We performed a comparison between Fortinet FortiSOAR and Siemplify based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The UI-based analytics are excellent."
"The initial setup is very simple and straightforward."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"We use the product for security."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"It has a quick detection and response time."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"The solution is easy to implement and includes 450 built-in connectors."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"The most valuable feature of Siemplify is the playbooks that can be created."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The only thing is sometimes you can have a false positive."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The solution doesn't connect well with the network devices."
"Fortinet FortiSOAR should add more documentation for some use cases."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR should improve its analysis."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"The area that needs improvement is integration with multiple third-party vendors."
"Technical support could be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while Siemplify is ranked 14th in Security Orchestration Automation and Response (SOAR) with 3 reviews. Fortinet FortiSOAR is rated 7.4, while Siemplify is rated 8.6. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of Siemplify writes "Great for reporting and ticketing for SOC MxDR client environments and has a great, supportive community". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Swimlane and Cynet, whereas Siemplify is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations and Swimlane. See our Fortinet FortiSOAR vs. Siemplify report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.