Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs Microsoft Defender XDR comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Fortinet FortiSIEM
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
71
Ranking in other categories
Security Information and Event Management (SIEM) (8th)
Microsoft Defender XDR
Average Rating
8.4
Number of Reviews
89
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Fortinet FortiSIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 2.9%, up 2.9% compared to last year.
Microsoft Defender XDR, on the other hand, focuses on Extended Detection and Response (XDR), holds 10.2% mindshare, up 6.2% since last year.
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)
 

Featured Reviews

HamedWasel - PeerSpot reviewer
Apr 3, 2023
It's cheaper than other solutions with the same features but lacks integration with many third-party vendors
I am part of the team that implements the solution, and we hand it over to the operations team. We use FortiSIEM to ingest logs. The customer provides us with the IPs for the log sources, and we add them to the FortiSIEM dashboard. We can check the logs for signs of malicious access from outside…
Desray Liu - PeerSpot reviewer
Nov 28, 2023
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"The Threat Hunting feature provides complete traffic analysis."
"The tool's most valuable feature stems from the fact that I can see a complete analysis, like all the incidents that have happened, and it detects everything in real-time."
"We find the solution to be stable."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"The stability is very reliable. It offers very good performance."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"It reduces the risk of users accidentally clicking on phishing emails."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
 

Cons

"Its training can be improved. Its price also needs to be improved."
"FortiSIEM could be better integrated with other vendors."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"Fortinet FortiSIEM could improve by having a signature update."
"The dashboard needs to improve."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environment. It would be beneficial if the threat intelligence were tailored to the industry, such as healthcare or fintech, where the solution is being used."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
 

Pricing and Cost Advice

"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."
"Fortinet FortiSIEM is not an expensive solution."
"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
"Fortinet's products are not expensive, it is less than the competition."
"We pay for a license for FortiSIEM. We pay for the license and renewal."
"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"There are additional features that cost more than the standard licensing fees."
"Pricing is determined based on the customer's budget."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."
"The licensing fee for Microsoft 365 Defender is fair."
"On average, we pay around 55 euros per user for the services and features we receive."
"While the standalone price of Defender XDR might seem high, its value becomes clear when considering the ease of implementation and smooth integration with our existing Microsoft infrastructure, especially when bundled with other Microsoft products."
"Understanding the subscription model has been a bit challenging, as every feature or requirement comes with an additional cost."
"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."
"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
8%
Financial Services Firm
8%
Manufacturing Company
6%
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap.
What needs improvement with Fortinet FortiSIEM?
With Fortinet's current integrations with endpoints and with the integration capabilities of EDR and XDR solutions from Fortinet itself, when we are trying to integrate them with other technologies...
What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
 

Also Known As

FortiSIEM, AccelOps
Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Find out what your peers are saying about Fortinet FortiSIEM vs. Microsoft Defender XDR and other solutions. Updated: May 2023.
814,649 professionals have used our research since 2012.