We changed our name from IT Central Station: Here's why

Microsoft Sentinel Pros

KJ
Associate Manager at a tech services company with 10,001+ employees
The machine learning and artificial intelligence on offer are great.
View full review »
Director Cybersecurity at a pharma/biotech company with 201-500 employees
We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place.
View full review »
Cloud Infrastructure and Security Consultant
There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive.
View full review »
Learn what your peers think about Microsoft Sentinel. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.
Lead Azure Sentinel Architect at a financial services firm with 10,001+ employees
The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance.
View full review »
Information Security Lead at Enerjisa Üretim
It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us.
View full review »
RF
Technical Lead at a manufacturing company with 10,001+ employees
It's pretty powerful and its performance is pretty good.
View full review »
Sr. Security Engineer at Ebryx
Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it.
View full review »
Cloud and Security Transformation Specialist at Comtact
The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources.
View full review »
Lead Consultant at Trustsec Inc.
If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications.
View full review »
Network & Security Architect at SNP Technologies, Inc.
Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.
View full review »

Microsoft Sentinel Cons

KJ
Associate Manager at a tech services company with 10,001+ employees
Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more.
View full review »
Director Cybersecurity at a pharma/biotech company with 201-500 employees
They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft.
View full review »
Cloud Infrastructure and Security Consultant
The only thing is sometimes you can have a false positive.
View full review »
Learn what your peers think about Microsoft Sentinel. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.
Lead Azure Sentinel Architect at a financial services firm with 10,001+ employees
If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies.
View full review »
Information Security Lead at Enerjisa Üretim
They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us.
View full review »
RF
Technical Lead at a manufacturing company with 10,001+ employees
If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.
View full review »
Sr. Security Engineer at Ebryx
There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds.
View full review »
Cloud and Security Transformation Specialist at Comtact
We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed.
View full review »
Lead Consultant at Trustsec Inc.
There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it.
View full review »
Network & Security Architect at SNP Technologies, Inc.
The solution could improve the playbooks.
View full review »
Learn what your peers think about Microsoft Sentinel. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.