• Home
  • Microsoft Defender for Office 365 vs. Microsoft Sentinel

Microsoft Defender for Office 365 vs Microsoft Sentinel comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender for Office 365
Read 41 Microsoft Defender for Office 365 reviews
2,272 views|1,824 comparisons
97% willing to recommend
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
5,511 views|3,071 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Defender for Office 365 vs. Microsoft Sentinel
March 2024
Executive Summary

We performed a comparison between Microsoft Defender for Office 365 and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Office 365 vs. Microsoft Sentinel Report (Updated: March 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Nagendra Nekkala.
The automated attack disruption works well if you have a strong policy configuration
365 Defender has improved our security across multiple categories. It's effective against advanced attacks like phishing and ransomware. Defender's... Read more →
Joseph Messina
Helps save us time, streamlines event investigations, and improves our visibility
Sentinel provides us with a unified set of tools for detecting, investigating, and responding to incidents. This centralized approach offers both... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe.""Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks.""The most valuable feature of Microsoft Defender for Office 365 is the ease of use.""The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.""Microsoft Defender for Office 365 is a stable solution.""Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency.""It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself.""Since we have started using the solution, there have been fewer compromises."

More Microsoft Defender for Office 365 Pros →

"The solution offers a lot of data on events. It helps us create specific detection strategies.""There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive.""In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store""The dashboard that allows me to view all the incidents is the most valuable feature.""The pricing of the product is excellent.""The product can integrate with any device.""Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."

More Microsoft Sentinel Pros →

Cons
"The visibility for the weaknesses in the system and unauthorized access can be improved.""They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are.""We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice.""Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.""One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration.""The product must provide better malware detection.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types.""There is room for improvement with the UI."

More Microsoft Defender for Office 365 Cons →

"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers.""Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs.""When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear.""Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field.""It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."

More Microsoft Sentinel Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."

    • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Defender for Office 365?
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the… more »
    Read all 32 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:The tool's pricing is reasonable.
    Read all 26 answers   →
    What needs improvement with Microsoft Defender for Office 365?
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Read all 27 answers   →
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized by… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    Ranking
    9th
    out of 36 in Microsoft Security Suite
    Views
    2,272
    Comparisons
    1,824
    Reviews
    28
    Average Words per Review
    677
    Rating
    8.5
    6th
    out of 36 in Microsoft Security Suite
    Views
    5,511
    Comparisons
    3,071
    Reviews
    59
    Average Words per Review
    1,638
    Rating
    8.4
    Comparisons
    Also Known As
    MS Defender for Office 365
    Azure Sentinel
    Learn More
    Microsoft
    Microsoft
    Overview

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Top Industries
    REVIEWERS
    Manufacturing Company17%
    Computer Software Company17%
    Comms Service Provider13%
    Financial Services Firm7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm9%
    Manufacturing Company7%
    Government7%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise16%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise19%
    Large Enterprise51%
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    Buyer's Guide
    Microsoft Defender for Office 365 vs. Microsoft Sentinel
    March 2024
    Free Report: Microsoft Defender for Office 365 vs. Microsoft Sentinel
    Find out what your peers are saying about Microsoft Defender for Office 365 vs. Microsoft Sentinel and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    Microsoft Defender for Office 365 is ranked 9th in Microsoft Security Suite with 41 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Defender for Office 365 is rated 8.4, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Cisco Secure Email and Barracuda Email Security Gateway, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Defender for Office 365 vs. Microsoft Sentinel report.

    See our list of best Microsoft Security Suite vendors.

    We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.