cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Security Center vs Azure Sentinel

marcelheijnen
Copper Contributor

‎Feb 16 2022 03:40 AM

‎Feb 16 2022 03:40 AM

Azure Security Center vs Azure Sentinel

I am looking for a clear comparison between Azure Security Center (i.e. Microsoft Defender for Cloud ?) and Azure Sentinel. What do they overlap, what does Sentinel bring that ASC does not provide. How do they compare in logging and response. And how do license levels 


Does anybody know good documentation that provides insights to this comparison?

 

Many thanks in advance.

2,398 Views
0 Likes
6 Replies
Reply
6 Replies
marcelheijnen

‎Feb 16 2022 06:17 AM

‎Feb 16 2022 06:17 AM

Re: Azure Security Center vs Azure Sentinel

Thanks. That seems a very goods starting point.
0 Likes
Reply
Dean Gross

‎Feb 16 2022 06:23 AM

‎Feb 16 2022 06:23 AM

Re: Azure Security Center vs Azure Sentinel

Defender for Cloud is focused on evaluating system configuration and providing recommendations to harden those systems - its goal is make it harder for attackers so that there are not any security incidents shown in Sentinel.
Sentinel is focused on helping security teams investigate incidents - it won't provide any
recommendations to close a port, it will just let you know that the attackers are using a port to steal data :)
0 Likes
Reply
marcelheijnen

‎Feb 16 2022 06:59 AM

‎Feb 16 2022 06:59 AM

Re: Azure Security Center vs Azure Sentinel

Thanks for your response.

But is seems that both services also provide overlapping capabilities.
0 Likes
Reply
Dean Gross

‎Feb 16 2022 07:53 AM

‎Feb 16 2022 07:53 AM

Re: Azure Security Center vs Azure Sentinel

The only real overlap is with alerts, but you need to realize that those in MDC are only a subset of those in Sentinel which has many more data connectors. Incident investigation is much better in Sentinel than MDC.
Sentinel does not provide any recommendations to improve security posture

Word and Excel have overlapping capabilities with their abilities to create tables, but using Excel as word processor is a poor substitute for MS Word, we need both. It is similar with MDC and Sentinel, they complement each other with a few overlaps. To be effective, we need both
1 Like
Reply
marcelheijnen

‎Feb 17 2022 01:05 AM

‎Feb 17 2022 01:05 AM

Re: Azure Security Center vs Azure Sentinel

@Dean Gross I agree. Many thanks.

0 Likes
Reply