Comprehensive SEIM Solution, with Security Threat Detection and automated response.
May 29, 2024

Comprehensive SEIM Solution, with Security Threat Detection and automated response.

Ajay Sehgal | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with Microsoft Sentinel

We use Sentinel to add a layer of security. As a fintech company, we need to detect any suspicious activity and act swiftly. Sentinel helps identify and resolve security threats. In fact, as a Fintech, we need to ensure that there are many security points per industry standards, and Sentinel covers most of them.

Pros

  • It detects any suspicious activity very well.
  • They have internal MI models that are well-trained to analyze user behavior, such as if a user logs in from different locations multiple times within a short time interval.
  • We can set automation rules, e.g., to detect a particular suspicious activity, we can define a set of protocols that it will follow automatically.

Cons

  • It is very complex to integrate, and it took us three months to incorporate that, too. We first went live with partial services only.
  • Understanding curve for new employee is difficult.
  • Customizing the sensitivity of alerts is impossible (To the best of my knowledge). Hence, sometimes it gives false alerts.
  • For us it covers most of mandatory security compliance, hence positive ROI.
  • It overall increased efficiency of team.
  • Finding knowledgeable resource on this tech is tough.
We have collaborated on AWS Digital Ocean Mongo DB Logstash.
It took time to integrate all.
It is an inbuilt AI that helps analyze and categorize threats better. However, as said earlier, sometimes it can raise false alarms. Hence, we need to keep customizing it.
We have a central dashboard where we can view all security incidents. There are lots of details available for each incident, like IP address, location, etc. Overall, once set up properly, it makes life easy to handle all such incidents.
Sentinel AI makes it a better choice. Also, its flexibility and customization make it a bit more costly than other competitors.

Do you think Microsoft Sentinel delivers good value for the price?

Yes

Are you happy with Microsoft Sentinel's feature set?

Yes

Did Microsoft Sentinel live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Microsoft Sentinel go as expected?

Yes

Would you buy Microsoft Sentinel again?

Yes

If you are a small startup, you probably don't need Sentinel. However, if you know that you are going to scale, my suggestion is to plan it in advance. Also, if you have lots of compliance involved (in my case, Fintech compliance), then it is a necessary burden.

Microsoft Sentinel Feature Ratings

Security Information and Event Management (SIEM)
7.7
Centralized event and log data collection
9
Correlation
8
Event and log normalization/management
7
Deployment flexibility
6
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
8
Host and network-based intrusion detection
Not Rated
Log retention
9
Data integration/API management
8
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
7
Incident indexing/searching
Not Rated

Comments

More Reviews of Microsoft Sentinel

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Microsoft Sentinel Reviews
  4. User Review of Microsoft Sentinel