We performed a comparison between Fortinet FortiSIEM and IBM Watson for Cyber Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It has a lot of great features."
"Free ingestion for Azure logs (with E5 licence)"
"The automation feature is valuable."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The machine learning and artificial intelligence on offer are great."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"The event correlation is pretty robust. The GUI is pretty good."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"The CMDB and the device discovery features are most valuable."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"The customer support is very good."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"IBM Watson for Cyber Security is very stable."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The playbook is a bit difficult and could be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Its training can be improved. Its price also needs to be improved."
"There could be more AI features included in the product."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"FortiSIEM could be better integrated with other vendors."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"The dashboard could improve in IBM Watson for Cyber Security."
"In the future, I would like to see threat intelligence included."
"This is an expensive product, so making it more cost-effective would be an improvement."
"They need to continue to build the AI capabilities."
More IBM Watson for Cyber Security Pricing and Cost Advice →
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews. Fortinet FortiSIEM is rated 7.6, while IBM Watson for Cyber Security is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
