Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
As a Microsoft partner, we receive significant discounts, making the solution affordable for us.
If a customer is already using Microsoft’s ecosystem, the ROI can be positive due to seamless integration.
Microsoft Azure was not fitting for short-term cost savings but promised a better ROI over three to five years for medium to large companies.
They are sometimes responsive, however, often issues cannot be reproduced on their end, making it challenging.
My team raised multiple support tickets for the product, and we were able to get responses from Microsoft support team.
Their response time and skill set are both good.
Their solutions' integration simplifies resolving issues compared to those caused by third-party products.
Working with a Sentinel engineer helped us tune settings effectively.
When my team needs to escalate issues to Microsoft, especially for Microsoft Sentinel, the response is fast through their French entity.
It is scalable; I evaluated the product and decided to use Defender on over 700 of our company servers.
Office 365 and Exchange are running on it, covering about 35,000 users efficiently.
As our organization uses Microsoft Azure and Defender, everything grows together, and we can integrate various features seamlessly.
Being a SaaS solution, the scalability of Microsoft Sentinel is robust.
There are compatibility issues occasionally arising with false positives when other security tools are not whitelisted in Microsoft Defender.
It is very resource-intensive, consuming a lot of memory and CPU.
I would rate the overall stability as an eight.
So far, we have not experienced any issues, and it has been stable from the beginning.
In the past two years, our team hasn't encountered any issues with the stability of Microsoft Sentinel from an operations perspective.
I need to be aware of deprecated connectors as they may disconnect, but the data continues to be sent with a need for quick adaptation.
A vulnerability I patch within 15 minutes takes 24 additional hours for an update.
The product is not stable; it often uses excessive memory and CPU, which makes it slow.
The automated remediations can be more specific.
We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel.
Currently, we are happy to have a way in the middle with not so much cost, but it would be nice to have the ability to enhance the automation of workflows based on learned incidents.
There are complexities in calculating the right pricing tier for different customers, which makes it difficult for me as a consultant during upfront pricing.
Overall, every organization wishes for cheaper options, but we look at the security side as well, so we are good for now.
For non-partners, however, the cost could be seen as higher, between seven to ten.
The pricing is reasonable, and it's included in the whole Microsoft E5 bundle, so it's all-inclusive.
Microsoft Sentinel offers more capabilities than Bastion, with a more intuitive experience.
Setting up the right cost model for customers is intricate, requiring careful consideration of various components and licensing tiers.
We already had the necessary licensing for Sentinel, so we didn't need to spend extra money.
The most valuable aspect is the kind of assessment results I get, and the recommendations provided in Microsoft products really help in taking care of the resources.
The integration with Sentinel has been one of the most valuable features for my organization.
Microsoft Defender Vulnerability Management is versatile and assesses vulnerabilities, providing detailed information on CVEs, their categories, and exploit statuses.
Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower.
The best feature of Microsoft Sentinel is its ability to unify all dashboards or functions into one modern SecOps dashboard.
The most valuable features for us include threat collection, threat detection, response, and the knowledge base for investigation.
Microsoft Defender Vulnerability Management enables organizations to identify vulnerabilities, manage patches, and fortify threat detection. It offers endpoint assessments, cloud incident management, and dynamic security through Microsoft's Security Scorecard integration.
Organizations leverage Microsoft Defender Vulnerability Management for advanced threat detection and response. It provides robust tools for vulnerability assessment and cloud incident management, integrated with Microsoft's Security Scorecard to enhance dynamic security profiling. Key features include automatic patch deployment, security configuration management, and seamless integration with Microsoft platforms, benefiting both on-prem and cloud environments. Organizations can track vulnerabilities with severity-based reports, helping manage outdated software and minimizing threat exposure.
What are the key features of Microsoft Defender Vulnerability Management?In healthcare, Microsoft Defender Vulnerability Management helps manage compliance with health regulations, while in finance, it aids in securing sensitive data from cyber threats. Manufacturing sectors benefit from its patch management, keeping operational technology systems less vulnerable to disruptions.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.