We performed a comparison between Microsoft Defender for Cloud Apps and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The general usability of the solution is very straightforward."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"If your business requirements are relatively simple, it can get the job done."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"Defender's integration with our identity solutions is critical in our current setup."
"The most valuable feature of this solution is its monitoring."
"The product’s most valuable feature is SQL database."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The product can integrate with any device."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports."
"We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to misconfigurations. We find this challenging because it limits our options for troubleshooting an issue."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"Generally, the pricing can always be improved along with the management system."
"Sometimes the support is actually lacking."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"Microsoft Defender for Cloud Apps’s technical support services needs improvement."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Defender for Cloud Apps vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.