Microsoft Sentinel vs. Splunk

When organisations come to us wanting to set up a security information event management (SIEM), they often have two options in mind: Microsoft Sentinel or Splunk. Whilst the two solutions do have some similarities, they differ in a variety of ways, which we’ll explore in this article.

We will look at integrations, SIEM functionality, cost-effectiveness, analytics, threat intelligence, and much more. As well as looking at functionality and the details of each solution, we will discuss how each solution may be better for certain organisations as well as our recommendations when it comes to installing a SIEM or security orchestration and automated response (SOAR) solution.