We performed a comparison between Fortinet FortiSOAR and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The main benefit is the ease of integration."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"It's pretty powerful and its performance is pretty good."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The initial setup is straightforward."
"It has a quick detection and response time."
"The solution is easy to implement and includes 450 built-in connectors."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"Fortinet FortiSOAR is a very interactive and user-friendly solution."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"It's great that the solution is integrated with FortiAnalyzer."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"The solution does very well as a baseline EDR and provides good process-level management."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The most valuable features are the threat-hunting and the batch console."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Technical support could be improved."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"The area that needs improvement is integration with multiple third-party vendors."
"The technology and integrations are important so should continue to be enhanced."
"The solution doesn't connect well with the network devices."
"Fortinet FortiSOAR should add more documentation for some use cases."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The cloud console has a lot of bugs and issues in the analysis part."
"One area for improvement is the maturity of its vulnerability features."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"The solution's support could be improved."
"The dashboard should be more user-friendly."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 12 reviews while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. Fortinet FortiSOAR is rated 7.4, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and SECDO Platform, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Splunk SOAR and Rapid7 InsightIDR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.