We performed a comparison between DFLabs IncMan SOAR and Fortinet FortiSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."It has a lot of great features."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The UI-based analytics are excellent."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The vendors themselves will actually help with any customizations a client may require"
"We use the product for security."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The solution is easy to implement and includes 450 built-in connectors."
"The initial setup is straightforward."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The troubleshooting has room for improvement."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The support is not 24/7."
"Technical support could be improved."
"The technology and integrations are important so should continue to be enhanced."
"The solution doesn't connect well with the network devices."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR should add more documentation for some use cases."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"Fortinet FortiSOAR should improve its analysis."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews. DFLabs IncMan SOAR is rated 0.0, while Fortinet FortiSOAR is rated 7.4. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". DFLabs IncMan SOAR is most compared with IBM Resilient and Palo Alto Networks Cortex XSOAR, whereas Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and D3 Security.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.