We performed a comparison between Fortinet FortiSOAR and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The reputation of the brand is very good."
"It has a quick detection and response time."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"It's great that the solution is integrated with FortiAnalyzer."
"The solution is easy to implement and includes 450 built-in connectors."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"The product is quite easy to use."
"I have found the solution very useful, it integrates well with other platforms."
"The solution is easy to deploy."
"It is a scalable solution."
"It’s easy to install."
"The automation is excellent."
"They have a portal where you can find any kind of integration that you need."
"The solution could be more user-friendly; some query languages are required to operate it."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The solution should allow for a streamlined CI/CD procedure."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Fortinet's tech support overall is not great when they are at their best."
"The area that needs improvement is integration with multiple third-party vendors."
"Technical support could be improved."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet FortiSOAR should improve its analysis."
"The solution doesn't connect well with the network devices."
"Fortinet FortiSOAR should add more documentation for some use cases."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"The solution's technical support could be better."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"We need a little hands-on experience to install the solution."
"The user interface could be a bit better."
"The solution is very expensive."
"The integration could be better. Cortex, for example, does not work with iPhone."
"There is room for improvement in terms of the pricing model."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 39 reviews. Fortinet FortiSOAR is rated 7.4, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". Fortinet FortiSOAR is most compared with Splunk SOAR, Swimlane, ServiceNow Security Operations, Cisco SecureX and Siemplify, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Swimlane, IBM Resilient and ServiceNow Security Operations. See our Fortinet FortiSOAR vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.