We performed a comparison between Microsoft Entra ID and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Coming from a traditional on-premises Active Directory infrastructure, it is purely a SaaS platform. It is global. It is evergreen. It is always evolving. It is core to the Microsoft Ecosystem."
"When logging on to Azure AD it's pretty quick."
"I like the way it communicates to the cloud."
"It offers features that improve our security posture such as multifactor authentication, which is the second layer of protection that is used when we log into the cloud."
"The most valuable features are the Conditional Access policies, SSPR, and MFA. Another good functionality is registering enterprise applications to provide access to external parties. These four features are precious and are the most used across different use cases for various clients and projects."
"Azure Active Directory has many automation capabilities, and you can apply policies on top. You can do a lot of things with these combinations and integrate other tools like PingFederate."
"The centralized management feature is very valuable."
"It has made our work easier in that it’s simplified everything for us."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The initial setup is very simple and straightforward."
"The machine learning and artificial intelligence on offer are great."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Azure Active Directory could improve by having an authentication service for laptops or desktop computers running Mac and Linux operating systems. They currently have authentication capabilities for Microsoft Windows. Having this capability would benefit people because in today's world everybody is working from the home environment."
"I would like to see a better delegation of access. For instance, we want to allow different groups within the company to manage different elements of Azure AD, but I need more granularity in delegating access."
"Its integration with open-source applications can be improved. I know that they are working on open-source authentication methods for integration with open-source applications, but they can make it more open."
"Sometimes, the notifications and alerts are not delivered properly, and we end up missing them. Also, the overall graphical user interface needs to be improved."
"I want to see new functionalities for the active directory."
"Customers should be informed that public review features are not intended for production use."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"If any service is down, it can affect a whole region. We would need to wait on a ticket and get word from Microsoft to understand the issues. If it takes longer to resolve the issue on Microsoft's side, all we can do is wait for them to fix it."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Entra ID is rated 8.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Okta Workforce Identity and Cisco Duo, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Entra ID vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.