Please share with the community what you think needs improvement with Fortinet FortiSOAR.
What are its weaknesses? What would you like to see changed in a future version?
The improvement would be to make it more user-friendly. They need to lower the learning curve. They should just make it more user-friendly, especially for non-technical people. Technical support could be improved.
The area that needs improvement is integration with multiple third-party vendors. For example, if you have customers who are using the CheckPoint firewall or Sophos firewall, and they are forwarding any logs to the Syslog format system, it should re-automate though the third-party firewall or any third-party proxy. In the next release, I would like to see UEBA included. User entity behavior analytics is very important. Also, I would like to have the UEBA integrated with the cloud, making it accessible from any specified region. This would be very helpful for our customers.
I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
Hi dear community,
Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook?
Do SOAR solutions come with a pre-defined playbook as a starting point?