We performed a comparison between Logpoint and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Logpoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Logpoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.
Service and Support: Logpoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.
Ease of Deployment: Logpoint's initial setup can be complex and time-consuming or fast and easy, depending on the user's experience and the organization’s size. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.
Pricing: Logpoint's fixed pricing model is seen as cost-effective and competitive. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.
ROI: Logpoint makes costs more predictable and enables companies to generate revenue through security operation services. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.
"It has basic out-of-the-box integrations with multiple log sources."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The UI-based analytics are excellent."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."
"FortiSIEM is a great tool for making security processes transparent."
"The solution is easy to use and user-friendly."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"The solution's user interface is quite simple, and the integration is better than other products."
"Log collection, dashboards and reporting are good."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"Technical support is responsive and very friendly."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The only thing is sometimes you can have a false positive."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"Network detection and response is a separate product."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"Patching is not great - we're not getting the support we'd expect."
"Customer support service could be better."
"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"Log management could be better because transporting the log from a password to the client system takes time."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"LogPoint must find a way to integrate the servers without agents."
"It is a good product, but its interface or GUI could be better."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Logpoint is ranked 24th in Security Information and Event Management (SIEM) with 20 reviews. Fortinet FortiSIEM is rated 7.6, while Logpoint is rated 7.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and Splunk Enterprise Security. See our Fortinet FortiSIEM vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.