We performed a comparison between Microsoft Purview and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time."
"I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly."
"My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
"The audit log has been a lifesaver for a lot of reasons. Historically, when using SaaS products, there were always questions about how the audit was going and whether we were sufficient out of the box. Purview has many capabilities available through centralized reporting that provide a view of a specific segment."
"Data authentication enables us to classify documents based on whether they should be restricted for internal consumption or permitted for external sharing."
"The data lineage feature stands out. It tracks where the data comes from and any changes made."
"The e-discovery search is useful."
"The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The connectivity and analytics are great."
"It has basic out-of-the-box integrations with multiple log sources."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The product can integrate with any device."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"There are negatives to the compliance aspect of Purview in that you get a lot of false positives with some of the native scanning and rules in the platform. A lot of them need tweaking to get a more realistic handle on what data there is."
"I would like to have AI functionality on the dashboard to help me analyze and report on the data that we capture using Purview on a daily basis."
"If we could have a view something like we have in CrowdStrike—which is, I believe, the biggest competitor to Microsoft when it comes to security—a node nodal view, which we also have in Defender, that would make it a more complete, one-stop solution. That would save a lot of time for the admins and the engineers."
"Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question."
"Two features are unsupported—custom insights and the DLP component—that would be beneficial to me as a consultant and for the customer in terms of security and monitoring. Regarding security, DLP would provide a more granular level of data masking. Custom insights would offer more detailed monitoring and alerts that can notify customers of failures or anything requiring urgent action."
"We have had some issues automating our document management with Power Apps. I haven't been super-disappointed with anything except for Power Apps, which kinda drives me nuts. I think it's because I am a coder who can do things properly, and I keep trying to do things there, but it's not working out the way. The security team is pretty quick. I'm kind of a thorn in their side. I always try to get around stuff. They haven't come to me for anything saying, "Hey, I can't find this information." They're pretty good. Maybe, there's a lack of documentation, but that doesn't seem to be an issue for our team."
"I would like to have complete video documentation for training."
"I'd like to see them improve the training for implementing this type of solution."
"The product can be improved by reducing the cost to use AI machine learning."
"The solution could be more user-friendly; some query languages are required to operate it."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"I would like to be able to monitor applications outside of the Azure Cloud."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
Microsoft Purview is ranked 7th in Microsoft Security Suite with 48 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 85 reviews. Microsoft Purview is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Purview writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Purview is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and OneTrust DataGovernance, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Fortinet FortiSIEM. See our Microsoft Purview vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.