Microsoft Sentinel vs SolarWinds Security Event Manager comparison

Microsoft and SolarWinds are both solutions in the Security Information and Event Management (SIEM) category. Microsoft is ranked #3 with an average rating of 8.4, while SolarWinds is ranked #20 with an average rating of 7.8. Microsoft holds a 8.7% mindshare in SIEM, compared to SolarWinds’s 0.6% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 82% of SolarWinds users who would recommend it.

Microsoft Sentinel

Read 89 Microsoft Sentinel reviews

16,740 Views
9,816 Comparison Views

93% willing to recommend

SolarWinds Security Event M...

Read 26 SolarWinds Security Event Manager reviews

2,121 Views
753 Comparison Views

82% willing to recommend

Microsoft Sentinel

SolarWinds Security Event M...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

SolarWinds Security Event Manager and Microsoft Sentinel are leading security information and event management solutions with distinct strengths. Based on user reviews and data comparisons, Microsoft Sentinel has the upper hand in features, while SolarWinds excels in pricing and customer support.

Features: SolarWinds is known for its log management, real-time event correlation, and automated threat detection. Microsoft Sentinel stands out with its integration capabilities, advanced analytics, and scalability.

Room for Improvement: SolarWinds users desire better cloud integration and enhanced reporting capabilities. Microsoft Sentinel users seek improvements in alert accuracy and customization options.

Ease of Deployment and Customer Service: SolarWinds benefits from a straightforward deployment process and strong customer support. Microsoft Sentinel has a more complex deployment but offers extensive documentation and support resources.

Pricing and ROI: SolarWinds offers a cost-effective solution with a satisfactory ROI for smaller businesses. Microsoft Sentinel has a higher upfront cost but delivers better long-term ROI due to its advanced features and scalability.

To learn more, read our detailed Microsoft Sentinel vs. SolarWinds Security Event Manager Report (Updated: December 2024).

Buyer's Guide

Microsoft Sentinel vs. SolarWinds Security Event Manager

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Microsoft Sentinel

Ranking in Security Information and Event Management (SIEM)

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th), AI-Powered Cybersecurity Platforms (5th)

SolarWinds Security Event M...

Ranking in Security Information and Event Management (SIEM)

20th

Average Rating

7.8

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 8.7%, down from 10.4% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.6%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Nitin Arora

Security Delivery Senior Analyst at Accenture

Gives us one place to investigate and respond to threats, and automation eliminates manual work

They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.

Read full review

Alex Kinyanjui

Enterprise Cloud Infrastructure Engineer at Safaricom

A stable and scalable solution that provide 24/7 monitoring

We have to protect customer data, including any PII, accessed via the internet terminal. Additionally, we need to monitor events from network devices and servers that may raise suspicion, allowing us to analyze them and determine what is occurring. SolarWinds affected your overall security costs. Considering the nature of our traffic, it has been very effective. We have proactively identified and addressed issues before they escalate into incidents. I've noticed a reduced investment in handling event-related cases with SolarWinds Security Event Manager. This reduction includes reducing human resources and the time required for teams to provide 24/7 monitoring. Consequently, there has been a significant decrease in costs. Additionally, the platform enables us to address issues before they escalate into incidents, thus preventing revenue leakage. As a result, the organization experiences reduced costs and avoids revenue leakage. Since the SolarWinds Security Event Manager implementation, the total budget allocated to security has been reduced by close to five percent. Initially, there was a heavy investment in that aspect, but we have observed this reduction in the allocated budget for the security team. Since implementing SolarWinds Security Event Manager, the team members' pressure has been reduced. They can now concentrate on more critical tasks and development, promoting growth within their department rather than solely focusing on incident monitoring. I recommend the solution. Overall, I rate the solution an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The automation feature is valuable."

"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"

"Free ingestion for Azure logs (with E5 licence)"

"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."

"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."

"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."

"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."

"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."

More Microsoft Sentinel pros

"The most valuable feature of this solution is the visibility into both attempted and failed logins."

"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."

"This tool is simple to use."

"SolarWinds is easy to configure, and it provides timely alerts."

"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."

"It's easy to build rules and actions based on the logs and event types we collect with the software."

"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."

"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."

More SolarWinds Security Event Manager pros

Cons

"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."

"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."

"The only thing is sometimes you can have a false positive."

"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."

"One key area that can be improved is by building a strong integration with our XDR platform."

"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."

"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."

"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."

More Microsoft Sentinel cons

"The company had to use a third party for the implementation of the solution."

"I think the customization area in the tool can be considered as an area of concern where improvements are required."

"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."

"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."

"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."

"It can be difficult for users who are inexperienced with the solution."

"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."

"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."

More SolarWinds Security Event Manager cons

Pricing and Cost Advice

"The are two native advantages for customers that use M365 Security and Sentinel. The first advantage is that the log or security-event ingestion into Sentinel is free. Cost-wise, they're saving a lot and that is a major advantage."

"The pay-as-you-go model is beneficial to customers."

"We only pay for the amount of data we bring in, which is fair."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Cost-wise, Sentinel is based on the volume of information being ingested, so it can be quite pricey. The ability to use strategies to control what data is being ingested is important."

"I don't know yet because they gave us a 30-day test window for free."

"The solution is expensive and there is a daily usage fee."

"The pricing isn't very high. It depends on the number of logs you have. If you're expecting to ingest 50 to 60G in a day, but you're only ingesting 20 to 25G per day at first and you have a good team to analyze the logs, then you can segregate the ingestion at under 15G."

More Microsoft Sentinel pricing and cost advice

"Licenses can only be purchased in blocks of fifty at a time."

"Licensing is on devices, so if you have many, then this may be high."

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."

"The price of SolarWinds Security Event Manager is reasonable."

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."

"The pricing model would benefit from having package deals with other SolarWinds products."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

10%

Government

Manufacturing Company

Educational Organization

78%

Computer Software Company

Financial Services Firm

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about SolarWinds Security Event Manager ?

The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.

See all answers

What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?

The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.

See all answers

What needs improvement with SolarWinds Security Event Manager ?

I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...

See all answers

Comparisons

AWS Security Hub vs Microsoft Sentinel

Compared 21% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 10% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 7% of the time

Wazuh vs Microsoft Sentinel

Compared 6% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 5% of the time

More Microsoft Sentinel Competitors

Wazuh vs SolarWinds Security Event Manager

Compared 26% of the time

Splunk Enterprise Security vs SolarWinds Security Event Manager

Compared 17% of the time

Microsoft Defender XDR vs SolarWinds Security Event Manager

Compared 12% of the time

IBM Security QRadar vs SolarWinds Security Event Manager

Compared 10% of the time

ManageEngine Log360 vs SolarWinds Security Event Manager

Compared 9% of the time

More SolarWinds Security Event Manager Competitors

Product Reports

Buyer's Guide

Microsoft Sentinel

November 2024

Download Microsoft Sentinel product report

Buyer's Guide

SolarWinds Security Event Manager

November 2024

SolarWinds Security Event Manager report

Download SolarWinds Security Event Manager product report

Also Known As

Azure Sentinel

SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager

Learn More

Microsoft

SolarWinds

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.

Buyer's Guide

Microsoft Sentinel vs. SolarWinds Security Event Manager

December 2024

Free Report: Microsoft Sentinel vs. SolarWinds Security Event Manager

Find out what your peers are saying about Microsoft Sentinel vs. SolarWinds Security Event Manager and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our Microsoft Sentinel vs. SolarWinds Security Event Manager report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.