We performed a comparison between Microsoft Sentinel and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The dashboard that allows me to view all the incidents is the most valuable feature."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The UI-based analytics are excellent."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"SolarWinds is easy to configure, and it provides timely alerts."
"The most valuable feature is the reporting."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"It supports high availability, which is very helpful."
"This tool is simple to use."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The playbook is a bit difficult and could be improved."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"It can be difficult for users who are inexperienced with the solution."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"We'd like more customization capabilities."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"There is no correlation made between log entries, so no threat information is presented."
More SolarWinds Security Event Manager Pricing and Cost Advice →
Microsoft Sentinel is ranked 2nd in Security Information and Event Management (SIEM) with 86 reviews while SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews. Microsoft Sentinel is rated 8.2, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Wazuh, IBM Security QRadar and Microsoft Defender XDR. See our Microsoft Sentinel vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
