We performed a comparison between Fortinet FortiSOAR and Proofpoint Threat Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The Log analytics are useful."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The reputation of the brand is very good."
"It has a quick detection and response time."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"It's great that the solution is integrated with FortiAnalyzer."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The initial setup is straightforward."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so."
"Support is very responsive."
"The best part of Proofpoint Threat Response is the Auto-Pull feature. Being able to pull an email back from a user's mailbox is very useful, yet I have noticed that not a lot of organizations use this kind of feature."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The product can be improved by reducing the cost to use AI machine learning."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"There is room for improvement in entity behavior and the integration site."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Technical support could be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet's tech support overall is not great when they are at their best."
"The area that needs improvement is integration with multiple third-party vendors."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"If the reporting gets improved then it would be better, but the product is running amazing as it is."
"Has some quirks."
"The interface within Threat Response could be made simpler."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while Proofpoint Threat Response is ranked 5th in Security Incident Response with 3 reviews. Fortinet FortiSOAR is rated 7.4, while Proofpoint Threat Response is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of Proofpoint Threat Response writes "Tracks and mitigates email security incidents with Auto-Pull, and has good stability and performance". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, Cisco SecureX and SECDO Platform, whereas Proofpoint Threat Response is most compared with Cofense Triage and ServiceNow Security Operations.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.