Exabeam vs Microsoft Sentinel comparison

Exabeam
Read 10 Exabeam reviews
  • 4,305 Views
  • 2,051 Comparison Views
80% willing to recommend
Microsoft Sentinel
Read 87 Microsoft Sentinel reviews
  • 29,130 Views
  • 16,202 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Exabeam and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Exabeam vs. Microsoft Sentinel Report (Updated: June 2024).
Buyer's Guide
Exabeam vs. Microsoft Sentinel
June 2024
Download the complete report
Helped 790,361 peers since 2012
 

Categories and Ranking

Exabeam
Ranking in Security Information and Event Management (SIEM)
28th
Ranking in Security Orchestration Automation and Response (SOAR)
13th
Average Rating
8.0
Number of Reviews
10
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Security Incident Response (7th), Threat Intelligence Platforms (21st), AI-Powered Cybersecurity Platforms (4th)
Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
2nd
Ranking in Security Orchestration Automation and Response (SOAR)
1st
Average Rating
8.2
Number of Reviews
87
Ranking in other categories
Microsoft Security Suite (5th)
 

Mindshare comparison

As of July 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Exabeam is 0.5%, down from 1.4% compared to the previous year. The mindshare of Microsoft Sentinel is 11.8%, down from 13.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
Unique Categories:
User Entity Behavior Analytics (UEBA)
4.5%
Security Incident Response
5.0%
Security Orchestration Automation and Response (SOAR)
22.4%
Microsoft Security Suite
5.5%
 

Featured Reviews

AYOUB ECH-CHKAF - PeerSpot reviewer
Jul 10, 2023
An easy-to-use solution, but its data lake features could be simple to understand
We use the solution to investigate incidents and create rules for use cases The solution provides an easy-to-use platform to create rules for use cases. The solution's data lake features could be easier to understand for end users. They should also provide detailed information about detecting…
Read full review
Sachin Paul - PeerSpot reviewer
Dec 11, 2023
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations center. Sentinel has helped improve our visibility into user and network behavior. It helps in identifying risky users, creating a watch list for specific users and their activities, which is very important. It has also been saving us time. It's a complete cloud-based solution, so there is no time wasted on setting up servers, infrastructure, et cetera. It also reduces the work involved in event investigation because it puts together detection logic through detection rules. That helps in automating incident identification.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The solution's initial setup process is easy."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The setup is not difficult. It was easy."
"It's a very user-friendly product and it's a very comprehensive technology."
"Timeline based analysis; good platform support"
More Exabeam pros
"The UI-based analytics are excellent."
"Free ingestion for Azure logs (with E5 licence)"
"The Log analytics are useful."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
More Microsoft Sentinel pros
 

Cons

"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"We still have questions surrounding hardware deployment."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"They should provide detailed information about detecting phishing emails."
"I believe if it were more flexible it would be a better product."
More Exabeam cons
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The solution should allow for a streamlined CI/CD procedure."
More Microsoft Sentinel cons
 

Pricing and Cost Advice

"There is an annual license required to use Exabeam Fusion SIEM. The price of the solution should be reduced."
"They have a great model for pricing that can be based either on user count or gigabits per day."
"Exabeam Fusion SIEM's pricing is reasonable."
"The solution is expensive."
"We must have saved some money with this product. It is a cloud-native product, and the ingestion is per GB. Every GB costs a certain amount of money. That is how the license of Microsoft Sentinel works."
"Sentinel is costly compared to other solutions, but it's fair. SIEM solutions like CrowdStrike charge based on daily log volume. They generally process a set number of logs for free before they start charging. Microsoft's pricing is clearer. It's free under five gigabytes. Some of these logs we ingest have a cost, so they don't hide it. I believe the tenant pays the price, and Microsoft helps create awareness of the cost."
"I don't know yet because they gave us a 30-day test window for free."
"From a cost point of view, it is not a cheap product. It's, like, an enterprise-level application. So if you compare it with a low-level application, it's expensive, but if you compare it with the same-level application, it's pretty much cost-effective, I think."
"The pricing isn't very high. It depends on the number of logs you have. If you're expecting to ingest 50 to 60G in a day, but you're only ingesting 20 to 25G per day at first and you have a good team to analyze the logs, then you can segregate the ingestion at under 15G."
"The combination of the ease of accessibility and the free cost of the service is great. But we buy storage based on our events per second and on how many sources are integrated into the solution."
"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
"Some of the licensing models can be a little bit difficult to understand and confusing at times, but overall it's a reasonable licensing model compared to some other SIEMs that charge you a lot per data."
More Microsoft Sentinel pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
790,361 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
Manufacturing Company
8%
Government
8%
Computer Software Company
16%
Financial Services Firm
10%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
See all answers
What do you like most about Exabeam Fusion SIEM?
The solution's initial setup process is easy.
See all answers
What is your experience regarding pricing and costs for Exabeam Fusion SIEM?
The solution is expensive.
See all answers
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
 

Comparisons

IBM Security QRadar vs Exabeam Logo
IBM Security QRadar vs Exabeam
Compared 10% of the time
Splunk User Behavior Analytics vs Exabeam Logo
Splunk User Behavior Analytics vs Exabeam
Compared 9% of the time
Palo Alto Networks Cortex XSOAR vs Exabeam Logo
Palo Alto Networks Cortex XSOAR vs Exabeam
Compared 9% of the time
Splunk Enterprise Security vs Exabeam Logo
Splunk Enterprise Security vs Exabeam
Compared 8% of the time
Cortex XSIAM vs Exabeam Logo
Cortex XSIAM vs Exabeam
Compared 6% of the time
More Exabeam Competitors
AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 17% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 11% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Elastic Security vs Microsoft Sentinel Logo
Elastic Security vs Microsoft Sentinel
Compared 5% of the time
Splunk Enterprise Security vs Microsoft Sentinel Logo
Splunk Enterprise Security vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
 

Product Reports

Buyer's Guide
Exabeam
June 2024
Exabeam reportDownload Exabeam product report
Buyer's Guide
Microsoft Sentinel
June 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
 

Also Known As

No data available
Azure Sentinel
 

Learn More

Exabeam
Microsoft
 

Overview

Exabeam Fusion is a cloud-delivered solution that that enables you to:

-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

 

Sample Customers

Hulu, ADP, Safeway, BBCN Bank
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Buyer's Guide
Exabeam vs. Microsoft Sentinel
June 2024
Free Report: Exabeam vs. Microsoft Sentinel
Find out what your peers are saying about Exabeam vs. Microsoft Sentinel and other solutions. Updated: June 2024.
DOWNLOAD NOW
790,361 professionals have used our research since 2012.
See our Exabeam vs. Microsoft Sentinel report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.