We performed a comparison between Elastic Security and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.
"It's open-source and free to use."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"Elastic Security is very easy to adapt."
"The most valuable feature is the machine learning capability."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable feature is the ability to collect authentication information from service providers."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The solution’s IP database is awesome."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"It works well with medium to large-scale enterprises."
"The most valuable feature is the anomaly-reporting alarms."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"The solution's query building is not that intuitive compared to other solutions."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"FortiSIEM could be better integrated with other vendors."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"Its training can be improved. Its price also needs to be improved."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"FortiSIEM is not a market leader in the SIEM space."
"Fortinet FortiSIEM could improve by having a signature update."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews. Elastic Security is rated 7.6, while Fortinet FortiSIEM is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and SCOM. See our Elastic Security vs. Fortinet FortiSIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.