Fortinet FortiSIEM vs Microsoft Defender XDR comparison

The compared Fortinet and Microsoft solutions aren't in the same category. Fortinet is ranked #8 in SIEM , with an average rating of 8.0, and holds a 3.0% mindshare in the category. Microsoft is ranked #4 in XDR , with an average rating of 8.4, and holds a 7.4% mindshare. Additionally, 82% of Fortinet users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

Fortinet FortiSIEM

Read 73 Fortinet FortiSIEM reviews

4,655 Views
3,151 Comparison Views

82% willing to recommend

Microsoft Defender XDR

Read 96 Microsoft Defender XDR reviews

7,145 Views
5,483 Comparison Views

97% willing to recommend

Fortinet FortiSIEM

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Fortinet FortiSIEM and Microsoft Defender XDR based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortinet FortiSIEM vs. Microsoft Defender XDR Report (Updated: May 2023).

Buyer's Guide

Fortinet FortiSIEM vs. Microsoft Defender XDR

May 2023

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiSIEM

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (8th)

Microsoft Defender XDR

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (4th), Microsoft Security Suite (2nd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Fortinet FortiSIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.0%, down 3.1% compared to last year.
Microsoft Defender XDR, on the other hand, focuses on Extended Detection and Response (XDR), holds 7.4% mindshare, up 6.1% since last year.

Security Information and Event Management (SIEM)

Extended Detection and Response (XDR)

Featured Reviews

Oliver Jackson

Network Engineer at Laminar Communications Pty Ltd

Systems monitoring enhanced by firewall and intrusion detection features

My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification. My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."

"FortiSIEM is a great tool for making security processes transparent."

"The solution’s IP database is awesome."

"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."

"Easy alert setup which enables different alerts in different categories."

"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."

"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."

"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."

More Fortinet FortiSIEM pros

"The integration between all the Defender products is the most valuable feature."

"Advanced hunting is good. I like that. We can drill down to lots of details."

"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."

"Scanning, vulnerability reporting, and the dashboard are the most valuable features."

"You can configure the product very easily."

"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."

"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."

"The email protection feature is the most valuable because our risks primarily lie there, and it seems to be the most popular target."

More Microsoft Defender XDR pros

Cons

"Fortinet FortiSIEM needs to provide better API integrations to users."

"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."

"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."

"Patching is not great - we're not getting the support we'd expect."

"Not very good on non-API features, lacks that functionality."

"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."

"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."

"FortiSIEM is not a market leader in the SIEM space."

More Fortinet FortiSIEM cons

"The console is missing some features that would be helpful for a managed services provider, like device and user management."

"It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing."

"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."

"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."

"Microsoft Defender is slow to adapt to evolving threats."

"The AI could be improved. As an analyst, I want to be able to interact more with AI. The AI simply sends summaries. I can't ask it, for example, if it has seen any suspicious activity with device two. I have to go and check device two for myself."

"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."

"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"Fortinet FortiSIEM is very cost-efficient compared to other SIEM solutions."

"The price of Fortinet FortiSIEM is a lot less when compared to other solutions."

"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."

"The solution is available for both, perpetual and subscription licenses."

"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."

"Fortinet FortiSIEM is cheaper compared to other products."

"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."

More Fortinet FortiSIEM pricing and cost advice

"The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."

"Microsoft 365 Defender offers competitive pricing."

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."

"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."

"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."

"Microsoft Defender XDR is included in our license."

"The pricing of Microsoft 365 Defender is definitely on the costly side, but with the features and services that Microsoft provides, such as the seamless integration of all the Defender tools, while the price is on the higher side, there is no alternative."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

Government

Manufacturing Company

Computer Software Company

17%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...

See all answers

What needs improvement with Fortinet FortiSIEM?

The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.

See all answers

What needs improvement with Microsoft 365 Defender?

It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing. Some inconsistencies exist between...

See all answers

Comparisons

IBM Security QRadar vs Fortinet FortiSIEM

Compared 13% of the time

Wazuh vs Fortinet FortiSIEM

Compared 13% of the time

Splunk Enterprise Security vs Fortinet FortiSIEM

Compared 10% of the time

Microsoft Sentinel vs Fortinet FortiSIEM

Compared 8% of the time

Seceon Open Threat Management Platform vs Fortinet FortiSIEM

Compared 2% of the time

More Fortinet FortiSIEM Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 29% of the time

Wazuh vs Microsoft Defender XDR

Compared 10% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

Fortinet FortiSIEM

February 2025

Download Fortinet FortiSIEM product report

Buyer's Guide

Microsoft Defender XDR

February 2025

Download Microsoft Defender XDR product report

Also Known As

FortiSIEM, AccelOps

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

Fortinet

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

Fortinet FortiSIEM vs. Microsoft Defender XDR

May 2023

Free Report: Fortinet FortiSIEM vs. Microsoft Defender XDR

Find out what your peers are saying about Fortinet FortiSIEM vs. Microsoft Defender XDR and other solutions. Updated: May 2023.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our Fortinet FortiSIEM vs. Microsoft Defender XDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.