We performed a comparison between IBM Security QRadar and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.
Comparison Results: Our users prefer IBM Security QRadar over Fortinet FortiSIEM. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"FortiSIEM's best features are the dashboards and customization."
"The most valuable feature is the anomaly-reporting alarms."
"It works well with medium to large-scale enterprises."
"The event correlation is pretty robust. The GUI is pretty good."
"The Threat Hunting feature provides complete traffic analysis."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"Both the collecting logs and duo correlation are valuable features for us."
"The solution’s IP database is awesome."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."
"A nice benefit is when we go to the process of selecting our youth cases, they go by building blocks. QRadar links it to building blocks."
"Search capabilities are sufficient for most tasks."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It is a scalable solution."
"We've found the solution to be scalable."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"Not very good on non-API features, lacks that functionality."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"FortiSIEM is not a market leader in the SIEM space."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Patching is not great - we're not getting the support we'd expect."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Dashboards and reports could provide better visualization of SIEM activity."
"The quoting and the dashboard session could be improved. It should be more user-friendly."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"I need a solution which will send alerts in the event of any behavior."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. Fortinet FortiSIEM is rated 7.6, while IBM Security QRadar is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fortinet FortiSIEM is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ArcSight Logger. See our Fortinet FortiSIEM vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.