We performed a comparison between Fortinet FortiSOAR and IBM Resilient based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has basic out-of-the-box integrations with multiple log sources."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The pricing of the product is excellent."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The connectivity and analytics are great."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"We use the product for security."
"It's great that the solution is integrated with FortiAnalyzer."
"Fortinet FortiSOAR is a very interactive and user-friendly solution."
"It has a quick detection and response time."
"The solution is easy to implement and includes 450 built-in connectors."
"The initial setup is straightforward."
"The reputation of the brand is very good."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The solution is very easy to use."
"It is a stable solution...It is a scalable solution."
"The UBA, User Behavior Analytics, is very good."
"This is a good solution that we recommend for customers."
"IBM Resilient is scalable."
"The most valuable thing about it is how easy it is to navigate the user interface."
"The solution is easy to use."
"The solution is simple to use and to integrate with IBM QRadar."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The playbook is a bit difficult and could be improved."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"The only thing is sometimes you can have a false positive."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The solution doesn't connect well with the network devices."
"The solution’s pricing could be improved."
"Fortinet's tech support overall is not great when they are at their best."
"The area that needs improvement is integration with multiple third-party vendors."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The product needs a bit more development."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"IBM Resilient is quite complex, including its configuration."
"Its price needs improvement."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"The implementation could be a bit simpler."
"The ability to analyze incidents needs to be improved in the solution."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 12 reviews while IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews. Fortinet FortiSOAR is rated 7.4, while IBM Resilient is rated 7.6. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, Cisco SecureX and SECDO Platform, whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Security QRadar and IBM Cloud Pak for Security. See our Fortinet FortiSOAR vs. IBM Resilient report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.