We performed a comparison between Fortinet FortiSOAR and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The pricing of the product is excellent."
"The Log analytics are useful."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The initial setup is very simple and straightforward."
"The reputation of the brand is very good."
"The solution is easy to implement and includes 450 built-in connectors."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"We use the product for security."
"It has a quick detection and response time."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Integration and scalability are the most valuable."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"They're highly stable in comparison with other solutions I have."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The product can be improved by reducing the cost to use AI machine learning."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Technical support could be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"The technology and integrations are important so should continue to be enhanced."
"The solution doesn't connect well with the network devices."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"The area that needs improvement is integration with multiple third-party vendors."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The threat intelligence feed could use some fine tweaking."
"Training and education for both partner and customer, including product marketing need to be improved."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"One area for improvement is the maturity of its vulnerability features."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. Fortinet FortiSOAR is rated 7.4, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and D3 Security, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Splunk SOAR and Palo Alto Networks Cortex XSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.