Skip to main content

Formerly Cybersponse


What is FortiSOAR?

CyberSponse was a security orchestration, automation and response (SOAR) solution, now known as FortiSOAR. Fortinet acquired and now supports the solution (December 2019).

Read more
Recent Reviews
Read all reviews
Return to navigation

Product Details

FortiSOAR Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings



(1-3 of 3)
Companies can't remove reviews or game the system. Here's why
Bhuwan Chandra | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
FortiSOAR is only Security Orchestration Automation & Response tool that has extensive product capability & flexibility, tied to case management & leverage the power of Forti Security Fabric reducing the Burdon of Security operation center (SOC) team ultimately working as force multiplier for teams to response faster- vital to reducing the threat landscape for organizations .
FortiSOAR remedies alert fatigue & false positives by centralizing & aggregating alerts enriching them with add context while corelating them across a security stack to rapidly investigate . This includes custom playbook for triage process. Accelerating incident response & optimizing security operations.
  • FortiSOAR address complexity by providing 160 +ply books & 300 Connectors to easily integrate with deployed security controls to ingest information & provide single point of control.
  • FortiSOAR resolves collaboration complexities by providing teams with a comprehensive war room, module builder, granular RBAC, Segmenting Teams , duties and process . Seamless connecting all an organization s team together .
  • Training Services- Fortinet offers courses geared towards administration and designed and development of FortiSOAR , Which required multiples access , we need all training services with self pace basis , I think here Fortinet need to improve.
  • Licensing Model- Being as a new technology Licensing model should be crystal & Clear, be it Concurrent Users or The number of FortiSOAR nodes there should be no ambiguity .
Most organization with medium & maturity SOC struggle with alert fatigue & false positives with addressing alert volume is result in increasing risk of critical alerts being masked by trivial one , in this situation FortiSOAR help in case management : rapidly response in case of crises also.
FortiSOAR is designed very well where Fortinet have other stack of security component also like Fortinet NGFW & Forti SIEM etc.. Fortinet NGFW can and generate the FortiSOAR instance through FortiCloud for Customer .
However In absence of FortiFabric it require lot of connectors to work well the solution.
  • Scalable Enterprise Architecture-FortiSOAR multitenant capabilities do not required further architectural development during configuration.
  • Product Flexibility - FortiSOAR is only that can be easy build or edit custom modules and automation for more than just investigation purposes.
  • FortiSOAR help the purpose of SOC operation where it can add value which is need of time due to increasing threat landscape
  • FortiSOAR unified our response management , while further Orchestration and automation capabilities , complementing to the our legacy tools .
Done prove of concept (POC) thoroughly , where we judged the solution on every aspect & We came to know FortiSOAR will work well in our environment as it is blended with features like Case managements , Product Flexibility * Scalable Architecture . These features were much required to optimum use of our SOC solution.
Since we have all the Fortinet security stack in our environment it helped us a lot in selection (POC) and also commercially.
Broadcom CloudSOC CASB (formerly from Symantec)
Score 8 out of 10
Vetted Review
Verified User
From ticketing to reporting and automation to orchestration we have met 99 percent of our highly customized requirements. More than 200 security products can be integrated into the platform, allowing organizations to build playbooks for various security operations. As a result, MTTR for security incidents can be reduced and ROI maximized.
  • Setup is a breeze once you get started.
  • Contextual information is provided by integrating various security products and services.
  • Effective scaling of FortiSOAR is achieved.
  • Automating a wide range of routine tasks necessitates the services of an expert.
  • Support for technical issues could be enhanced.
  • Third-party vendor integration is an area that can be improved.
It's simple to set up on a virtual machine. Infinite mini-panels of platforms, incidents, alarms, and other features can be created using the intuitive user interface. Investing in better security, visibility, and incident response is well worth the cost. It's excellent, in my opinion.
  • A support that is constantly changing that makes us learn.
  • The advantages of competitive tools.
  • Ease and time savings in integration.
  • 12% in daily loads that we did not see in the team before.
  • The context in which the soft moves is impressive at the time of starting.
  • Consolidation of company operations.
Score 10 out of 10
Vetted Review
Verified User
The FortiSOAR solution had a great impact on our security operations center because it allowed us to unify and integrate different security systems/platforms and create a personalized center for viewing alerts and notifications. We use it to manage assets and especially network vulnerabilities that are the most critical. We set up the dashboards to make it easy to see everything in general and also the mini-panels specified for each platform. I found the interface very user-friendly and intuitive to configure, customize and read data through dashboards and reports. Technical support is a differential because the manufacturer's engineers are very helpful, and intelligent and help to clear up configuration doubts and unknown alerts.
  • User-friendly interface and easy to read data on the panels.
  • Perfect for vulnerability management.
  • Great integration with different security operations center platforms.
  • Customized panels.
  • Setting User Permissions.
  • Scheduled asset scans with reports.
  • The documentation is quite extensive and complex, but tech support can help with this.
  • Instabilities in the tool sometimes.
I recommend it to all companies with scenarios that are looking for a SOC queue management tool, vulnerabilities, assets, indicators, visualization panels with alarms and real-time notifications, and personalized reports of all the functions present in the tool. It's easy to install and configure on a VM. The interface is user-friendly and fully customizable and can even create infinite mini-panels of platforms, incidents, alarms, and other functions. The price is great and it's an investment to improve security and visibility and incident handling.
  • Vulnerability and incident management.
  • Alarm system and notifications.
  • Customized panels.
  • Reports.
  • Queue management.
  • Excellent integration with other platforms.
  • Improved compliance control and risk management.
  • Improved the business process.
  • Improved incident visibility.
Return to navigation