.png){kind=small}
What is Microsoft Sentinel?
Modernize your security operations center (SOC) with Microsoft Sentinel. Uncover sophisticated threats and respond decisively with an intelligent, comprehensive security information and event management (SIEM) solution for proactive threat detection, investigation, and response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing costs as much as 48 percent compared to legacy SIEM solutions.
Company Details
Need Assistance?
We're here to help you with understanding our reports and the data inside to help you make decisions.
Get AssistanceMicrosoft Sentinel Ratings
Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard
to access more information on Microsoft Sentinel.
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
86 Likeliness to Recommend
98 Plan to Renew
78 Satisfaction of Cost Relative to Value
Emotional Footprint Overview
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
+85 Net Emotional Footprint
The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.
How much do users love Microsoft Sentinel?
Pros
- Security Protects
- Performance Enhancing
- Reliable
- Enables Productivity
How to read the Emotional Footprint
The Net Emotional Footprint measures high-level user sentiment towards particular product offerings. It aggregates emotional response ratings for various dimensions of the vendor-client relationship and product effectiveness, creating a powerful indicator of overall user feeling toward the vendor and product.
While purchasing decisions shouldn't be based on emotion, it's valuable to know what kind of emotional response the vendor you're considering elicits from their users.
Footprint
Negative
Neutral
Positive
Feature Ratings
Security Threat Visibility
Scalability and Network Performance
Analytics and Reporting
Incident Management and Remediation
Data Security and Retention
Orchestration Automation and Response (NG)
Artificial Intelligence / Machine Learning
Big Data Analytics
Threat Intelligence
Log Collection
Correlation
Vendor Capability Ratings
Ease of Implementation
Quality of Features
Breadth of Features
Ease of IT Administration
Ease of Data Integration
Usability and Intuitiveness
Business Value Created
Product Strategy and Rate of Improvement
Ease of Customization
Vendor Support
Availability and Quality of Training
Microsoft Sentinel Reviews
Paarth S.
- Role: Information Technology
- Industry: Retail
- Involvement: IT Development, Integration, and Administration
Submitted Sep 2024
Robust threat detection with good analytics
Likeliness to Recommend
What differentiates Microsoft Sentinel from other similar products?
Offers a native integration with Microsoft and Azure services, great Threat Analytics and ease of Administration, also it uses KQL which is simple yet powerful language to create detection rules
What is your favorite aspect of this product?
The Threat detection and response capability via the playbooks is great , threat intelligence signals help by providing real-time data from global sources,
What do you dislike most about this product?
The Vendor Support is bit disappointing and could improve
What recommendations would you give to someone considering this product?
It's a great SIEM product , If you have Microsoft/Azure native infrastructure then it would be one of the best of option to consider.
Pros
- Reliable
- Performance Enhancing
- Enables Productivity
- Security Protects
Cons
- Vendor's Interest First
- Under Delivered
Ravikumar P.
- Role: Information Technology
- Industry: Shipping
- Involvement: IT Development, Integration, and Administration
Submitted Jan 2024
Azure Sentinel Cost-Effective Pricing Model
Likeliness to Recommend
What differentiates Microsoft Sentinel from other similar products?
Native Integration with Azure and Microsoft Services: Azure Sentinel is deeply integrated with Microsoft's cloud services, including Azure Active Directory, Office 365, and Azure Security Center. This integration allows for seamless data collection, analysis, and response across the Microsoft ecosystem. Advanced AI and Machine Learning Capabilities: Azure Sentinel leverages Microsoft's extensive experience in AI and machine learning to provide advanced threat detection and response capabilities. It uses machine learning algorithms to analyze vast amounts of data and identify potential security threats more effectively.
What is your favorite aspect of this product?
Cost-Effective Pricing Model: Azure Sentinel offers a consumption-based pricing model, which means organizations only pay for the resources they use
What do you dislike most about this product?
I don't have dislike as of now
What recommendations would you give to someone considering this product?
Understand Your Security Needs: Before adopting Azure Sentinel, assess your organization's security requirements, including the type of data you handle, regulatory compliance obligations, and potential threat landscape. Evaluate Integration with Existing Infrastructure: Determine how well Azure Sentinel integrates with your existing IT infrastructure, including cloud services, on-premises systems, and third-party security solutions. Compatibility and ease of integration are key factors to consider.
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Enables Productivity
Uday P.
- Role: Information Technology
- Industry: Engineering
- Involvement: End User of Application
Submitted Oct 2025
Powerful and Reliable EDR
Likeliness to Recommend
What differentiates Microsoft Sentinel from other similar products?
Microsoft Sentinel stands out for its seamless integration with Defender and Azure, providing unified visibility across endpoints and cloud workloads. Its AI-driven analytics and KQL-based threat hunting make detection and investigation faster. The automation through playbooks also improves incident response efficiency.
What is your favorite aspect of this product?
My favorite aspect of Microsoft Sentinel is its strong integration with Defender and other Microsoft tools, which gives complete visibility across the environment. The automation using playbooks and KQL-based threat hunting makes investigation and response much faster.
What do you dislike most about this product?
The main drawback is that Sentinel’s KQL queries have a learning curve for new users. Also, log ingestion costs can increase quickly if not properly optimized.
What recommendations would you give to someone considering this product?
I would recommend planning your data ingestion carefully to manage costs and take time to learn KQL for better threat hunting. Once configured properly, Sentinel offers excellent visibility, automation, and response capabilities.
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Performance Enhancing
