We performed a comparison between FileAudit and Fortinet FortiSIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Alerting upon file changes is the most valuable aspect of the product."
"Our customer acquires the complete report which is kept for future auditing purposes."
"It is a good and stable solution...It is a scalable solution."
"FortiSIEM is a great tool for making security processes transparent."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The only thing is sometimes you can have a false positive."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The updates management and central management console could be improved."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"I would like to see easier implementation in the future."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"The backup and recovery process for this solution needs improvement."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"Network detection and response is a separate product."
FileAudit is ranked 38th in Security Information and Event Management (SIEM) with 3 reviews while Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews. FileAudit is rated 9.0, while Fortinet FortiSIEM is rated 7.6. The top reviewer of FileAudit writes "A scalable SIEM solution for monitoring a user's activity in the file server". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". FileAudit is most compared with ManageEngine File Audit Plus, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
