• Home
  • Elastic Security vs. Fortinet FortiSIEM

Elastic Security vs Fortinet FortiSIEM comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
Elastic Logo

Elastic Security

Read 58 Elastic Security reviews
15,439 views|12,697 comparisons
86% willing to recommend
Fortinet Logo

Fortinet FortiSIEM

Read 63 Fortinet FortiSIEM reviews
7,467 views|4,053 comparisons
81% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Security vs. Fortinet FortiSIEM
March 2024
Executive Summary
Updated on Jul 20, 2023

We performed a comparison between Elastic Security and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.

  • Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.

  • Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.

  • Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.

  • ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.

Conclusion: Elastic Security provides greater flexibility and customization options, enabling users to easily access logs from various sources and adapt the system to their specific requirements. Users highly appreciate the search functionality, machine learning capabilities, and the ability to build their own system using the open-source ELK framework. The solution is praised for its stability, reliability, and scalability, with helpful troubleshooting documentation available. However, there are mixed opinions about the customer service and support, with some users encountering difficulties in communication and experiencing longer resolution times.
To learn more, read our detailed Elastic Security vs. Fortinet FortiSIEM Report (Updated: March 2024).
Download the complete report
768,415 professionals have used our research since 2012.
Featured Review
Anonymous User
Easy to integrate, offers good documentation, and the setup is simple
The main benefit is the ease of integration. Having a cloud-based SIEM means scalability. We also received very good support and documentation from... Read more →
Don Jarmon
A stable and scalable tool that provides visibility along with the consolidation of logs to its users
Elastic Security has allowed my organization to have visibility with the consolidation of the logs while also providing it the ability to be able... Read more →
Anonymous User
Simple implementation, good performance, but scalability lacking
Fortinet FortiSIEM has helped our organization by providing us with business monitoring.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it.""The main benefit is the ease of integration.""Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment.""What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part.""The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects.""Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications.""I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."

More Microsoft Sentinel Pros →

"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash.""Elastic is straightforward, easy to integrate, and highly customizable.""It's simple and easy to use.""The feature that we have found the most valuable is scalability.""The scalability is good. It can be scaled easily in the production environment.""ELK is open-source, and it will give you the framework you need to build everything from scratch.""Stability-wise, I rate the solution a ten out of ten.""The most valuable feature is the speed, as it responds in a very short time."

More Elastic Security Pros →

"The seamless integration with FortiGate is the solution's most valuable aspect.""Real-time monitoring makes life quite easy for me.""Fortinet FortiSIEM is less costly than other products and is available 24/7.""This solution offers extensive customization options, making it possible to adapt it precisely to their requirements.""The primary valuable feature is that it has replaced a whole lot of other products with one platform.""Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same.""Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses.""The solution’s IP database is awesome."

More Fortinet FortiSIEM Pros →

Cons
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities.""We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details.""They could use some kind of workbook. There is some limitation doing the editing and creating the workbook.""Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."

More Microsoft Sentinel Cons →

"The interface could be more user friendly because it is sometimes hard to deal with.""The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there.""It could use maybe a little more on the Linux side.""The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.""The tool should improve its scalability.""The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.""I would like the process of retrieving archived data and viewing it in Kibana to be simplified.""The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."

More Elastic Security Cons →

"They should enhance the solution's AI capabilities, including XDR and EDR.""With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk.""When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement.""FortiSIEM is not a market leader in the SIEM space.""The graphs on the user interface could be improved as we often experience glitches.""If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it.""Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information.""Its training can be improved. Its price also needs to be improved."

More Fortinet FortiSIEM Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."

    • More Elastic Security Pricing and Cost Advice →

  • "Please be cheaper and more simplified."
  • "We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
  • "Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
  • "Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
  • "The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
  • "They have a yearly subscription."
  • "The solution is available for both, perpetual and subscription licenses."
  • "Manageable, however would be better as pay as you go versus CapEX."

    • More Fortinet FortiSIEM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    768,415 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    Datadog vs ELK: which one is good in terms of performance, cost and effic...
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Read all 7 answers   →
    What do you like most about Elastic Security?
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Elastic Security?
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Read all 18 answers   →
    What do you like most about Fortinet FortiSIEM?
    Top Answer:Real-time monitoring makes life quite easy for me.
    Read all 36 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiSIEM?
    Top Answer:The price is competitive. We can scale based on the licensing. It is an annual CapEx.
    Read all 23 answers   →
    What needs improvement with Fortinet FortiSIEM?
    Top Answer:Network detection and response is a separate product. That's how I ended up with Wazuh. I'm looking for something to… more »
    Read all 36 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Elastic SIEM, ELK Logstash
    FortiSIEM, AccelOps
    Learn More
    Microsoft
    Elastic
    Fortinet
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

    Companies around the world use FortiSIEM for the following use cases:

    • Threat management and intelligence that provide situational awareness and anomaly detection
    • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
    • Managing “alert overload”
    • Handling the “too many tools” reporting issue
    • Addressing the MSPs/MSSPs pain of meeting service level agreements
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company25%
    Healthcare Company13%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm12%
    Computer Software Company10%
    Media Company10%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Comms Service Provider10%
    Government9%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business60%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business42%
    Midsize Enterprise25%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise17%
    Large Enterprise53%
    Buyer's Guide
    Elastic Security vs. Fortinet FortiSIEM
    March 2024
    Free Report: Elastic Security vs. Fortinet FortiSIEM
    Find out what your peers are saying about Elastic Security vs. Fortinet FortiSIEM and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,415 professionals have used our research since 2012.

    Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 58 reviews while Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews. Elastic Security is rated 7.6, while Fortinet FortiSIEM is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes. See our Elastic Security vs. Fortinet FortiSIEM report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.