• Home
  • Microsoft Purview vs. Microsoft Sentinel

Microsoft Purview vs Microsoft Sentinel comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Purview

Read 48 Microsoft Purview reviews
4,772 views|2,393 comparisons
82% willing to recommend
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
5,194 views|2,993 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Purview vs. Microsoft Sentinel
March 2024
Executive Summary

We performed a comparison between Microsoft Purview and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Purview vs. Microsoft Sentinel Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Francisco Montilla
Supports ingestion from non-Microsoft data sources, integrates with third-party solutions, and is built with...
Purview's multi-platform capabilities, supporting iOS, Mac, and Android, have been invaluable to me. As a beginner in device management software,... Read more →
Harman Saggu
Provides valuable alerts and saves investigation time, but can use more connectors
It is crucial that Sentinel empowers us to safeguard our hybrid, cloud, and multi-cloud environments. We employ a hybrid cloud setup, and securing... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time.""I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly.""My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced.""The audit log has been a lifesaver for a lot of reasons. Historically, when using SaaS products, there were always questions about how the audit was going and whether we were sufficient out of the box. Purview has many capabilities available through centralized reporting that provide a view of a specific segment.""Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing.""The data lineage feature stands out. It tracks where the data comes from and any changes made.""The e-discovery search is useful.""The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature."

More Microsoft Purview Pros →

"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself.""The connectivity and analytics are great.""It has basic out-of-the-box integrations with multiple log sources.""I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily.""The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one.""The product can integrate with any device.""It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."

More Microsoft Sentinel Pros →

Cons
"There are negatives to the compliance aspect of Purview in that you get a lot of false positives with some of the native scanning and rules in the platform. A lot of them need tweaking to get a more realistic handle on what data there is.""I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis.""If we could have a view something like we have in CrowdStrike—which is, I believe, the biggest competitor to Microsoft when it comes to security—a node nodal view, which we also have in Defender, that would make it a more complete, one-stop solution. That would save a lot of time for the admins and the engineers.""Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question.""Two features are unsupported—custom insights and the DLP component—that would be beneficial to me as a consultant and for the customer in terms of security and monitoring. Regarding security, DLP would provide a more granular level of data masking. Custom insights would offer more detailed monitoring and alerts that can notify customers of failures or anything requiring urgent action.""We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team.""I would like to have complete video documentation for training.""I'd like to see them improve the training for implementing this type of solution."

More Microsoft Purview Cons →

"The product can be improved by reducing the cost to use AI machine learning.""The solution could be more user-friendly; some query languages are required to operate it.""I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us.""Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this.""We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers.""I would like to be able to monitor applications outside of the Azure Cloud.""One key area that can be improved is by building a strong integration with our XDR platform.""Microsoft Sentinel is relatively expensive, and its cost should be improved."

More Microsoft Sentinel Cons →

Pricing and Cost Advice
  • "The pricing is moderate. It's not too expensive, but it's not the most competitive."
  • "Microsoft Purview is the best option I have encountered when it comes to price. Maybe some of my information is outdated, but Microsoft offered it so that you could use it almost without paying."
  • "There is some competition out there, but the other solutions are quite expensive. They are enterprise tools that are a bit more mature but the license costs $100,000 for some of them. Purview is pay-per-use and a lot of companies are interested in that."
  • "Aside from the complexity of the pricing model, the price itself is realistic. Features like AI components and automatic classification require additional licenses. Still, anyone can start using Purview with a basic E3 license if they're using Microsoft 365 and grow with additional licenses as needed. Overall, we're satisfied with the price."
  • "Its pricing is good in terms of the features that they are providing, but there are many competitors in the market who can easily provide you with similar services at a lesser cost."
  • "The categorization within the licensing could be improved. There are a lot of solutions within Microsoft Purview. If the licensing could be a bit clearer and the solutions could be better categorized according to function and across multiple environments, that would be excellent. The licensing is very confusing."
  • "Price-wise, I think it's very generous and accessible to not just enterprises but small to medium-sized companies as well. I think it's very fair in terms of how they break apart the storage and the actual computing, and that makes it very accessible. So, that is a very big plus for Purview."
  • "Some people find the tier licensing system complicated, but it offers a lot of value for money if we use the features."

    • More Microsoft Purview Pricing and Cost Advice →

  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Azure Purview?
    Top Answer:It is designed to seamlessly connect to various data sources, which is particularly beneficial for our customers who primarily use Microsoft technologies.
    Read all 21 answers   →
    What is your experience regarding pricing and costs for Microsoft Azure P...
    Top Answer:Currently, the licensing differs for the governance side compared to the risk and compliance side. On the governance side, the charges are based on the usage of Purview, including the data map, data… more »
    Read all 19 answers   →
    What needs improvement with Microsoft Azure Purview?
    Top Answer:Data quality has been a highly requested feature among customers. While it was initially scheduled for release in December last year, I anticipate that this feature will be available soon this year. I… more »
    Read all 20 answers   →
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized by… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    Ranking
    7th
    out of 36 in Microsoft Security Suite
    Views
    4,772
    Comparisons
    2,393
    Reviews
    45
    Average Words per Review
    1,368
    Rating
    7.6
    5th
    out of 36 in Microsoft Security Suite
    Views
    5,194
    Comparisons
    2,993
    Reviews
    60
    Average Words per Review
    1,620
    Rating
    8.4
    Comparisons
    Also Known As
    MS Azure Purview
    Azure Sentinel
    Learn More
    Microsoft
    Microsoft
    Overview

    Microsoft Purview is a unified data governance solution that helps you understand all of your on-premises, multi cloud, and software-as-a-service (SaaS) data and maintain control over its usage. With the Microsoft Purview solution, you can create a detailed, up-to-date map of your data landscape with sensitive data classification, automated data discovery, and end-to-end data lineage. Not only does it enable data curators to easily secure your data, but it also allows data consumers to find valuable, trustworthy data.

    Microsoft Azure Purview is designed with:

    • Data Map: Microsoft Purview Data Map provides the foundation for data discovery and effective data governance. Azure Purview Data Map is a cloud-native PaaS service that captures metadata about enterprise data present in analytics and operation systems on premises and in the cloud.

    • Data Catalog: Microsoft Purview Data Catalog finds trusted data sources by browsing and searching your data assets. The data catalog aligns your assets with business terms and data classification to identify data sources.

    • Data Insights: Microsoft Purview Data Insights gives you an overview of your data estate to help you discover what kinds of data you have and where.

    Microsoft Purview Features

    Microsoft Purview has many valuable key features. Some of the most useful ones include:

    • Automated data discovery, lineage identification, and data classification
    • Insights into the location and movement of sensitive data across your entire data estate
    • Unified map of your data assets and their relationships for more effective data governance
    • Glossary with business and technical search terms to aid data discovery

    Microsoft Purview Benefits

    Some of the benefits of using Microsoft Azure Purview include:

    • Automate and manage metadata from hybrid sources.
    • Classify data using built-in and custom classifiers and Microsoft Information Protection sensitivity labels.
    • Label sensitive data consistently across SQL Server, Azure, Microsoft 365, and Power BI.
    • Easily integrate all your data systems using Apache Atlas APIs.
    • Search for data using technical or business terms.
    • Easily understand data by browsing associated technical, business, semantic, and operational metadata.
    • Quickly identify the sensitivity level of data.
    • Scan your Power BI environment and Azure Synapse Analytics workspaces with a few clicks.
    • Automatically publish all discovered assets and lineage to the Purview Data Map.
    • Connect Microsoft Azure Purview to Azure Data Factory instances to automatically collect data integration lineage.
    • Quickly determine which analytics and reports already exist without reinventing the wheel.

    Reviews from Real Users

    PeerSpot reviewer Kelly B., Solution Specialist at LobsterPot Solutions, says, “We're building a new system from scratch for our clients and wanted to include data governance. Their solution is hosted in Azure and it seemed logical to go with something that fits with that. Purview has a pretty good interface and I'm satisfied with what the solution does and the price it's being sold at. It integrates well with Azure technologies.” She also adds, “The initial setup was very easy, that's part of the appeal.”

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Sample Customers
    Information Not Available
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Top Industries
    REVIEWERS
    Financial Services Firm21%
    University11%
    Computer Software Company11%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company14%
    Financial Services Firm13%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business34%
    Midsize Enterprise20%
    Large Enterprise46%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    Buyer's Guide
    Microsoft Purview vs. Microsoft Sentinel
    March 2024
    Free Report: Microsoft Purview vs. Microsoft Sentinel
    Find out what your peers are saying about Microsoft Purview vs. Microsoft Sentinel and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Microsoft Purview is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 85 reviews. Microsoft Purview is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Fortinet FortiSIEM. See our Microsoft Purview vs. Microsoft Sentinel report.

    See our list of best Microsoft Security Suite vendors.

    We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.