What users are saying about
21 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.3 out of 100
47 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.6 out of 100

Likelihood to Recommend

Darktrace

Darktrace would be well suited to any environment really; the only constraint would be the budget. The cost scales on the number of devices to be monitored by the product, so it can be quite expensive in larger environments. Any company that would benefit from having 24/7 monitoring of their network would find that this product would suit that need perfectly. It can also create a number of reports, which is useful if you have any requirement to present periodic figures and statistics for your network. There are also additional features available and in development such as Antigena, which can be configured to allow potential threats to be automatically mitigated; it can block connections to a certain address, using certain ports, or it can enforce "normal behaviour" where it will only allow a machine to communicate in a way that Darktrace has observed before and considers normal. This has huge benefits particularly for 24/7 organisations where you don't have the ability to have someone monitoring the network personally at all times, as it could stop a malware outbreak in its tracks.
Anonymous | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

I will say that the LogRhythm NextGen SIEM Platform is well suited for an organization that is not very big but has multiple log sources. Or a lot of non-technical employees who do not know how to code or do write custom queries. Typically it is a good fit for universities and mid-range startups. This has an excellent interface, dashboard, useful for managing roles, but it doesn't provide the level of customization that a technical person with knowledge of coding probably would prefer. Software like Splunk and Elastic Search are much more flexible in terms of the granularity of the search.
Anonymous | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Darktrace
LogRhythm NextGen SIEM Platform
8.6
Centralized event and log data collection
Darktrace
LogRhythm NextGen SIEM Platform
9.5
Correlation
Darktrace
LogRhythm NextGen SIEM Platform
9.1
Event and log normalization/management
Darktrace
LogRhythm NextGen SIEM Platform
8.6
Deployment flexibility
Darktrace
LogRhythm NextGen SIEM Platform
8.4
Integration with Identity and Access Management Tools
Darktrace
LogRhythm NextGen SIEM Platform
8.0
Custom dashboards and workspaces
Darktrace
LogRhythm NextGen SIEM Platform
9.3
Host and network-based intrusion detection
Darktrace
LogRhythm NextGen SIEM Platform
7.3

Pros

Darktrace

  • It did an ok job of analyzing and collecting data. It used a span (mirrored) port and then using its own algorithm developed flow records.
  • It did an ok job of segmenting traffic into networks - not always correctly, but ok.
  • It tried to identify devices by type - once again, it did ok, but not that great.
Matthew Frederickson | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

  • LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
  • The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
  • LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Joel Eng | TrustRadius Reviewer

Cons

Darktrace

  • False positives. Darktrace uses "AI" to create its alerts for "unusual" or "malicious" activity. It is very common to see an alert for completely benign and normal device behavior - PC tries to print for the first time in a while, for example.
  • Antigena actions. To some extent, this is a continuation of the previous point. Darktrace can break the network connectivity of the suspected device automatically. The excessive number of false positives makes administrators reluctant to use this feature, though. Also, the default Antigena actions are not relevant to real-world problems as I saw them in my experience with Darktrace.
Anonymous | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

  • While searching for log events is quick, the interface isn't as user-friendly as other SIEM products.
  • Many of the administrative/management functions are only available through the full LogRhythm desktop console, not through the web console.
  • The LogRhythm agent, when used for FIM and RIM, is very memory intensive.
Anonymous | TrustRadius Reviewer

Likelihood to Renew

Darktrace

No score
No answers yet
No answers on this topic

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 9.0
Based on 1 answer
LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases.
James Harrison | TrustRadius Reviewer

Usability

Darktrace

No score
No answers yet
No answers on this topic

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 2 answers
LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful.
Anonymous | TrustRadius Reviewer

Support Rating

Darktrace

Darktrace 9.5
Based on 4 answers
Any time I have had any issue with Darktrace, I've been able to contact an engineer through their support desk, and I have always had a very speedy response. Even when the issue has been caused by something outside of the Darktrace devices, they have still been very keen to try to help and identify what the problem was. The customer portal also has a large number of videos and guides that you can use to educate yourself on the product
Anonymous | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 18 answers
Support has always been fantastic for this product compared to many other support providers I've worked with. They are always very friendly and seem to be well trained and knowledgeable and never have to wait long for a solution. We usually get the issue fixed in the first call, but also we really haven't had to use support a ton so that's also a plus
Anonymous | TrustRadius Reviewer

Implementation Rating

Darktrace

No score
No answers yet
No answers on this topic

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 3 answers
  • Buy professional services.
  • Buy and implement the system if possible.
  • Remember that the end point log configuration may require other teams in your company to assist you in getting the desired logs from all resources.
  • Attend the end user and daily operations training after a period of usage so you are not overwhelmed with information on concepts not yet seen.
  • Don't be afraid to call for help during your first months of use.
  • Don't close any ticket until you are sure the expected results are verified.
  • Use the community forums to discuss issues with your peers.
  • Watch the training videos offered by L R University.
James Harrison | TrustRadius Reviewer

Alternatives Considered

Darktrace

We have not evaluated others as they seem to be in their own class.
Anonymous | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

LogRhythm was simpler to set up and configure as well as extract information from. It also was less intrusive in terms of how many appliances were needed to implement. We were up and running within 5 hours to start accepting log sources. We selected LogRhythm as well since support is based in the USA in Colorado.
Anonymous | TrustRadius Reviewer

Return on Investment

Darktrace

  • We had an ROI just during the POC. DarkTrace helped us identify a ransomware attack and we stopped it before it happened.
  • The weekly reports more than pay for itself within the first few months.
  • The powerful search capability helps us solve problems where other solutions fall short.
Anonymous | TrustRadius Reviewer

LogRhythm NextGen SIEM Platform

  • The ability to search through logs in a centralized location really helps us to provide RCA (Root Cause Analysis) to management for outages. This helps us to quickly identify the cause of outages and thus saves money due to reduced downtime.
  • Being able to configure the alarms to provide real-time notification (and responses) to security events helps to prevent potential loss due to compromises (such as a fraudulent wire transfer).
  • The initial investment in LogRhythm SIEM is somewhat expensive, however, the appliance is built to your specific needs so you won't have to constantly be upgrading the device as your company grows.
Anonymous | TrustRadius Reviewer

Pricing Details

Darktrace

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

LogRhythm NextGen SIEM Platform

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Darktrace
9.1
LogRhythm NextGen SIEM Platform
7.7

Likelihood to Renew

Darktrace
LogRhythm NextGen SIEM Platform
9.0

Usability

Darktrace
LogRhythm NextGen SIEM Platform
8.0

Support Rating

Darktrace
9.5
LogRhythm NextGen SIEM Platform
8.0

Implementation Rating

Darktrace
LogRhythm NextGen SIEM Platform
8.0

Add comparison