We performed a comparison between Microsoft Defender Vulnerability Management and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product’s most valuable features are compliance, recommendations, and inventories."
"One valuable feature is the Microsoft Security Scorecard."
"The solution helps identify threats and vulnerabilities."
"The solution is up-to-date and helps prevent zero-day attacks."
"The product's stability is very high...The scalability of the product is amazing."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The general support could be improved."
"The technical support takes too much time to resolve tickets."
"Integration can be improved."
"The setup phase of the product is not that easy and needs a person to have a certain level of expertise."
"It is challenging to extract and customize reports from the system."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"One key area that can be improved is by building a strong integration with our XDR platform."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
More Microsoft Defender Vulnerability Management Pricing and Cost Advice →
Microsoft Defender Vulnerability Management is ranked 27th in Microsoft Security Suite with 5 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Defender Vulnerability Management is rated 8.2, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Defender Vulnerability Management writes "The vulnerability assessment is very accurate because it runs directly into the vulnerability database". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Defender Vulnerability Management is most compared with Qualys VMDR, Tenable Nessus, Rapid7 InsightVM, Tenable Vulnerability Management and Microsoft Defender XDR, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Defender Vulnerability Management vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
