Microsoft Sentinel Reviews

It is for tracking the logs. I'm working on automation. So, the use case basically includes logs, incidents, automation, UEBA, and endpoint integration with Office 365 Defender.

We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable.

Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex. 

I just started using it. I have just set it up.

It is stable.

It is scalable.

I haven't dealt with Microsoft's tech support. I haven't reached out to them.

It was of medium complexity. It wasn't too bad, but it can be complex because of the connectors.

I don't know yet because they gave us a 30-day test window for free. 

Because it is mainly artificial intelligence and machine learning, you would need some time to learn it. It is a good solution, and it is straightforward.

I would rate it a six out of 10. I haven't really dealt with other ones.

We are security system integrators. 

We have no complaints about the features or functionality.

Azure Sentinel, the Microsoft Azure product is, from what I understand, used for the Microsoft applications. I don't know if it works outside of the Microsoft Azure cloud.

I would like to be able to monitor applications outside of the Azure Cloud. That is one of the reasons one of the customers has multiple tools.

I have been using Azure Sentinel for approximately one year.

It's free. It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else. That'd be great if it was supporting other things.

If it's a security integrator like us, quite often people push the client into buying different vendors' products and the client already has the tool in-house. Microsoft is one of those tools that most clients already have.

Many vendors, or integrators, that we know of, are not familiar with Microsoft Sentinel product classification security. So that's one thing I would encourage both potential customers, and users, to look into what suite of products do they have with existing Microsoft accounts that they have. 

Also, the integrators should be quite familiar with all the things that are available to their clients, so they don't have to invest tons of money in other tools.

Based on having no complaints, I would rate Azure Sentinel an eight out of ten.

We use it on a public cloud. We have integrated Azure Lighthouse with Azure Sentinel Security. By integrating all of these, Azure Security Center and Azure Defender, we are providing an MSSP platform to our customers.

With other solutions, you see some restrictions for collecting the log from custom connectors. With Azure Sentinel, we do have some restrictions or sometimes we need to struggle with the connection, but there is no need to struggle with the log connection. There is 100% integration to your enterprise environment. This makes it easy to monitor and keep a track record for vulnerabilities and track whatever things are lurking in your network. They also have their custom alert tools, alerting the analytics team, where we can receive custom alerts based on our custom requirements. This has helped our organization a lot. Then with Azure Lighthouse, we can manage multiple customers with one platform, so on a single interface, we manage a number of customers that are using the Lighthouse service from the Azure.

In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store With Azure it is a built-in thing, so there is no need to go and search for another vendor or integrate your solution for the store with a third-party.

They could use some kind of workbook. There is some limitation doing the editing and creating the workbook. That would improve it. Sometimes you will find some network issue, and network error with the Azure Sentinel portal. That's the biggest drawback I found with the Sentinel. It would be great if would provide PIP platforms. They do have PI platforms but they don't have PIP.

My organization partners with Microsoft, so we are working on an MSSP with Azure.

The technical support for Azure Sentinel is quite good. You have one level up from the basic support so you will definitely get to Microsoft support directly and actually have a conversation with Microsoft technical guys for the support team and they will resolve your issues very quickly.

The setup for Azure Sentinel is very straightforward. You only need a subscription and for that subscription, you just need the admin roles. So if you are an admin and if you do have the Microsoft certification, you can make a Microsoft Azure account then it's very easy to setup and it's very easy to onboard the Sentinel.

Azure Sentinel s actually quite handy, and very adaptive to the market trends. Anyone who is looking for the same store, creating their complete security solution for their enterprise, for the effective security solution, and for data integration, they must go with the Azure Sentinel as they are going to get everything in one place. I would rate Azure Sentinel at an eight on a scale of ten.