Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
As a Microsoft partner, we receive significant discounts, making the solution affordable for us.
If a customer is already using Microsoft’s ecosystem, the ROI can be positive due to seamless integration.
We attribute our growth to Sentinel.
From a risk perspective, it's about mitigating risk, and as mentioned earlier, we haven't missed many things since we've had the offering in market—only a couple of minor incidents.
They are sometimes responsive, however, often issues cannot be reproduced on their end, making it challenging.
The support we receive from Microsoft is declining, and for example, after taking advanced support, we have not received satisfactory answers.
My team raised multiple support tickets for the product, and we were able to get responses from Microsoft support team.
Their solutions' integration simplifies resolving issues compared to those caused by third-party products.
Working with a Sentinel engineer helped us tune settings effectively.
When my team needs to escalate issues to Microsoft, especially for Microsoft Sentinel, the response is fast through their French entity.
It is scalable; I evaluated the product and decided to use Defender on over 700 of our company servers.
Office 365 and Exchange are running on it, covering about 35,000 users efficiently.
As our organization uses Microsoft Azure and Defender, everything grows together, and we can integrate various features seamlessly.
Being a SaaS solution, the scalability of Microsoft Sentinel is robust.
There are compatibility issues occasionally arising with false positives when other security tools are not whitelisted in Microsoft Defender.
It is very resource-intensive, consuming a lot of memory and CPU.
I would rate the overall stability as an eight.
So far, we have not experienced any issues, and it has been stable from the beginning.
In the past two years, our team hasn't encountered any issues with the stability of Microsoft Sentinel from an operations perspective.
I need to be aware of deprecated connectors as they may disconnect, but the data continues to be sent with a need for quick adaptation.
This scoring should be for specific industries as well. If I belong to the healthcare industry using Microsoft Defender Vulnerability Management, it should provide me with a risk score and show how I fare against the risk score of my industry.
A vulnerability I patch within 15 minutes takes 24 additional hours for an update.
The product is not stable; it often uses excessive memory and CPU, which makes it slow.
We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel.
Currently, we are happy to have a way in the middle with not so much cost, but it would be nice to have the ability to enhance the automation of workflows based on learned incidents.
There are complexities in calculating the right pricing tier for different customers, which makes it difficult for me as a consultant during upfront pricing.
Overall, every organization wishes for cheaper options, but we look at the security side as well, so we are good for now.
For non-partners, however, the cost could be seen as higher, between seven to ten.
The pricing is reasonable, and it's included in the whole Microsoft E5 bundle, so it's all-inclusive.
Microsoft Sentinel offers more capabilities than Bastion, with a more intuitive experience.
Setting up the right cost model for customers is intricate, requiring careful consideration of various components and licensing tiers.
The ingestion costs for the data analytics is usually the highest cost.
The main advantage of Microsoft Defender Vulnerability Management is that it can locate and prevent most threats even when the endpoints are not connected to the corporate network, as long as the internet is available.
The most valuable aspect is the kind of assessment results I get, and the recommendations provided in Microsoft products really help in taking care of the resources.
The integration with Sentinel has been one of the most valuable features for my organization.
Microsoft Sentinel's ability to correlate data from multiple sources and its detection capabilities are essential.
Microsoft Sentinel has improved cost efficiency, which is one of the key areas we're able to win business against the ability to have threat intelligence.
Microsoft Sentinel's ability to correlate data from multiple sources enhances our threat detection capabilities beyond what is a simple data lake solution by filtering out the noise and consolidating the signal down to a meaningful level that is easier to investigate and see.
Microsoft Defender Vulnerability Management enables organizations to identify vulnerabilities, manage patches, and fortify threat detection. It offers endpoint assessments, cloud incident management, and dynamic security through Microsoft's Security Scorecard integration.
Organizations leverage Microsoft Defender Vulnerability Management for advanced threat detection and response. It provides robust tools for vulnerability assessment and cloud incident management, integrated with Microsoft's Security Scorecard to enhance dynamic security profiling. Key features include automatic patch deployment, security configuration management, and seamless integration with Microsoft platforms, benefiting both on-prem and cloud environments. Organizations can track vulnerabilities with severity-based reports, helping manage outdated software and minimizing threat exposure.
What are the key features of Microsoft Defender Vulnerability Management?In healthcare, Microsoft Defender Vulnerability Management helps manage compliance with health regulations, while in finance, it aids in securing sensitive data from cyber threats. Manufacturing sectors benefit from its patch management, keeping operational technology systems less vulnerable to disruptions.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
