Lacework vs. Microsoft Sentinel

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Lacework
Score 7.1 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.N/A
Microsoft Sentinel
Score 8.6 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Pricing
LaceworkMicrosoft Sentinel
Editions & Modules
No answers on this topic
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
Offerings
Pricing Offerings
LaceworkMicrosoft Sentinel
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
LaceworkMicrosoft Sentinel
Considered Both Products
Lacework
Chose Lacework
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you …
Microsoft Sentinel
Chose Microsoft Sentinel
We decided to go with Microsoft Sentinel because it works really well with Microsoft tools we are already using. Microsoft Sentinel's intelligent features detect and resolve problems more quickly than Sumo Logic. It also allows us to pay for what we use and grow as we need. …
Chose Microsoft Sentinel
Well, primarily we use different stuff like CrowdStrike. We use different sign-on features. We primarily use those different products because we support a wider ecosystem.
Chose Microsoft Sentinel
Splunk, Google, SecOps. I look at how it stacks up based on the fact that it's the primary solution that we sell. So I think it stacks up really well. Why do we select it? Well, we selected it primarily because we're a very large Microsoft partner. The technology is very good …
Chose Microsoft Sentinel
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.
Chose Microsoft Sentinel
In my opinion, Microsoft Sentinel is much more reliable and Trustworthy. They are a bigger name with bigger scope of use.
Chose Microsoft Sentinel
We use intune to protect endpoints and we pull logs from all the endpoints through the intune connector into the Microsoft Sentinel SIEM and that way we can run rules on those logs to find anomalies.
Chose Microsoft Sentinel
Elastic seems to have a much better interface for log search and is able to filter out noise. Microsoft Sentinel also appears to generate a lot of false positives.
Chose Microsoft Sentinel
Elastic is some carbon for various use cases. So because Elastic is a very, very wrong history in the market. So Sentinel is very recent for products from my understanding.
Chose Microsoft Sentinel
Well, we didn't select, we selected Sentinel for our Azure stuff, our Microsoft stuff, but we do use a different SIEM for the other stuff still.
Chose Microsoft Sentinel
Prior to using Sentinel, we were using Splunk specifically Splunk Enterprise Security and Splunk Cloud, so their on-prem and their cloud-based products. We switched originally for cost reasons, specifically cost control, but I have found that the ability to create reports, the …
Chose Microsoft Sentinel
We've used Splunk before, but it really is just pick your poison. They're all very similar.
Chose Microsoft Sentinel
Based on the overall infrastructure configuration that we have and also after analysing various solutions provided by Microsoft Sentinel, we came to a conclusion that the Microsoft Sentinel is the best option for us to help us in overall threat detection on our custom servers, …
Chose Microsoft Sentinel
Sentinel AI makes it a better choice. Also, its flexibility and customization make it a bit more costly than other competitors.
Chose Microsoft Sentinel
I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate …
Chose Microsoft Sentinel
The SecureWorks product is a more mature product. We prefer the SecureWorks product over Microsoft Sentinel at this point.
Chose Microsoft Sentinel
As mentioned, the product was part of the purchase of several Microsoft Suites that we did earlier last year and with 200 licenses included, we can exclude those from the other SIEM and SOAR product, it just work well with the Microsoft's environment that we partially have
Is …
Chose Microsoft Sentinel
The key advantage of using Sentinel lies in Microsoft already being a renowned name in cloud services. Hence, the Collection of data at the cloud scale across all users, devices, applications, and infrastructure, both on-premises and especially in the MS Cloud, is super easy. …
Chose Microsoft Sentinel
ArcSight is an on-prem solution that has a different approach than Sentinel.

In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that …
Chose Microsoft Sentinel
We checked, McAfee Enterprise Security Manager (ESM).
In my opinion, Microsoft Sentinel is beter wit AI capacity and good community.
Chose Microsoft Sentinel
We don't need to maintain a third-party SaaS solution or spend any time integrating it since Microsoft Sentinel is the ideal option to give a single point of attack detection and alert monitoring.
Chose Microsoft Sentinel
Microsoft Sentinel really goes the extra mile when it comes to an SIEM that slowly improves toward a proper SOAR, this may be the best selling point of the entire solution. Highly scalable, cloud-based, and nearly perfect when dealing with Microsoft-based infrastructures, …
Chose Microsoft Sentinel
No, this is the only one.
Chose Microsoft Sentinel
Most of those have been out in the industry for a longer time, so they have a lot more user friendliness to them. So I'd say it's in the mix. It's just not as high as it should be or I would expect it to be.
Chose Microsoft Sentinel
Previous to Azure Sentinel, we were using the McAfee SIM and it just wasn't keeping up with the times and that was the choice of moving to Azure Sentinel.
Chose Microsoft Sentinel
We just stick with Sentinel because it works well with our Suite Office 65.
Features
LaceworkMicrosoft Sentinel
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Lacework
-
Ratings
Microsoft Sentinel
7.3
Ratings
6% below category average
Centralized event and log data collection00 Ratings8.20 Ratings
Correlation00 Ratings7.10 Ratings
Event and log normalization/management00 Ratings6.90 Ratings
Deployment flexibility00 Ratings7.30 Ratings
Integration with Identity and Access Management Tools00 Ratings6.50 Ratings
Custom dashboards and workspaces00 Ratings7.50 Ratings
Host and network-based intrusion detection00 Ratings5.00 Ratings
Data integration/API management00 Ratings6.40 Ratings
Behavioral analytics and baselining00 Ratings6.70 Ratings
Rules-based and algorithmic detection thresholds00 Ratings7.80 Ratings
Response orchestration and automation00 Ratings7.30 Ratings
Reporting and compliance management00 Ratings9.00 Ratings
Incident indexing/searching00 Ratings8.50 Ratings
Best Alternatives
LaceworkMicrosoft Sentinel
Small Businesses

No answers on this topic

LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 3.9 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
Sumo Logic
Sumo Logic
Score 9.4 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
Sumo Logic
Sumo Logic
Score 9.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
LaceworkMicrosoft Sentinel
Likelihood to Recommend
7.1
(0 ratings)
8.5
(0 ratings)
Likelihood to Renew
-
(0 ratings)
8.2
(0 ratings)
Usability
-
(0 ratings)
7.3
(0 ratings)
Support Rating
-
(0 ratings)
8.0
(0 ratings)
User Testimonials
LaceworkMicrosoft Sentinel
Likelihood to Recommend
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
Read full review
We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.
Read full review
Pros
  • The detailed visibility of all our container across multiple accounts is great.
  • Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up.
  • The lacework team is very helpful before and during purchase.
Read full review
  • It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers.
  • It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines.
  • One good thing about this tool is automated incident response thereby increasing the security of servers.
Read full review
Cons
  • Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
Read full review
  • It takes some time to learn how to use and install it properly, and it does not connect effectively with external PaaS systems such as Salesforce CRM, Salesforce Commerce Cloud, and so on.
  • Microsoft can simplify the display of the logs to make them easier to study, and the user interface occasionally delays, which can also be enhanced.
Read full review
Likelihood to Renew
No answers on this topic
it does the job reasonably well
Read full review
Usability
No answers on this topic
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review
Support Rating
No answers on this topic
Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review
Alternatives Considered
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Read full review
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
Read full review
Return on Investment
  • Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
Read full review
  • As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
Read full review
ScreenShots

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities