Try our new research platform with insights from 80,000+ expert users
Microsoft Sentinel Logo

Microsoft Sentinel Reviews

Vendor: Microsoft
4.1 out of 5
Badge Ranked 1
315 followers
Start review

What is Microsoft Sentinel?

Featured Microsoft Sentinel reviews

Microsoft Sentinel mindshare

As of March 2025, the mindshare of Microsoft Sentinel in the Security Information and Event Management (SIEM) category stands at 7.5%, down from 9.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)

PeerAnalyst reports based on Microsoft Sentinel reviews

TypeTitleDate
CategorySecurity Information and Event Management (SIEM)Mar 29, 2025Download
ProductReviews, tips, and advice from real usersMar 29, 2025Download
ComparisonMicrosoft Sentinel vs Splunk Enterprise SecurityMar 29, 2025Download
ComparisonMicrosoft Sentinel vs WazuhMar 29, 2025Download
ComparisonMicrosoft Sentinel vs IBM Security QRadarMar 29, 2025Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.34.5%96%126 interviewsAdd to research
Wazuh3.714.8%79%46 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Manufacturing Company
8%
Government
8%
University
5%
Comms Service Provider
5%
Educational Organization
4%
Retailer
4%
Healthcare Company
4%
Energy/Utilities Company
4%
Insurance Company
4%
Construction Company
3%
Non Profit
3%
Media Company
3%
Real Estate/Law Firm
2%
Legal Firm
2%
Hospitality Company
1%
Outsourcing Company
1%
Transportation Company
1%
Wholesaler/Distributor
1%
Recreational Facilities/Services Company
1%
Performing Arts
1%
Consumer Goods Company
1%
Pharma/Biotech Company
1%
Logistics Company
1%
Aerospace/Defense Firm
1%
Marketing Services Firm
1%

Compare Microsoft Sentinel with alternative products

Learn more about Microsoft Sentinel

Microsoft Sentinel customers

Related articles

Related questions

 

Microsoft Sentinel reviews

Sort by:
KrishnanKartik - PeerSpot user
Cyber Security Consultant at Inspira Enterprise
Verified user of Microsoft Sentinel
Aug 30, 2022
Every rule enriched at triggering stage, easing the job of SOC analyst

Pros

"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."

Cons

"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
RR
Head of IT and security at HN India
Verified user of Microsoft Sentinel
Sep 25, 2022
Gives granular and concise information, helps with compliance, and integrates very well with Microsoft stack

Pros

"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."

Cons

"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
Find out what your peers are saying about Microsoft Sentinel. Updated March 2025
842,651 professionals have used our research since 2012.
PeerSpot user
Senior Cloud Infrastructure Consultant at a tech services company with 201-500 employees
Verified user of Microsoft Sentinel
Oct 3, 2022
Allows us to configure what we need and monitor multiple workspaces from one portal, and saves countless amounts of money

Pros

"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."

Cons

"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
MK
IT Consultant at MAN Truck & Bus SE
Verified user of Microsoft Sentinel
Nov 24, 2024
Acts as a single point for all security events and saves time with automated threat handling

Pros

"Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower. "

Cons

"As of now, there have been only benefits. However, I am curious about potential AI integration and whether it will be affordable for us because all the compliance costs are rising with all the new features. "
AG
EXECUTIVE CONSULTANT at Freelance
Verified user of Microsoft Sentinel
Aug 14, 2023
Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond

Pros

"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."

Cons

"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems. "
Jalan Cruz - PeerSpot user
Cyber Security Analyst at CoinFlip
Verified user of Microsoft Sentinel
Aug 4, 2023
Offers good log aggregation and data connectors, but is not user-friendly

Pros

"Log aggregation and data connectors are the most valuable features."

Cons

"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
Nitin Arora - PeerSpot user
Security Delivery Senior Analyst at Accenture
Verified user of Microsoft Sentinel
Nov 30, 2022
Gives us one place to investigate and respond to threats, and automation eliminates manual work

Pros

"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible. "

Cons

"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. "
FA
Senior Cloud and Network Security Architect at a cloud solution provider with 51-200 employees
Verified user of Microsoft Sentinel
Jan 5, 2023
Comes with different playbooks you can execute with one click or program to run automatically in response to an incident

Pros

"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box. "

Cons

"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules. "
Hey, I use Microsoft Sentinel here at Bangalore International Airport Limited. Want to hear about my experience?
Nagendra Nekkala - PeerSpot user