We performed a comparison between IBM Cloud Pak for Security and Microsoft Sentinel based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, Cisco, Akamai and others in Cloud and Data Center Security."The interface is good and very user-friendly."
"Log aggregation and data connectors are the most valuable features."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The automation feature is valuable."
"The features that stand out are the detection engine and its integration with multiple data sources."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Lacks sufficient technical support."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"The solution could be more user-friendly; some query languages are required to operate it."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
IBM Cloud Pak for Security is ranked 21st in Cloud and Data Center Security with 1 review while Microsoft Sentinel is ranked 1st in Security Information and Event Management (SIEM) with 85 reviews. IBM Cloud Pak for Security is rated 0.0, while Microsoft Sentinel is rated 8.2. The top reviewer of IBM Cloud Pak for Security writes "Great user-friendly interface; provides many functionalities and many free applications ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". IBM Cloud Pak for Security is most compared with IBM Security QRadar and IBM Resilient, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Elastic Security.
We monitor all Cloud and Data Center Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.