Try our new research platform with insights from 80,000+ expert users

Microsoft Purview Information Protection vs Microsoft Sentinel comparison

Microsoft Purview Information Protection and Microsoft Sentinel are both solutions in the Microsoft Security Suite category. Microsoft Purview Information Protection is ranked #21 with an average rating of 7.7, while Microsoft Sentinel is ranked #5 with an average rating of 8.4. Microsoft Purview Information Protection holds a 1.2% mindshare in Microsoft Security Suite, compared to Microsoft Sentinel’s 5.6% mindshare. Additionally, 87% of Microsoft Purview Information Protection users are willing to recommend the solution, compared to 93% of Microsoft Sentinel users who would recommend it.
Microsoft Purview Informati...
Read 7 Microsoft Purview Information Protection reviews
  • 975 Views
  • 730 Comparison Views
87% willing to recommend
Microsoft Sentinel
Read 89 Microsoft Sentinel reviews
  • 6,039 Views
  • 3,506 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Microsoft Purview Information Protection and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Purview Information Protection vs. Microsoft Sentinel Report (Updated: October 2024).
Buyer's Guide
Microsoft Purview Information Protection vs. Microsoft Sentinel
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

Microsoft Purview Informati...
Ranking in Microsoft Security Suite
21st
Average Rating
7.8
Number of Reviews
7
Ranking in other categories
Data Governance (9th), Data Privacy Management Software (3rd)
Microsoft Sentinel
Ranking in Microsoft Security Suite
5th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
89
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Security Orchestration Automation and Response (SOAR) (1st)
 

Mindshare comparison

As of November 2024, in the Microsoft Security Suite category, the mindshare of Microsoft Purview Information Protection is 1.2%, down from 1.5% compared to the previous year. The mindshare of Microsoft Sentinel is 5.6%, down from 6.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite
 

Featured Reviews

Nagendra Nekkala. - PeerSpot reviewer
Dec 15, 2023
Effectively controls and classifies sensitive information, providing robust protection for our documents and emails
When implementing Microsoft Purview Information Protection, I aimed to automatically classify sensitive data and ensure its protection. The goal was to streamline the process of identifying and securing sensitive information to enhance overall data security measures. Microsoft Purview Information Protection has significantly improved our company by ensuring data security across all locations. I no longer worry about the safety of my data, especially sensitive information. Whether it is critical or not, the system reliably protects our information without any concerns. It has saved us time overall. We are looking at a time savings of around two to three hours a day. It also helped us save money, especially considering the high cost associated with data. Ensuring that our data is secure and not at risk has translated into significant internal cost savings.
Read full review
Nitin Arora - PeerSpot reviewer
Nov 2, 2022
Gives us one place to investigate and respond to threats, and automation eliminates manual work
They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The UI is user-friendly, and I have observed that it improves further each year."
"Incorporating data loss prevention capabilities built into the Microsoft platform to endpoints, such as Windows 10 and Windows 11 computers, can also help prevent data loss and is highly advantageous."
"It ensures that sensitive data is automatically safeguarded, even for email attachments, regardless of the user or device."
"We use the solution for our customers' services. It helps identify and protect sensitive data in documents, PDFs, emails, and Teams chats to prevent data leakage. It can detect and block emails containing credit card information sent outside the organization."
"Before using it, we had a lot of unlabeled data, and the tool helped us quickly and accurately label a large number of documents."
"We can restrict access or specify who can see sensitivity labels, which can be based on the classification level. We can encrypt restricted content and limit who can see that from an internal view, too, so Purview is a powerful tool."
"I created training materials for end users on applying different labels, explaining their purposes, and providing examples. This was crucial since end users would apply the labels in different protection scenarios. The implementation helped the organization in several ways."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
More Microsoft Sentinel pros
 

Cons

"There is potential for more integration in the use of AI."
"Microsoft can improve the affordability of Purview Information Protection by offering it at a lower cost."
"Microsoft Purview Information Protection can improve in terms of scan concurrency and scan processing time."
"There is room for improvement with the policy tips feature."
"I had experience with previous versions of Microsoft Purview Information Protection as well. The new version doesn't have all the features that were present in the previous native clients and functionalities. For example, the ability to track documents - knowing where your document is, who is accessing it, when and where. You could even revoke access to a particular document if needed, which was a cool feature. These aren't available right now, although Microsoft is working on bringing them back, which might take some time."
"I wouldn't recommend Microsoft Purview Information Protection for petabytes of documents as performance might be affected."
"Our primary concern is third-party application visibility. Many people choose other DLP tools, as they can search the Office 365 suite and detect sensitive information across thousands of other apps. The product is weak compared to the competitors on the DLP front, but the classification is good; the tool needs a bit more maturation."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We'd like to see more connectors."
More Microsoft Sentinel cons
 

Pricing and Cost Advice

"The tool's pricing is not a problem for customers because they often purchase it as part of a bundle. With an E5 license, for example, users get access to the entire functionality. This is one of the main reasons why many customers are choosing Microsoft."
"The price is determined by the enterprise licensing, either the E3 or E5 licensing or the EMS plus security and other feature licensing."
"The tool's pricing is fairly low, less than 100,000 for a year."
"The product is affordable, and our clients agree. Sensitivity labels come with the MIP license at an additional $2 a month per user, an excellent deal for auto-labeling capabilities."
"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
"It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
"Microsoft Sentinel can be costly, particularly for data management."
"The pricing is based on how much you ingest, so it's pretty straightforward. There are no tiers, and you pay for what you use unlike with other types of SIEM solutions that are usually based on tiers."
"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
"Microsoft can enhance the licensing side. I feel there is confusion sometimes... They should have a single license in which we have the opportunity to use the EDR or CASB solution."
"Sentinel is fairly priced and pretty cost-effective."
"I am not involved on the financial side, but from an enterprise-wide use perspective, I think the price is good enough."
More Microsoft Sentinel pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
12%
Retailer
8%
Government
7%
Computer Software Company
16%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft Purview Information Protection?
It ensures that sensitive data is automatically safeguarded, even for email attachments, regardless of the user or device.
See all answers
What is your experience regarding pricing and costs for Microsoft Purview Information Protection?
The tool's pricing is not a problem for customers because they often purchase it as part of a bundle. With an E5 license, for example, users get access to the entire functionality. This is one of t...
See all answers
What needs improvement with Microsoft Purview Information Protection?
I had experience with previous versions of Microsoft Purview Information Protection as well. The new version doesn't have all the features that were present in the previous native clients and funct...
See all answers
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
 

Comparisons

Varonis Platform vs Microsoft Purview Information Protection Logo
Varonis Platform vs Microsoft Purview Information Protection
Compared 18% of the time
Microsoft Purview Data Governance vs Microsoft Purview Information Protection Logo
Microsoft Purview Data Governance vs Microsoft Purview Information Protection
Compared 17% of the time
Microsoft Defender XDR vs Microsoft Purview Information Protection Logo
Microsoft Defender XDR vs Microsoft Purview Information Protection
Compared 11% of the time
Securiti vs Microsoft Purview Information Protection Logo
Securiti vs Microsoft Purview Information Protection
Compared 10% of the time
Alation Data Catalog vs Microsoft Purview Information Protection Logo
Alation Data Catalog vs Microsoft Purview Information Protection
Compared 3% of the time
More Microsoft Purview Information Protection Competitors
AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 20% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 10% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 7% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Google Chronicle Suite vs Microsoft Sentinel Logo
Google Chronicle Suite vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
 

Product Reports

Buyer's Guide
Microsoft Purview Information Protection
October 2024
Microsoft Purview Information Protection reportDownload Microsoft Purview Information Protection product report
Buyer's Guide
Microsoft Sentinel
October 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
 

Also Known As

Microsoft Information Protection
Azure Sentinel
 

Learn More

Microsoft
Microsoft
 

Overview

Implement Microsoft Information Protection (MIP) to help you discover, classify, and protect sensitive information wherever it lives or travels.

MIP capabilities are included with Microsoft 365 Compliance and give you the tools to know your data, protect your data, and prevent data loss.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

 

Sample Customers

Information Not Available
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Buyer's Guide
Microsoft Purview Information Protection vs. Microsoft Sentinel
October 2024
Free Report: Microsoft Purview Information Protection vs. Microsoft Sentinel
Find out what your peers are saying about Microsoft Purview Information Protection vs. Microsoft Sentinel and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our Microsoft Purview Information Protection vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.

We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.