We performed a comparison between Fortinet FortiSOAR and IBM Resilient based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The connectivity and analytics are great."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The reputation of the brand is very good."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"It's great that the solution is integrated with FortiAnalyzer."
"The solution is easy to implement and includes 450 built-in connectors."
"The initial setup is straightforward."
"The solution is very easy to use."
"The solution is reliable in our usage."
"The most valuable thing about it is how easy it is to navigate the user interface."
"The solution is simple to use and to integrate with IBM QRadar."
"It is a stable solution...It is a scalable solution."
"The product is very good at incident response."
"This is a good solution that we recommend for customers."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The troubleshooting has room for improvement."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"One key area that can be improved is by building a strong integration with our XDR platform."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The solution doesn't connect well with the network devices."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"The technology and integrations are important so should continue to be enhanced."
"Technical support could be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"Fortinet FortiSOAR should improve its analysis."
"Fortinet's tech support overall is not great when they are at their best."
"The product must provide more integration with other tools."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"IBM Resilient could integrate better with my tools."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The implementation could be a bit simpler."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The product needs a bit more development."
"The response time of the support is an area of concern where improvements are required."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews. Fortinet FortiSOAR is rated 7.4, while IBM Resilient is rated 7.6. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and D3 Security, whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Cloud Pak for Security and IBM Security QRadar. See our Fortinet FortiSOAR vs. IBM Resilient report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.