Microsoft Sentinel vs ThreatQ Comparison 2024

Microsoft Sentinel

ThreatQ

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews

17,715 views|9,994 comparisons

ThreatQ

Read 2 ThreatQ reviews

520 views|378 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Security Orchestration Automation and Response (SOAR)

May 2024

Executive Summary

We performed a comparison between Microsoft Sentinel and ThreatQ based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR).

To learn more, read our detailed Security Orchestration Automation and Response (SOAR) Report (Updated: May 2024).

Download the complete report

771,157 professionals have used our research since 2012.

Featured Review

Hari Shankar

IT Architect at a real estate/law firm

It's a plug-and-play solution, so you can start seeing benefits quickly using the out-of-the-box analytics rules and...

Sentinel has reduced our mean time to resolution, one of our KPIs, by about 30 to 40 percent and enabled us to identify vulnerabilities faster. The... Read more →

Anonymous User

Threat Intelligence Lead at a tech services company

Improves the threat intelligence gathering process, but it is not user-friendly

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent.""Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing""Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment.""We are able to deploy within half an hour and we only require one person to complete the implementation.""The initial setup is very simple and straightforward.""Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises.""The product can integrate with any device.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."

More Microsoft Sentinel Pros →

"Integrating the solution with our existing security tools and workflows was easy.""The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."

More ThreatQ Pros →

Cons

"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel.""For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons.""Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems.""Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider.""Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect.""They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us.""The troubleshooting has room for improvement.""The playbook is a bit difficult and could be improved."

More Microsoft Sentinel Cons →

"The solution should be simpler for the end-user in terms of reporting and navigating the product.""The tool is not user-friendly."

More ThreatQ Cons →

Pricing and Cost Advice

"It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."

"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

More Microsoft Sentinel Pricing and Cost Advice →

Information Not Available

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See Recommendations

771,157 professionals have used our research since 2012.

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threa...

Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized by… more »

Read all 10 answers →

What is a better choice, Splunk or Azure Sentinel?

Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »

Which is better - Azure Sentinel or AWS Security Hub?

Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »

Read all 2 answers →

What do you like most about ThreatQ?

Top Answer:Integrating the solution with our existing security tools and workflows was easy.

Read all 2 answers →

What needs improvement with ThreatQ?

Top Answer:The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool. It will take at least two months to get familiar with it. Building the playbook… more »

Read all 2 answers →

What is your primary use case for ThreatQ?

Top Answer:We used the solution for threat mapping and managing IoCs.

Read all 2 answers →

Ranking

1st

out of 41 in Security Orchestration Automation and Response (SOAR)

Views

17,715

Comparisons

9,994

Reviews

Average Words per Review

1,638

Rating

8.4

23rd

out of 41 in Security Orchestration Automation and Response (SOAR)

Views

520

Comparisons

378

Reviews

Average Words per Review

366

Rating

7.0

Comparisons

AWS Security Hub vs. Microsoft Sentinel

Compared 17% of the time.

IBM Security QRadar vs. Microsoft Sentinel

Compared 12% of the time.

Splunk Enterprise Security vs. Microsoft Sentinel

Compared 6% of the time.

Microsoft Defender for Cloud vs. Microsoft Sentinel

Compared 6% of the time.

Elastic Security vs. Microsoft Sentinel

Compared 5% of the time.

More Microsoft Sentinel Competitors →

ThreatConnect Threat Intelligence Platform (TIP) vs. ThreatQ

Compared 40% of the time.

Anomali ThreatStream vs. ThreatQ

Compared 34% of the time.

Recorded Future vs. ThreatQ

Compared 20% of the time.

Palo Alto Networks Cortex XSOAR vs. ThreatQ

Compared 6% of the time.

More ThreatQ Competitors →

Also Known As

Azure Sentinel

Learn More

Microsoft

ThreatQuotient

Video Not Available

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

ThreatQ is a Threat Intelligence Platform (TIP) designed to enable threat operations and management. ThreatQ is the only solution with an integrated Threat Library, Adaptive Workbench and Open Exchange that help you to act upon the most relevant threats facing your organization and to get more out of your existing security infrastructure.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Radar, Bitdefender, Crowdstrike, FireEye, IBM Security

Top Industries

REVIEWERS

Financial Services Firm22%

Computer Software Company11%

Comms Service Provider8%

Manufacturing Company8%

VISITORS READING REVIEWS

Computer Software Company16%

Financial Services Firm10%

Government9%

Manufacturing Company7%

VISITORS READING REVIEWS

Financial Services Firm21%

Computer Software Company14%

Government9%

Educational Organization9%

Company Size

REVIEWERS

Small Business33%

Midsize Enterprise21%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

VISITORS READING REVIEWS

Small Business15%

Midsize Enterprise9%

Large Enterprise76%

Microsoft Sentinel vs ThreatQ comparison