Fortinet FortiSIEM vs Microsoft Defender XDR comparison

The compared Fortinet and Microsoft solutions aren't in the same category. Fortinet is ranked #7 in SIEM , with an average rating of 8.1, and holds a 3.3% mindshare in the category. Microsoft is ranked #3 in XDR , with an average rating of 8.4, and holds a 6.5% mindshare. Additionally, 82% of Fortinet users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

Fortinet FortiSIEM

Read 74 Fortinet FortiSIEM reviews

4,249 Views
2,539 Comparison Views

82% willing to recommend

Microsoft Defender XDR

Read 101 Microsoft Defender XDR reviews

7,288 Views
3,834 Comparison Views

97% willing to recommend

Fortinet FortiSIEM

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Fortinet FortiSIEM and Microsoft Defender XDR based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortinet FortiSIEM vs. Microsoft Defender XDR Report (Updated: May 2023).

Buyer's Guide

Fortinet FortiSIEM vs. Microsoft Defender XDR

May 2023

Download the complete report

Helped 858,435 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiSIEM

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (7th)

Microsoft Defender XDR

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

101

Ranking in other categories

Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (3rd), Microsoft Security Suite (3rd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Fortinet FortiSIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.3%, up 3.0% compared to last year.
Microsoft Defender XDR, on the other hand, focuses on Extended Detection and Response (XDR), holds 6.5% mindshare, down 7.8% since last year.

Security Information and Event Management (SIEM)

Extended Detection and Response (XDR)

Featured Reviews

Oliver Jackson

Network Engineer at Laminar Communications Pty Ltd

Systems monitoring enhanced by firewall and intrusion detection features

My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification. My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."

"Real-time monitoring makes life quite easy for me."

"The product is quite well-organized. The GUI makes it easy to navigate."

"The most valuable feature is auto-discovery. When you send logs from any device to port 514, it helps register those devices automatically."

"The solution’s IP database is awesome."

"The product's initial setup phase was easy."

"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."

"These aspects make Fortinet FortiSIEM a valuable choice."

More Fortinet FortiSIEM pros

"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."

"Its most significant advantage lies in its affordability."

"The comprehensiveness of Microsoft's threat detection is good."

"Microsoft Defender is stable."

"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."

"The integration, visibility, vulnerability management, and device identification are valuable."

"I rate Microsoft Defender XDR 10 out of 10."

"Based on what I've seen with Microsoft Defender XDR and the large amount of threat data Microsoft has access to, I'm confident I would trust Microsoft Security to handle the majority of all our threats from any threat actor who's essentially putting our company at risk."

More Microsoft Defender XDR pros

Cons

"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."

"We need to see incident reports about the event log, without events from the administrator or through human interaction."

"Fortinet FortiSIEM could improve to extend to several locations or sites."

"They should enhance the solution's AI capabilities, including XDR and EDR."

"I would like to see more integration with other platforms."

"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."

"There could be more AI features included in the product."

"The tool's technical team's response time is too high, and they are not available even when they know that there are many pending issues."

More Fortinet FortiSIEM cons

"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."

"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."

"The tool gives inconsistent answers and crashes a lot."

"We should be able to use the product on devices like Apple, Linux, etc."

"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."

"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."

"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"We pay for a license for FortiSIEM. We pay for the license and renewal."

"Please be cheaper and more simplified."

"Fortinet FortiSIEM is cheaper compared to other products."

"The price of Fortinet FortiSIEM was reasonable compared to other solutions."

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."

"The price is competitive."

"The tool is really expensive. For what the tool does for our team, the price is fair."

"They have a yearly subscription."

More Fortinet FortiSIEM pricing and cost advice

"Microsoft Defender XDR is priced high."

"On average, we pay around 55 euros per user for the services and features we receive."

"Microsoft Defender XDR is expensive."

"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."

"The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."

"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."

"Understanding the subscription model has been a bit challenging, as every feature or requirement comes with an additional cost."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

858,435 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Government

Comms Service Provider

Computer Software Company

17%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.

See all answers

What needs improvement with Fortinet FortiSIEM?

Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing for Microsoft Sentinel operates on a pay-as-you-go model based on data ingestion. I recall that Defender XDR pricing is based on the number of endpoints.

See all answers

What needs improvement with Microsoft 365 Defender?

For Microsoft Defender XDR ( /categories/extended-detection-and-response-xdr ), there is currently no ability to reset passwords for on-premises accounts, which is a key challenge. Incident managem...

See all answers

Comparisons

Wazuh vs Fortinet FortiSIEM

Compared 13% of the time

IBM Security QRadar vs Fortinet FortiSIEM

Compared 12% of the time

Splunk Enterprise Security vs Fortinet FortiSIEM

Compared 9% of the time

LogRhythm SIEM vs Fortinet FortiSIEM

Compared 7% of the time

Microsoft Sentinel vs Fortinet FortiSIEM

Compared 6% of the time

More Fortinet FortiSIEM Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 15% of the time

Wazuh vs Microsoft Defender XDR

Compared 10% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 10% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

Fortinet FortiSIEM

June 2025

Download Fortinet FortiSIEM product report

Buyer's Guide

Microsoft Defender XDR

June 2025

Download Microsoft Defender XDR product report

Also Known As

FortiSIEM, AccelOps

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

Fortinet

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

Fortinet FortiSIEM vs. Microsoft Defender XDR

May 2023

Free Report: Fortinet FortiSIEM vs. Microsoft Defender XDR

Find out what your peers are saying about Fortinet FortiSIEM vs. Microsoft Defender XDR and other solutions. Updated: May 2023.

DOWNLOAD NOW

858,435 professionals have used our research since 2012.

See our Fortinet FortiSIEM vs. Microsoft Defender XDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.