We performed a comparison between Fortinet FortiSOAR and Proofpoint Threat Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Log aggregation and data connectors are the most valuable features."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel pricing is good"
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The initial setup is straightforward."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"We use the product for security."
"It has a quick detection and response time."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The reputation of the brand is very good."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"The solution is easy to implement and includes 450 built-in connectors."
"It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so."
"The best part of Proofpoint Threat Response is the Auto-Pull feature. Being able to pull an email back from a user's mailbox is very useful, yet I have noticed that not a lot of organizations use this kind of feature."
"Support is very responsive."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"There is room for improvement in entity behavior and the integration site."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"The solution doesn't connect well with the network devices."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR should add more documentation for some use cases."
"The area that needs improvement is integration with multiple third-party vendors."
"The interface within Threat Response could be made simpler."
"Has some quirks."
"If the reporting gets improved then it would be better, but the product is running amazing as it is."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while Proofpoint Threat Response is ranked 5th in Security Incident Response with 3 reviews. Fortinet FortiSOAR is rated 7.4, while Proofpoint Threat Response is rated 8.4. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of Proofpoint Threat Response writes "Tracks and mitigates email security incidents with Auto-Pull, and has good stability and performance". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Swimlane and D3 Security, whereas Proofpoint Threat Response is most compared with ServiceNow Security Operations, Cofense Triage, Fidelis Elevate, Cisco SecureX and Splunk SOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.