Microsoft Defender Threat Intelligence vs Microsoft Sentinel comparison

Microsoft Defender Threat I...
Read 29 Microsoft Defender Threat Intelligence reviews
  • 517 Views
  • 277 Comparison Views
92% willing to recommend
Microsoft Sentinel
Read 88 Microsoft Sentinel reviews
  • 5,602 Views
  • 3,212 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Microsoft Defender Threat Intelligence and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender Threat Intelligence vs. Microsoft Sentinel Report (Updated: May 2024).
Buyer's Guide
Microsoft Defender Threat Intelligence vs. Microsoft Sentinel
May 2024
Download the complete report
Helped 793,295 peers since 2012
 

Categories and Ranking

Microsoft Defender Threat I...
Ranking in Microsoft Security Suite
15th
Average Rating
8.4
Number of Reviews
29
Ranking in other categories
Advanced Threat Protection (ATP) (14th), Threat Intelligence Platforms (2nd)
Microsoft Sentinel
Ranking in Microsoft Security Suite
5th
Average Rating
8.2
Number of Reviews
88
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Security Orchestration Automation and Response (SOAR) (1st)
 

Mindshare comparison

As of July 2024, in the Microsoft Security Suite category, the mindshare of Microsoft Defender Threat Intelligence is 0.3%, down from 0.6% compared to the previous year. The mindshare of Microsoft Sentinel is 5.5%, down from 6.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite
Unique Categories:
Advanced Threat Protection (ATP)
1.8%
Threat Intelligence Platforms
1.8%
Security Information and Event Management (SIEM)
10.9%
Security Orchestration Automation and Response (SOAR)
22.4%
 

Featured Reviews

Oscar Abouchaaya - PeerSpot reviewer
Oct 3, 2023
A solution with a variety of applications bolstered by strong features and functionality
The initial setup is not complicated at all. Threat Intelligence is something engineers can develop and deploy properly. However, the initial setup's difficulty depends on the experience the engineers have with the cases that they need to deploy for, and this is where the skills come into play. The time taken to deploy the solution depends really on the scenarios. And besides this company, we deployed the solution for small projects, which took less than ten days. There is also integration with Sentinel and third-party tools, so the time to deploy Threat Intelligence depends on what's needed. The deployment, when compared to other solutions, Is not complicated and does not take much time.
Read full review
Sachin Paul - PeerSpot reviewer
Dec 11, 2023
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations center. Sentinel has helped improve our visibility into user and network behavior. It helps in identifying risky users, creating a watch list for specific users and their activities, which is very important. It has also been saving us time. It's a complete cloud-based solution, so there is no time wasted on setting up servers, infrastructure, et cetera. It also reduces the work involved in event investigation because it puts together detection logic through detection rules. That helps in automating incident identification.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Microsoft Defender Threat Intelligence assesses machines for vulnerabilities and gives remediations."
"I rate the tool's stability a ten out of ten."
"The product provides efficient email security for sending links and file attachments."
"The product is useful when the end user downloads malware files."
"The product's initial setup phase was straightforward."
"The solution is well integrated with other Microsoft security products."
"The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes."
"I value how Threat Intelligence integrates with the different platforms in Microsoft."
More Microsoft Defender Threat Intelligence pros
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Free ingestion for Azure logs (with E5 licence)"
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
More Microsoft Sentinel pros
 

Cons

"There could be AI functionality included for features like reporting and dashboard preparation."
"The product's dashboard and incident reports functionality needs enhancement."
"We encounter problems connecting the product deployed on the user endpoints with the servers."
"Having up-to-date documentation and real-time reflections in all portals would be beneficial to keep users informed about any changes. Additionally, the frequent changes in Microsoft's UI and the movement of features between different products in the set pose difficulties."
"The price of the solution is an area of concern where improvements are required. In general, the solution's price needs to be reduced."
"Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel."
"The tool's onboarding of users that use on-premise or hybrid environments needs to be improved."
"While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats."
More Microsoft Defender Threat Intelligence cons
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"I would like to see more AI used in processes."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The troubleshooting has room for improvement."
"The solution could improve the playbooks."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The product can be improved by reducing the cost to use AI machine learning."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
More Microsoft Sentinel cons
 

Pricing and Cost Advice

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a six or seven out of ten."
"The product is a part of my Microsoft 365 subscription, so there is no additional cost. It is cost-effective."
"I use the product's default version, which is a free one and not the licensed version."
"Microsoft's pricing structure involves annual fees."
"The solution's pricing is reasonable and not very expensive."
"The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost."
"The solution can be licensed, but most users would already have it in their Office 365 license."
"It's reasonably priced, though there's room for further improvement."
More Microsoft Defender Threat Intelligence pricing and cost advice
"Microsoft can enhance the licensing side. I feel there is confusion sometimes... They should have a single license in which we have the opportunity to use the EDR or CASB solution."
"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
"From a cost perspective, there are some additional charges in addition to the licensing."
"The pricing is reasonable, and we think Sentinel is worth what we pay for it."
"Sentinel is fairly priced and pretty cost-effective."
"Microsoft Sentinel is included in our E5 license."
"The price is reasonable because Sentinel includes features like user behavior analytics and SOAR that are typically sold separately. Overall, a standalone on-prem solution would require some high-end servers, and there's a different cost. It is a cloud-based solution, so there are backend cloud computing costs, but they are negligible."
"For us, it is not expensive at this time, but if we start to collect all logs from our on-premise SIEM solutions, it will cost more than QRadar. If we calculate its cost over the next five or ten years, it will cost more than what we paid for QRadar."
More Microsoft Sentinel pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
See recommendations
793,295 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
21%
Educational Organization
10%
Government
10%
Financial Services Firm
9%
Computer Software Company
17%
Financial Services Firm
10%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft Defender Threat Intelligence?
It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use.
See all answers
What needs improvement with Microsoft Defender Threat Intelligence?
I would like to see more frequent updates, which is always better for security because of daily threats.
See all answers
What is your primary use case for Microsoft Defender Threat Intelligence?
The product helps us monitor business devices for authentication and response on all endpoints, servers, passwords, and plans.
See all answers
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
 

Comparisons

VirusTotal vs Microsoft Defender Threat Intelligence Logo
VirusTotal vs Microsoft Defender Threat Intelligence
Compared 17% of the time
Cisco Threat Grid vs Microsoft Defender Threat Intelligence Logo
Cisco Threat Grid vs Microsoft Defender Threat Intelligence
Compared 15% of the time
STAXX vs Microsoft Defender Threat Intelligence Logo
STAXX vs Microsoft Defender Threat Intelligence
Compared 14% of the time
ThreatConnect Threat Intelligence Platform (TIP) vs Microsoft Defender Threat Intelligence Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Microsoft Defender Threat Intelligence
Compared 11% of the time
Splunk Mission Control vs Microsoft Defender Threat Intelligence Logo
Splunk Mission Control vs Microsoft Defender Threat Intelligence
Compared 8% of the time
More Microsoft Defender Threat Intelligence Competitors
AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 18% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 12% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Elastic Security vs Microsoft Sentinel Logo
Elastic Security vs Microsoft Sentinel
Compared 5% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender Threat Intelligence
July 2024
Microsoft Defender Threat Intelligence reportDownload Microsoft Defender Threat Intelligence product report
Buyer's Guide
Microsoft Sentinel
July 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
 

Also Known As

No data available
Azure Sentinel
 

Learn More

Video not available
Microsoft
Microsoft
 

Overview

Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation. 

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

 

Sample Customers

Information Not Available
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Buyer's Guide
Microsoft Defender Threat Intelligence vs. Microsoft Sentinel
May 2024
Free Report: Microsoft Defender Threat Intelligence vs. Microsoft Sentinel
Find out what your peers are saying about Microsoft Defender Threat Intelligence vs. Microsoft Sentinel and other solutions. Updated: May 2024.
DOWNLOAD NOW
793,295 professionals have used our research since 2012.
See our Microsoft Defender Threat Intelligence vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.

We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.