with its compatibility and integration methods and compatibility matrix, the other products don't cover all the database motors that IBM Guardium can do, regarding to brand, versions and editions of the database motors, IBM support and licensing …
Especially cost, we use both products, but cost, we use Imperva a lot and other databases, but cloud is where we are really looking for a new differentiator. That's where I would say we still don't have anybody in that space here. Especially it can identify the risks related to …
Well, like I say, there's a couple out there that do this kind of thing as well. So TRX being one of the ones that do something in this space too. Also very good product. I don't think there's a lot between them to be honest. We have IBM as a partner in my organization so they …
The integration is excellent. Versatile deployment options are an advantage of using it. The ability to easily complete vulnerability assessments with comparable scores and observe activity in our data environment is one of the best features. In order to improve our security …
You can not learn Imperva within 1 year. The interface is complicated and difficult to understand. Additionally, Impervan's product scope is not as broad as Guardium's. Guardium is ahead in this regard with its other modules. At Imperva, product admin and access manager are not …
IBM Security Guardium uses advanced technologies, such as behavioral analysis and machine learning, to detect and respond to security threats in real time. This enables more accurate detection and faster response to threats compared to other similar software.
IBM Security Guardium provides many more features and capabilities than all the other tools evaluated for this decision. To begin with, there are limited databases that are supported by other database security tools. None of the other evaluated tools have the ability to mask …
IBM Security Guardium is a perfect tool that is a little bit more costly than other tools available on the market. But as compared to features this tool provides a lot of features that can help to detect the anomalies in the data and even help to identify the advanced threats …
IBM Security Guardium has extended capabilities of automatically locating databases and assessing the vulnerabilities and configuration flaws in them. IBM Security Guardium stacks up against other products due to the additional features that can be easily added to your IT …
When compared to the others, IBM Security Guardium offers a decent platform. In South Africa, IBM Security Guardium users are ecstatic, therefore it's a winner. The agent's stability is superior to that of others. It outperforms the competition (Vulnerability Assessment, …
The architecture of IBM Guardium give us flexibility to access activities, create policies and management. Easy deployment and stabilization of product can be other reason for preference. Can be easy manage and track activities' backup node of databases in a disaster recovery …
We decided to go with Microsoft Sentinel because it works really well with Microsoft tools we are already using. Microsoft Sentinel's intelligent features detect and resolve problems more quickly than Sumo Logic. It also allows us to pay for what we use and grow as we need. …
Well, primarily we use different stuff like CrowdStrike. We use different sign-on features. We primarily use those different products because we support a wider ecosystem.
Splunk, Google, SecOps. I look at how it stacks up based on the fact that it's the primary solution that we sell. So I think it stacks up really well. Why do we select it? Well, we selected it primarily because we're a very large Microsoft partner. The technology is very good …
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.
We use intune to protect endpoints and we pull logs from all the endpoints through the intune connector into the Microsoft Sentinel SIEM and that way we can run rules on those logs to find anomalies.
Elastic seems to have a much better interface for log search and is able to filter out noise. Microsoft Sentinel also appears to generate a lot of false positives.
Elastic is some carbon for various use cases. So because Elastic is a very, very wrong history in the market. So Sentinel is very recent for products from my understanding.
Prior to using Sentinel, we were using Splunk specifically Splunk Enterprise Security and Splunk Cloud, so their on-prem and their cloud-based products. We switched originally for cost reasons, specifically cost control, but I have found that the ability to create reports, the …
Based on the overall infrastructure configuration that we have and also after analysing various solutions provided by Microsoft Sentinel, we came to a conclusion that the Microsoft Sentinel is the best option for us to help us in overall threat detection on our custom servers, …
I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate …
As mentioned, the product was part of the purchase of several Microsoft Suites that we did earlier last year and with 200 licenses included, we can exclude those from the other SIEM and SOAR product, it just work well with the Microsoft's environment that we partially have Is …
The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. …
ArcSight is an on-prem solution that has a different approach than Sentinel.
In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that …
We don't need to maintain a third-party SaaS solution or spend any time integrating it since Microsoft Sentinel is the ideal option to give a single point of attack detection and alert monitoring.
Microsoft Sentinel really goes the extra mile when it comes to an SIEM that slowly improves toward a proper SOAR, this may be the best selling point of the entire solution. Highly scalable, cloud-based, and nearly perfect when dealing with Microsoft-based infrastructures, …
Most of those have been out in the industry for a longer time, so they have a lot more user friendliness to them. So I'd say it's in the mix. It's just not as high as it should be or I would expect it to be.
Previous to Azure Sentinel, we were using the McAfee SIM and it just wasn't keeping up with the times and that was the choice of moving to Azure Sentinel.
It checks many boxes when it comes to security. It allows you to see all the DB activity that goes on, report on it, and send it to SIEM. The analytics part extends this product even more. The investigation dashboard makes it easier to find outliers or specifics without running queries or reports.
We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.
It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers.
It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines.
One good thing about this tool is automated incident response thereby increasing the security of servers.
It takes some time to learn how to use and install it properly, and it does not connect effectively with external PaaS systems such as Salesforce CRM, Salesforce Commerce Cloud, and so on.
Microsoft can simplify the display of the logs to make them easier to study, and the user interface occasionally delays, which can also be enhanced.
It is a perfect system to detect problems that we do not see manually, it is light, with a very simple learning curve and with great protection of our data, we will use it forever.
It might look complex in the beginning but once you get hold of it by going through all of the documentation then it seems to be very smooth. The configuration is comparatively easy and the user can understand it on their own without any external help. The overall learning curve is Ok.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
There has been great support coming from IBM. It is easy to use and a great way to keep our data secure. I would recommend this to other possible users and if I were to move companies, I would recommend we use this there too. Thank you
IBM Security Guardium uses advanced technologies, such as behavioral analysis and machine learning, to detect and respond to security threats in real time. This enables more accurate detection and faster response to threats compared to other similar software
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.