Fortinet- FortiSOAR - Add value to SOC
April 25, 2022

Fortinet- FortiSOAR - Add value to SOC

Bhuwan Chandra | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with FortiSOAR (formerly Cybersponse)

FortiSOAR is only Security Orchestration Automation & Response tool that has extensive product capability & flexibility, tied to case management & leverage the power of Forti Security Fabric reducing the Burdon of Security operation center (SOC) team ultimately working as force multiplier for teams to response faster- vital to reducing the threat landscape for organizations .
FortiSOAR remedies alert fatigue & false positives by centralizing & aggregating alerts enriching them with add context while corelating them across a security stack to rapidly investigate . This includes custom playbook for triage process. Accelerating incident response & optimizing security operations.
  • FortiSOAR address complexity by providing 160 +ply books & 300 Connectors to easily integrate with deployed security controls to ingest information & provide single point of control.
  • FortiSOAR resolves collaboration complexities by providing teams with a comprehensive war room, module builder, granular RBAC, Segmenting Teams , duties and process . Seamless connecting all an organization s team together .
  • Training Services- Fortinet offers courses geared towards administration and designed and development of FortiSOAR , Which required multiples access , we need all training services with self pace basis , I think here Fortinet need to improve.
  • Licensing Model- Being as a new technology Licensing model should be crystal & Clear, be it Concurrent Users or The number of FortiSOAR nodes there should be no ambiguity .
  • Scalable Enterprise Architecture-FortiSOAR multitenant capabilities do not required further architectural development during configuration.
  • Product Flexibility - FortiSOAR is only that can be easy build or edit custom modules and automation for more than just investigation purposes.
  • FortiSOAR help the purpose of SOC operation where it can add value which is need of time due to increasing threat landscape
  • FortiSOAR unified our response management , while further Orchestration and automation capabilities , complementing to the our legacy tools .
Done prove of concept (POC) thoroughly , where we judged the solution on every aspect & We came to know FortiSOAR will work well in our environment as it is blended with features like Case managements , Product Flexibility * Scalable Architecture . These features were much required to optimum use of our SOC solution.
Since we have all the Fortinet security stack in our environment it helped us a lot in selection (POC) and also commercially.

Do you think FortiSOAR delivers good value for the price?


Are you happy with FortiSOAR's feature set?


Did FortiSOAR live up to sales and marketing promises?


Did implementation of FortiSOAR go as expected?

I wasn't involved with the implementation phase

Would you buy FortiSOAR again?


Broadcom CloudSOC CASB (formerly from Symantec)
Most organization with medium & maturity SOC struggle with alert fatigue & false positives with addressing alert volume is result in increasing risk of critical alerts being masked by trivial one , in this situation FortiSOAR help in case management : rapidly response in case of crises also.
FortiSOAR is designed very well where Fortinet have other stack of security component also like Fortinet NGFW & Forti SIEM etc.. Fortinet NGFW can and generate the FortiSOAR instance through FortiCloud for Customer .
However In absence of FortiFabric it require lot of connectors to work well the solution.