We performed a comparison between Fortinet FortiSIEM and Securonix Next-Gen SIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Securonix Next-Gen SIEM offers multiple advanced features, such as Spotter for in-depth search and analysis and extensive customization options. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring. Securonix users highlighted the need for greater flexibility in modifying reports and templates and improved analytics and visualization.
Service and Support: Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable. Securonix has been praised for its effective support and timely problem resolution.
Ease of Deployment: Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time. Some users found the Securonix Next-Gen SIEM setup to be straightforward, but others found it complex.Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions.
Pricing: FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets. Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions.
ROI: Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses. Users say Securonix Next-Gen SIEM offers a significant return on investment by streamlining infrastructure management and enhancing overall efficiency.
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The Log analytics are useful."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"FortiSIEM's best features are the dashboards and customization."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"FortiSIEM is a great tool for making security processes transparent."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The user interface is easy to learn and navigate."
"The most valuable feature is that it works on user behavior and event rarities."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"One of the most valuable features is the integration of all types of data sources to extract relevant information regarding events. It is a good solution when it comes to the correlations that it makes within all the data handled in our company."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"The most valuable feature is what Securonix calls enrichment. Securonix is very powerful because of all the data it can process and automatically enrich. The actionable intelligence it provides is one of its benefits, due to the processing capacity it has."
"I think the number one area of improvement for Sentinel would be the cost."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The playbook is a bit difficult and could be improved."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The AI capabilities must be improved."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"FortiSIEM could be better integrated with other vendors."
"When our team tried configuring logs for Microsoft SQL, it did not work."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"They need to integrate better with Cisco and Palo Alto."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"The solution could provide more automation."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 25 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 15 reviews. Fortinet FortiSIEM is rated 7.4, while Securonix Next-Gen SIEM is rated 9.0. The top reviewer of Fortinet FortiSIEM writes "It has robust event correlation and good GUI, but their technical support should be better, and it should support more nonstandard log sources". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Playbooks integrations, incident management features, and threat hunting services saved time and streamlined investigations". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, PRTG Network Monitor and ThousandEyes, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Exabeam Fusion SIEM, Gurucul UEBA and Sumo Logic Security. See our Fortinet FortiSIEM vs. Securonix Next-Gen SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.