Top Rated Microsoft Sentinel Alternatives
289 Microsoft Sentinel Reviews
Overall Review Sentiment for Microsoft Sentinel
Log in to view review sentiment.
Microsoft sentinel has very good capabilities to integrate the data. It is easy to connet with the ongoing security softwares and other tools also. This helps organizations to improve their security at different level. Review collected by and hosted on G2.com.
To generate custom reports using Microsoft Sentinel sometimes may be time consuming due to its dependency on KQLscript writing. If we want to combine the non microsoft data in order to generate log anaysis, it will be difficult. Additionally, learning KQL is also difficult for the new comers. Review collected by and hosted on G2.com.
Integration with almost all tools and applications. Ease of use, Implementation, migration from other solutions, User friendly and lot much capable Review collected by and hosted on G2.com.
Whenever you need to search for a rule or use case, you first need to find the proper alert name (proper naming convention) from analytics; after that, you can search for it. Review collected by and hosted on G2.com.
Microsoft provides security for endpoints , Office 365 apps , Servers etc. Their providing zero hour prevention to all of the endpoint which are configured with Microsoft endpoint security. Review collected by and hosted on G2.com.
the deployment process is very complex when configuring security for IOS device. Review collected by and hosted on G2.com.
Microsoft Sentinel seamlessly integrates with Azure security services, capturing data from different sources like VMs using the Azure monitor agent, Azure Activity log, and Azure event hub. Its built on cloud native architecture. Its a centralized monitoring system. Azure sentinel uses playbooks for automated threat response, streamlining incident handeling. Review collected by and hosted on G2.com.
Some users find the user interface challenging to navigate, understanding its features may take time. This conprehensive soltuin comes with a price tag. Review collected by and hosted on G2.com.
It's easy intergration with Azure Services and the Microsoft Security Tools. Also the pay-as-you-go model. Review collected by and hosted on G2.com.
The high costs at scale and the alert fatigue that it gets. Review collected by and hosted on G2.com.
This tool has a very good platform and user friendly to all new user as well.It is a easy to use platform and a soc monitoring tool. it's ease of implementaion makes user to use it. It has a good customer support and I have been using this tool since past years .I am frequently using this .It has good integration with other tools. Review collected by and hosted on G2.com.
The cost of this platform is little bit higher and the complexity of the tool is there. Review collected by and hosted on G2.com.
The best features of Microsoft Sentinel includes scalability, seamless integration with Microsoft products, automated incident response etc. Review collected by and hosted on G2.com.
So far there is nothing to dislike instead of the integration challenges with third party tool which are non-Microsoft tools. But it can be doable with guides or plugins. Review collected by and hosted on G2.com.
All option and log analytics are handy in single view! Well microsoft is really working on UI specially incident dashboard, new incident view section is better we can see alerts, incident timeline and previous related incident in single window which is good.
There are too much data connector in content hub which is amazing and makes our life easy to integrate new log source. Review collected by and hosted on G2.com.
Bug fixes and funtionality issue.
Recently the data connector were not visible in data connector page and we faced lot of problem in health checks.
Microsoft should build an alternate workbook to monitor all data connectors manually.
Speed issue: data query speed is low microsoft should work on that. Review collected by and hosted on G2.com.
The MS Sentinel is one of the leading cloud SIEM solution provider. The ease of integration with any 3rd party software solution and native support for all microsoft suite products is what makes it a SIEM leader in Gartner Magic quadrant. The one click deployment of MMA agents to your azure hosted VMs and on-prem workloads (using azure arc) makes it really scalable and easy to manage. The out of the box integration with almost all type of applications are an added advantage. The extensive library of detection/automation rules prepared by Microsoft security research team and community supported content makes it a very rich SIEM product in the market. Review collected by and hosted on G2.com.
Currently the feature of ingesting logs from private resources is bit complicated and expensive. Microsoft needs to come up with an connectivity model for Sentinel which enables organisations to ingest logs over private communication channel easily instead of leveraging public log analytics API. Review collected by and hosted on G2.com.
Microsoft Sentinel is a cloud-native platform so the scalability is easy. As it's a Microsoft product the integration with Sentinel is easy, while integrating Active Directory and other Microsoft-made products. With Sentinel, we can achieve centralized monitoring which gives us great visibility over IT Infrastructure. Comes with built-in SOAR and threat intel feeds which help in automation and up to date on the latest threats. Finally, it has good customer support and a friendly interface. Review collected by and hosted on G2.com.
Sentinel comes with a free tire but the cost will be added if we integrate with soar, Customization of rules can be complex to beginners and moderate false positive rate. Review collected by and hosted on G2.com.
