Sold by: Fortinet Inc.Â
Deployed on AWS
Fortinet FortiSIEM - Delivering on the promise of next-generation SIEM.
FortiSIEM is a premier solution for the modern SOC and has been named a 2024 Gartner Peer Insights Customers' Choice for SIEM. FortiSIEM Cloud SaaS is available in 19 AWS regions worldwide.
4.2
Overview
FortiSIEM provides the centralized IT/OT event collection, advanced detection analytics, incident management, and other functions needed by today's security teams. Built on UEBA analytics, a unique CMDB, native SOAR automation, and GenAI assistance, the intuitive analyst experience supports all aspects of threat investigation, incident response, and compliance validation across Fortinet Security Fabric and multivendor infrastructures.
FortiSIEM is the SOC foundation for the modern enterprise and Managed Services Providers. Features include:
- IT/OT CMDB including asset discovery, classification, and health monitoring
- Advanced detection using UEBA, 1000's of correlation rules, and custom ML
- Rich, risk-prioritized incident management capabilities
- Built-in SOAR powered automation for all SIEM activities
- Multi-tenancy and other MSSP-focused features
- Extendible from a single instance to multi-tier, distributed processing scale with high availability
Contact AWSsales@fortinet.com with questions or additional platform licensing via Private Offers.
Highlights
- Reduced Risk of Attack via enterprise-wide IT/OT visibility and threat detection
- Rapid Threat Response with rich analyst features optimized, automated, and powered with genAI
- Immediate Value using out-of-the box configurations, detection rules, dashboards, and playbooks.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
10 FortiSIEM Compute Units | Quantity 1 only. Deployment regions A, refer to datasheet for region locations. Annual Subscription. Includes FortiCare Premium Support. | $29,000.00 |
Vendor refund policy
No refund
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
upport description Fortinet FortiCare support offerings provide global support and deliver best-in-class support services. With FortiCare support, customers can be assured that their Fortinet security products are performing optimally and protecting their corporate assets.
If you do not have an account yet, please sign using the link below https://support.fortinet.com/login/CreateAccount.aspxÂ
Or contact us at: 1 (866) 868-3678
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Fortinet offers a unified set of intelligent detection and response solutions to help organizations identify, investigate, and respond to sophisticated cyber threats across hybrid IT and OT environments. These include:
• FortiNDR – AI-driven Network Detection & Response
• FortiSIEM – Unified Security Information & Event Management
• FortiXDR – Extended Detection & Response with automation and context correlation
Together, they empower SOC teams to detect threats faster, reduce alert fatigue, and respond more effectively through Fortinet’s integrated Security Fabric.
As a Fortinet Golden Partner, KINMAX TECHNOLOGY provides expert security consulting service to safeguard your vital cloud environment from cyberattacks.
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate includes all of the security and networking services common to FortiGate physical appliances.
FortiAuthenticator is a centralized user Identity Management solution to transparently identify network users and enforce identity-driven access policy in a Fortinet fabric. It supports FortiToken Two-factor authentication, Certificate and Wireless Guest management and Single Sign On capability.
The Fortinet FortiManager provides easy centralized configuration, policy-based provisioning, update management and end-to-end network monitoring for your Fortinet installed environment.
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate firewall includes all of the security and networking services common to FortiGate physical appliances.
The FortiWeb web application firewall (WAF) defends web-based applications from known and zero-day threats. Its AI-based machine learning identifies threats with virtually no false positive detections.
Customer reviews
Mohamed Fouad
Building a multi-customer SOC has become more efficient with reliable event correlation and strong licensing support
Reviewed on Nov 20, 2025
Review provided by PeerSpot
What is our primary use case?
My main use case for Fortinet FortiSIEMÂ is building a SOC and serving as an event management platform for correlating events in my work.
I use Fortinet FortiSIEMÂ for event correlation by building a SOC for many customers, allowing the SOC team to rely on SIEMÂ technology to correlate and manage events from all security products.
What is most valuable?
The best features Fortinet FortiSIEM offers are reliability and scalability.
Reliability and scalability have helped me in my work, especially because the license for Fortinet FortiSIEM is excellent from a cost perspective, and we can add more collectors as we expand.
Fortinet FortiSIEM has positively impacted my organization by allowing us to manage our security and build our SOC.
What needs improvement?
Fortinet FortiSIEM is great overall. Performance could be enhanced, but I do not wish to elaborate on needed improvements.
For how long have I used the solution?
I have been using Fortinet FortiSIEM for five years.
What do I think about the stability of the solution?
Fortinet FortiSIEM is stable.
What do I think about the scalability of the solution?
Fortinet FortiSIEM's scalability is excellent, and it is also easy to configure, maintain, and operate.
How are customer service and support?
The customer support for Fortinet FortiSIEM is excellent. I have interacted with their support team, and Fortinet's support is known to be wonderful.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously used IBM QRadar as a different solution.
What was our ROI?
I have seen a return on investment that is excellent. The platform has resulted in time saved and reduces mean time to response, making it a great platform.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Fortinet FortiSIEM is wonderful, as it offers an excellent license compared to other vendors.
Which other solutions did I evaluate?
Before choosing Fortinet FortiSIEM, I evaluated IBM QRadar as another option.
What other advice do I have?
My advice for others looking into using Fortinet FortiSIEM is that it is better to use Fortinet FortiSIEM for building your SOC and maintaining your incident response at the SOC. I have provided this review with a rating of 10.
reviewer2731089
Security tool facilitates efficient monitoring and policy customization
Reviewed on Aug 15, 2025
Review provided by PeerSpot
What is our primary use case?
I have a lot of experience working with solutions such as Fortinet FortiSIEM , FortiSOAR , and FortiGate . I have also worked with ImmuniWeb . However, I did not have the credentials or the software to work with ImmuniWeb , which is why I was searching for more information on the website to learn more about the tool.
In the company I work for, we have a partnership with Fortinet.
In my organization, I work on Fortinet FortiSIEMÂ in the cloud.
What is most valuable?
Fortinet FortiSIEM is really user-friendly. You can filter easily, find rules, and even create new rules. I appreciate Fortinet FortiSIEM the most because it is easy to search, filter, make rules, and look for correlations and events.
For Fortinet FortiGate , it is easy to navigate through the tool itself, make policies, and look at events and logs. It is very easy to monitor on Fortinet FortiGate. I really appreciate it and believe anyone in the field can work with it easily.
For FortiSOARÂ , it is easy to work with playbooks and rules for approvals, and everything there is straightforward. Fortinet FortiSIEM pulls the events from FortiSOAR, processes them, and applies the playbooks. It is simple in its functions, has correlations, and offers everything needed.
I can find everything I need on Fortinet FortiSIEM. The filters, trends, and dashboard make it easy to use. The database, alerts, and customer service are excellent as well.
What needs improvement?
Regarding Fortinet FortiSIEM, I cannot identify any specific areas for improvement because I can find everything I need. For the time being, I cannot find a real point for improvement. Everything is working great on Fortinet FortiSIEM.
For how long have I used the solution?
I have experience with Fortinet FortiSIEM for almost six months.
How are customer service and support?
For Cortex XDRÂ from Palo Alto, it rates 10 out of 10. Everything is excellent with XDRÂ and the technical support is exceptional.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have worked with Splunk and QRadar SIEMÂ tools, but I prefer Fortinet FortiSIEM the most.
What's my experience with pricing, setup cost, and licensing?
I am not familiar with the price and cost of Fortinet FortiSIEM. I cannot tell you if it is high, expensive, or low. However, I can say that it is cost-effective as it provides everything needed.
Which other solutions did I evaluate?
I do not have relevant experience with tools such as Acunetix , Synopsys, Invicti , Snyk , Prolexic , AWS Shield , or Global Accelerator.
What other advice do I have?
I wish to remain anonymous, with no names for my company or myself. I prefer written communication rather than voice-based.
Based on my experience, I would rate this solution 9 or 10 out of 10.
SaurabhYadav5
Comprehensive monitoring boosts security, yet incident management features need expansion
Reviewed on May 02, 2025
Review provided by PeerSpot
What is our primary use case?
Our primary use case for Fortinet FortiSIEMÂ is mostly in government offices. We fully rely on vendors for implementation, and we generally review and approve the recommendations made by the implementation partners.
What is most valuable?
I use Fortinet FortiSIEMÂ for complete infrastructure monitoring for security events. It supports a number of compliance rules that cater to different requirements. I find the real-time monitoring and correlation capabilities effective for security alerts. Fortinet FortiSIEM provides pre-built rules, with more than three thousand rules supplied, eliminating the need to define them from scratch. These aspects make Fortinet FortiSIEM a valuable choice.
What needs improvement?
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate software called FortiSOARÂ . Additionally, the search functionality in FortiAI should be improved to provide more precise results, making it easier for me to understand what actions need to be taken.
For how long have I used the solution?
I have used the solution for one and a half years.
What was my experience with deployment of the solution?
I haven't faced any issues with deploying Fortinet FortiSIEM. The main setup can be done in one hour, and I prefer the VMware installation which is provided with VMDK or similar files. Installing agents on endpoint machines is the main task.
What do I think about the stability of the solution?
Occasionally, some stability issues occur, but Fortinet's technical support team provides assistance. As I mentioned earlier, every software can have bugs, and Fortinet does respond to fix these bugs. I would rate the stability at around seven to eight on a scale of ten.
What do I think about the scalability of the solution?
Fortinet FortiSIEM is easy to scale. I would rate its scalability an eight on a scale of ten.
How are customer service and support?
Fortinet's customer support is okay, but not very good. They take some time to respond because they need logs and investigations, which delays the response time. I expect faster responses for the issues raised.
How would you rate customer service and support?
Negative
How was the initial setup?
The initial setup of Fortinet FortiSIEM is not complex. It is very easy, as the software comes with pre-built rules.
What about the implementation team?
The implementation partners provide recommendations, but they only cover what is required in the scope of work. In case of any challenges, Fortinet’s tech support assists.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.
Which other solutions did I evaluate?
Suppose I buy Splunk SIEMÂ , I need to configure all the required rules. In contrast, Fortinet FortiSIEM comes with over three thousand pre-built rules.
What other advice do I have?
If planning to use Fortinet FortiSIEM, it is important to know that it provides pre-built rules, which is a significant advantage. It is suitable for medium to enterprise customers. Overall, I would rate Fortinet FortiSIEM seven out of ten.
Oliver Jackson
Systems monitoring enhanced by firewall and intrusion detection features
Reviewed on Dec 18, 2024
Review provided by PeerSpot
What is our primary use case?
My primary use case for Fortinet FortiSIEMÂ is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.
My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and government departments to agencies.
What is most valuable?
Fortinet FortiSIEMÂ is valuable mainly for its features around firewall monitoring, intrusion detection, and authentication. It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security. Compliance management capabilities, although limited, are utilized by mature customers for reporting.
What needs improvement?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSMÂ products. Improving software stability and reducing bugs will make it a better tool for future use. Enhancing the completeness of its APIs could aid in better external integrations.
For how long have I used the solution?
I have used Fortinet FortiSIEM for three and a half years to nearly four years.
What do I think about the stability of the solution?
The product has some instability and bugs, which are not service-stopping but may cause unusual errors and user interface issues. I regularly work with Fortinet support to address these issues.
What do I think about the scalability of the solution?
Fortinet FortiSIEM is highly scalable. I would rate its scalability nine out of ten.
How are customer service and support?
The customer support from Fortinet is good. There is a knowledgeable, though small, team of support engineers around the world. I have come to know them all by name.
How would you rate customer service and support?
Positive
How was the initial setup?
From a new user's perspective, setting up Fortinet FortiSIEM could be rated as a five or six out of ten. However, with my four years of experience, I would rate the setup an eight out of ten.
What was our ROI?
Many of my customers are happy and have provided positive reviews about their experiences. They continue to pay for services and see value in the investment.
What's my experience with pricing, setup cost, and licensing?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite expensive.
What other advice do I have?
If you want to set it up yourself, seek expert support before starting. If considering a service, contact Fortinet for a recommended service provider in the FortiSIEM space.
I'd rate the solution eight out of ten.
Muhammad Tayyab
Maps threat vectors and IOCs on the MITRE framework to identify the kind and magnitude of a threat and the techniques used
Reviewed on Nov 19, 2024
Review provided by PeerSpot
What is our primary use case?
Mainly, we are configuring various correlation rules in FortiSIEMÂ to detect various types of cyber threats and cybersecurity attacks, particularly brute force attacks, denial of service attacks, and distributed denial. We are using it to identify suspicious activities by internal staff as well as outsiders, for any type of intrusion.
What is most valuable?
The most fascinating aspect of FortiSIEMÂ is its integration with the MITRE ATT&CK framework. It maps threat vectors and IOCs on the MITRE framework to identify the kind and magnitude of a threat and the techniques used. This allows us to take requisite measures using the SOARÂ solution or by involving our team of SOC analysts and incident responders.
What needs improvement?
FortiSIEM is a bit resource-hungry, so work should be done on hardware resource utilization to consume less hardware. Another major problem is its licensing model, which initially required separate licenses for devices, agents, and EPS.
Recently, they revised it to a subscription-based, all-inclusive license. There is also some latency observed in generating correlation alerts, which should be improved for quicker responses.
For how long have I used the solution?
We have been using it for almost one year.
What do I think about the stability of the solution?
FortiSIEM is a reliable product. Multiple times, the server abruptly shut down, but no critical or major issues were observed after power outages. It stabilizes itself in an appropriate time, so its uptime is good.
What do I think about the scalability of the solution?
FortiSIEM is a scalable model. At any point in time, when network devices increase or there is a change in the infrastructure, we can add more workers and collectors to expand our infrastructure setup.
How are customer service and support?
Technical support in my city, specifically in Islamabad or Rawalpindi, is decent. I would rate it seven out of ten.
Local tech support is available, however, for more critical or technical issues, we depend on the OEM directly, especially when it comes to on-prem solutions.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial installation requires some tech knowledge. You should have prior understanding of modules, collectors, workers, supervisors, and databases. However, after installation, it's really easy to operate.
What's my experience with pricing, setup cost, and licensing?
Fortinet FortiSIEM is high-priced. Previously, its licensing model required separate licenses for devices, agents, and EPS, which was quite rigid. The revised model is subscription-based and more flexible.
Which other solutions did I evaluate?
Compared to FortiSIEM, LogRhythm is a good competitor. QRadar is also a nice product, working equally well in our region.
What other advice do I have?
I would rate FortiSIEM eight out of ten. It's a nice product and is used by major governmental infrastructures and organizations. I would definitely recommend it to other users.