We performed a comparison between Fortinet FortiSIEM and Statseeker based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The analytic rule is the most valuable feature."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"It's pretty powerful and its performance is pretty good."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"We find the solution to be stable."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"FortiSIEM's log correlation is good."
"It works well with medium to large-scale enterprises."
"The most valuable features are scalability and reliability."
"The most important feature for us is the interface statistics, because our customer normally asks us for bandwidth utilization reports. Statseeker has very descriptive transmit and receive information."
"We were having some issues with a certain site, and it was only Statseeker that showed us what the problem was."
"Key features for us are custom reporting, 95th Percentile, and trend lines."
"We are a smaller enterprise, but we're watching approximately fifteen-thousand switchboards with no problem at all."
"The most important feature is just the fact that it doesn't aggregate the information up, and I can look at detailed information going back quite a long time."
"This solution has helped us to proactively identify issues and push some of those fixes down to tier one."
"Whether it is a down network switch or a down router, we can get back online faster for the customers."
"I would like to be able to monitor applications outside of the Azure Cloud."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"Its training can be improved. Its price also needs to be improved."
"Network detection and response is a separate product."
"I would like to see more integration with other platforms."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"I would like the ability to update the dashboard. I would also like the ability to access via an API. Then I could produce a dashboard that my C level can understand. This is just so they can go and refresh whenever they want to and see what things look like."
"It doesn't do absolutely everything and it will require some additional software or hardware support to be a complete single solution."
"Detailed data can be hard to extract in CSV form. Sometimes, being able to dump down raw data would be good so various time periods across a longer period could be analysed. At present, data can be presented within Statseeker, but there is lots of "white space" between data points."
"It would be very nice to have the Cisco ACI option included in the regular license."
"I would like to see more comprehensive reporting and alerting."
"This solution would be improved with better automatic discovery for ping-only devices."
"I would like to have soft alarming. If an inner-base all of a sudden triggers a threshold, we have to rely on a lot of other tools and then we go into Statseeker to verify it. If Statseeker would confirm it preemptively and trigger it into our network panel, that would be nice."
"It may be helpful to have more options in the alerting section."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Statseeker is ranked 64th in Network Monitoring Software with 38 reviews. Fortinet FortiSIEM is rated 7.6, while Statseeker is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Statseeker writes "Simplifies monitoring and provides real-time alerts for issues we might not immediately be aware of otherwise". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Statseeker is most compared with . See our Fortinet FortiSIEM vs. Statseeker report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
