We performed a comparison between Microsoft Defender Threat Intelligence and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company."
"The technical support services are excellent."
"The solution is well integrated with other Microsoft security products."
"The product's initial setup phase was straightforward."
"Microsoft collects trillions of signals from all over the world, which is incredibly valuable. It helps us identify zero-day vulnerabilities and global threats."
"The product’s most valuable feature is the ability to provide threat detection and protection simultaneously."
"The solution blocks incoming threats on the local PC or any cloud-based threats."
"Microsoft Defender Threat Intelligence assesses machines for vulnerabilities and gives remediations."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The initial setup is very simple and straightforward."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The tool's onboarding of users that use on-premise or hybrid environments needs to be improved."
"We encounter problems connecting the product deployed on the user endpoints with the servers."
"A stable licensing model is absent"
"There could be AI functionality included for features like reporting and dashboard preparation."
"It takes time for the support team to understand the issue, and they then respond with a delay at times, which causes a lot of trouble."
"Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel."
"The software is expensive."
"One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems."
"The AI capabilities must be improved."
"We are invoiced according to the amount of data generated within each log."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
More Microsoft Defender Threat Intelligence Pricing and Cost Advice →
Microsoft Defender Threat Intelligence is ranked 16th in Microsoft Security Suite with 27 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 86 reviews. Microsoft Defender Threat Intelligence is rated 8.4, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Defender Threat Intelligence writes "A tool that offers endpoint protection with low maintenance costs". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Defender Threat Intelligence is most compared with STAXX, Cisco Threat Grid, VirusTotal, ThreatConnect Threat Intelligence Platform (TIP) and Splunk Mission Control, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Defender Threat Intelligence vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.