We performed a comparison between Fortinet FortiSOAR and IBM Resilient based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It has basic out-of-the-box integrations with multiple log sources."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The most valuable feature of Fortinet FortiSOAR is the playbook, which has to be defined to apply the policies."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"The initial setup is straightforward."
"The reputation of the brand is very good."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"Fortinet FortiSOAR is a very interactive and user-friendly solution."
"It's great that the solution is integrated with FortiAnalyzer."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"The solution is simple to use and to integrate with IBM QRadar."
"The solution is very easy to use."
"As a whole, the product is stable...Technical support is very good."
"Its flexibility is the most valuable."
"IBM Resilient is scalable."
"The product is very good at incident response."
"It is a stable solution...It is a scalable solution."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Sentinel's reporting is complex and can be more user-friendly."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The solution’s pricing could be improved."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet FortiSOAR should add more documentation for some use cases."
"The solution doesn't connect well with the network devices."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"Technical support could be improved."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The product needs a bit more development."
"The response time of the support is an area of concern where improvements are required."
"The initial setup is complex."
"The product must provide more integration with other tools."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The integration could be improved so that it is easy to integrate with other solutions."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 12 reviews while IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews. Fortinet FortiSOAR is rated 7.4, while IBM Resilient is rated 7.6. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, Cisco SecureX and SECDO Platform, whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Security QRadar and IBM Cloud Pak for Security. See our Fortinet FortiSOAR vs. IBM Resilient report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.