We performed a comparison between DFLabs IncMan SOAR and Fortinet FortiSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The features that stand out are the detection engine and its integration with multiple data sources."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The vendors themselves will actually help with any customizations a client may require"
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The solution is easy to implement and includes 450 built-in connectors."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"We use the product for security."
"It's great that the solution is integrated with FortiAnalyzer."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The reporting could be more structured."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"Sentinel's reporting is complex and can be more user-friendly."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The support is not 24/7."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet FortiSOAR should add more documentation for some use cases."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"The solution doesn't connect well with the network devices."
"Technical support could be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"Fortinet FortiSOAR should improve its analysis."
"Fortinet FortiSOAR's dashboard is not easy to understand."
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews. DFLabs IncMan SOAR is rated 0.0, while Fortinet FortiSOAR is rated 7.4. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". DFLabs IncMan SOAR is most compared with IBM Resilient and Palo Alto Networks Cortex XSOAR, whereas Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and D3 Security.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.