We performed a comparison between RSA enVision and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The analytic rule is the most valuable feature."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The most valuable feature of this solution is the reporting."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The tool is simple to use."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"It makes everything easier by automating some tasks and growing with our needs."
"The most valuable feature of Sentinel is the dashboard."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"I would like to see more AI used in processes."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"There is room for improvement in entity behavior and the integration site."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"In general, the solution currently isn't user-friendly."
"The integration could be easier, it should support more products."
"RSA enVision log manager is out of date and is not in use anymore."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"The solution does not allow outsourced authorizations."
"I rate Sentinel a six out of ten for scalability."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"The dashboard and customer view should be improved"
"I would like to see a better reporting work structure on the dashboard."
"There is no integration in the web-side of the tool."
"It is an ancient product."
RSA enVision is ranked 36th in Security Information and Event Management (SIEM) with 5 reviews while Sentinel is ranked 18th in Security Information and Event Management (SIEM) with 16 reviews. RSA enVision is rated 6.8, while Sentinel is rated 7.6. The top reviewer of RSA enVision writes "Though the solution offers good technical support, it needs to be made more user-friendly ". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". RSA enVision is most compared with NetWitness Platform, Splunk Enterprise Security and IBM Security QRadar, whereas Sentinel is most compared with IBM Security QRadar, Splunk Enterprise Security, Google Chronicle Suite, Wazuh and LogRhythm SIEM. See our RSA enVision vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
