We performed a comparison between Fortinet FortiSIEM and Tenable SecurityCenter Continuous View [EOL] based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"FortiSIEM's best features are the dashboards and customization."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"FortiSIEM's log correlation is good."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"Through porting, we can see how the improvement is happening over a period of time. We can see the overall scenario from the last year, where were we were and where we currently stand."
"The first of the valuable features is how easy it is to access all of the information that's gathered from the assessments... With a lot of other technologies, like Rapid7, if you're using Nexpose you effectively have to be a DBA to get some of the lower-level results from the scans. And Qualys wasn't very intuitive."
"We can manage everything with only a single console on the Tenable SecurityCenter. We can pull and define the policy. We can perform every task on the Tenable SecurityCenter."
"The scanning itself is really the core of the tool, and it's what we're most interested in."
"The next big one is supportability. In a large enterprise, we have many types of technologies. The technology we previously had didn't even support authentication to a lot of those technologies."
"The only thing is sometimes you can have a false positive."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"I think the number one area of improvement for Sentinel would be the cost."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Its training can be improved. Its price also needs to be improved."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"I would like to see easier implementation in the future."
"Customer support service could be better."
"The backup and recovery process for this solution needs improvement."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"The graphs on the user interface could be improved as we often experience glitches."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"There are certain circumstances where they may have found a vulnerable service and they just removed the service completely from the device because nobody was using it. There's no way to go into SecurityCenter and mark it, to say, "This is no longer an issue. It doesn't exist anymore." Or, "The risk was accepted for one year, so let's not report it as 'high' until that one year period is done." The handling of operational flow around vulnerability management could be improved."
"When it comes to... dynamic application scanning, I think they are lagging behind the curve. They have a lackluster solution, to the point where I think they need to determine, as a company, whether or not that's a space they even want to play in."
"One area which is missing is cloud security because there are a lot of configurations. Rapid7 has a product called a DV cloud. I would like to have a similar kind of solution and feature."
"In terms of what could be improved, some customers have a problem with SecurityCenter's ticket system. If I want them to assign one of the issues, they may want to assign someone to it or to assign it somewhere else and I may want to break up the ticket."
More Tenable SecurityCenter Continuous View [EOL] Pricing and Cost Advice →
Earn 20 points
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Tenable SecurityCenter Continuous View [EOL] doesn't meet the minimum requirements to be ranked in Security Information and Event Management (SIEM). Fortinet FortiSIEM is rated 7.6, while Tenable SecurityCenter Continuous View [EOL] is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Tenable SecurityCenter Continuous View [EOL] writes "Provides the best network-based vulnerability scanning, but the dynamic scanning is lackluster". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Tenable SecurityCenter Continuous View [EOL] is most compared with . See our Fortinet FortiSIEM vs. Tenable SecurityCenter Continuous View [EOL] report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
