We performed a comparison between FileAudit and Fortinet FortiSIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."It has a lot of great features."
"The main benefit is the ease of integration."
"The automation feature is valuable."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The pricing of the product is excellent."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Our customer acquires the complete report which is kept for future auditing purposes."
"Alerting upon file changes is the most valuable aspect of the product."
"It is a good and stable solution...It is a scalable solution."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"Real-time monitoring makes life quite easy for me."
"Technical support is helpful."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"Easy alert setup which enables different alerts in different categories."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"The solution is easy to use and user-friendly."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"We are invoiced according to the amount of data generated within each log."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The on-prem log sources still require a lot of development."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The updates management and central management console could be improved."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"I would like to see easier implementation in the future."
FileAudit is ranked 38th in Security Information and Event Management (SIEM) with 3 reviews while Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews. FileAudit is rated 9.0, while Fortinet FortiSIEM is rated 7.6. The top reviewer of FileAudit writes "A scalable SIEM solution for monitoring a user's activity in the file server". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". FileAudit is most compared with ManageEngine File Audit Plus, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
