No more typing reviews! Try our Samantha, our new voice AI agent.

Fortinet FortiSIEM pros and cons

Vendor: Fortinet

3.8 out of 5

75 reviews
83% willing to recommend

Pros & Cons summary

Fortinet FortiSIEM offers flexible reporting and rule generation with built-in reports and alerts, integrating SOC and NOC operations for robust monitoring. Seamless integration with platforms like Cisco and Palo Alto enhances interoperability. It provides strong event correlation for threat detection, but creating parsers for unsupported devices is cumbersome. Documentation needs improvement, especially on CLI features, and integration can be challenging. Technical support is often criticized, and the licensing model is seen as expensive.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Fortinet FortiSIEM provides extensive analytics, including invaluable log correlation and threat detection capabilities.

It allows seamless integration with other security fabrics and technologies, enhancing overall operational efficiency.

The ability to match IPs with threat intelligence feeds adds valuable context for security monitoring.

Fortinet FortiSIEM's dashboards and event correlation are robust and customizable to meet specific security needs.

Its auto-discovery and real-time monitoring prove essential for comprehensive network security oversight.

CONS

Creating parsers for unsupported devices is cumbersome and time-consuming.

Technical support and response time need significant improvement.

Better integration with third-party vendors and tools is necessary.

Improvement is needed in hardware resource utilization for efficiency.

Fortinet FortiSIEM should simplify creating and managing normalizers.

Fortinet FortiSIEM Pros review quotes

SY

Network Engineer at Ogma Consulting

May 2, 2025

These aspects make Fortinet FortiSIEM a valuable choice.

Read full review

MT

Muhammad Tayyab

IT Solutions Product Manager at a computer software company with 11-50 employees

Nov 19, 2024

The most fascinating aspect of FortiSIEM is its integration with the MITRE ATT&CK framework.

Read full review

Network Engineer at Laminar Communications Pty Ltd

Dec 18, 2024

It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security.

Read full review

Fortinet FortiSIEM

Free Report: Fortinet FortiSIEM Reviews and More

Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.

900,747 professionals have used our research since 2012.

SIEM MANAGER at a comms service provider with 1,001-5,000 employees

Aug 23, 2024

FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context.

Read full review

Vishwajeet Pandey

senior technical administrator at Ogma Consulting

Oct 24, 2024

The most valuable feature is the ability to view all the network events on a single pane and find the point of contact or point of the incident.

Read full review

CO

Senior Network Associate at AMCON, Inc.

Sep 27, 2023

It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely.

Read full review

JO

Security Manager at Banco Lopez de Haro

Aug 14, 2024

It detects new technologies, vulnerabilities, and emerging threats on the internet.

Read full review

Technical Consultant at Vertex Techno Solutions (B) Pvt Ltd

Jul 30, 2024

The most valuable features of the solution is its integration with other technologies, especially its ability to collect logs from Cisco and Aruba devices along with Fortinet products.

Read full review

reviewer2535720

Network administrator at a manufacturing company with 51-200 employees

Aug 28, 2024

The tool's most valuable feature stems from the fact that I can see a complete analysis, like all the incidents that have happened, and it detects everything in real-time.

Read full review

Nikesh Kakshapti

Assocciate Solution Engineer at LogPoint

Aug 23, 2024

The most valuable feature is auto-discovery. When you send logs from any device to port 514, it helps register those devices automatically.

Read full review

Show 10 more reviews (out of 72)

Fortinet FortiSIEM Cons review quotes

SY

Network Engineer at Ogma Consulting

May 2, 2025

Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate software called FortiSOAR.

Read full review

MT

Muhammad Tayyab

IT Solutions Product Manager at a computer software company with 11-50 employees

Nov 19, 2024

FortiSIEM is a bit resource-hungry, so work should be done on hardware resource utilization to consume less hardware.

Read full review

Network Engineer at Laminar Communications Pty Ltd

Dec 18, 2024

The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products.

Read full review

Fortinet FortiSIEM

Free Report: Fortinet FortiSIEM Reviews and More

Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.

900,747 professionals have used our research since 2012.

SIEM MANAGER at a comms service provider with 1,001-5,000 employees

Aug 23, 2024

When an alert triggers in Fortinet FortiSIEM, the layout or format can feel limited

Read full review

Vishwajeet Pandey

senior technical administrator at Ogma Consulting

Oct 24, 2024

There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore.

Read full review

CO

Senior Network Associate at AMCON, Inc.

Sep 27, 2023

Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information.

Read full review

JO

Security Manager at Banco Lopez de Haro

Aug 14, 2024

The deployment of the platform took some time to set up and configure.

Read full review

Technical Consultant at Vertex Techno Solutions (B) Pvt Ltd

Jul 30, 2024

The tool's technical team's response time is too high, and they are not available even when they know that there are many pending issues.

Read full review

reviewer2535720

Network administrator at a manufacturing company with 51-200 employees

Aug 28, 2024

The solution's technical support didn't help our company a lot.

Read full review

Nikesh Kakshapti

Assocciate Solution Engineer at LogPoint

Aug 23, 2024

Improvements include making it easier for users to create their normalizers. Fortinet FortiSIEM uses XML for normalizing and parsing, which can be tedious and time-consuming. A simpler way of using regex could be helpful.

Read full review

Show 10 more reviews (out of 72)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

AI Observability

Fortinet Security Operations (SecOps) Platform

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Fortinet FortiSIEM

SentinelOne Singularity Cloud Security vs Fortinet FortiSIEM

Splunk Enterprise Security vs Fortinet FortiSIEM

Wazuh vs Fortinet FortiSIEM

SentinelOne Singularity Endpoint vs Fortinet FortiSIEM

IBM Security QRadar vs Fortinet FortiSIEM

Microsoft Sentinel vs Fortinet FortiSIEM

Elastic Security vs Fortinet FortiSIEM

Cribl vs Fortinet FortiSIEM

LogRhythm SIEM vs Fortinet FortiSIEM

Rapid7 InsightIDR vs Fortinet FortiSIEM

Cortex XSIAM vs Fortinet FortiSIEM

Anomali vs Fortinet FortiSIEM

Exabeam vs Fortinet FortiSIEM

Gigamon Deep Observability Pipeline vs Fortinet FortiSIEM

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

AI Observability

Fortinet Security Operations (SecOps) Platform

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Fortinet FortiSIEM

SentinelOne Singularity Cloud Security vs Fortinet FortiSIEM

Splunk Enterprise Security vs Fortinet FortiSIEM

Wazuh vs Fortinet FortiSIEM

SentinelOne Singularity Endpoint vs Fortinet FortiSIEM

IBM Security QRadar vs Fortinet FortiSIEM

Microsoft Sentinel vs Fortinet FortiSIEM

Elastic Security vs Fortinet FortiSIEM

Cribl vs Fortinet FortiSIEM

LogRhythm SIEM vs Fortinet FortiSIEM

Rapid7 InsightIDR vs Fortinet FortiSIEM

Cortex XSIAM vs Fortinet FortiSIEM

Anomali vs Fortinet FortiSIEM

Exabeam vs Fortinet FortiSIEM

Gigamon Deep Observability Pipeline vs Fortinet FortiSIEM

See all alternatives

Related questions

221

What Solution for SIEM is Best To Be NIST 800-171 Compliant?

224

When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

174

What are the main differences between Nessus and Arcsight?

238

What's The Best Way to Trial SIEM Solutions?

187

Which is the best SIEM solution for a government organization?

494

What is the difference between IT event correlation and aggregation?

179

What Is SIEM Used For?

155

RSA-EMC vs. other SIEM products?

254

What Questions Should I Ask Before Buying SIEM?

196

What are the pros and cons of internal SOC vs SOC-as-a-Service?