# Elastic Security vs Microsoft Sentinel Comparison | | Elastic Security | Microsoft Sentinel | |---|---|---| | **Star Rating** | 4.5 out of 5 | 4.4 out of 5 | | **Total Reviews** | 23 | 295 | | **Largest Market Segment** | Mid-Market (57.1% of reviews) | Enterprise (41.5% of reviews) | | **Entry Level Price** | Pay As You Go Per Month | Pay As You Go | --- ## Top Pros & Cons ### Elastic Security Pros: - Integrations (7 reviews) - Ease of Use (5 reviews) Cons: - Limitations (4 reviews) - Complex Implementation (3 reviews) ### Microsoft Sentinel Pros: - Cloud Services (4 reviews) - Easy Integrations (4 reviews) Cons: - Expensive (3 reviews) - Complex Implementation (2 reviews) --- ## Ratings Comparison | Rating | Elastic Security | Microsoft Sentinel | |---|---|---| | **Meets Requirements** | 9.2 (16 reviews) | 8.6 (228 reviews) | | **Ease of Use** | 8.8 (16 reviews) | 8.5 (234 reviews) | | **Ease of Setup** | 7.1 (13 reviews) | 8.3 (134 reviews) | | **Ease of Admin** | 7.7 (8 reviews) | 8.3 (124 reviews) | | **Quality of Support** | 8.9 (14 reviews) | 8.5 (222 reviews) | | **Has the product been a good partner in doing business?** | 9.0 (7 reviews) | 8.7 (119 reviews) | | **Product Direction (% positive)** | 10.0 (15 reviews) | 9.5 (223 reviews) | --- ## Pricing ### Elastic Security #### Entry-Level Pricing Plan: Elastic Cloud Serverless Price: Pay As You Go Per Month Description: A fully automated, usage-based platform. Ideal for variable workloads where compute scales independently from storage, requiring zero capacity planning or infrastructure management. Key Features: - No-ops management: Elastic handles all upgrades and scaling - Decoupled compute and storage scaling - Specialized VCUs for Ingest, Search, and Machine Learning [Browse all 3 editions](https://www.g2.com/products/elastic-elastic-security/pricing) #### Free Trial Yes ### Microsoft Sentinel #### Entry-Level Pricing Plan: Pay-As-You-Go Price: Pay As You Go Description: Effective Per GB Price - $2.46 Savings Over Pay as You Go: N/A Key Features: - Pay-As-You-Go [Browse all 11 editions](https://www.g2.com/products/microsoft-sentinel/pricing) #### Free Trial Yes --- ## Features Comparison By Category ### ETL Tools | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Reporting** | Not enough data | Not enough data | | **Auditing** | Not enough data | Not enough data | #### Functionality | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Extraction** | Not enough data | Not enough data | | **Transformation** | Not enough data | Not enough data | | **Loading** | Not enough data | Not enough data | | **Automation** | Not enough data | Not enough data | | **Scalability** | Not enough data | Not enough data | ### Extended Detection and Response (XDR) Platforms | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### Detection & Response | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Response Automation** | Not enough data | Not enough data | | **Threat Hunting** | Not enough data | Not enough data | | **Rule-Based Detection** | Not enough data | Not enough data | | **Real-Time Detection** | Not enough data | Not enough data | #### Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Extensibility** | Not enough data | Not enough data | | **Workflow Automation** | Not enough data | Not enough data | | **Unified Visibility** | Not enough data | Not enough data | #### Analytics | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Threat Intelligence** | Not enough data | Not enough data | | **Artificial Intelligence & Machine Learning** | Not enough data | Not enough data | | **Data Collection** | Not enough data | Not enough data | #### Agentic AI - Extended Detection and Response (XDR) Platforms | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | | **Decision Making** | Not enough data | Not enough data | #### Services - Extended Detection and Response (XDR) | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Managed Services** | Not enough data | Not enough data | ### Endpoint Detection & Response (EDR) | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### Services - Endpoint Detection & Response (EDR) | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Managed Services** | Not enough data | Not enough data | ### Incident Response | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### Response | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Resolution Automation** | Not enough data | Not enough data | | **Resolution Guidance** | Not enough data | Not enough data | | **System Isolation** | Not enough data | Not enough data | | **Threat Intelligence** | Not enough data | Not enough data | | **Incident Investigation** | Not enough data | Not enough data | #### Records | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Incident Logs** | Not enough data | Not enough data | | **Incident Reports** | Not enough data | Not enough data | #### Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Incident Alerts** | Not enough data | Not enough data | | **Incident Case Management** | Not enough data | Not enough data | | **Workflow Management** | Not enough data | Not enough data | #### Generative AI | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **AI Text Generation** | Not enough data | Not enough data | | **AI Text Summarization** | Not enough data | Not enough data | ### Cloud Security | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### Cloud Visibility | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Data Discovery** | Not enough data | Not enough data | | **Cloud Registry** | Not enough data | Not enough data | | **Cloud Gap Analytics** | Not enough data | Not enough data | #### Security | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Data Security** | Not enough data | Not enough data | | **Data loss Prevention** | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | #### Identity | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **SSO** | Not enough data | Not enough data | | **Governance** | Not enough data | Not enough data | | **User Analytics** | Not enough data | Not enough data | ### Security Information and Event Management (SIEM) | Product | Score | Reviews | |---|---|---| | **Elastic Security** | 9.8/10 | 8 | | **Microsoft Sentinel** | 8.7/10 | 189 | #### Network Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Activity Monitoring** | 9.7 (5 reviews) | 8.9 (171 reviews) | | **Asset Management** | Not enough data | 8.4 (161 reviews) | | **Log Management** | 9.8 (7 reviews) | 8.8 (166 reviews) | #### Incident Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Event Management** | Not enough data | 8.8 (170 reviews) | | **Automated Response** | Not enough data | 8.7 (165 reviews) | | **Incident Reporting** | Not enough data | 8.9 (165 reviews) | #### Security Intelligence | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Threat Intelligence** | Not enough data | 8.7 (168 reviews) | | **Vulnerability Assessment** | Not enough data | 8.3 (160 reviews) | | **Advanced Analytics** | Not enough data | 8.5 (162 reviews) | | **Data Examination** | Not enough data | 8.5 (162 reviews) | #### Agentic AI - Security Information and Event Management (SIEM) | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | | **Decision Making** | Not enough data | Not enough data | ### Endpoint Protection | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | N/A | N/A | #### System Control | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Device Control** | Not enough data | Not enough data | | **Web Control** | Not enough data | Not enough data | | **Application Control** | Not enough data | Not enough data | | **Asset Management** | Not enough data | Not enough data | | **System Isolation** | Not enough data | Not enough data | #### Vulnerability Prevention | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Endpoint Intelligence** | Not enough data | Not enough data | | **Firewall** | Not enough data | Not enough data | | **Malware Detection** | Not enough data | Not enough data | #### Security Management | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Incident Reports** | Not enough data | Not enough data | | **Security Validation** | Not enough data | Not enough data | | **Compliance ** | Not enough data | Not enough data | ### Security Orchestration, Automation, and Response (SOAR) | Product | Score | Reviews | |---|---|---| | **Elastic Security** | N/A | N/A | | **Microsoft Sentinel** | 8.5/10 | 115 | #### Automation | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Workflow Mapping** | Not enough data | 8.2 (95 reviews) | | **Workflow Automation** | Not enough data | 8.4 (100 reviews) | | **Automated Remediation** | Not enough data | 8.7 (98 reviews) | | **Log Monitoring** | Not enough data | 8.8 (101 reviews) | #### Orchestration | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Security Orchestration** | Not enough data | 8.9 (102 reviews) | | **Data Collection** | Not enough data | 8.7 (102 reviews) | | **Threat Intelligence** | Not enough data | 8.6 (99 reviews) | | **Data Visualization** | Not enough data | 8.4 (97 reviews) | #### Response | Feature | Elastic Security | Microsoft Sentinel | |---|---|---| | **Alerting** | Not enough data | 8.6 (102 reviews) | | **Performance Baselin** | Not enough data | 8.1 (94 reviews) | | **High Availability/Disaster Recovery** | Not enough data | 8.5 (92 reviews) | --- ## Categories **Shared Categories (1):** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem) **Unique to Elastic Security (4):** [ETL Tools](https://www.g2.com/categories/etl-tools), [Endpoint Detection & Response (EDR) Software](https://www.g2.com/categories/endpoint-detection-response-edr), [Extended Detection and Response (XDR) Platforms](https://www.g2.com/categories/extended-detection-and-response-xdr-platforms), [Enterprise Service Bus (ESB) Software](https://www.g2.com/categories/enterprise-service-bus-esb) **Unique to Microsoft Sentinel (2):** [Security Orchestration, Automation, and Response (SOAR) Software](https://www.g2.com/categories/security-orchestration-automation-and-response-soar), [Incident Response Software](https://www.g2.com/categories/incident-response) --- ## Reviewer Demographics ### By Company Size | Segment | Elastic Security | Microsoft Sentinel | |---|---|---| | **Small-Business** | 23.8% | 27.6% | | **Mid-Market** | 57.1% | 30.9% | | **Enterprise** | 19.0% | 41.5% | ### By Industry #### Elastic Security - **Information Technology and Services:** 42.1% - **Internet:** 10.5% - **Telecommunications:** 5.3% - **Security and Investigations:** 5.3% - **Outsourcing/Offshoring:** 5.3% - **Libraries:** 5.3% - **Government Administration:** 5.3% - **Financial Services:** 5.3% - **Computer Games:** 5.3% - **Banking:** 5.3% - **Other:** 5.3% #### Microsoft Sentinel - **Information Technology and Services:** 26.2% - **Computer & Network Security:** 15.1% - **Computer Software:** 8.5% - **Banking:** 4.1% - **Security and Investigations:** 3.7% - **Accounting:** 3.3% - **Consulting:** 2.6% - **Financial Services:** 2.6% - **Automotive:** 2.6% - **Education Management:** 1.8% - **Other:** 29.5% --- ## Alternatives ### Alternatives to Elastic Security - [Databricks](https://www.g2.com/products/databricks/reviews) — 4.6/5 stars (768 reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) — 4.7/5 stars (407 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (791 reviews) - [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) — 4.9/5 stars (883 reviews) - [Datadog](https://www.g2.com/products/datadog/reviews) — 4.4/5 stars (705 reviews) - [Workato](https://www.g2.com/products/workato/reviews) — 4.7/5 stars (755 reviews) - [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) — 4.3/5 stars (432 reviews) - [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) — 4.3/5 stars (397 reviews) - [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) — 4.7/5 stars (826 reviews) - [ThreatDown](https://www.g2.com/products/threatdown/reviews) — 4.6/5 stars (1083 reviews) ### Alternatives to Microsoft Sentinel - [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) — 4.3/5 stars (397 reviews) - [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) — 4.4/5 stars (335 reviews) - [Splunk Enterprise Security](https://www.g2.com/products/splunk-enterprise-security/reviews) — 4.3/5 stars (246 reviews) - [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews) — 4.2/5 stars (152 reviews) - [LevelBlue USM Anywhere](https://www.g2.com/products/levelblue-usm-anywhere/reviews) — 4.4/5 stars (114 reviews) - [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews) — 4.4/5 stars (74 reviews) - [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews) — 4.4/5 stars (54 reviews) - [Datadog](https://www.g2.com/products/datadog/reviews) — 4.4/5 stars (705 reviews) - [Graylog](https://www.g2.com/products/graylog/reviews) — 4.4/5 stars (119 reviews) - [KnowBe4 PhishER/PhishER Plus](https://www.g2.com/products/knowbe4-phisher-phisher-plus/reviews) — 4.6/5 stars (566 reviews) --- ## Top Discussions ### Elastic Security No discussions available for this product. ### Microsoft Sentinel - Title: [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) — 3 comments, 2 upvotes > **Top comment:** "Microsoft Sentinel, also known as Azure Sentinel, is a cloud-native security information and event management (SIEM) and security orchestration, automation,..." - Title: [If I had to have a question, I would ask if there were any plans to add linux support to this program.](https://www.g2.com/discussions/31827-if-i-had-to-have-a-question-i-would-ask-if-there-were-any-plans-to-add-linux-support-to-this-program) — 2 comments, 1 upvote > **Top comment:** "need to ask Microsoft, but since dot.net core can be installed in Linux, I believe the agent will work as it uses the .net platform. please experiment " - Title: [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) — 1 comment > **Top comment:** "easy" - Title: [Is sentinel a free service provided by Microsoft azure ?](https://www.g2.com/discussions/is-sentinel-a-free-service-provided-by-microsoft-azure) — 1 comment, 1 upvote > **Top comment:** "No" - Title: [How I able to install /integrated Azure Sentinel agents to collect data on IOT devices/ DLP/ Endpoint devices Computer / Laptops / Printers](https://www.g2.com/discussions/31797-how-i-able-to-install-integrated-azure-sentinel-agents-to-collect-data-on-iot-devices-dlp-endpoint-devices-computer-laptops-printers) — 1 comment, 1 upvote > **Top comment:** "So couple of point for IOT devices. You can leverage with IOT Hub in Azure. Most IOT devices uses C as their programming language you will probaly need to..." --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/elastic-elastic-security-vs-microsoft-sentinel)