We performed a comparison between Fortinet FortiSIEM and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time. The initial setup for USM Anywhere is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets. USM Anywhere is seen as more cost-effective than premium solutions like IBM QRadar and Splunk, with pricing considered reasonable and relatively low.
ROI: Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses. USM Anywhere has garnered favorable feedback regarding its ROI.
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"It is used as an alerting platform."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"FortiSIEM's log correlation is good."
"The stability is very reliable. It offers very good performance."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"It works well with medium to large-scale enterprises."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"The most valuable feature of this solution is security management for PCI DSS."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The solution should allow for a streamlined CI/CD procedure."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"I think the number one area of improvement for Sentinel would be the cost."
"The solution could be more user-friendly; some query languages are required to operate it."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"I would like to see more integration with other platforms."
"There could be more AI features included in the product."
"The solution's interface could be modernized and improved."
"This solution could be easier to use."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"As this software is in the cloud, you do not have control on updates and general changes which are happening."
"The dashboard could be improved as well as the level of customization."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Fortinet FortiSIEM is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Elastic Security. See our Fortinet FortiSIEM vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
