We performed a comparison between IBM Watson for Cyber Security and Sentinel based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"IBM Watson for Cyber Security is very stable."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"The customer support is very good."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The tool is simple to use."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"It makes everything easier by automating some tasks and growing with our needs."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The most valuable feature of Sentinel is the dashboard."
"The troubleshooting has room for improvement."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The product can be improved by reducing the cost to use AI machine learning."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The solution could be more user-friendly; some query languages are required to operate it."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"I would like to be able to monitor applications outside of the Azure Cloud."
"In the future, I would like to see threat intelligence included."
"They need to continue to build the AI capabilities."
"This is an expensive product, so making it more cost-effective would be an improvement."
"The dashboard could improve in IBM Watson for Cyber Security."
"I rate Sentinel a six out of ten for scalability."
"I would like to see a better reporting work structure on the dashboard."
"Log source integration with Sentinel needs to be improved."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"The dashboard and customer view should be improved"
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews while Sentinel is ranked 17th in Security Information and Event Management (SIEM) with 16 reviews. IBM Watson for Cyber Security is rated 8.0, while Sentinel is rated 7.6. The top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM, whereas Sentinel is most compared with Splunk Enterprise Security, IBM Security QRadar, Google Chronicle Suite, Wazuh and LogRhythm SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.