We performed a comparison between Microsoft Purview Data Loss Prevention and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can use Microsoft Purview Data Loss Prevention to manage devices and site policies."
"For Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365, I would give it a 10 out of 10. It provides all the insights and information."
"Microsoft Purview Data Loss Prevention's responses are faster. Its installation is also reliable. The security score helps with the security part."
"The product can block the uploads to cloud services."
"The product is easy to configure."
"The most valuable features are identifying sensitive data and issuing alerts."
"There's a good amount of documentation in case you run into any problems."
"It has helped our clients to reduce the time to action on insider threats because it can be integrated."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The pricing of the product is excellent."
"The initial setup is very simple and straightforward."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"There is a need for improvements, particularly in ensuring that file-based recognition is more reliable and comprehensive."
"A site can have different containers where you store data. We have always wanted to apply compliance, labels, and policies at the container level, rather than to an outer shell or at the site level. That is something we have been looking forward to and I believe Microsoft is already planning something like that."
"I would like Microsoft Purview Data Loss Prevention to be on the source code or SQL databases. It is difficult to do classification and labeling when you have a third-party source code or a third-party Oracle database. It is seamless when it comes to Microsoft documents but is not so with third-party source codes. Microsoft needs to work on it a little bit more."
"The scalability, in terms of the portal, could be more user-friendly. Sometimes I have faced difficulties in identifying the options."
"There is a lot of ambiguity when you are setting up labels, such as sensitive information labels. It is a little daunting at first if you don't have prior knowledge, and there is a little bit of a learning curve for setting up the labels. Some of the setup wizards could be more helpful from an AI perspective. They can streamline the setup through more AI technologies so that you don't have to jump through so many hoops and different menus and dropdowns. It would be useful to have a setup wizard that is more hands-off and engaging for setting up the information type labels. If you tell them this is what we're trying to protect, it should basically start to lead you down that path of best practices. Such a feature would be great."
"There is no AIP for Linux systems. That's a setback. Another thing it's lacking is libraries to work with Python. It has libraries for C# and C++, for example, but not for Python and, these days, Python is very useful."
"The platform can be challenging to navigate and has the potential for improvement."
"Microsoft Purview Data Loss Prevention's licensing is expensive."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"We are invoiced according to the amount of data generated within each log."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The on-prem log sources still require a lot of development."
More Microsoft Purview Data Loss Prevention Pricing and Cost Advice →
Microsoft Purview Data Loss Prevention is ranked 12th in Microsoft Security Suite with 13 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Purview Data Loss Prevention is rated 8.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview Data Loss Prevention writes "Automation has given us consistent analytics and improved quality of insights into user activity". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview Data Loss Prevention is most compared with Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Microsoft Intune, Amazon Macie and Zscaler DLP, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Purview Data Loss Prevention vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
