We performed a comparison between Fortinet FortiSOAR and Secureworks Red Cloak Threat Detection and Response [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"It has basic out-of-the-box integrations with multiple log sources."
"The pricing of the product is excellent."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"It's great that the solution is integrated with FortiAnalyzer."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"We use the product for security."
"It has a quick detection and response time."
"The initial setup is straightforward."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"The solution is easy to implement and includes 450 built-in connectors."
"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
More Secureworks Red Cloak Threat Detection and Response [EOL] Pros →
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The only thing is sometimes you can have a false positive."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"Fortinet's tech support overall is not great when they are at their best."
"The solution doesn't connect well with the network devices."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"Fortinet FortiSOAR should improve its analysis."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"Technical support could be improved."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"There are some automated network response portions that we want to turn up."
More Secureworks Red Cloak Threat Detection and Response [EOL] Cons →
Earn 20 points
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while Secureworks Red Cloak Threat Detection and Response [EOL] doesn't meet the minimum requirements to be ranked in Security Orchestration Automation and Response (SOAR). Fortinet FortiSOAR is rated 7.4, while Secureworks Red Cloak Threat Detection and Response [EOL] is rated 8.0. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of Secureworks Red Cloak Threat Detection and Response [EOL] writes "Simple deployment with good reports and dashboard". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and D3 Security, whereas Secureworks Red Cloak Threat Detection and Response [EOL] is most compared with VMware Carbon Black Endpoint, Cisco SecureX, Splunk SOAR and VMware Carbon Black Cloud.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.