Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs NetWitness Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (22nd)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. The mindshare of NetWitness Platform is 0.6%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
MdZaman - PeerSpot reviewer
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."
"FortiSIEM's best features are the dashboards and customization."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"The CMDB and the device discovery features are most valuable."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"The most valuable feature is the anomaly-reporting alarms."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The solution is easy to use and user-friendly."
"The most valuable feature is the security that it provides."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"Performance and reporting are very good."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"NetWitness Platform offers flexibility for deployment and robust integration capabilities."
"Incident management is its most valuable feature."
 

Cons

"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"FortiSIEM is not a market leader in the SIEM space."
"The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"The dashboard needs to improve."
"The solution's technical support didn't help our company a lot."
"When an alert triggers in Fortinet FortiSIEM, the layout or format can feel limited"
"The biggest thing that could be better is a quicker response to support cases."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The initial setup is very complex and should be simplified."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"The log system is a bit complex and has room for improvement."
"The tool's integration capability isn't so great."
 

Pricing and Cost Advice

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"Fortinet FortiSIEM is not an expensive solution."
"Fortinet's products are not expensive, it is less than the competition."
"The price is competitive."
"Fortinet FortiSIEM is cheaper compared to other products."
"They have a yearly subscription."
"The solution is available for both, perpetual and subscription licenses."
"The tool is really expensive. For what the tool does for our team, the price is fair."
"Our license is for one year."
"The product price was reasonable for my region and the market."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"It is cheap."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"We are on an annual license for the use of the solution."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
Financial Services Firm
18%
Computer Software Company
17%
Government
6%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The product price was reasonable for my region and the market.
What needs improvement with NetWitness Platform?
From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building...
 

Also Known As

FortiSIEM, AccelOps
RSA Security Analytics
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Los Angeles World Airports, Reply
Find out what your peers are saying about Fortinet FortiSIEM vs. NetWitness Platform and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.