TrustRadius: an HG Insights company
Back to Overview
Microsoft Sentinel Logo

Microsoft Sentinel Reviews and Ratings

Rating: 8.4 out of 10
Score
8.4 out of 10
Free Trial

Reviews

53 Reviews

Smart features that save time

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We track all our systems to protect them from any threats with Microsoft Sentinel. Before Microsoft Sentinel, it was challenging to monitor our systems and fix security issues and threats fast and in time to keep our data safe. Faster alerts are easy to obtain, and we can react and correct them more quickly to protect our data.

Pros

  • Keeps Everything in one place
  • Smart threat detection
  • Automatic response to threats
  • Clear visuals and reports

Cons

  • Setting up automation is complicated
  • Too many alerts at first
  • complicated permissions setup

Likelihood to Recommend

We use it because when a user sees the suspicious activity on his account, Microsoft Sentinel gives alerts to the user's system and the admin system as well. When a user of one of our systems clicked a spam email, that email was trying to install a virus on our server, but Microsoft Sentinel gave an alert to the user and admin both, so that is why our team was able to fix that issue with Microsoft Sentinel very fast. However, it will not be the best option for you if your team is utilizing every feature but you are on a tight budget.

IS
Ian Stuebe
Project Manager in Information Technology at Apex Warehouse Systems (51-200 employees)
Vetted Review
Microsoft Sentinel
3 years of experience

Sentinel Review

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

We mainly use it for another company tennet. They're mostly Microsoft, so we have to go inside their tenants. I know there is some products within out company that do use Microsoft as well, but we primarily use it for our other tenant.

Pros

  • Detections
  • Breakdowns
  • Point to blank

Cons

  • One of the things I would like to see differently is bringing it all in together. Cause I have to go to Azure and I have to go to other products and a lot of that can get confusing really fast. I would just like to have one kind of singular home point where I can go to different products.

Likelihood to Recommend

Quarantining detections are really relevant and being able to investigate particularly what someone has done. What's not so relevant is product security or not even product security. Endpoint security and management of users, I would say.

VU
Verified User
Analyst in Information Technology (10,001+ employees)
Vetted Review
Microsoft Sentinel
2 years of experience

Microsoft Sentinel Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Internally we use it to gain visibility around threats within the organization, but primarily we consult with other organizations to deploy and implement Sentinel. We have a managed service built around Sentinel. So we use Sentinel as part of our managed XDR solution that we've developed with Microsoft.

Pros

  • Well, that's a good question. It does a lot, well, probably my engineers would be better positioned to answer that question, but it correlates really well. Security orchestration, it highlights risks in the organization, provides insights to our analysts to respond to threats and it implements well.

Cons

  • The licensing could be a little bit simpler

Likelihood to Recommend

Scenarios where it's best suited would be organizations looking to consolidate on a platform, gain better visibility of threats in their environment, reduce the amount of time it takes to search for and respond. And then scenarios where it's less appropriate. Well, I guess anything where you're not collecting, where you need to collect large amounts of information to make quick decisions.

RD
Richard Dornhart
National Security Practice Manager in Sales at Data#3 (1001-5000 employees)
Vetted Review
Reseller
Microsoft Sentinel
5 years of experience

Microsoft Sentinel Review

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We use it as a central SIM to collect all of these security alerts from our customers. It overcomes the fact that you need some sort of way to centrally collect it, so the SIM will be your central collector.

Pros

  • I think the unification integration really, really works well with Microsoft Defender.

Cons

  • I would say it could improve in collecting network logs better at a lower cost with better integration, easier integration. So the support for collection of network logs would be something they should approve.

Likelihood to Recommend

If a company has a Microsoft First strategy and is very much already in the cloud, then Sentinel is well positioned.

VU
Verified User
Director in Information Technology (201-500 employees)
Vetted Review
Microsoft Sentinel
6 years of experience

Microsoft Sentinel Review

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

The business problem is that you have a lot of threats that could come from the cloud and also on premise on really any device that is logging into your domain as company. So with Sentinel you could be aware of any signal that could mean or could imply that you are under an attack. So you could correlate several events from several devices or from several kind of inputs to identify a threat. And if you have this configure on the Pro, you could take action or send an alert to the responsible

Pros

  • I think that you have a lot of, for example, an incoming attack you could release on real time and if you configure an action that must be taken, you could be sure that the action will be taken automatically no matter the time or no matter if someone is checking the platform exactly at that moment.

Cons

  • I think that the price is always a consideration because it's based on consumption. So a change in the price model will be a good point for mid-size and large companies.

Likelihood to Recommend

I think that the pro is well suited for a complex environment for a big organization that has people that has a mid-size cybersecurity team in place. And it's less appropriate if you are a not so big company because the budget could be important. Barrier to adopt it right on the right way

VU
Verified User
Representative in Sales (11-50 employees)
Vetted Review
Microsoft Sentinel
2 years of experience

Microsoft Sentinel Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Sentinel is an CM two to monitoring and send alerts for the incident information security alerts and consolidate many source to detect many threats and many alerts

Pros

  • It's not having capacity to integrate or ingest many source of the information like to XDR and servers and many products to security firewalls on all firewalls. And they have capability to integrate via all? Yes, the mean the API with another tools.

Cons

  • I think in some case don't have too easy to integrate some products. It's less products to integrate or many source of information, but it's the minimal.

Likelihood to Recommend

When the customers have all products of the Microsoft or they have an suite like to Microsoft 365, they have an close to the benefits, the less cost to ingest these sources and it's an I scenario, less appropriate. Maybe when they have an G Suite or another cloud products, it's not too easy to implement.

VU
Verified User
Manager in Sales (51-200 employees)
Vetted Review
Microsoft Sentinel
4 years of experience

Microsoft Sentinel Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

The primary use case for us is as a managed service for our clients. We maintain dozens of instances in our client's Azure environments for them, and then we build detection rules, manage the configuration for them, and then respond to incidents with it.

Pros

  • It is extensible into other Azure services for customization, so it is very flexible towards adaptation and customization and support for building customizations.

Cons

  • I would like better capabilities and customizations. The UBA modules or behavioral analytics, there's some stuff there. It's not particularly well documented and we've had to figure it out on our own and it's continuing to get better, but it's been around for a long time without a lot of change. It's just recently been changing and improving, but I'd like to see UBA become more customizable and clear on how it operates.

Likelihood to Recommend

I think for all medium and large organizations, I don't have any solutions where it doesn't make a lot of sense because of its flexibility. I work primarily in medium and very large size companies and it's very good there because it's flexible and adaptable as I mentioned previously. But for small companies, which I don't do a lot of business with, there's sort of easy buttons for a lot of things. So people are able to get comfortable with it pretty quickly. So I don't have a lot of problems in that sense.

VU
Verified User
C-Level Executive (201-500 employees)
Vetted Review
Microsoft Sentinel
6 years of experience

Microsoft Sentinel Review

Rating: 6 out of 10
Incentivized

Use Cases and Deployment Scope

Sentinel for us is the core sim engine. That is where all my event logs get correlated and it is the nerve hub of my security operation center.

Pros

  • What has worked well for me and my company is this is a SaaS product, so the access and the availability from that perspective is significantly high. Integration I think was above average for most of the devices as well as the user interface is good.

Cons

  • Dashboard is not very good. Some of the interfaces and the integration needs so much more work.

Likelihood to Recommend

The product is well suited if you have a large Microsoft ecosystem, their platforms solutions are that is what you use, which we do. I think where it is less suited is where the ecosystem is broader. And if you have less than 25% or 30% of Microsoft's capabilities deployed in your environment.

RK
Rajesh Kumar
Senior Vice President in Information Technology at EXL Service (10,001+ employees)
Vetted Review
Microsoft Sentinel
1 year of experience

Microsoft Sentinel Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

At an organization we've deployed this as one of our edge security components, so any edge traffic that comes through our system has to basically propagate through the central lab. Product scope is pretty wide because it's a lot of our API traffic.

Pros

  • I would say the user experience is pretty good. It integrates very well with our Kubernetes systems.

Cons

  • I honestly can't think anything at this point.

Likelihood to Recommend

Well suited for a organization that has a lot of traffic coming in and is busy. You can't really scan every single request that comes in, so this product is really great for that. And less appropriate would be if you have very small traffic, small number of requests coming in.

VU
Verified User
Professional in Information Technology (10,001+ employees)
Vetted Review
Microsoft Sentinel
2 years of experience

Great Improvement in Our Security after Adapting to Microsoft Sentinel

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Microsoft Sentinel has helped us in Automated threat detection and action. Helped us to boost our security. Increased efficiency and security.

Pros

  • Well suited for remote and on site protection
  • Automated Threat Detection and Action
  • Virus Scanning

Cons

  • Better Price Range for small medium buisness
  • Would like to see better User Interface
  • Some kinda small dashboard to monitor

Likelihood to Recommend

Very well suited for remote and on site security services. I remember after switching to Microsoft Sentinel, we were able to catch some threats that previous vendor couldn't find. Really experience matters.

HP
Himanshu Pawar
Manager in Sales at Alorica (51-200 employees)
Vetted Review
Microsoft Sentinel
2 years of experience