Microsoft Sentinel is used both as siem and soar solution in our customer environment . We are also sending logs from Microsoft Sentinel to prisma. We are running kql queries on Microsoft Sentinel to do threat hunting

Pros

siem solution
automation with runbooks
soar solution
compatible with other vendor solution
providing compliance

Cons

ticketing system
other third party app should also be compatible
pricing
better features for hybrid cloud

Likelihood to Recommend

It is well suited where the infrastructure is totally on azure cloud and it is less appropriate when used in hybrid cloud

Harshit Lal

security consultant in Information Technology at wipro (Information Services, 10,001+ employees)

Vetted Review

1 year of experience

Verified on LinkedIn

Review of Microsoft Sentinel

Rating: 8 out of 10

Incentivized

October 2, 2023

Use Cases and Deployment Scope

Microsoft Sentinel is currently being used as our one stop where our team monitors all alerts we get on our Azure resources. Since everything is on a single platform it makes it easier to keep a track and prioritise on the alerts.

Pros

Threat Detection and faster Analysis
Security Automation and architecture improvement

Cons

Onboarding and integration with client/our system can be simplified so that it can be used by everyone.
Integration takes longer if software is hosted outside.
The logs of softwares hosted in-house has room for improvement

Likelihood to Recommend

It is good for real-time monitoring, detection of cyber threats. Microsoft Sentinel is not very recommended if you have the software hosted outside.

Verified User

Account Manager in Customer Service (Internet company, 51-200 employees)

Vetted Review

1 year of experience

Loading Reviews List....