We performed a comparison between Fortinet FortiSIEM and Nmap based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel pricing is good"
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"It's pretty powerful and its performance is pretty good."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Log aggregation and data connectors are the most valuable features."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"It is used as an alerting platform."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"The event correlation is pretty robust. The GUI is pretty good."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"Real-time monitoring makes life quite easy for me."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"Nmap is easy to use. It's a command-line interface, and the output is quite good."
"Nmap is mostly helpful during compliance checks. We run the scanner to see how many devices are on our network and find vulnerabilities in those that aren't compliant. We also use it monthly to scan our network and identify devices that aren't connected properly. This helps us detect any issues related to the operating systems of these devices."
"Nmap has a powerful command line tool and a set of diagnostic features."
"The most important function, according to me, is the capability to use some arguments in the scanning. The solution's capability to go figure and do a deep dive, discovering information on specific aspects."
"Nmap's performance is great, and I've never noticed any issues in this respect. It really doesn't put a heavy load on the machine when using it."
"The best feature of Nmap is that it lets me see useful information about each endpoint in my entire network environment. For example, I can see every single connection of the network as well as each and every port."
"The initial setup was simple."
"The scanning procedure includes UDP ports which sets it apart from competitors."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Network detection and response is a separate product."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"There is no proper guide for integration or configuration."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"The backup and recovery process for this solution needs improvement."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"There could be more AI features included in the product."
"The challenge often lies in finding suitable courses and professional resources."
"Nmap major operates through the CLI; there's no GUI component, and that's where the challenge is."
"Customization is not very user-friendly in Nmap."
"It takes a bit of time to get familiar with the solution and its options."
"The solution's initial setup could be better."
"The solution should increase the number of features under a free license."
"There could be a specific option to check non-pingable endpoints for the product."
"One of the drawbacks of the standard Nmap utility is that it does not come with a graphical user interface, unlike a number of other open-source alternatives such as Zenmap."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Nmap is ranked 19th in Network Monitoring Software with 20 reviews. Fortinet FortiSIEM is rated 7.6, while Nmap is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Nmap writes " Improves network monitoring and offers insights into traffic, including VPNs". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Nmap is most compared with Azure Network Watcher, SolarWinds NPM, SolarWinds NetFlow Traffic Analyzer, Zabbix and Domotz.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.