![]() The resolution time is about the same, but it took longer to discover the issue with ArcSight. "You can check up on security from the dashboards." "The consolidated overview of all the events that come in through our environment and an easy-to-access interface for all our end users are valuable." "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running." You can put unlimited logs in, as long as you can pay for it. It covers all of the environment, giving us great visibility." "The scalability is great. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment." "We can use Sentinel's playbook to block threats. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can manage on-premises infrastructure. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly." "It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. Sentinel is much faster and is good for big databases." "Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. ![]() I love that I don't have to upload it to an Excel file and then manually look for a piece of information. You can put your data on the cloud and run queues from Sentinel. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements." "The log query feature has been the most valuable because it's very good. It has some IP and URL-specific allow listing" "Sentinel has features that have helped improve our security poster. We get a more detailed view that I can't get from the other SIEM tools. It gives me a solid overview of all the logs. ![]() "It's pretty powerful and its performance is pretty good." "Sentinel has an intuitive, user-friendly way to visualize the data properly.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |