Try our new research platform with insights from 80,000+ expert users

Microsoft Sentinel vs Tines comparison

Microsoft and Tines are both solutions in the Security Orchestration Automation and Response (SOAR) category. Microsoft is ranked #1 with an average rating of 8.5, while Tines is ranked #10 with an average rating of 9.0. Microsoft holds a 15.0% mindshare in SOAR, compared to Tines’s 7.1% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 100% of Tines users who would recommend it.
Microsoft Sentinel
Read 98 Microsoft Sentinel reviews
  • 17,928 Views
  • 7,530 Comparison Views
93% willing to recommend
Tines
Read 4 Tines reviews
  • 2,306 Views
  • 2,006 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 5, 2024

Microsoft Sentinel and Tines compete in the cybersecurity domain. Microsoft Sentinel leads in scalability and integration, benefiting organizations within Microsoft's ecosystem, whereas Tines provides agile automation suited for teams focused on swift security workflow automation.

Features: Microsoft Sentinel offers seamless integration with Azure services, robust threat intelligence capabilities, and advanced analytics for security insights. Tines provides flexible task automation, incident response capabilities, and streamlined workflow processes for security teams seeking agile solutions.

Ease of Deployment and Customer Service: Microsoft Sentinel is cloud-based and deploys quickly through Azure, though its integrations require careful planning. Tines features a straightforward deployment process and places strong emphasis on user-friendly customer support.

Pricing and ROI: Microsoft Sentinel utilizes a consumption-based pricing model beneficial for large enterprises, while offering ROI benefits for those maximizing Azure's ecosystem. Tines offers competitive pricing with a low entry barrier, appealing to organizations with specific automation needs.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Sentinel vs. Tines Report (Updated: September 2025).
Buyer's Guide
Microsoft Sentinel vs. Tines
September 2025
Download the complete report
Helped 872,837 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Orchestration Automation and Response (SOAR)
1st
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
98
Ranking in other categories
Security Information and Event Management (SIEM) (3rd), Microsoft Security Suite (6th), AI-Powered Cybersecurity Platforms (5th)
Tines
Ranking in Security Orchestration Automation and Response (SOAR)
10th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
4
Ranking in other categories
Threat Intelligence Platforms (TIP) (17th), AI-Powered Security Automation (1st)
 

Mindshare comparison

As of November 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Microsoft Sentinel is 15.0%, down from 20.7% compared to the previous year. The mindshare of Tines is 7.1%, up from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Microsoft Sentinel15.0%
Tines7.1%
Other77.9%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Ivan Angelov - PeerSpot reviewer
Threat detection and response capabilities enhance investigation processes
My security team has been using Microsoft Sentinel for around two years. We also have Bastion and SolarWinds as part of our monitoring tools. We use a three-way tool, alongside Microsoft Sentinel, in our environment The most valuable features for us include threat collection, threat detection,…
Read full review
VikramSingh8 - PeerSpot reviewer
Automation simplifies workflows with no code and excellent support
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have taken place. However, the reporting and dashboard are not advanced; they are quite basic, with fewer customizable options. The look and feel of the dashboard could be enhanced. Another area for improvement is in terms of documentation, as every tool and company has its own knowledge base.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Free ingestion for Azure logs (with E5 licence)"
More Microsoft Sentinel pros
"One of the most valuable features is that it’s a low-code solution."
"The best advantage is the no-code automation, excellent customer support services, and ease of integration with other tools."
"The best thing is that it's no code, so it doesn't require coding knowledge."
"The tool was vendor-neutral."
 

Cons

"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"In terms of improvements, pricing, licensing, and overall cost could be better."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"As of now, there have been only benefits. However, I am curious about potential AI integration and whether it will be affordable for us because all the compliance costs are rising with all the new features."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
More Microsoft Sentinel cons
"Reporting and dashboards could be more advanced for deeper analysis."
"They started implementing some AI, and their AI is isolated."
"Tines was a little bit more expensive than Torq."
"Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool."
 

Pricing and Cost Advice

"Sentinel is expensive relative to other products of the class, so it often isn't affordable for small-scale businesses. However, considering the solution has more extensive capabilities than others, the price is not so high. Pricing is based on GBs of ingested daily data, either by a pay-as-you-go or subscription model."
"Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
"No license is required to make use of Sentinel, but you need to buy products to get the data. In general, the price of those products is comparable to similar products."
"Sentinel is fairly priced and pretty cost-effective."
"It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
"We only pay for the amount of data we bring in, which is fair."
"From a cost perspective, there are some additional charges in addition to the licensing."
"The pricing isn't very high. It depends on the number of logs you have. If you're expecting to ingest 50 to 60G in a day, but you're only ingesting 20 to 25G per day at first and you have a good team to analyze the logs, then you can segregate the ingestion at under 15G."
More Microsoft Sentinel pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
872,837 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
11%
Manufacturing Company
8%
Government
7%
Financial Services Firm
13%
Computer Software Company
9%
Manufacturing Company
8%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise20
Large Enterprise41
No data available
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What needs improvement with Tines?
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have ta...
See all answers
What is your primary use case for Tines?
I am Vikram Singh, I work for top service based multinational brand and I am responsible for delivering Tines services. Essentially, I am working on it, and I am leading one of the source services ...
See all answers
What advice do you have for others considering Tines?
When you start working with Tines, ensure you pursue the Tines certifications. They offer these free certifications when they become your partner. Overall, I would rate Tines a nine out of ten.
See all answers
 

Comparisons

AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 18% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 7% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 6% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 5% of the time
CrowdStrike Falcon vs Microsoft Sentinel Logo
CrowdStrike Falcon vs Microsoft Sentinel
Compared 4% of the time
More Microsoft Sentinel Competitors
Torq vs Tines Logo
Torq vs Tines
Compared 46% of the time
Splunk SOAR vs Tines Logo
Splunk SOAR vs Tines
Compared 12% of the time
Blink Ops vs Tines Logo
Blink Ops vs Tines
Compared 10% of the time
Palo Alto Networks Cortex XSOAR vs Tines Logo
Palo Alto Networks Cortex XSOAR vs Tines
Compared 9% of the time
Google Security Operations vs Tines Logo
Google Security Operations vs Tines
Compared 2% of the time
More Tines Competitors
 

Product Reports

Buyer's Guide
Microsoft Sentinel
October 2025
Microsoft Sentinel reportDownload Microsoft Sentinel product report
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
October 2025
Tines reportDownload Tines product report
 

Also Known As

Azure Sentinel
No data available
 

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Tines offers no-code and low-code automation for users to automate tasks without coding expertise, integrating seamlessly with APIs to enhance incident management and security operations.

Known for a vendor-neutral approach, Tines provides detailed documentation and live chat support, allowing for effective integration with other tools, scheduling capabilities, and streamlined processes that save time and effort. Users find it intuitive for efficient task handling, making manual intervention unnecessary. Challenges include the need for more comprehensive documentation and instructional videos, as well as improvements in AI integration and reporting aesthetics. Pricing is also noted as higher compared to alternatives.

What are the most important features of Tines?
  • No-code and low-code automation: Enables task automation without coding knowledge.
  • API integration: Facilitates enhanced automation for security operations.
  • Vendor-neutral approach: Promotes unbiased integration across various tools.
  • Detailed documentation: Provides users with comprehensive guides and support.
  • Scheduling capabilities: Allows users to automate workflows efficiently.
What benefits and ROI can users expect from Tines?
  • Time savings: Automates tasks to reduce manual processes.
  • Improved efficiency: Streamlines security operations, enhancing productivity.
  • Comprehensive task handling: Offers intuitive tools for managing complex tasks easily.

Tines primarily serves organizations in the security sector, automating security operations such as alert detection and managed detection and response. It's utilized extensively in security operation centers for tasks like phishing email processing, ticket creation, IOC investigations, and ticket assignments within enterprise security frameworks, with multiple teams delivering Tines services to enhance task handling efficiency.

Tines
 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Information Not Available
Buyer's Guide
Microsoft Sentinel vs. Tines
September 2025
Free Report: Microsoft Sentinel vs. Tines
Find out what your peers are saying about Microsoft Sentinel vs. Tines and other solutions. Updated: September 2025.
DOWNLOAD NOW
872,837 professionals have used our research since 2012.
See our Microsoft Sentinel vs. Tines report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.