We performed a comparison between Fortinet FortiSIEM and Securonix Next-Gen SIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Securonix Next-Gen SIEM offers multiple advanced features, such as Spotter for in-depth search and analysis and extensive customization options. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring. Securonix users highlighted the need for greater flexibility in modifying reports and templates and improved analytics and visualization.
Service and Support: Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable. Securonix has been praised for its effective support and timely problem resolution.
Ease of Deployment: Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time. Some users found the Securonix Next-Gen SIEM setup to be straightforward, but others found it complex.Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions.
Pricing: FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets. Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions.
ROI: Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses. Users say Securonix Next-Gen SIEM offers a significant return on investment by streamlining infrastructure management and enhancing overall efficiency.
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"It's pretty powerful and its performance is pretty good."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"FortiSIEM's best features are the dashboards and customization."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"Both the collecting logs and duo correlation are valuable features for us."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"It is used as an alerting platform."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"Fortinet FortiSIEM is easy to use."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"The most valuable feature is what Securonix calls enrichment. Securonix is very powerful because of all the data it can process and automatically enrich. The actionable intelligence it provides is one of its benefits, due to the processing capacity it has."
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"One key area that can be improved is by building a strong integration with our XDR platform."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The dashboard needs to improve."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"Its training can be improved. Its price also needs to be improved."
"The log collection and configuration management are not great."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Patching is not great - we're not getting the support we'd expect."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"One aspect that could be improved is the pricing of the product in Brazil."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"We would like to see better integration with other products."
"The solution could provide more automation."
"Other than issues with the training, there have been issues with the encryption. There have also been issues with some of the reporting, minor glitches that they have fixed as they've gone along."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews. Fortinet FortiSIEM is rated 7.6, while Securonix Next-Gen SIEM is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and One Identity Safeguard. See our Fortinet FortiSIEM vs. Securonix Next-Gen SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.