We performed a comparison between Microsoft Sentinel and Swimlane based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup is very simple and straightforward."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."
"Free ingestion for Azure logs (with E5 licence)"
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"We have no complaints about the features or functionality."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"It provides us with a single portal for our logs from different solutions."
"The most valuable feature of the solution is the support."
"The technical support from Swimlane is very good."
"There is room for improvement in entity behavior and the integration site."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"I think the number one area of improvement for Sentinel would be the cost."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"We'd like also a better ticketing system, which is older."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"We faced a lot of issues with the product’s stability."
"The stability of the solution has room for improvement."
"The initial setup and deployment are complex."
Microsoft Sentinel is ranked 1st in Security Orchestration Automation and Response (SOAR) with 86 reviews while Swimlane is ranked 18th in Security Orchestration Automation and Response (SOAR) with 3 reviews. Microsoft Sentinel is rated 8.2, while Swimlane is rated 7.6. The top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". On the other hand, the top reviewer of Swimlane writes "Great support, scalable, and easier to code". Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security, whereas Swimlane is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Fortinet FortiSOAR, Tines and Cyware Fusion and Threat Response. See our Microsoft Sentinel vs. Swimlane report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.