The primary use case of FortiSIEM for my client is to provide comprehensive security information and event management (SIEM) capabilities. It is used to monitor, detect, and respond to security incidents across the client's network by aggregating and analyzing logs, events, and other data from various sources. FortiSIEM enables real-time threat detection, compliance reporting, and overall visibility into the security posture, helping to identify potential risks and take proactive measures to protect the organization's infrastructure.
Fortinet FortiSIEM is used to audit my servers and communications. It effectively handles vulnerability detection and correlates traffic to identify security issues or anomalies. It is also used to correlate my logs, which helps detect outliers and identify unusual events in my network.
Network Security Consultant at Vertex Techno Solutions (B) Pvt Ltd
Consultant
Top 20
2024-07-30T10:11:34Z
Jul 30, 2024
I normally use the solution in my company as part of SOC. The tool is implemented to collect logs from all networks, perimeter devices, and security devices. We are using all kinds of SIEM tools to collect logs, especially security logs from all network devices, and analyze all those logs. Fortinet FortiSIEM works for enterprise and banking customers and BFSI customers, as most of them use Fortinet FortiGate devices for the security of the perimeter devices.
Security Technical Manager at a tech services company with 51-200 employees
Real User
Top 5
2024-04-24T07:18:17Z
Apr 24, 2024
I implemented Fortinet FortiSIEM in my company to collect all logs from old systems, networks, and security devices in the network. Fortinet FortiSIEM has a correlation rule, and from it, you can generate incidents and get analytics. The tool also serves as a threat intelligence and integration platform. With FortiGuard or any third-party tools, Fortinet FortiSIEM, as a threat intelligence platform, can enrich the log attributes or criteria, which is well reflected in incidents.
CISO at a financial services firm with 501-1,000 employees
Real User
Top 20
2024-03-04T15:19:22Z
Mar 4, 2024
We use the solution for monitoring, intrusion detection, and user behavior analytics. We run the dashboards to detect anomalies. We have our own incident tracking solution. We use it to track the time to detect versus the time to resolve and close the ticket.
We use the solution to monitor events and logs. It gives us a very powerful view of what is going on. We can configure it to send notifications of any malicious detection because it is based on an ML (machine learning) algorithm. Aside from using the solution to monitor the logs from different sources, we can also get detections because it has strong machine learning capability.
IT Security & CyberSecurity Consultant at digitalDefense Information Systems GmbH
Real User
Top 10
2023-09-27T12:17:29Z
Sep 27, 2023
If a customer is looking to establish a centralized monitoring and security solution, Fortinet FortiSIEM can be tailored to meet their specific needs effectively. This solution offers extensive customization options, making it possible to adapt it precisely to their requirements.
Principal Solution Architect- Security & Privacy at Sify Technologies
Real User
Top 5
2023-04-27T08:17:00Z
Apr 27, 2023
We have an MSSP license and provide services to customers from various verticals like manufacturing, pharmaceutical, and MRD (Manufacturing, Retail & Distribution). We provide the services of Fortinet FortiSIEM to customers who cannot avail of costly on-premise services.
I am part of the team that implements the solution, and we hand it over to the operations team. We use FortiSIEM to ingest logs. The customer provides us with the IPs for the log sources, and we add them to the FortiSIEM dashboard. We can check the logs for signs of malicious access from outside devices and set rules based on the customer's preferences.
Asst Programmer Data Center at a consultancy with 10,001+ employees
Real User
Top 20
2023-01-10T12:44:38Z
Jan 10, 2023
Our use case is for collecting logs and monitoring internet traffic through firewalls. We have Fortinet firewalls and Fortinet WAF. I'm a system programmer and we are customers of Fortinet.
Director, Infrastructure and Operations at a comms service provider with 11-50 employees
Real User
2022-08-10T12:44:38Z
Aug 10, 2022
We have eight use cases installed, and we are collecting log sources from most of the relevant endpoints. We did all that configuration ourselves. So, the product didn't really have a lot to do with it. It is deployed on a private cloud. We manage the cloud infrastructure ourselves, and its primary purpose is to monitor and protect our network devices and our own business systems, not necessarily our customer-facing services. We are most probably on version 3. We are not on the current release.
We are using Fortinet FortiSIEM for multi-tenant SOC service. Fortinet FortiSIEM is deployed in our data center, and we have one collector. Each client has a collector within their environment. We set up a collector within each client's environment, and then have a VPN connection from the client's environment to our environment.
Research Associate at a comms service provider with 1,001-5,000 employees
Real User
2021-12-24T10:13:00Z
Dec 24, 2021
My company is a partner of Fortinet FortiSIEM. We are a service provider and I take the solution from Fortinet and deploy it for my customers. We use the solution for security detection and response. This is a customer based solution, our customer's security admins and security operations use the solution, compromised of a team between three to five people.
Cyber Security Analyst at a retailer with 1,001-5,000 employees
Real User
2021-08-26T19:22:16Z
Aug 26, 2021
We use it as our main SIEM tool for creating rules, creating alerts, monitoring, and accessing CMDB. We also use it to monitor a few more things related to writing security.
Security Engineer L1 at a media company with 11-50 employees
Real User
2021-08-07T10:28:56Z
Aug 7, 2021
We are trying to onboard some devices, which we will analyze using Fortinet FortiSIEM. Once it responds smoothly, we will onboard some clients with requests.
We use Fortinet FortiSIEM for storage of security information and analysis, as well as for alerts from the 50-60 services that we have. All of our webs are linked to FortiSIEM. It's a form of SOC tool and data is used for identifying trends and what's happening around the networks. We're customers and end-to-end users when it comes to FortiSIEM, but for other Fortinet products we're either partners or a value-added reseller. I'm the principal cloud architect in our company.
We are an enterprise that resells services. We are like a small MSSP for Salvador and Central America region. We provide services to other enterprises. Our clients have multiple use cases. Its most common use case to detect logging events from different IP addresses or locations. It is used to detect simultaneous logins by the same user from different IP addresses or locations, such as from different countries. It is also used to detect any attempts to log in to a server with root privilege and trying remote access with root privileges.
I primarily use the solution as part of the firewall. I work mostly with banks and have extensive experience with configuring the VPN in relation to Fortinet.
Asst Programmer Data Center at a consultancy with 10,001+ employees
Real User
Top 20
2020-07-15T07:11:37Z
Jul 15, 2020
We primarily use it for all of our cloud space and for firewalls,and AWS security services etc., for example, for the email, Cloud watch and AWS security HUB
We use FortiSIEM to protect our customers. Our current client has 20 branches and we can connect from any branch to their headquarters. We have high availability between headquarters and branches via the VPN connection. We can protect our SD-WAN, as well.
IT Executive: Operations & Security at Icon Information Systems (Pty) Ltd
Real User
2019-11-13T05:28:00Z
Nov 13, 2019
We run a Manage Security Services company and we use it in-house and for some of our clients. The service is a multitenant platform where our clients can log on to view and access various security-related activities and features. In more ways, it becomes like a cloud solution to them. We make use of a secure connection from the clients’ networks using collectors located on their premises back to our centralized SIEM platform.
We primarily use the solution for integration with FortiGate Firewall. We use it for multiple authentification, malware detection, and protection from DDoS attacks.
Manager, ICT Enterprise Services at a government with 201-500 employees
Real User
2019-08-19T05:47:00Z
Aug 19, 2019
We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis.
ICT Architect at a insurance company with 51-200 employees
Real User
2019-08-13T10:41:00Z
Aug 13, 2019
We use the on-prem model of this solution. Our primary use case is for malware and behavior monitoring. We also use it to monitor system performance and user behavior.
Network and Security Administrator at PETRA Engineering Industries Co.
Real User
2019-06-26T05:25:00Z
Jun 26, 2019
We're using FortiSIEM as the main metadata server for all the security and infrastructure devices. We integrate a lot of nodes, switches, firewalls, and sandboxes with it to gain and covers performance, availability, change, and security monitoring aspects of network devices, servers, and applications.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Companies around the world use FortiSIEM for the following use cases:
Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of...
The primary use case of FortiSIEM for my client is to provide comprehensive security information and event management (SIEM) capabilities. It is used to monitor, detect, and respond to security incidents across the client's network by aggregating and analyzing logs, events, and other data from various sources. FortiSIEM enables real-time threat detection, compliance reporting, and overall visibility into the security posture, helping to identify potential risks and take proactive measures to protect the organization's infrastructure.
Fortinet FortiSIEM is used to audit my servers and communications. It effectively handles vulnerability detection and correlates traffic to identify security issues or anomalies. It is also used to correlate my logs, which helps detect outliers and identify unusual events in my network.
I normally use the solution in my company as part of SOC. The tool is implemented to collect logs from all networks, perimeter devices, and security devices. We are using all kinds of SIEM tools to collect logs, especially security logs from all network devices, and analyze all those logs. Fortinet FortiSIEM works for enterprise and banking customers and BFSI customers, as most of them use Fortinet FortiGate devices for the security of the perimeter devices.
I implemented Fortinet FortiSIEM in my company to collect all logs from old systems, networks, and security devices in the network. Fortinet FortiSIEM has a correlation rule, and from it, you can generate incidents and get analytics. The tool also serves as a threat intelligence and integration platform. With FortiGuard or any third-party tools, Fortinet FortiSIEM, as a threat intelligence platform, can enrich the log attributes or criteria, which is well reflected in incidents.
We use the solution for monitoring, intrusion detection, and user behavior analytics. We run the dashboards to detect anomalies. We have our own incident tracking solution. We use it to track the time to detect versus the time to resolve and close the ticket.
We use the solution to monitor events and logs. It gives us a very powerful view of what is going on. We can configure it to send notifications of any malicious detection because it is based on an ML (machine learning) algorithm. Aside from using the solution to monitor the logs from different sources, we can also get detections because it has strong machine learning capability.
If a customer is looking to establish a centralized monitoring and security solution, Fortinet FortiSIEM can be tailored to meet their specific needs effectively. This solution offers extensive customization options, making it possible to adapt it precisely to their requirements.
We have an MSSP license and provide services to customers from various verticals like manufacturing, pharmaceutical, and MRD (Manufacturing, Retail & Distribution). We provide the services of Fortinet FortiSIEM to customers who cannot avail of costly on-premise services.
I am part of the team that implements the solution, and we hand it over to the operations team. We use FortiSIEM to ingest logs. The customer provides us with the IPs for the log sources, and we add them to the FortiSIEM dashboard. We can check the logs for signs of malicious access from outside devices and set rules based on the customer's preferences.
FortiSIEM combines information from operations and integrates it into management.
FortiSIEM analyzes the logs from all the servers and firewalls.
Our use case is for collecting logs and monitoring internet traffic through firewalls. We have Fortinet firewalls and Fortinet WAF. I'm a system programmer and we are customers of Fortinet.
It is used as an alerting platform and has an availability manager.
I use FortiSIEM for email events and security alarms.
We have eight use cases installed, and we are collecting log sources from most of the relevant endpoints. We did all that configuration ourselves. So, the product didn't really have a lot to do with it. It is deployed on a private cloud. We manage the cloud infrastructure ourselves, and its primary purpose is to monitor and protect our network devices and our own business systems, not necessarily our customer-facing services. We are most probably on version 3. We are not on the current release.
I am using Fortinet FortiSIEM to correlate events in our enterprise.
We have nearly 30 analysts currently using FortiSIEM.
We are using Fortinet FortiSIEM for multi-tenant SOC service. Fortinet FortiSIEM is deployed in our data center, and we have one collector. Each client has a collector within their environment. We set up a collector within each client's environment, and then have a VPN connection from the client's environment to our environment.
We use this solution to collect logs.
My company is a partner of Fortinet FortiSIEM. We are a service provider and I take the solution from Fortinet and deploy it for my customers. We use the solution for security detection and response. This is a customer based solution, our customer's security admins and security operations use the solution, compromised of a team between three to five people.
Fortinet FortiSIEM can be used to detect unusual user and entity behavior on networks. We currently are in the process of testing the solution.
This solution is used to detect irregular user and entity behavior using machine learning.
We are creating our new dashboards and correlations as per our requirements with Fortinet FortiSIEM.
We use it as our main SIEM tool for creating rules, creating alerts, monitoring, and accessing CMDB. We also use it to monitor a few more things related to writing security.
We are trying to onboard some devices, which we will analyze using Fortinet FortiSIEM. Once it responds smoothly, we will onboard some clients with requests.
We use Fortinet FortiSIEM for storage of security information and analysis, as well as for alerts from the 50-60 services that we have. All of our webs are linked to FortiSIEM. It's a form of SOC tool and data is used for identifying trends and what's happening around the networks. We're customers and end-to-end users when it comes to FortiSIEM, but for other Fortinet products we're either partners or a value-added reseller. I'm the principal cloud architect in our company.
We primarily use the solution for network and security monitoring.
We are an enterprise that resells services. We are like a small MSSP for Salvador and Central America region. We provide services to other enterprises. Our clients have multiple use cases. Its most common use case to detect logging events from different IP addresses or locations. It is used to detect simultaneous logins by the same user from different IP addresses or locations, such as from different countries. It is also used to detect any attempts to log in to a server with root privilege and trying remote access with root privileges.
I primarily use the solution as part of the firewall. I work mostly with banks and have extensive experience with configuring the VPN in relation to Fortinet.
We primarily use it for all of our cloud space and for firewalls,and AWS security services etc., for example, for the email, Cloud watch and AWS security HUB
We use FortiSIEM to protect our customers. Our current client has 20 branches and we can connect from any branch to their headquarters. We have high availability between headquarters and branches via the VPN connection. We can protect our SD-WAN, as well.
We run a Manage Security Services company and we use it in-house and for some of our clients. The service is a multitenant platform where our clients can log on to view and access various security-related activities and features. In more ways, it becomes like a cloud solution to them. We make use of a secure connection from the clients’ networks using collectors located on their premises back to our centralized SIEM platform.
We primarily use the solution for integration with FortiGate Firewall. We use it for multiple authentification, malware detection, and protection from DDoS attacks.
We primarily use the solution for collecting logs and duo correlation on our customer's premises.
We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis.
We use the on-prem model of this solution. Our primary use case is for malware and behavior monitoring. We also use it to monitor system performance and user behavior.
We're using FortiSIEM as the main metadata server for all the security and infrastructure devices. We integrate a lot of nodes, switches, firewalls, and sandboxes with it to gain and covers performance, availability, change, and security monitoring aspects of network devices, servers, and applications.
We are a partner, and we use this solution to ingest our customers' syslogs data for their firewalls.