Sumo Logic Security and Fortinet FortiSIEM are competitive security solutions. Sumo Logic stands out for its pricing and support, while Fortinet FortiSIEM is preferred for its extensive features and perceived long-term value.
Features: Sumo Logic Security offers comprehensive analytics, log management capabilities, and real-time insights. Fortinet FortiSIEM provides integrated threat detection, response, and a holistic security platform.
Room for Improvement: Sumo Logic Security needs better integration with other tools and enhanced automation features. Fortinet FortiSIEM needs improvements in reporting capabilities and a more intuitive dashboard. Sumo Logic's enhancements are integration-focused, while Fortinet's are usability-focused.
Ease of Deployment and Customer Service: Sumo Logic Security is easy to deploy with good customer support. Fortinet FortiSIEM is complex to implement but has satisfactory customer service post-setup. Sumo Logic’s simpler deployment process benefits quick implementations.
Pricing and ROI: Sumo Logic Security is cost-effective with strong ROI and straightforward setup cost. Fortinet FortiSIEM involves a higher initial investment but offers substantial long-term value. Sumo Logic is more budget-friendly initially, while Fortinet is a worthwhile investment for comprehensive security needs.
The platform has resulted in time saved and reduces mean time to response, making it a great platform.
Local tech support is available, however, for more critical or technical issues, we depend on the OEM directly, especially when it comes to on-prem solutions.
There is a knowledgeable, though small, team of support engineers around the world.
The customer support for Fortinet FortiSIEM is excellent.
They have a response time of forty-eight hours, which is not instant support.
In general, they usually provide continuous support post-implementation, being in touch and trying to help, which makes their after-sale process better than Splunk.
At any point in time, when network devices increase or there is a change in the infrastructure, we can add more workers and collectors to expand our infrastructure setup.
Fortinet FortiSIEM is highly scalable.
Fortinet FortiSIEM's scalability is excellent, and it is also easy to configure, maintain, and operate.
The tool has high scalability because everything is based in the cloud.
I did not face any significant issues with Sumo Logic Security, but the pricing may be a concern as they try to upsell and raise the prices very quickly.
It stabilizes itself in an appropriate time, so its uptime is good.
These issues may cause unusual errors and user interface issues.
Some stability issues occur, but Fortinet's technical support team provides assistance.
If there are many records, the system may stop or the UI may become unresponsive.
The query language is pretty straightforward and easy, and it is very powerful for building different searches and dashboards that will serve for later exploration of the same interests I have.
Recently, they revised it to a subscription-based, all-inclusive license.
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products.
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management.
This can lead to alerts that are collections of disjointed signals that sometimes make no sense and lack real context; this simplistic approach makes it hard to find coherent stories during investigations.
I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
Setting it up for oneself as an enterprise-licensed product can be quite expensive.
Windows agent licenses cost around 3,000 Rupees per device per year.
The revised model is subscription-based and more flexible.
This makes it more cost-effective because other solutions often include a third element in their pricing.
It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security.
I find the real-time monitoring and correlation capabilities effective for security alerts.
Reliability and scalability have helped me in my work, especially because the license for Fortinet FortiSIEM is excellent from a cost perspective, and we can add more collectors as we expand.
The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production.
They are able to save time on fewer alerts because we are able to perform tuning on the logs to be able to only get relevant or security relevant incidents.
If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiSIEM | 2.8% |
| Sumo Logic Security | 1.3% |
| Other | 95.9% |
| Company Size | Count |
|---|---|
| Small Business | 34 |
| Midsize Enterprise | 22 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 6 |
| Midsize Enterprise | 4 |
| Large Enterprise | 13 |
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Companies around the world use FortiSIEM for the following use cases:
Sumo Logic
Sumo Logic is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights.
Sumo Logic is developed as a SaaS solution, it processes and analyzes large quantities of IT infrastructure data, spotting patterns and anomalies that can indicate a potential threat or significant event.
The platform is designed to help IT, security, and business operations teams develop, manage, and secure their applications and cloud infrastructures. It collects, aggregates, and analyzes data from various sources including servers, virtual machines, and network devices, providing visibility into complex systems.
What are the key features of Sumo Logic?
Real-time Analytics: Continuous queries and live dashboards that provide insights into application performance, user behavior, and security threats.
Advanced Machine Learning: Utilizes machine learning algorithms to identify trends, anomalies, and patterns.
Integrated Threat Intelligence: Tools and workflows to enhance security postures by detecting threats and anomalies.
Multi-tenant Cloud Service: Allows users to operate in a shared cloud environment securely.
The solution aims to simplify data complexity, streamline operations, and provide actionable insights to businesses across various industries.
Sumo Logic is designed to handle high data volumes from multiple sources without diminishing performance. It is primarily deployed in the cloud with seamless integrations for AWS, Google Cloud, and Microsoft Azure. This flexibility allows users to leverage Sumo Logic’s capabilities regardless of their existing cloud infrastructure.
In summary, Sumo Logic is a comprehensive, AI-driven analytics solution ideal for businesses looking to enhance their IT and security operations through data-driven insights and real-time monitoring. Its flexible deployment options and scalable pricing model make it accessible for various business sizes and sectors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
