Microsoft Sentinel Reviews

We can secure our application and service and alter system are there for unusal activities in our application.

It is very costly for the startup company are not able to use it.

We get the alert notification when non user try to access our application.

The thing I love about Microsoft Sentinel is it's advanced threat Protection, integration with Azure Services and customisable security analysis.

Dislikes:

Learn Curves

Complex Pricing Structures.

Dependency on Microsoft System

Helps to identify early threat issues so that we can avoid the loss.

Microsoft Sentinel easily intrgrates with many enterprise tools, It is user friendly platform with compatibility and versatility.

ITs cloud capabilities provide flexibility and its secured features and support option help any enterprise to increase the productivity and more over its essential for professional tasks as per market demand.

Most of the cases its taking a liittle bit deeper understanding to implement in any organization, Microsoft sentinel is currently the only SIEM solution that is entirely cloud native thats the reason most of the organizations where they have their own premises not trusting currently on cloud security hesitate to implement on their premises.

It helps us to integrate entire security devices through which we can keep our eyes on live monitoring and further its capabilities to add SOAR tools helps to escalate investigation and analysis faster .Now a days cyber war is on its peak so for understanding the behavior of traffic of any network ,activity of any user or flaws in any security system. we required this to prevent any attack in future.

Its provide proactive approach to any organization to mitigate any kind of attacks.

In current situation very few people have deep understanding over security of any organization so in that case it also helps to overcome thiis kind of issues .

User friendly interface, Threat Intelligence sharing

Integration Complexity and resource consumption

Scalability issue has helped us overcome this issue

It's allow us to create custom workbook across my data.

It's so expensive and Small companies don't buy this.

It provide integrated view of an organisation's security posture , respond to security incidents more quickly

The service is much cheaper than other products when used with Microsoft 365 E5 Licensing as a lot of the logs being recorded and processed are included. Adding extra connections to other third party services and systems is also pretty easy and quick to implement.

Firewall logs are expensive as there are so many, tuning this can be time consuming and slightly cumbersome.

Sentinel allows us to import logs across all of our security platforms to have a single view point of what is happening on End User Devices and also on the Corporate and Public Cloud Networks.

Seamless Integration along with better rate of log ingestion and compatible with multivendor security devices and along with providing compliance and security posture ratings with multiple tenants

For P1 issues there is no adherence to SLA response and resolution

With kql queries it is easy to check logs and do correlation of events. It supports multivendor security products and provides score of security posture of devices. It has inbuilt features of providing automated solutions for security events generated. It has inbuilts feautures to improve device security posture and it is up to date with recent updates in azure as it is a azure native product

It provides access to advanced threat intelligence capabilities that help to improve our security posture and prevent data breaches.

While it is quick to get up and running to a point, fine tuning Sentinel for more specific cases is a time consuming job

Providing a centrally managed security event management system

Microsoft Sentinel is easy to use and manage. It has a user-friendly interface and can be configured using a variety of tools, including PowerShell and Azure Resource Manager.

The initial setup and configuration of Microsoft Sentinel was complex and time-consuming.

Automate security tasks Microsoft Sentinel can automate many of the tasks that are involved in security analysis, such as data collection, normalization, and correlation. This can free up data engineers to focus on more strategic tasks.

Microsoft Sentinel boasts an intuitive user interface, making it easy for data scientists to navigate and interact with complex security data. The platform's design prioritizes clarity and simplicity, facilitating a smoother and more efficient experience in conducting security analyses.

Implementing Microsoft Sentinel is a straightforward process. The platform provides clear documentation and support, allowing data scientists to quickly integrate it into existing workflows. The ease of implementation ensures a faster transition to enhanced security analytics without significant disruptions.

As a data scientist, one aspect of Microsoft Sentinel that I find less favorable is the platform's learning curve, particularly when diving into advanced customizations. While the user interface is generally intuitive, delving into intricate configurations or creating highly customized queries and playbooks may require a steep learning curve.

With Microsoft Sentinel's automated incident response capabilities, I can streamline my organization's response to security incidents. I can automatically isolate compromised systems, shut down malicious processes, and send alerts to security teams, ensuring that threats are dealt with swiftly and effectively.

Additionally, Microsoft Sentinel's continuous compliance monitoring helps me stay compliant with industry-specific security regulations and standards, such as PCI DSS, HIPAA, and GDPR. The platform provides me with tools to collect and analyze audit logs, generate compliance reports, and automate compliance tasks, saving me time and effort.