2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101
32 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.6 out of 101

Add comparison

Likelihood to Recommend

Alert Logic Log Correlation and Analysis

Alert Logic is ideally placed to support and protect cloud infrastructure and services such as AWS hosted services. It is less appropriate for platform as a service as this would be addressed by the provider in question. It would also be ideally suited to on-premise and hybrid cloud scenarios to protect services from attacks and breaches.
No photo available

LogRhythm

It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

Alert Logic Log Correlation and Analysis
LogRhythm
8.7
Centralized event and log data collection
Alert Logic Log Correlation and Analysis
LogRhythm
9.4
Correlation
Alert Logic Log Correlation and Analysis
LogRhythm
9.4
Event and log normalization
Alert Logic Log Correlation and Analysis
LogRhythm
9.0
Deployment flexibility
Alert Logic Log Correlation and Analysis
LogRhythm
7.3
Integration with Identity and Access Management Tools
Alert Logic Log Correlation and Analysis
LogRhythm
8.9
Custom dashboards and views
Alert Logic Log Correlation and Analysis
LogRhythm
9.0
Host and network-based intrusion detection
Alert Logic Log Correlation and Analysis
LogRhythm
7.7

Pros

  • Alert Logic provides very technical solutions to address security risks. However much of the benefit is from a human level understanding of the threats seen.
  • As a company, they are profiling thousands of companies and are better able to predict threats such as denial of service attacks and warn organisations ahead of time.
No photo available
  • LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
  • The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
  • LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Joel Eng profile photo

Cons

  • Overall the product and service works well and addresses all our key requirements so we have no real negatives to share.
No photo available
  • LogRhythm absolutely needs to provide back end support for threat intelligence lists. Performing a linear search on massive lists of IPs on incoming web traffic can bring the SIEM to its knees.
  • LogRhythm should drop its entire code base for implementing lists and simply turn them into hash tables to avoid the excessive cost associated with referencing lists in rules. I haven't seen the code, but the performance suggests O(n).
  • The reporting feature is the worst of all SIEMs, luckily reports are not my primary service offering. LogRhythm should definitely revamp its reporting to be more intuitive.
Joel Eng profile photo

Likelihood to Renew

No score
No answers yet
No answers on this topic
LogRhythm9.0
Based on 1 answer
LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases.
James Harrison profile photo

Usability

No score
No answers yet
No answers on this topic
LogRhythm9.0
Based on 1 answer
Training is lacking for the reporting and query building. Overall, the investigation tool is my most used feature. It is very easy to drill down when searching for an interesting event. The real time dashboard in the console is feature rich and provides graphical views and the ability to see associated logs.The alarms dashboard displays the most recent significant events, and the ability to track and document how the event is being handled.
James Harrison profile photo

Support

No score
No answers yet
No answers on this topic
LogRhythm10.0
Based on 1 answer
Over the last couple of years, we have had some challenges requiring longer and higher tiered support. Log Rhythm was quick to assign a 3rd tier engineer to assist us in identifying and re-mediating those problems. They have also assisted in getting us to later versions. They are willing to hand hold during platform upgrades
James Harrison profile photo

Implementation

No score
No answers yet
No answers on this topic
LogRhythm8.0
Based on 1 answer
  • Buy professional services.
  • Buy and implement the system if possible.
  • Remember that the end point log configuration may require other teams in your company to assist you in getting the desired logs from all resources.
  • Attend the end user and daily operations training after a period of usage so you are not overwhelmed with information on concepts not yet seen.
  • Don't be afraid to call for help during your first months of use.
  • Don't close any ticket until you are sure the expected results are verified.
  • Use the community forums to discuss issues with your peers.
  • Watch the training videos offered by L R University.
James Harrison profile photo

Alternatives Considered

There are alternatives some of which have a greater overhead and require more in-house technical skills. Alert Logic provide a full service so for us this was a better solution.
No photo available
AlienVault USM Appliance and USM Anywhere might lack some functionality where LogRhythm does well. For instance, SmartResponse functionality is more mature than the Orchestration rules at AlienVault USM Anywhere. You can easily script SmartResponse to act accordingly to each situation, and if you do so carefully (and test them), you can be assured your environment is safe automatically or if you set those up on approval mode, you can be agile by clicking the proper SmartResponse item when the opportunity arises.
Ivan Montilla Miralles profile photo

Return on Investment

  • Return on Investment is measured in how protected our reputation is and Alert Logic contributes to this is a large way.
  • Alert Logic provides excellent information security assurance to the business and allows us to feel more proactive.
No photo available
  • This product saves our company on average around $10k per year. When we are in the midst of a CIP audit this number is much higher.
Jacob Steffen profile photo

Pricing Details

Alert Logic Log Correlation and Analysis

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

LogRhythm

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details