We performed a comparison between Microsoft Intune and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Microsoft Windows Autopilot and Defender policies are the most valuable features of this solution."
"The reporting and analytics features in Microsoft Intune have been a lifesaver."
"Based on my experience, I find Intune very flexible for managing Windows devices. We can use scripting, and we can make use of the self-service portal or the company portal to publish some of the applications for Windows."
"The conditional access policies that we set up are very useful."
"I like that it's very good and very simple. I found that we just needed to have a proper subscription for an Intune tenant, and from the subscription, if we have the right role assigned, like the global admin role or the owner role, we can use Microsoft cloud resources. With the help of that, we can do many things like setting up Microsoft Intune in the cloud to create our virtual machines. All these can be done, and the steps are very simple. I really liked it. I like features like Windows Auto-Enrollment. I like it very much because whenever you supply it to the end-user, it will be ready to use immediately. The end-user only needs to provide the user credentials, and then they are good to go. I also really like Cloud PC, which was recently launched on Azure."
"For the price, the features included with Microsoft are appealing."
"We already use a lot of Microsoft products in our company, and therefore, it made sense to also use this product."
"It's easy to manage."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Log aggregation and data connectors are the most valuable features."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The initial setup is very simple and straightforward."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"I would like to see the ability to deploy custom packages as a Windows 64-bit package, as opposed to the Windows 32-bit, which is the only one available now."
"Sometimes, customers compare it with AirWatch, but the concept of Intune is different from other solutions. It's an application management app. It gets a bit difficult to explain it to customers, but it's not a product limitation. It takes a presale document or presentation to explain it to customers."
"It's the granularity: 'Is your firewall on? Is BitLocker on?' It's not amazing granularity. But I've looked into other products, like Duo, and they're all similar."
"Intune has limited integration with non-Microsoft solutions."
"Onboarding of endpoint devices is not straightforward. The onboarding process was a little heavier than I thought it would be. That's the key improvement area. Obviously, the more control you have over the devices, the better it is."
"We only have major classifications for iOS and Android, but there are different brands that have different cycles of updates. If they can fine-tune it to make it more brand-specific, that would be even better."
"The biggest problem we ever have is when something goes out of date after 30 days when nobody has logged into it. We do have a problem trying to get those back online. We've been working with Microsoft to resolve that problem, but that's been the only issue that we've had in the last few years."
"The policies we had in SCCM and AD offered features that are missing from Microsoft Intune."
"The playbook is a bit difficult and could be improved."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"We are invoiced according to the amount of data generated within each log."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
Microsoft Intune is ranked 3rd in Microsoft Security Suite with 165 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Microsoft Intune is rated 8.0, while Microsoft Sentinel is rated 8.2. The top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, Microsoft Entra ID and SOTI MobiControl, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Microsoft Intune vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.