List of Microsoft Sentinel Customers
Microsoft
One Microsoft Way,
Redmond, 98052-6399, WA,
United States
Redmond, 98052-6399, WA,
United States
1 425-882-8080
Professional Services
228000
$320.0B
Since 2010, our global team of researchers has been studying Microsoft Sentinel customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Microsoft Sentinel for Endpoint Detection and Response (EDR) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Microsoft Sentinel for Endpoint Detection and Response (EDR) include: HSBC, a United Kingdom based Banking and Financial Services organisation with 212409 employees and revenues of $67.40 billion, Kao, a Japan based Manufacturing organisation with 32566 employees and revenues of $11.31 billion, Peraton, a United States based Aerospace and Defense organisation with 21000 employees and revenues of $8.00 billion, UBS USA, a United States based Banking and Financial Services organisation with 22000 employees and revenues of $5.00 billion, New Zealand Department of Internal Affairs, a New Zealand based Government organisation with 2381 employees and revenues of $780.0 million and many others.
Contact us if you need a completed and verified list of companies using Microsoft Sentinel, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Microsoft Sentinel customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
De Heus Vietam | Consumer Packaged Goods | 400 | $50M | Vietnam | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2024 | Yokogawa Votiva Solutions |
In 2024, De Heus Vietnam deployed Microsoft Sentinel as part of a broader Microsoft Azure security and operations program. Microsoft Sentinel is implemented as the Endpoint Detection and Response (EDR) capability in the stack, positioned to ingest security telemetry and drive centralized threat detection and incident response across the Vietnam operations.
The Microsoft Sentinel deployment was provisioned on Microsoft Azure and configured to use core Sentinel capabilities including analytics rules for detection, incident management, hunting queries, and automation with playbooks. The implementation architecture was aligned with existing Azure services used by De Heus Vietnam, with explicit ingestion of signals from Azure Defender and Microsoft 365, workload telemetry from Azure Kubernetes Service, and application and data pipeline logs from Azure Data Factory and Azure Databricks.
Yokogawa Votiva Solutions served as the implementation partner for the Microsoft Sentinel rollout, coordinating connection points to Dynamics 365 Finance and Operations and integrating Sentinel alert streams into the company security operations workflow. The deployment followed De Heus global template principles, using standardized configurations and partner role definitions to ensure consistency with the companys broader Azure, Dynamics 365, and Microsoft 365 platform footprint.
Governance for the Sentinel implementation emphasized a data first architecture and operational alignment between IT security, factory operations, and application teams. De Heus positioned Microsoft Sentinel and Azure Defender as complementary elements of a cohesive security architecture to achieve more security and less effort, while planning further consolidation of telemetry and standardized incident-handling processes across sites.
|
 |
Eam Energie | Utilities | 48 | $105M | Germany | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2020 | Accenture |
In 2020, EAM Energie implemented Microsoft Sentinel as part of a broader Endpoint Detection and Response (EDR) deployment hosted on Microsoft Azure. The rollout was executed alongside a companywide migration that moved roughly 80 applications to Azure between February and November 2020, with a one week cutover in October to migrate the four largest SAP systems used by approximately 1,000 employees, and weekly waves of ten to twelve systems during the migration wave.
Microsoft Sentinel was configured as the central security monitoring and incident management layer, operating with typical Endpoint Detection and Response (EDR) capabilities such as continuous endpoint telemetry ingestion, automated alerting, incident correlation, threat hunting, and playbook-driven response automation. The Sentinel deployment was implemented together with Microsoft Defender, Azure Active Directory, and Azure Advisor, all surfaced through Azure Security Center to provide consolidated detection, investigation, and remediation workflows across cloud and endpoint estate.
Operational integration emphasized cloud-native connectivity, with Microsoft Sentinel ingesting signals from Azure platform services and the migrated business application landscape, including the SAP environment and the administrative and technical systems used across the organization. Accenture acted as the implementation partner and worked with Microsoft teams during the assessment and execution phases, forming a joint delivery model that aligned security configuration with the broader application migration schedule and cross-department cutover plans.
Governance changes included establishment of a cloud competence center to validate departmental queries, a company training program for cloud certification, and coordinated change management and communications such as intranet blogs and how-to content to drive adoption. By October 2020 approximately 95 percent of services were operating in Azure, all data was retained in Azure in line with data residency requirements, and the project reported no major malfunctions, business interruptions, or loss of performance during the migration and Sentinel onboarding.
|
 |
Guardian Childcare & Education | Education | 6000 | $552M | Australia | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2020 | n/a |
In 2020, Guardian Childcare & Education deployed Microsoft Sentinel as part of a consolidated security monitoring program, positioning Microsoft Sentinel within the Endpoint Detection and Response (EDR) category to centralize event visibility across its cloud estate. The deployment was situated in the organisation's Azure tenant following a full migration of on premises servers to Microsoft Azure Cloud hosting, aligning security telemetry collection with the cloud migration timeline.
Microsoft Sentinel SIEM was configured to capture and normalize security events from Azure and Microsoft 365, with plans to ingest Meraki network device telemetry to extend detection across campus network segments. Parallel endpoint controls were implemented, including device registration using Azure Endpoint Intune and a Zero trust strategy for Azure user IDs, while code signing for IT scripts and automation preserved integrity of operational tooling.
The security implementation was part of a broader control plane that included Microsoft Purview for data classification and labelling, MAC address filtering for Guardian devices on centre networks, and an internally developed AI chatbot using Microsoft OpenAI and ChatGPT to support childcare centre staff. These components were orchestrated alongside operational tooling changes such as the rollout of a new helpdesk platform, Freshservice, which introduced KPIs and OLAs for cross departmental support and incident escalation.
Governance and operational restructuring accompanied the technical rollout, with IT ownership focused on improving service delivery and Level 2 and Level 3 support capability. Explicit outcomes recorded by the organisation include a CEO survey result showing 92 percent of 134 childcare centre managers rated IT performance as well or very well, and managing organisational growth from 112 to 170 childcare centres while maintaining the same core IT team through automation and process improvements.
|
 |
HSBC | Banking and Financial Services | 212409 | $67.4B | United Kingdom | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2021 | n/a |
In 2021 HSBC deployed Microsoft Sentinel to establish Endpoint Detection and Response (EDR) capabilities within its Azure security environment. The deployment placed Microsoft Sentinel at the center of HSBC security operations for detection, triage and incident orchestration, and involved Azure Security Engineer and Security Controls Lead responsibilities in configuration and oversight.
Microsoft Sentinel was configured to ingest telemetry and security signals, implement analytics rules and threat hunting queries, and orchestrate automated incident response through playbooks and alerting consistent with Endpoint Detection and Response (EDR) functional workflows. Configuration work emphasized detection rule tuning, incident management workflows and threat hunting playbooks, and the implementation referenced Azure DevOps Services for automation of playbook deployment and change management as indicated by project skills.
Operational scope targeted security operations and controls governance, aligning Security Controls Lead responsibilities with policy configuration, workflow handoff between detection and remediation teams, and centralized incident orchestration. The implementation positioned Microsoft Sentinel as the primary application for EDR telemetry and incident orchestration within HSBC s Azure security toolchain. No outcomes, costs, or measurable performance results were provided in the supplied context.
|
 |
Kao | Manufacturing | 32566 | $11.3B | Japan | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2023 | n/a |
In 2023, Kao implemented Microsoft Sentinel as part of its Endpoint Detection and Response (EDR) expansion to align security operations with its K25 initiatives and the global SAP on Azure program. Microsoft Sentinel is positioned as the cloud-native SIEM and EDR application to centralize telemetry and security incident management across Kao's hybrid SAP and surround systems.
The deployment architecture places Microsoft Sentinel in the company Azure tenancy alongside SAP on Azure workloads, Azure NetApp Files backed HANA databases, and Windows and Linux application servers. Configuration focuses on ingesting endpoint telemetry, log analytics, alert correlation, and automated incident playbooks, using Sentinel's built-in detection and orchestration capabilities to standardize threat detection and response across heterogeneous endpoints.
Integrations were implemented with existing Azure services that Kao already uses, including Azure Monitor for system telemetry, Azure Active Directory for identity and single sign on, Azure Backup and Azure Update Management for operational visibility, and ExpressRoute for consistent connectivity to on-premise assets. Sentinel is introduced to monitor the hybrid estate that includes SAP S4HANA instances running on ANF and surround systems such as Azure Synapse Analytics and Azure Data Lake, with telemetry sources consolidated for centralized security operations.
Governance and rollout are being aligned with Kao's global SAP migration program and K25 policy to centralize operations and establish global security governance. The Microsoft Sentinel deployment is framed as part of a broader zero trust and cloud security initiative alongside Microsoft Defender for Cloud, with staged adoption coordinated with regional SAP on Azure rollouts beginning in Asia and extending to Europe, the US, and Japan.
|
 |
|
Government | 2381 | $780M | New Zealand | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2021 | Unify Solutions |
|
|
|
|
Aerospace and Defense | 21000 | $8.0B | United States | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2021 | n/a |
|
|
|
|
Banking and Financial Services | 22000 | $5.0B | United States | Microsoft | Microsoft Sentinel | Endpoint Detection and Response (EDR) | 2021 | n/a |
|
Showing 1 to 8 of 8 entries
Buyer Intent: Companies Evaluating Microsoft Sentinel
ARTW Buyer Intent uncovers actionable customer signals, identifying software buyers actively evaluating Microsoft Sentinel. Gain ongoing access to real-time prospects and uncover hidden opportunities. Companies Actively Evaluating Microsoft Sentinel for Endpoint Detection and Response (EDR) include:
- TeKnowledge US, a United States based Professional Services organization with 350 Employees
- Progress, a United States based Professional Services company with 10 Employees
- Yaskawa America, a United States based Manufacturing organization with 1000 Employees
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated |
|---|---|---|---|---|---|---|
 |
TeKnowledge US | Professional Services | 350 | $40M | United States | 2026-02-06 |
 |
Progress | Professional Services | 10 | $1M | United States | 2026-02-02 |
 |
Yaskawa America | Manufacturing | 1000 | $100M | United States | 2025-11-10 |
|
|
Banking and Financial Services | 7000 | $8.2B | Canada | 2025-10-28 |
|
|
Banking and Financial Services | 93200 | $28.4B | Brazil | 2025-09-11 |
|
|
Retail | 87 | $16M | United Kingdom | 2025-08-27 |
|
|
Professional Services | 20 | $2M | Netherlands | 2025-08-22 |
|
|
Banking and Financial Services | 120 | $15M | United States | 2025-07-16 |
|
|
Insurance | 90000 | $24.5B | United States | 2025-06-23 |
|
|
Education | 139398 | $3.5B | United States | 2025-06-07 |
FAQ - APPS RUN THE WORLD Microsoft Sentinel Coverage
Microsoft Sentinel is a Endpoint Detection and Response (EDR) solution from Microsoft.
Companies worldwide use Microsoft Sentinel, from small firms to large enterprises across 21+ industries.
Organizations such as HSBC, Kao, Peraton, UBS USA and New Zealand Department of Internal Affairs are recorded users of
Microsoft Sentinel for Endpoint Detection and Response (EDR).
Companies using Microsoft Sentinel are most concentrated in Banking and Financial Services, Manufacturing and Aerospace and Defense, with adoption spanning over 21 industries.
Companies using Microsoft Sentinel are most concentrated in United Kingdom, Japan and United States, with adoption tracked across 195 countries worldwide. This global distribution highlights the popularity of Microsoft Sentinel across Americas, EMEA, and APAC.
Companies using Microsoft Sentinel range from small businesses with 0-100 employees - 12.5%, to mid-sized firms with 101-1,000 employees - 12.5%, large organizations with 1,001-10,000 employees - 25%, and global enterprises with 10,000+ employees - 50%.
Customers of Microsoft Sentinel include firms across all revenue levels — from $0-100M, to $101M-$1B, $1B-$10B, and $10B+ global corporations.
Contact APPS RUN THE WORLD to access the full verified Microsoft Sentinel customer database with detailed Firmographics such as industry, geography, revenue, and employee breakdowns as well as key decision makers in charge of Endpoint Detection and Response (EDR).