# Microsoft Sentinel Reviews
**Vendor:** Microsoft  
**Category:** [Security Orchestration, Automation, and Response (SOAR) Software](https://www.g2.com/categories/security-orchestration-automation-and-response-soar)  
**Average Rating:** 4.4/5.0  
**Total Reviews:** 295
## About Microsoft Sentinel
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can: - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft -Respond to incidents rapidly with built-in orchestration and automation of common tasks


## Microsoft Sentinel Pros & Cons
**What users like:**

- Users value the **seamless integration with Azure** in Microsoft Sentinel, enhancing visibility and reducing onboarding effort. (4 reviews)
- Users value the **easy integrations** of Microsoft Sentinel, enjoying seamless connections within the Microsoft ecosystem. (4 reviews)
- Users value the **seamless integration and scalability** of Microsoft Sentinel, enhancing security operations with minimal effort. (4 reviews)
- Users value the **seamless integration** of Microsoft Sentinel with Azure and Microsoft tools, enhancing efficiency and visibility. (4 reviews)
- Users value the **seamless integration support** of Microsoft Sentinel, enhancing efficiency with Microsoft services and tools. (4 reviews)
- Users commend the **ease of use** of Microsoft Sentinel, facilitating quick integration and a user-friendly experience. (3 reviews)
- Scalability (3 reviews)
- Users value the **automation features** of Microsoft Sentinel, enhancing incident response and improving efficiency in threat handling. (2 reviews)
- Detection Accuracy (2 reviews)
- Incident Management (2 reviews)

**What users dislike:**

- Users highlight the **high costs** associated with Microsoft Sentinel, especially as data ingestion increases significantly. (3 reviews)
- Users find **complex implementation** of Microsoft Sentinel challenging, impacting cost management and integration with existing tools. (2 reviews)
- Users face a **complex setup** with Microsoft Sentinel, struggling with costs, KQL learning curve, and integrations. (2 reviews)
- Users experience **inefficient alerts** that lead to alert fatigue and complicate the process of finding relevant rules. (2 reviews)
- Users face **integration issues** with Microsoft Sentinel, especially when connecting to legacy systems and third-party tools. (2 reviews)
- Access Control (1 reviews)
- Alert Management (1 reviews)
- Compatibility Issues (1 reviews)
- Users find the **complexity** of Microsoft Sentinel challenging, requiring extensive training and effort for effective use. (1 reviews)
- Cost Management (1 reviews)

## Microsoft Sentinel Reviews
  ### 1. Strong Centralized Visibility and Scalable Detection for Faster SOC Response

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 15, 2026

**What do you like best about Microsoft Sentinel?**

Sentinel provides strong, centralized visibility across cloud, on-prem, and hybrid environments, which makes security monitoring and incident investigation much more efficient for SOC operations. It offers native integrations such as Entra ID, Defender CDR, and Microsoft 365 and Azure services, along with third-party integrations to ingest logs into centralized storage in the Log Analytics workspace. Another major advantage is its scalability and flexibility: because it’s cloud-based, onboarding data sources and scaling are easier compared to managing traditional on-prem SIEM infrastructure. Overall, it delivers strong detection capabilities and improves response efficiency.

**What do you dislike about Microsoft Sentinel?**

The main thing is cost management can became difficult ingestion cost and retention cost still it can be reduced based on the logs that we are ingesting the workspace.But for large organiztion it won't be compromised.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It helps us centralize security monitoring, threat detection, and incident response across cloud, on-premises, and hybrid environments. It also improves SOC efficiency by correlating data across multiple security tools into a single platform, making investigations faster and more effective.

  ### 2. Centralized Visibility with Smooth Integration

**Rating:** 4.0/5.0 stars

**Reviewed by:** Anas M. | SOC Analyst , Information Technology and Services, Small-Business (50 or fewer emp.)

**Reviewed Date:** April 14, 2026

**What do you like best about Microsoft Sentinel?**

I love the centralized visibility that Microsoft Sentinel offers as it allows me to see logs, alerts, and incidents all in one place without jumping between tools, which speeds up investigations. I really like the built-in analytics and detection rules; they're ready to use and customizable, so I don't have to start from scratch. The integration with the Microsoft ecosystem, including Azure, Microsoft 365, and Defender tools, is also super smooth and almost seamless, making onboarding easier.

**What do you dislike about Microsoft Sentinel?**

A few things with Microsoft Sentinel could definitely be improved, like cost visibility. Pricing can be confusing, especially with the data ingestion. It's easy to overshoot if you are not keeping an eye on it. And, there's a learning curve; it takes time to get comfortable writing queries. Also, while the out-of-the-box rules are helpful, you still need to fine-tune them to reduce noise.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

I use Microsoft Sentinel for monitoring and investigating security threats. It helps collect logs, detect suspicious activities, and respond to incidents faster using alerts and automation. It centralizes visibility, reduces manual work, and speeds up complex investigations.

  ### 3. Centralized, Cloud-Native Security Monitoring with Powerful Automation

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.)

**Reviewed Date:** April 10, 2026

**What do you like best about Microsoft Sentinel?**

What I like most about Microsoft Sentinel is how it delivers centralized security monitoring across multiple data sources in a cloud-native environment. It simplifies collecting, analyzing, and correlating large volumes of security logs, without the overhead of managing traditional SIEM infrastructure. The built-in analytics rules, threat intelligence integration, and playbook-based automation also help detect and respond to threats more efficiently. I’ve found its integration with other Microsoft security services especially valuable because it creates a more unified view of security incidents and helps security teams investigate and respond more quickly.

**What do you dislike about Microsoft Sentinel?**

One challenge with Microsoft Sentinel is that the initial setup and configuration can be time-consuming, especially for teams that are new to SIEM platforms or Azure services. Some analytics rules and data connectors also need careful tuning to cut down on false positives and make sure the alerts stay relevant. On top of that, the data-ingestion-based pricing model can get expensive if you collect large volumes of logs without proper filtering. For this reason, organizations should plan their log sources and retention strategy thoughtfully so they can keep costs under control while still capturing the logs they need.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel helps address the challenge of monitoring and analyzing security events across multiple systems by bringing everything into one centralized platform. Rather than managing separate security tools in isolation, it gathers logs from cloud services, endpoints, and network devices into a single environment, making investigation and analysis more straightforward. This broader, unified view improves visibility across the organization’s infrastructure and supports faster identification of potential threats. Its built-in analytics, threat intelligence, and automated response capabilities through playbooks also cut down the time needed to investigate incidents and take action. Overall, it enables security teams to strengthen threat detection, streamline incident response, and maintain a stronger security posture.

  ### 4. Powerful, with Seamless Azure and Defender Integration

**Rating:** 4.0/5.0 stars

**Reviewed by:** Dimitris K. | Security Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** April 21, 2026

**What do you like best about Microsoft Sentinel?**

KQL is a really powerful language and easy to learn. If you are an Azure customer, Sentinel is a no-brainer, as it's really easy to ingest Azure Logs. It's integration with Defender is also a great plus, not to mention for a big number of tables which are free to ingest.

**What do you dislike about Microsoft Sentinel?**

I'd prefer for the data to be normalized and not be fragmented on multiple tables, in that way. The ASIM functions mitigate this problem, but they are slow.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Sentinel is a great SIEM that allows us to quickly triage alerts and automate the triage

  ### 5. Easy Cloud-Native Setup and Scaling, but Customization Can Be Tricky

**Rating:** 3.5/5.0 stars

**Reviewed by:** Sunil R. | Cyber Security Engineer, Security and Investigations, Enterprise (> 1000 emp.)

**Reviewed Date:** April 23, 2026

**What do you like best about Microsoft Sentinel?**

Easy to start . Less setup. As it’s cloud-native, there’s no infrastructure setup and connecting data sources like Azure resources or Microsoft 365 feels pretty straightforward. In my experience scalability and maintainability were important as the environment grows over the time and Sentinel was much of less work.

**What do you dislike about Microsoft Sentinel?**

When I had to deal with customization , it felt a complex as I had to learn about analytics rules and workbooks but still not obvious about how things are working together. The learning curve was steep for my level of usage.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

The SIEM i was working on required management, when it comes to Azure Cloud , it was not required and the focus was mainly on data analysis and it being the hub helps observance and visibility .

  ### 6. Powerful Cloud-Native SIEM with Great Integration, But Cost and Complexity Can Add Up

**Rating:** 3.5/5.0 stars

**Reviewed by:** Archit J. | Cloud Security Engineer, Information Technology and Services, Mid-Market (51-1000 emp.)

**Reviewed Date:** January 07, 2026

**What do you like best about Microsoft Sentinel?**

What I appreciate most about Microsoft Sentinel is its seamless combination of SIEM and SOAR within a truly cloud-native environment. Its strong integration with the Microsoft ecosystem—particularly Azure, Entra ID, Defender, and M365—delivers immediate visibility and requires very little onboarding effort. The platform’s use of KQL empowers flexible and robust threat hunting, while the built-in analytics rules and UEBA features help to significantly reduce alert fatigue. Additionally, automation via Logic Apps enables security teams to respond more quickly and consistently, making Sentinel a highly scalable and cost-effective solution for today’s SOC operations.

**What do you dislike about Microsoft Sentinel?**

One aspect I find challenging about Microsoft Sentinel is managing costs, particularly as usage grows, because the pricing model relies heavily on the amount of data ingested and retained. While KQL is a powerful tool, it presents a learning curve for teams who are new to it, which can slow down the adoption process. In addition, implementing advanced SOAR use cases often demands considerable customization through Logic Apps, and troubleshooting these automations can be quite complex. Lastly, Sentinel tends to work best within the Microsoft ecosystem, which can be a drawback for organizations that rely on a variety of non-Microsoft security tools.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel addresses the challenge of fragmented security monitoring and delayed incident response by bringing together logs, alerts, and security operations within a unified, cloud-native SIEM and SOAR platform. By correlating data from identities, endpoints, cloud resources, and applications, it enables organizations to detect threats more quickly.

A major advantage of Sentinel is its ability to enhance security visibility and accelerate response times, even at scale. The platform minimizes alert noise through integrated analytics, UEBA, and threat intelligence, while its automation features support consistent and swift remediation. As a cloud-native solution, Sentinel scales effortlessly without the burden of managing infrastructure, allowing security teams to dedicate more time to investigation and threat hunting instead of manual monitoring.

  ### 7. Comprehensive Visibility and Seamless Azure Integration in MS Sentinel

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.)

**Reviewed Date:** November 17, 2025

**What do you like best about Microsoft Sentinel?**

We have both logs and incidents visible in MS Sentinel unlike our previous SIEM tool. Also, it is an advantage to have the visibility of other services of Azure in the Sentinel and many more.

**What do you dislike about Microsoft Sentinel?**

We don't have an RBAC option to the tables in the Sentinel like we have in the ADX. It would be great if we have these RBAC option so that we can grant permissions to specific user or group to specific tables

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It is easy to triage the security alerts from the L1 SOC. Building dashboards is easy. Microsoft has given us a default usage dashboard which is useful.
Easy for building reports in from logic apps and integrating with the Sentinel. Predefined library functions in query editor and more

  ### 8. Does Microsoft Sentinel simplifies security monitoring?

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Information Services | Enterprise (> 1000 emp.)

**Reviewed Date:** October 28, 2025

**What do you like best about Microsoft Sentinel?**

There bunch of SIEM tools available in market like Splunk, MS Sentinel and IBM QRadar. Let's see pros of MS Sentinel today:-

1. This tool is completely build on Azure and does not require on-prem infrastructure.

2. As it is deployed on Azure, it scales automatically based on the data ingestion.

3. Integration with Azure AD, Defender for Cloud and MS tools is very easy and quick.

4. It has multiple features, one of them is AI which automatically detects anomalies and correlates signals across data sources.

5. It makes use of KQL which helps in reporting and getting deep analytics with custom queries. 

6. It has very large community rules, workbooks, and playbooks available on the GitHub and Sentinel communit which makes things much easier when compared with other SIEM tools.

**What do you dislike about Microsoft Sentinel?**

1. Sentinel has a "pay as you go" pricing model  which makes it really expensive if you are ingesting lot of data.

2. Sentinel makes use of KQL (Kusto Query Language) is powerful but not intuitive for beginners needs good amount of training for a kick start.

3. Sentinel has a good amount of prebuilt connectors but when it comes to integration with legacy system it is complex process and take good amount of time.

4. When dealing with large, complex queries it may take time and consume high compute resources.

5. Once completely set up the tool and has been used over a long period they switching to another SIEM platform becomes a tedious task.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It provides a broad list of 3rd party connectors and integrates seamlessly with other microsoft products.

  ### 9. Siem with excellent capabilities to infest logs and create use cases for the Soc service

**Rating:** 3.5/5.0 stars

**Reviewed by:** Christian Noel C. | Jefe Regional de Inteligencia de Ciberseguridad | CIC |, Enterprise (> 1000 emp.)

**Reviewed Date:** August 01, 2025

**What do you like best about Microsoft Sentinel?**

Integrations with multiple cybersecurity tools

**What do you dislike about Microsoft Sentinel?**

The cost of monthly intake is a high price that is paid

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Manage security events of the company's platforms and servers

  ### 10. Microsoft Sentinel Review

**Rating:** 4.0/5.0 stars

**Reviewed by:** SHAIKH S. | Field Monitor, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 07, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft sentinel has very good capabilities to integrate the data. It is easy to connet with the ongoing security softwares and other tools also. This helps organizations to improve their security at different level.

**What do you dislike about Microsoft Sentinel?**

To generate custom reports using Microsoft Sentinel sometimes may be time consuming due to its dependency on KQLscript writing. If we want to combine the non microsoft data in order to generate log anaysis, it will be difficult. Additionally, learning KQL is also difficult for the new comers.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel help us to smoothify cyber security infrastructure. This also helps to identify the threats and replies across all the digital infrastructure.

  ### 11. Streamlining Security Operation with Azure Sentinel !!!!

**Rating:** 4.5/5.0 stars

**Reviewed by:** Anugrah Pratap S. | Technical Lead, Enterprise (> 1000 emp.)

**Reviewed Date:** November 11, 2024

**What do you like best about Microsoft Sentinel?**

Integration with almost all tools and applications. Ease of use, Implementation, migration from other solutions, User friendly and lot much capable

**What do you dislike about Microsoft Sentinel?**

Whenever you need to search for a rule or use case, you first need to find the proper alert name (proper naming convention) from analytics; after that, you can search for it.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

By the help of Microsoft or Azure Sentinel we are able to streamlined our SOC operation. Due to its vast category of tools/application with other tools, it helps most. Sentinel also has the simple and almost every level of  training /certification on its portal. That's really helpful for to train our resources.

  ### 12. Microsoft Sentinel is a Cloud-native security intelligence platform for Microsoft Azure.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Shashank G. | Cyber Security Architecture, Enterprise (> 1000 emp.)

**Reviewed Date:** July 30, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel seamlessly integrates with Azure security services, capturing data from different sources like VMs using the Azure monitor agent, Azure Activity log, and Azure event hub. Its built on cloud native architecture. Its a centralized monitoring system. Azure sentinel uses playbooks for automated threat response, streamlining incident handeling.

**What do you dislike about Microsoft Sentinel?**

Some users find the user interface challenging to navigate, understanding its features may take time. This conprehensive soltuin comes with a price tag.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft sentinel provides bird's-eye view across enterprise, ingesting security data from all the workloads.It is AI-powered threat intelligence and a rules engine help detects and investigate incidents. MS Sentinel uses playbooks for automated threat response, streamlining incident handling.

  ### 13. It's a very powerful SIEM-tool for conducting cloud security operations

**Rating:** 5.0/5.0 stars

**Reviewed by:** Luciano P. | Cybersecurity Analyst, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 17, 2025

**What do you like best about Microsoft Sentinel?**

It's easy intergration with Azure Services and the Microsoft Security Tools. Also the pay-as-you-go model.

**What do you dislike about Microsoft Sentinel?**

The high costs at scale and the alert fatigue that it gets.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Security Monitoring - giving me a view of threats, AI-analytics for threat detection, compliance reporting

  ### 14. "Microsoft Sentinel - Future of the SOC"

**Rating:** 5.0/5.0 stars

**Reviewed by:** Shital U. | Cyber Security Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** July 25, 2024

**What do you like best about Microsoft Sentinel?**

This tool has a very good platform and user friendly to all new user as well.It is a easy to use platform and a soc monitoring tool. it's ease of implementaion makes user to use it. It has a good customer support and I have been using this tool since past years .I am frequently using this .It has good integration with other tools.

**What do you dislike about Microsoft Sentinel?**

The cost of this platform is little bit higher and the complexity of the tool is there.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

This tool provides cyberthreat detection, investigation, response, and proactive hunting. it is good automation tool for the soc monitoring and operations. I have been using this tool and it is easy to use and practising.as a cyber security enthusiast you can use this tool forever.

  ### 15. Sentinel- A cloud native SIEM

**Rating:** 5.0/5.0 stars

**Reviewed by:** Siddharth Ranjan S. | Senior System Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** September 23, 2024

**What do you like best about Microsoft Sentinel?**

The best features of Microsoft Sentinel includes scalability, seamless integration with Microsoft products, automated incident response etc.

**What do you dislike about Microsoft Sentinel?**

So far there is nothing to dislike instead of the integration challenges with third party tool which are non-Microsoft tools. But it can be doable with guides or plugins.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

The major problem that Microsoft Sentinel solving is Threat Detection and Response using AI and Machine Learning. Apart from that it provides scalability and flexibility as volume of data grows. Through automated correlation rules, Sentinel reduces false positives and data overload.

  ### 16. Azure Sentinel SIEM review

**Rating:** 4.5/5.0 stars

**Reviewed by:** Himanshu P. | Cyber Security Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** February 22, 2024

**What do you like best about Microsoft Sentinel?**

All option and log analytics are handy in single view! Well microsoft is really working on UI specially incident dashboard, new incident view section is better we can see alerts, incident timeline and previous related incident in single window which is good.
There are too much data connector in content hub which is amazing and makes our life easy to integrate new log source.

**What do you dislike about Microsoft Sentinel?**

Bug fixes and funtionality issue. 
Recently the data connector were not visible in data connector page and we faced lot of problem in health checks.

Microsoft should build an alternate workbook to monitor all data connectors manually.

Speed issue: data query speed is low microsoft should work on that.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft sentinel is providing saas bases SIEM platform with tons of log integration option which solves the gap between onprem and cloud infra log centralization issue. So that we can not miss any security incident
We can easily setup whole SOC service within few clicks and all thanks to content hub with lots of data connector options which comes with analytic rules & workbooks.
It helps us to onboard new client fast in our mssp environment.

  ### 17. The most feature centric and AI driven cloud SIEM solution

**Rating:** 4.5/5.0 stars

**Reviewed by:** Manish D. | Staff Security Engineer - SecOps, Enterprise (> 1000 emp.)

**Reviewed Date:** April 11, 2024

**What do you like best about Microsoft Sentinel?**

The MS Sentinel is one of the leading cloud SIEM solution provider. The ease of integration with any 3rd party software solution and native support for all microsoft suite products is what makes it a SIEM leader in Gartner Magic quadrant. The one click deployment of MMA agents to your azure hosted VMs and on-prem workloads (using azure arc) makes it really scalable and easy to manage. The out of the box integration with almost all type of applications are an added advantage. The extensive library of detection/automation rules prepared by Microsoft security research team and community supported content makes it a very rich SIEM product in the market.

**What do you dislike about Microsoft Sentinel?**

Currently the feature of ingesting logs from private resources is bit complicated and expensive. Microsoft needs to come up with an connectivity model for Sentinel which enables organisations to ingest logs over private communication channel easily instead of leveraging public log analytics API.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

The requirement of Security information and event management is paramount for any tyoe of organisation who wants to run business security in the era of hybrid deployment architectures. MS Sentinel fits perfectly in such situation where your computing resources are spread across on-prem and cloud workloads. The ease of deploying the monitoring agents and integrating public/private SaaS solutions are super easy with the help of MS sentinel's content management interface. The rich library of out of the box integrations and detection logics reduces the workload on your SOC engineering team. The simple to use KQL query language helps to investigate your ingested logs into the platform.

  ### 18. Microsoft Sentinel: A Comprehensive SIEM & SOAR

**Rating:** 4.5/5.0 stars

**Reviewed by:** Mohammad Riyaz S. | Mid-Market (51-1000 emp.)

**Reviewed Date:** April 04, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel is a cloud-native platform so the scalability is easy. As it's a Microsoft product the integration with Sentinel is easy, while integrating Active Directory and other Microsoft-made products. With Sentinel, we can achieve centralized monitoring which gives us great visibility over IT Infrastructure. Comes with built-in SOAR and threat intel feeds which help in automation and up to date on the latest threats. Finally, it has good customer support and a friendly interface.

**What do you dislike about Microsoft Sentinel?**

Sentinel comes with a free tire but the cost will be added if we integrate with soar, Customization of rules can be complex to beginners and moderate false positive rate.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel gives good visibility over the IT Infra which will help in detecting and Responding to threats made easy. Threat intel feeds give the latest threat feeds so we can find the latest threats.

  ### 19. Security

**Rating:** 5.0/5.0 stars

**Reviewed by:** Nitheesh K. | Graduate Trainee, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 14, 2024

**What do you like best about Microsoft Sentinel?**

Mainly  for security
Microsoft sentinel is a best central hub for security where it gathers and analyse the data from various sources to detect and respond to cyber threats
Microsoft sentinel is easily connectsto other third party security tools to make it simple to set-up
It automates reptitve security tasks investigating alerts and blocking suspicious activity it reduces man power and effort and time also
Sentinel keeps informed you about threat's and always keep you one step ahead of cyber attackers

**What do you dislike about Microsoft Sentinel?**

1.It might be expensive large for organisations requires large amount of security data
2.Customising sentinel to fit some specific needs might take some time and effort 
3 configuring sentinel is little risky and may require technical expertise

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It solves problems related to threats from the cybersecurity

It responds for all cybersecurity threats

Saving time and reducing burden of security team

  ### 20. Microsoft sentinel review

**Rating:** 3.0/5.0 stars

**Reviewed by:** Mandar P. | Enterprise (> 1000 emp.)

**Reviewed Date:** November 24, 2023

**What do you like best about Microsoft Sentinel?**

Using product since last 1.4 years here are some things which I liked about the product the GUI it's one of the most moderns UI present on a Siem as its a cloud application there is no use of maintaining any underline servers, the integration with Microsoft Security services is very seamless just on a click of a button, incidents can be migrated from this products very easily, proactive threat hunting to work on the logs and there are more than 100 already available queries on the console, logs are categorised as basic and analysis to save cost on logs by just storing the least necessary logs as basic as the plan has lower cost but we cannot run offenses queries on it, the incident management view is just amazing, from mapping the entities and it even shows the whole time line of events for that entity, great workbook and dashboard section which is as modern and beautiful for any siem.the customer support is great as welland integration with Azure logic apps is the best part as automations on various levels can be done easily and there are connectors present for it.

**What do you dislike about Microsoft Sentinel?**

Integration with third party applications which have previous versions is difficult as the method giving by sentinel are not supported on the tool and needs a support request with third part OEM continously for this, log parsing for all the logs coming from syslog are a challenge qradar does better parsing than this.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Solving the issue of managing the servers and it's not my part of job Microsoft will manage it for me, there are very low changes of the application lagging. Great UI and very beginner friendly as well.

  ### 21. Securing the Future with Microsoft Sentinel

**Rating:** 4.5/5.0 stars

**Reviewed by:** AK M. | Lead Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** March 13, 2024

**What do you like best about Microsoft Sentinel?**

It provides seamless integration with other security services and products. It can handle large amount of security data and provides organizations to customize and help their security analytics. It can detect real time alerts and threats.

**What do you dislike about Microsoft Sentinel?**

It integrates well with other microsoft products but users find challenges when they have to integrate with non-microsoft products. Users with non technical background finds it difficult to use Microsoft Sentinel. Also, cost is also a concerning point for the business.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

With its capabilities related to automated incident response, the organizations can streamline the responses to security incidents.
Sentinel provides alert data and helps in solving problems related to threats.
It helps organizations meet compliance requirements and maintain cybersecurity posture.
Sentinel offers orchestration and automation which manages security operations.

  ### 22. Microsoft Sentinel: A Game-Changer in Enterprise Security Management

**Rating:** 3.5/5.0 stars

**Reviewed by:** Verified User in Security and Investigations | Small-Business (50 or fewer emp.)

**Reviewed Date:** April 07, 2024

**What do you like best about Microsoft Sentinel?**

From a user's perspective, what I appreciate most about Microsoft Sentinel is its seamless integration with other Microsoft services. This provides a unified and comprehensive view of security across the entire digital landscape of an organization. Its cloud-native nature eliminates the need for managing infrastructure, offering scalability and flexibility that's hard to match. The advanced AI and machine learning capabilities are truly impressive, helping to detect, prioritize, and investigate threats efficiently. The automated response actions and visual investigation tools are also standout features, making security management more intuitive and less time-consuming.

**What do you dislike about Microsoft Sentinel?**

While Microsoft Sentinel offers a robust set of features, it's not without its potential downsides. For one, the cost can be a barrier for some smaller organizations. Its pricing model, based on data ingestion, can make costs unpredictable if your data volumes fluctuate.

Additionally, while its integration with other Microsoft products is seamless, you might face some challenges if you're heavily using non-Microsoft solutions. The learning curve can also be steep, especially for those not familiar with Azure or query languages like Kusto Query Language (KQL).

Lastly, while AI and machine learning capabilities are a strength of Sentinel, they can also lead to a high number of false positives if not properly configured, which could potentially lead to alert fatigue.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

proactive threat monitoring
scalability
automated responses

  ### 23. Next Gen SIEM with LOTS of Functionality

**Rating:** 5.0/5.0 stars

**Reviewed by:** Akash S. | Security Lead Expert, Enterprise (> 1000 emp.)

**Reviewed Date:** March 21, 2024

**What do you like best about Microsoft Sentinel?**

What i really like is about Ecosystem of MS. As we know in Market Microsoft owns  more than 70% workspace around multiple technilogies in terms of OS, Security, And many more 
So having SIEM which is of same environement gives deep insigths of having multiple log sources connected to this SIEM plus this SIEM is now future. It gives us flexibilty with lots of diffrent technologies in Cyber world.

**What do you dislike about Microsoft Sentinel?**

Nothing Major i would say
Only thing which i think is now a days people didnt want complexity in integration with other log source, somehow in coming days people will understand its feature over easibility

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

As Ecosystem it helps me in understanding use case easily

  ### 24. Azure Sentinel SIEM

**Rating:** 5.0/5.0 stars

**Reviewed by:** Rajat s. | SOC Specialist (SIEM SME), Enterprise (> 1000 emp.)

**Reviewed Date:** January 06, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel easily intrgrates with many enterprise tools, It is user friendly platform with compatibility and versatility.
ITs cloud capabilities provide flexibility and its secured features and support option help any enterprise to increase the productivity and more over its essential for professional tasks as per market demand.

**What do you dislike about Microsoft Sentinel?**

Most of the cases its taking a liittle bit deeper understanding to implement in any organization, Microsoft sentinel is currently the only SIEM solution that is entirely cloud native thats the reason most of the organizations where they have their own premises not trusting currently on cloud security hesitate to implement on their premises.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It helps us to integrate entire security devices through which we can keep our eyes on live monitoring and further its capabilities to add SOAR tools helps to escalate investigation and analysis faster .Now a days cyber war is on its peak so for understanding the behavior of traffic of any network ,activity of any user or flaws in any security system. we required this to prevent any attack in future. 
Its provide proactive approach to any organization to mitigate any kind of attacks. 
In current situation very few people have deep understanding over security of any organization so in that case it also helps to overcome thiis kind of issues .

  ### 25. Cloud-native security information and event management (SIEM)

**Rating:** 4.0/5.0 stars

**Reviewed by:** Ashish K. | Graduate Trainee, Mid-Market (51-1000 emp.)

**Reviewed Date:** May 26, 2024

**What do you like best about Microsoft Sentinel?**

I like Microsoft Sentinel because it works well with Azure, finds threats quickly, and can automate actions to keep systems safe.

**What do you dislike about Microsoft Sentinel?**

I dislike that because Microsoft Sentinel can be hard to set up and can be expensive.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel solves the problem of detecting and responding to security threats. It benefits by providing real-time threat detection, automated response, and enhanced visibility for security posture, helping to protect my system and data more effectively.

  ### 26. Microsoft sentinel review

**Rating:** 5.0/5.0 stars

**Reviewed by:** shakr A. | Cybersecurity Analyst (Offensive & Incident Response) , Mid-Market (51-1000 emp.)

**Reviewed Date:** August 26, 2024

**What do you like best about Microsoft Sentinel?**

Automation , threat intelligent , hunting capability

**What do you dislike about Microsoft Sentinel?**

Some complexity in playbook creation  ,and its not on-prime and very costly

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Proactive detection of a hidden threats

  ### 27. A very dependable application on data security

**Rating:** 4.5/5.0 stars

**Reviewed by:** Akhilesh S. | Small-Business (50 or fewer emp.)

**Reviewed Date:** March 22, 2024

**What do you like best about Microsoft Sentinel?**

In addition to working well with other Microsoft products, this app also comes with playbooks and automation. These tools help make tasks easier and faster by following preset steps and responding automatically to security alerts.

**What do you dislike about Microsoft Sentinel?**

If you're not used to Microsoft products, you might need to learn about the KQL language to make custom searches and alerts. But don't worry, there are cheat sheets online to help you out.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel is designed to solve/address the various cybersecurity challenges by providing advanced threat detection, investigation, and response capabilities. 

The benefits of Microsoft Sentinel include:

Improved Security Posture
Efficiency
Integration

  ### 28. Great product with little extra cost with an M365 E5 License

**Rating:** 5.0/5.0 stars

**Reviewed by:** Peter M. | IT Support Co-ordinator, Mid-Market (51-1000 emp.)

**Reviewed Date:** January 04, 2024

**What do you like best about Microsoft Sentinel?**

The service is much cheaper than other products when used with Microsoft 365 E5 Licensing as a lot of the logs being recorded and processed are included.  Adding extra connections to other third party services and systems is also pretty easy and quick to implement.

**What do you dislike about Microsoft Sentinel?**

Firewall logs are expensive as there are so many, tuning this can be time consuming and slightly cumbersome.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Sentinel allows us to import logs across all of our security platforms to have a single view point of what is happening on End User Devices and also on the Corporate and Public Cloud Networks.

  ### 29. This is best cloud native data SIEM tool

**Rating:** 5.0/5.0 stars

**Reviewed by:** Aakash N. | System Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** February 12, 2024

**What do you like best about Microsoft Sentinel?**

It is easy to operate and ease it offers to work on data for the purpose of managing it using Sentinels is really awsome and one achieve the core principal of this platform easily i.e collect, detect, investigate and respond. Also the implementation it offers is so easy to understand.

**What do you dislike about Microsoft Sentinel?**

nothing to dislike much it is all around really good

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It solves the key problem of data collection then investigating and responding as per the needs.

  ### 30. SIEM Solution

**Rating:** 4.0/5.0 stars

**Reviewed by:** Anjali A. | Offensive security Analyst , Mid-Market (51-1000 emp.)

**Reviewed Date:** July 26, 2024

**What do you like best about Microsoft Sentinel?**

it has so many features to minitor real time log any analyse it.

**What do you dislike about Microsoft Sentinel?**

Overall product is good.only improve speed and interface.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Easy to setup & it can also manage hybrid environment.

  ### 31. I am user since one year

**Rating:** 5.0/5.0 stars

**Reviewed by:** Satish g. | Cloud security  engineer , Mid-Market (51-1000 emp.)

**Reviewed Date:** April 05, 2024

**What do you like best about Microsoft Sentinel?**

I started working last 9 months on sentinel it’s is very easy to understand and deployment is very easy compared to other cloud services I recommend sentinel and about services is excellent .

**What do you dislike about Microsoft Sentinel?**

I feel like costing of sentinel compares

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Security attacks and incidents it triggers very quickly.

  ### 32. Azure Sentinel solution is Microsoft's cloud based security tool that provides security information

**Rating:** 5.0/5.0 stars

**Reviewed by:** Dar A. | Microsoft Entra Id Support Engineer., Enterprise (> 1000 emp.)

**Reviewed Date:** March 22, 2024

**What do you like best about Microsoft Sentinel?**

It provides analytics and threat information across your enterprise.it also helps in collecting logs related to attacks, hunting and helps in mitigate these threat alerts by using its AI algorithm.

**What do you dislike about Microsoft Sentinel?**

It is not that user friendly,It needs a bit tranning and efforts to learn it properly.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It can help in investigation security threats.
It uses its own algorithm AI which helps to collect threat alerts.
It is cloud based tool designed by Microsoft used with Microsoft products to investigatesecurity analytics and threat intelligence across the organisation.

  ### 33. Sentinel: The Data Breach Detection Specialist

**Rating:** 4.0/5.0 stars

**Reviewed by:** Akshata D. | HR - Associate, Small-Business (50 or fewer emp.)

**Reviewed Date:** November 15, 2023

**What do you like best about Microsoft Sentinel?**

When there is a suspected data breach, Sentinel can quickly collect and analyze security data from a variety of sources to identify the source of the breach and the extent of the damage. This information can then be used to notify affected employees and take steps to remediate the breach. Sentinel can monitor employee data access logs to identify unauthorized access attempts. This information can be used to investigate potential security incidents and take steps to prevent future unauthorized access.

**What do you dislike about Microsoft Sentinel?**

Microsoft Sentinel primarily focuses on security data collection and analysis, which may not provide HR associates with a comprehensive understanding of employee behavior and potential security risks related to their data access patterns. Microsoft Sentinel's sensitivity to potential security threats may result in an overwhelming number of alerts, making it difficult for HR associates to prioritize and address critical incidents effectively.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

By providing a comprehensive view of employee data security, Sentinel can help HR associates to make informed decisions about employee data security policies and procedures.
By streamlining the incident response process, Sentinel can help HR associates to respond to incidents quickly and effectively, minimizing the impact of breaches and protecting employee data

  ### 34. Microsoft Sentinel: Unraveling Advanced Security Dynamics

**Rating:** 5.0/5.0 stars

**Reviewed by:** Surya R. | Data Engineer, Automotive, Enterprise (> 1000 emp.)

**Reviewed Date:** November 15, 2023

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel boasts an intuitive user interface, making it easy for data scientists to navigate and interact with complex security data. The platform's design prioritizes clarity and simplicity, facilitating a smoother and more efficient experience in conducting security analyses.

Implementing Microsoft Sentinel is a straightforward process. The platform provides clear documentation and support, allowing data scientists to quickly integrate it into existing workflows. The ease of implementation ensures a faster transition to enhanced security analytics without significant disruptions.

**What do you dislike about Microsoft Sentinel?**

As a data scientist, one aspect of Microsoft Sentinel that I find less favorable is the platform's learning curve, particularly when diving into advanced customizations. While the user interface is generally intuitive, delving into intricate configurations or creating highly customized queries and playbooks may require a steep learning curve.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

With Microsoft Sentinel's automated incident response capabilities, I can streamline my organization's response to security incidents. I can automatically isolate compromised systems, shut down malicious processes, and send alerts to security teams, ensuring that threats are dealt with swiftly and effectively.
Additionally, Microsoft Sentinel's continuous compliance monitoring helps me stay compliant with industry-specific security regulations and standards, such as PCI DSS, HIPAA, and GDPR. The platform provides me with tools to collect and analyze audit logs, generate compliance reports, and automate compliance tasks, saving me time and effort.

  ### 35. Sentinel works with enhanced data security as well as the capabilities.

**Rating:** 4.5/5.0 stars

**Reviewed by:** Ashu L. | Senior Analyst, Small-Business (50 or fewer emp.)

**Reviewed Date:** April 02, 2024

**What do you like best about Microsoft Sentinel?**

The best thing about Microsoft Sentinel is that it optimises the tasks more efficiently so that better decisions can be made. It also comes with playbooks and automation that makes it easier in collecting analytics.

**What do you dislike about Microsoft Sentinel?**

There's one thing that I don't like about Microsoft Sentinel which is the difficulty of using this product by non technical or non-microsoft products.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel is benefiting me in orchestrating security practices for the safety of our data and its really working as expected.

  ### 36. Sentinel for risk and Detection

**Rating:** 5.0/5.0 stars

**Reviewed by:** Sumit K. | Application Support Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** September 29, 2023

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel helps company outside risk and Detection which incoming from external sources. Best for making overall threatening alert and makes overall dashboard. Which is single solution for attack detection. Fast and secure threat response.

**What do you dislike about Microsoft Sentinel?**

AI taking all action without help humans. Taking place of workers.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel solving problems like threat detection and provide the alerts data which is not not detected previously. We have the advantage that we do not have to look for a single point of failure.  Sentinel detects all threats.  And after collecting the data it is put out.

  ### 37. Nice Tool for Monitoring

**Rating:** 4.5/5.0 stars

**Reviewed by:** Ankush V. | DevOps/SRE Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** April 16, 2024

**What do you like best about Microsoft Sentinel?**

Scalability, Integration, Automation, and Customization are the best feature as of now

**What do you dislike about Microsoft Sentinel?**

Complexity, Cost, Dependency on Azure, Documentation support is not easy

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Sentinel brings together security information from different places in the cloud and mixed environments. It creates one main place where organizations can watch and study security stuff. This makes it easier for them to see all their security stuff and find bad things faster.

  ### 38. Best SIEM as a service solution

**Rating:** 5.0/5.0 stars

**Reviewed by:** Lovkesh B. | Senior Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** May 18, 2024

**What do you like best about Microsoft Sentinel?**

Best in case if we have Azure enviornment. We can integrate all logs sources and remediation part in one click. 

It support all the enviornment that may be either all other CSP and on-premise.

It supports all logs sources

**What do you dislike about Microsoft Sentinel?**

Not much.. everything are fine..........

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Used as a SIEM and SOAR

  ### 39. Review for Microsoft Sentinel

**Rating:** 3.5/5.0 stars

**Reviewed by:** Parmar P. | Project Consultant, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 12, 2024

**What do you like best about Microsoft Sentinel?**

It helps to increase the security of digital infrastructure. Additionally, it  also provides threat identification and threat response. It is less costly than other available products.

**What do you dislike about Microsoft Sentinel?**

If one has less tehnical background then micosoft sentinel is complex for them. Due to this, it can not efficiently utilize the capabilities for the person.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Data integration in an organizational structure is easy to use. Report generation using sentinel is very efficient. It can easily be integrated with another platform to fetch and connect the data.

  ### 40. Gurdian's Gaze : A Sentinal Review

**Rating:** 3.5/5.0 stars

**Reviewed by:** Saurabh K. | Cyber Security Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** March 05, 2024

**What do you like best about Microsoft Sentinel?**

Best feature of Microsoft Sentinal is its advanced Security Analytics. It can detect and respond the security alerts in real time which helps the organisation to identify and mitigate the security risk more effectively.

**What do you dislike about Microsoft Sentinel?**

Least helpful features of Microsoft Sentinal is its complexity in setup and configuration.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinal is very effective in finding out the security alerts in real time and with most precision. This makes the organisation to find most of the security breaches and mitigated it effectively.

  ### 41. Siem friendly to use

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Consulting | Enterprise (> 1000 emp.)

**Reviewed Date:** June 04, 2024

**What do you like best about Microsoft Sentinel?**

Kusto query language is easy to learn and well documanted, veray easy connection with MS products. Good integration with logic app

**What do you dislike about Microsoft Sentinel?**

Customer support is often slow and redirected to diffrent teams.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Searching logs, generating reports

  ### 42. Microsoft Sentinel Review

**Rating:** 4.5/5.0 stars

**Reviewed by:** Prashant K. | Security Researcher 3, Small-Business (50 or fewer emp.)

**Reviewed Date:** January 09, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft Sentinel known as Azure Sentinel previously is among one of the best siem platform which have upsides like easy integrationwith azure services, based on fully cloud native architecture, supports centralized monitoring, automated incident responses and real time advanced threat detection.

**What do you dislike about Microsoft Sentinel?**

As every software cannot be totally precise, it has some downsides as well. One of the downside is difficutly in data ingestion and parsing logs. Also, complex in fine-tuning analytics and cost in-efficient.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Microsoft Sentinel is one of the leading SIEM solution which provides easy integration with Azure services, supports centralized monitoring, is highly customizable, and one of the best feature is real-time advanced threat detection.

  ### 43. Senitel review

**Rating:** 4.0/5.0 stars

**Reviewed by:** Anusha B. | Senior Infrastructure Engineer - Cloud, Mid-Market (51-1000 emp.)

**Reviewed Date:** March 20, 2024

**What do you like best about Microsoft Sentinel?**

Senitel is a service that can be used for security information, security orchestration and  automation.

The best thing is its very easy to setup. Can ignest data drom variety of sources 

In simple threat detection and analysis made easy

**What do you dislike about Microsoft Sentinel?**

Only issue i have seen is Data query speed is low this can be improvised

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

We managae huge amount of infrastructure senitel has helped us in threat detection

  ### 44. Efficient Threat Detection and Response

**Rating:** 4.5/5.0 stars

**Reviewed by:** Pranjal M. | Software Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** February 25, 2024

**What do you like best about Microsoft Sentinel?**

Threat Intelligence and automated response capabilities.

**What do you dislike about Microsoft Sentinel?**

complexity in setup and configuration, which requires additional exploration of docs.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It's efficient threat detection, automated incident response, and centralized security analytics, provides actionable insights for proactive measures which helps a lot

  ### 45. Sentinel is a brilliant tool to bolster your security

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Medical Devices | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 20, 2024

**What do you like best about Microsoft Sentinel?**

Connectors feeding in from a variety of different tools.

**What do you dislike about Microsoft Sentinel?**

The UI can be a bit overwhelming at times

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Sentinel helps us catch incidents as soon as they happen allowing us to take immediate action.

  ### 46. Enhancing Data Engineering on Azure

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.)

**Reviewed Date:** March 18, 2024

**What do you like best about Microsoft Sentinel?**

Centralized data collection which helps to ingest the data from all sources, The Adavance AI and Machine learning which helped to identify most of suspicious activities and threats.
It helped me to improve the thret visibility, alert detection also the custom workbook across the data is best.

**What do you dislike about Microsoft Sentinel?**

There is no such kind of dislike I got till now but still there one small issue which I found on fine tuning for the optimal use

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

As a data engineer, using Microsoft Sentinel for Security Orchestration, Automation, and Response (SOAR) has provided several benefits:
1. Streamlined Security Operations.
2. Enhanced Threat Detection
3.Cost-Effective Security

  ### 47. Microsoft Azure Sentinel

**Rating:** 4.5/5.0 stars

**Reviewed by:** ANKIT S. | Technical Lead - Product Development, Enterprise (> 1000 emp.)

**Reviewed Date:** April 06, 2024

**What do you like best about Microsoft Sentinel?**

1. Easy to use and implementation.
2. Corelation map is very advance for incedent analysis.
3. Integration is easy in hybrid environment as well.

**What do you dislike about Microsoft Sentinel?**

Very advance in threat detection and analysis however  I have only one issue with microsoft security tools that they are not good in analysing vulnerability.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Threat detection, analysis and reponse.

  ### 48. Microsoft Sentinel as a soar/siem service

**Rating:** 5.0/5.0 stars

**Reviewed by:** Harshit L. | Security Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** December 23, 2023

**What do you like best about Microsoft Sentinel?**

Seamless Integration along with better rate of log ingestion and compatible with multivendor security devices and along with providing compliance and security posture ratings with multiple tenants

**What do you dislike about Microsoft Sentinel?**

For P1 issues there is no adherence to SLA response and resolution

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

With kql queries it is easy to check logs and do correlation of events. It supports multivendor security products and provides score of security posture of devices. It has inbuilt features of providing automated solutions for security events generated. It has inbuilts feautures to improve device security posture and it is up to date with recent updates in azure as it is a azure native product

  ### 49. Sentinel Review

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Computer Networking | Mid-Market (51-1000 emp.)

**Reviewed Date:** January 09, 2023

**What do you like best about Microsoft Sentinel?**

The best part of using sentinel is the ease of integration with multiple log sources and querying data using custom KQL language . This help to have strong monitoring capabilities

**What do you dislike about Microsoft Sentinel?**

Sometimes sentinel platforms gives multiple errors while loading the dashboard and also running the searches . Need to refresh it multiple times to work . Apart from this it's a great soar platform

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

Detecting attackers , Monitoring the whole environment , building automation using playbooks which is helping buisness to stay safe from theat actors.  In this way it is helping.

  ### 50. Microsoft Azure sentinel is the new soar king in market.

**Rating:** 4.5/5.0 stars

**Reviewed by:** Shaswat N. | Consultant, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 09, 2024

**What do you like best about Microsoft Sentinel?**

Microsoft Azure sentinel is the new upcoming giant for soar technology. It has loads of new features and some brilliant automation techniques inside it. Any client can make use of it for building a safer environment for end-users.

**What do you dislike about Microsoft Sentinel?**

Since I have been using this platform for last 3 months, i didn't figure out any such flaws in it.

**What problems is Microsoft Sentinel solving and how is that benefiting you?**

It's wide range of integrations and feasibility.


## Microsoft Sentinel Discussions
  - [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) - 3 comments, 2 upvotes
  - [Is sentinel a free service provided by Microsoft azure ?](https://www.g2.com/discussions/is-sentinel-a-free-service-provided-by-microsoft-azure) - 1 comment, 1 upvote
  - [If I had to have a question, I would ask if there were any plans to add linux support to this program.](https://www.g2.com/discussions/31827-if-i-had-to-have-a-question-i-would-ask-if-there-were-any-plans-to-add-linux-support-to-this-program) - 2 comments, 1 upvote
  - [How I  able to install /integrated Azure Sentinel agents to collect data on IOT devices/ DLP/ Endpoint devices Computer / Laptops / Printers](https://www.g2.com/discussions/31797-how-i-able-to-install-integrated-azure-sentinel-agents-to-collect-data-on-iot-devices-dlp-endpoint-devices-computer-laptops-printers) - 1 comment, 1 upvote
  - [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) - 1 comment

- [View Microsoft Sentinel pricing details and edition comparison](https://www.g2.com/products/microsoft-sentinel/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-21+01%3A51%3A04+-0500&secure%5Bsession_id%5D=8184a9df-0beb-40ae-b7fd-c3cf942b9e78&secure%5Btoken%5D=076862f29a277820bb8e0b45e007ab4fcbf3d11c25b7401fd2e297c5d5ff0e19&format=llm_user)
## Microsoft Sentinel Integrations
  - [Check Point Harmony Email &amp; Collaboration](https://www.g2.com/products/check-point-harmony-email-collaboration/reviews)
  - [Cortex XDR](https://www.g2.com/products/palo-alto-networks-cortex-xdr/reviews)
  - [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews)
  - [FortiAnalyzer](https://www.g2.com/products/fortianalyzer/reviews)
  - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews)
  - [Microsoft Defender XDR](https://www.g2.com/products/microsoft-defender-xdr/reviews)

## Microsoft Sentinel Features
**Response**
- Resolution Automation
- Resolution Guidance
- System Isolation
- Threat Intelligence
- Incident Investigation

**Network Management**
- Activity Monitoring
- Asset Management
- Log Management

**Automation**
- Workflow Mapping
- Workflow Automation
- Automated Remediation
- Log Monitoring

**Records**
- Incident Logs
- Incident Reports

**Incident Management**
- Event Management
- Automated Response
- Incident Reporting

**Orchestration**
- Security Orchestration
- Data Collection
- Threat Intelligence
- Data Visualization

**Management**
- Incident Alerts
- Incident Case Management
- Workflow Management

**Security Intelligence**
- Threat Intelligence
- Vulnerability Assessment
- Advanced Analytics
- Data Examination

**Response**
- Alerting
- Performance Baselin
- High Availability/Disaster Recovery

**Agentic AI - Security Information and Event Management (SIEM)**
- Autonomous Task Execution
- Multi-step Planning
- Proactive Assistance
- Decision Making

**Generative AI**
- AI Text Generation
- AI Text Summarization

## Top Microsoft Sentinel Alternatives
  - [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) - 4.3/5.0 (384 reviews)
  - [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) - 4.4/5.0 (280 reviews)
  - [Splunk Enterprise Security](https://www.g2.com/products/splunk-enterprise-security/reviews) - 4.3/5.0 (222 reviews)