We performed a comparison between Fortinet FortiSOAR and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The analytic rule is the most valuable feature."
"The main benefit is the ease of integration."
"We have no complaints about the features or functionality."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Free ingestion for Azure logs (with E5 licence)"
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"The solution is easy to implement and includes 450 built-in connectors."
"The initial setup is straightforward."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"We use the product for security."
"Fortinet FortiSOAR is a very interactive and user-friendly solution."
"The detection response and quarantining are very good features."
"They're highly stable in comparison with other solutions I have."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"The most valuable features are the threat-hunting and the batch console."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The solution does very well as a baseline EDR and provides good process-level management."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"I think the number one area of improvement for Sentinel would be the cost."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"The area that needs improvement is integration with multiple third-party vendors."
"The solution’s pricing could be improved."
"The technology and integrations are important so should continue to be enhanced."
"Technical support could be improved."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"Fortinet's tech support overall is not great when they are at their best."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"Additionally, it is complex to use, and the pricing should be improved."
"The solution can only handle about 500 bans or blocks."
"The threat intelligence feed could use some fine tweaking."
"The dashboard should be more user-friendly."
"The cloud console has a lot of bugs and issues in the analysis part."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"It's not simple."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 12 reviews while VMware Carbon Black Cloud is ranked 3rd in Security Incident Response with 18 reviews. Fortinet FortiSOAR is rated 7.4, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and Cisco SecureX, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Rapid7 InsightIDR and Splunk SOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.