🌐
Microsoft Learn
learn.microsoft.com › en-us › azure › sentinel › microsoft-365-defender-sentinel-integration
Microsoft Defender XDR integration with Microsoft Sentinel | Microsoft Learn
Integrate Microsoft Sentinel and Defender XDR directly in the Microsoft Defender portal. In this case, view Microsoft Sentinel data directly with the rest of your Defender incidents, alerts, vulnerabilities, and other security data.
🌐
Microsoft Learn
learn.microsoft.com › en-us › azure › sentinel › microsoft-sentinel-defender-portal
Microsoft Sentinel in the Microsoft Defender portal | Microsoft Learn
Microsoft Sentinel is generally available in the Microsoft Defender portal, either with Microsoft Defender XDR, or on its own, delivering a unified experience across SIEM and XDR for faster and more accurate threat detection and response, simplified ...
Videos
11:23
🌐 YouTube
Microsoft Sentinel 2025 Setup & Defender XDR Integration - YouTube
June 10, 2025
01:00:17
🌐 YouTube
Microsoft Sentinel and Defender XDR Demo - YouTube
July 16, 2024
2.21K
01:33
🌐 YouTube
Enhanced Security: Microsoft Sentinel, Defender XDR & Generative ...
May 9, 2024
1.31K
16:09
🌐 YouTube
Integrating Microsoft Sentinel with Defender XDR for Ultimate ...
April 14, 2025
06:50
🌐 YouTube
Microsoft Sentinel Enable Defender XDR Connector - YouTube
July 22, 2024
10:12
🌐 YouTube
Microsoft Defender XDR, Copilot for Security & Microsoft Sentinel ...
November 15, 2023
View all
View all
🌐
Microsoft Learn
learn.microsoft.com › en-us › azure › sentinel › connect-microsoft-365-defender
Connect Microsoft Defender XDR data to Microsoft Sentinel | Microsoft Learn
The Microsoft Defender XDR connector for Microsoft Sentinel allows you to stream all Microsoft Defender XDR incidents, alerts, and advanced hunting events into Microsoft Sentinel.
🌐
Microsoft
microsoft.com › home › unified security operations with microsoft sentinel and microsoft defender xdr
Microsoft Sentinel and Microsoft Defender XDR unify security operations | Microsoft Security Blog
July 23, 2025 - At Microsoft Ignite 2023, we announced that we’re bringing Microsoft Sentinel, which delivers intelligent security analytics and threat intelligence, and Microsoft Defender XDR, our extended detection and response (XDR) solution, into a unified security operations platform—providing more comprehensive features, automation, guided experiences, and curated threat intelligence.
🌐
Microsoft Learn
learn.microsoft.com › en-us › security › zero-trust › siem-xdr-implement
Zero Trust Security with Microsoft Sentinel and Defender XDR | Microsoft Learn
Using artificial intelligence (AI) and machine learning, the XDR performs automatic analysis, investigation, and real-time response. It also correlates security alerts into larger incidents, giving security teams greater visibility into attacks and prioritizing incidents to help analysts gauge threat risk levels. With Microsoft Sentinel, you can connect to many security sources using built-in connectors and industry standards.
🌐
Microsoft
microsoft.com › en-ca › security › business › siem-and-xdr › microsoft-sentinel
Microsoft Sentinel—AI-Ready Platform | Microsoft Security
Microsoft Sentinel is a security platform with built-in SIEM capabilities. ... Microsoft Defender XDR is a suite of tools that unifies prevention, detection, and response across endpoints, identities, email, and applications to deliver a consolidated view of threats, adaptive protection against cyberattacks, and streamlined incident response and remediation.
🌐
Microsoft Learn
learn.microsoft.com › en-us › security › zero-trust › siem-xdr-overview
Incident Response with XDR and Integrated SIEM | Microsoft Learn
Microsoft Sentinel is a cloud-native solution that provides security information and event management (SIEM) and security orchestration, automation, and response (SOAR) capabilities.
🌐
Microsoft Learn
learn.microsoft.com › en-us › unified-secops › microsoft-sentinel-onboard
Connect Microsoft Sentinel to the Microsoft Defender portal - Unified security operations | Microsoft Learn
Microsoft Sentinel is generally available in the Microsoft Defender portal, with or without Microsoft Defender XDR or an E5 license. Using Microsoft Sentinel in the Defender portal together with Microsoft Defender XDR services, you unify capabilities like incident management and advanced hunting.
🌐
Microsoft Learn
learn.microsoft.com › en-us › security › operations › siem-xdr-overview
Implement Microsoft Sentinel and Microsoft Defender XDR ...
Microsoft Sentinel is a cloud-native solution that provides security information and event management (SIEM) and security orchestration, automation, and response (SOAR) capabilities.
Find elsewhere
🌐
Reddit
reddit.com › r/defenderatp › is sentinel necessary for defender xdr
r/DefenderATP on Reddit: Is Sentinel necessary for Defender XDR
November 14, 2024 -

We have an audit running at the moment, and the technician is telling me that Sentinel is necessary for Defender XDR.

My opinion is, that XDR is a SIEMless system, hence no need for a SIEM but similar performance. But Sentinel is a SIEM, so that would defeat the idea of XDR.

Does anyone know if Sentinel is actually necessary for the XDR Detections or if it is just to have "better" automation?

Top answer
1 of 5
9
Sentinel is more than just a SIEM aka place to store logs. It is a SOAR as well. Going back to your question, no it's not needed and you can go with just Microsoft XDR but you are missing lots of functionality Threat Intelligence Custom analytic rules Playbooks aka logic apps Etc I would never recommend XDR without Sentinel though, unless you have a very tight budget of course.
2 of 5
5
SIEM in no way ”defeats the idea of XDR”. Most large orgs run both. Do you need to do custom data sources / integrations? Response automation? If so you need Sentinel OR some other SIEM/SOAR.
🌐
Sentia
sentia.ca › Blog › ArtMID › 1133 › ArticleID › 223 › Understanding-the-Difference-Between-Azure-Sentinel-and-Microsoft-Defender
Understanding the Difference Between Azure Sentinel and Microsoft Defender | Sentia | IT Solution Provider | Blog | IT Solution Provider | Toronto | Sentia
January 24, 2024 - In this post, we'll explore the ... Microsoft 365 Defender) is a sophisticated security solution that allows you to prevent, discover, and remediate malicious threats from one unified dashboard....
🌐
Microsoft Learn
learn.microsoft.com › en-us › azure › sentinel › move-to-defender
Transition Your Microsoft Sentinel Environment to the Defender Portal | Microsoft Learn
The functionalities of analytics rules remain the same, including creation, updating, and management through the wizard, repositories, and the Microsoft Sentinel API. Incident correlation and multi-stage attack detection also continue to work in the Defender portal. The alert correlation functionality managed by the Fusion analytics rule in the Azure portal is handled by the Defender XDR engine in the Defender portal, which consolidates all signals in one place.
🌐
Reddit
reddit.com › r/azuresentinel › question: integrating microsoft defender xdr with microsoft sentinel
r/AzureSentinel on Reddit: Question: Integrating Microsoft Defender XDR with Microsoft Sentinel
May 7, 2025 -

Post Integrating Microsoft Defender XDR with Microsoft Sentinel, does advance hunting tables reflects on log analytics tables used by Microsot Sentinel??

Top answer
1 of 2
3
Yeah, it will show the logs that you have enable data connectors on sentinel. So keep that in mind too when making analytics rules. For example if you have a table that is typically only on XDR advance hunting such as DeviceEvents, and you do not have the logs on Sentinel, then while you can query that table on advance hunting, it won't work as an analytic rule until you send the logs to sentinel.
2 of 2
3
Just curious - why won’t you query the XDR tables via XDR hunting? That won’t incur extra ingestion costs.
🌐
Bridewell
bridewell.com › insights › blogs › detail › how-does-azure-sentinel-and-microsoft-defender-xdr-increase-performance
How Does Azure Sentinel and Microsoft Defender XDR Increase Performance of Security Operations
April 13, 2021 - So, what if you were able to get the tools and capabilities that can be easily stitched together, deliver the ability to prevent and respond to threats and have the widest coverage of extended detection and response (XDR) at no extra license cost? Well, this is what Microsoft is offering with the inclusion of the Microsoft Defender XDR product suite within its Microsoft 365 licensing. To bring it all together and really feed the security operations is the Azure Sentinel.
🌐
Medium
officegarageitpro.medium.com › microsoft-defender-xdr-security-copilot-microsoft-sentinel-now-in-one-portal-6305ef32e2c7
Microsoft Defender XDR, Security Copilot & Microsoft Sentinel now in one portal | by Mechanics Team | Medium
November 21, 2023 - First, we are extending Microsoft 365 Defender with signals from Defender for Cloud and renaming it to Microsoft Defender XDR. Additionally, we’re bringing in all of Microsoft Sentinel with its vast insights to deliver a truly unified security operations platform.
🌐
Microsoft Community Hub
techcommunity.microsoft.com › microsoft community hub › communities › products › microsoft security › microsoft sentinel › microsoft sentinel blog
Managing Microsoft Sentinel and Microsoft Defender XDR permissions in Microsoft Defender portal | Microsoft Community Hub
3 days ago - To be able to access any Defender XDR features (alerts from sources other than Sentinel, such as MDE/MDO/MDC,…, XDR tables in Advanced Hunting, etc.), you will need the appropriate Entra ID built-in roles like Security Reader, Security Operator, Security Administrator or you will need to leverage Unified RBAC (URBAC).
🌐
Microsoft Learn
learn.microsoft.com › en-us › answers › questions › 1461304 › differences-between-microsoft-defender-xdr-and-sen
Differences between Microsoft Defender XDR and Sentinel - Microsoft Q&A
I wonder differences between Microsoft Defender XDR and Sentinel I understand that Microsoft Defender XDR consolidates security alerts (including Cloud Defender, Identity Defender, Endpoint Defender, etc.). While Sentinel can use various connectors…
🌐
Microsoft Learn
learn.microsoft.com › en-us › azure › sentinel › manage-data-overview
Manage data tiers and retention in Microsoft Sentinel | Microsoft Learn
Manage log data in Microsoft Sentinel and with Microsoft Defender XDR services in the Microsoft Defender portal to optimize security operations and cost efficiency.
🌐
Microsoft Community
techcommunity.microsoft.com › microsoft community hub › communities › products › microsoft security › microsoft sentinel › microsoft sentinel blog
Introducing a Unified Security Operations Platform with Microsoft ...
November 19, 2023 - It provides unified visibility, investigation, and response across endpoints, hybrid identities, emails, collaboration tools, cloud apps, cloud workloads and data. Additionally, our cloud native SIEM solution, Microsoft Sentinel, offers unparalleled visibility into the overall threat landscape, ...
🌐
Precicom
precicom.com › techno blog › microsoft sentinel and defender xdr: strengthening cloud security and threat detection
Microsoft Sentinel and Defender XDR: Strengthening Cloud Security and Threat Detection
September 30, 2025 - This is where Microsoft brings two complementary solutions: Sentinel, the cloud-native SIEM (Security Information and Event Management), and Defender XDR (Extended Detection and Response).
Related queries
microsoft xdr pricing
microsoft xdr vs sentinel vs defender
microsoft sentinel pricing
microsoft xdr vs sentinel reddit
microsoft sentinel
microsoft defender sentinel
microsoft sentinel vs defender
microsoft defender vs sentinel