We performed a comparison between Fortinet FortiSOAR and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The product can integrate with any device."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The initial setup is straightforward."
"It has a quick detection and response time."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"The reputation of the brand is very good."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The solution is easy to implement and includes 450 built-in connectors."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total."
"The solution is extremely scalable."
"It has intelligent learning behind it and we have been very successful in preventing attacks."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"The product is pretty strong in terms of security and their features are very good in that respect."
"The EDR and reports were helpful in improving our organization."
"The software uses very few resources; it is almost invisible to the end user."
"Carbon Black Cb Defense improved our endpoint level security. It helped to identify endpoint and infrastructure loopholes."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"We are invoiced according to the amount of data generated within each log."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR should improve its analysis."
"The solution doesn't connect well with the network devices."
"Technical support could be improved."
"Fortinet FortiSOAR should add more documentation for some use cases."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"The technology and integrations are important so should continue to be enhanced."
"The product's stability could be improved."
"There is room for improvement in the support and service team."
"This product should be cheaper."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"Adding an application and a device control feature would be a great help for this solution."
"The device control feature could also be compatible with the user’s profile as well."
"The initial setup is complex."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while VMware Carbon Black Endpoint is ranked 13th in EPP (Endpoint Protection for Business) with 61 reviews. Fortinet FortiSOAR is rated 7.4, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Swimlane and D3 Security, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trellix Endpoint Security.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.