Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
As a Microsoft partner, we receive significant discounts, making the solution affordable for us.
Microsoft Azure was not fitting for short-term cost savings but promised a better ROI over three to five years for medium to large companies.
They are sometimes responsive, however, often issues cannot be reproduced on their end, making it challenging.
My team raised multiple support tickets for the product, and we were able to get responses from Microsoft support team.
Their response time and skill set are both good.
Their solutions' integration simplifies resolving issues compared to those caused by third-party products.
When my team needs to escalate issues to Microsoft, especially for Microsoft Sentinel, the response is fast through their French entity.
Working with a Sentinel engineer helped us tune settings effectively.
It is scalable; I evaluated the product and decided to use Defender on over 700 of our company servers.
Office 365 and Exchange are running on it, covering about 35,000 users efficiently.
As our organization uses Microsoft Azure and Defender, everything grows together, and we can integrate various features seamlessly.
There are compatibility issues occasionally arising with false positives when other security tools are not whitelisted in Microsoft Defender.
It is very resource-intensive, consuming a lot of memory and CPU.
I would rate the overall stability as an eight.
So far, we have not experienced any issues, and it has been stable from the beginning.
In the past two years, our team hasn't encountered any issues with the stability of Microsoft Sentinel from an operations perspective.
Sentinel's stability is great.
A vulnerability I patch within 15 minutes takes 24 additional hours for an update.
The product is not stable; it often uses excessive memory and CPU, which makes it slow.
A potential improvement could be the introduction of a more advanced AI agent, possibly a large language model with better performance than the existing Microsoft Copilot.
We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel.
Currently, we are happy to have a way in the middle with not so much cost, but it would be nice to have the ability to enhance the automation of workflows based on learned incidents.
We choose other solutions for basic monitoring due to better cost opportunities.
Overall, every organization wishes for cheaper options, but we look at the security side as well, so we are good for now.
For non-partners, however, the cost could be seen as higher, between seven to ten.
The pricing is reasonable, and it's included in the whole Microsoft E5 bundle, so it's all-inclusive.
Microsoft Sentinel offers more capabilities than Bastion, with a more intuitive experience.
We already had the necessary licensing for Sentinel, so we didn't need to spend extra money.
The integration with SIEM is the best, specifically the native integration with Microsoft SIEM.
Microsoft Defender Vulnerability Management provides regular advisories and recommendations that help improve our security posture.
The recommendations, scores, and steps to remediate actions are highly useful.
Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower.
The most valuable features for us include threat collection, threat detection, response, and the knowledge base for investigation.
Microsoft Defender Vulnerability Management enables organizations to identify vulnerabilities, manage patches, and fortify threat detection. It offers endpoint assessments, cloud incident management, and dynamic security through Microsoft's Security Scorecard integration.
Organizations leverage Microsoft Defender Vulnerability Management for advanced threat detection and response. It provides robust tools for vulnerability assessment and cloud incident management, integrated with Microsoft's Security Scorecard to enhance dynamic security profiling. Key features include automatic patch deployment, security configuration management, and seamless integration with Microsoft platforms, benefiting both on-prem and cloud environments. Organizations can track vulnerabilities with severity-based reports, helping manage outdated software and minimizing threat exposure.
What are the key features of Microsoft Defender Vulnerability Management?In healthcare, Microsoft Defender Vulnerability Management helps manage compliance with health regulations, while in finance, it aids in securing sensitive data from cyber threats. Manufacturing sectors benefit from its patch management, keeping operational technology systems less vulnerable to disruptions.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
