LogRhythm NextGen SIEM Platform
Overview
What is LogRhythm NextGen SIEM Platform?
The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…
Top Rated SIEM Platform
LogRhythm is definitely worth the price especially in large organizations.
Fantastic Product For SIEM LogRhythm
LogRhythm Logging for the masses (of stuff you own)
Great SIEM, especially the auto-defending piece
LogRhythm: A NextGen tool for NextGen analysts
Delivers enterprise level SIEM at a reasonable cost
If we were a smaller environment, LogRhythm's NextGen SIEM Platform would be perfect
SIEM That Ticks All Major Boxes With a User Friendly Platform
LogRhythm is a solid centralized logging solution for large businesses
A very powerful SIEM with a robust AI engine
LogRhythm is on beat!
LogRhythm - A great SIEM for on-prem with room for growth for Hybrid/Cloud
Effective security at your hands.
LogRhythm - excelling in customer support and innovation
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Centralized event and log data collection (20)9.090%
- Correlation (20)8.181%
- Event and log normalization/management (20)8.080%
- Custom dashboards and workspaces (20)7.575%
Pricing
What is LogRhythm NextGen SIEM Platform?
The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
43 people also want pricing
Alternatives Pricing
What is Blumira?
Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.
Product Demos
Unleash the Power of Your SOC: LogRhythm NextGen SIEM Platform Demo | InfoSec Matters
How to Stop Phishing Attacks with LogRhythm | LogRhythm in Action
Features
Security Information and Event Management (SIEM)
Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools
- 9Centralized event and log data collection(20) Ratings
Effectiveness of real-time centralized event and log data collection
- 8.1Correlation(20) Ratings
Correlation of logs and events to pinpoint significant threats
- 8Event and log normalization/management(20) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
- 4.6Deployment flexibility(19) Ratings
Ability to tune system to maximize threat detection and minimize false positives
- 7.1Integration with Identity and Access Management Tools(16) Ratings
Integration with access control tools like Active Directory and LDAP
- 7.5Custom dashboards and workspaces(20) Ratings
dashboards that can be customized to meet the needs of specific groups
- 7.1Host and network-based intrusion detection(14) Ratings
Ability to detect both endpoint intrusion and network ingress detection
- 8Data integration/API management(2) Ratings
Ease and quality of data integrations between SIEM and other systems
- 8Behavioral analytics and baselining(2) Ratings
How effectively activity and behavior baselines are established and maintained
- 7.1Rules-based and algorithmic detection thresholds(2) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
- 7.1Response orchestration and automation(2) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
- 7Reporting and compliance management(3) Ratings
Ease and quality of reporting and compliance functions
- 7.1Incident indexing/searching(2) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM
Product Details
- About
- Tech Details
- FAQs
What is LogRhythm NextGen SIEM Platform?
LogRhythm NextGen SIEM Platform Video
LogRhythm NextGen SIEM Platform Technical Details
Operating Systems | Unspecified |
---|---|
Mobile Application | No |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(70)Community Insights
- Business Problems Solved
- Pros
- Cons
- Recommendations
LogRhythm NextGen SIEM Platform is a versatile tool that offers a wide range of use cases for organizations of varying sizes. Managed security services providers rely on LogRhythm to detect and respond to threats in their customers' environments effectively. Additionally, organizations use LogRhythm to monitor their entire infrastructure, including endpoints, network devices, and security systems, providing a comprehensive view of their network.
For information security departments, LogRhythm serves as a valuable tool for collecting logs from important systems and helps with log management in cloud environments. This allows users to identify live attacks and configure environments for customer demos. The platform also supports compliance regulations by providing auditing and compliance features, such as NERC CIP and HIPAA.
Furthermore, LogRhythm facilitates incident response and improves overall security posture by collecting logs from various systems and monitoring critical infrastructure. It allows for alerting and monitoring specific events like machine restarts or new user account creations. The drill-down feature enables users to extract information efficiently and detect problems in a well-structured manner with easy-to-understand visualizations.
Non-technical users find LogRhythm user-friendly as it requires no coding or programming knowledge, allowing them to easily build rules and manage servers. The extensive documentation, support, and community surrounding LogRhythm make it easy for users to learn and configure the highly customizable SIEM platform. Overall, LogRhythm NextGen SIEM Platform has proven to be an invaluable tool in meeting compliance requirements, improving incident response capabilities, and enhancing overall security monitoring for organizations across various industries.
Intuitive and Easy-to-Implement Building Blocks: Many users have praised LogRhythm for its intuitive and easy-to-implement building blocks that are represented as drag and drop elements. This feature has been mentioned by several reviewers, highlighting the platform's user-friendly interface.
Powerful Anomaly Detection Capabilities: LogRhythm's statistical building blocks have powerful anomaly detection capabilities that are difficult to find in other SIEMs, making it stand out in terms of event classification. Several users have commended this feature, emphasizing its effectiveness in identifying and classifying anomalous events.
Great Help Desk Troubleshooting with Web UI: LogRhythm's Web UI is highly regarded for help desk troubleshooting purposes. Users appreciate its ability to easily identify and drill down into authentication issues, performance trending, and correlation of events. This functionality has been positively mentioned by multiple reviewers.
Limited error handling: Some users have expressed frustration with the limited error handling capabilities of LogRhythm NextGen SIEM Platform. They feel that when an error occurs, the platform does not provide sufficient information or guidance on how to resolve it.
Lack of customization options: Several reviewers have mentioned that they would like more customization options within LogRhythm NextGen SIEM Platform. They feel restricted in their ability to tailor the platform to meet their specific needs and preferences.
Complex user interface: A number of users have found the user interface of LogRhythm NextGen SIEM Platform to be complex and difficult to navigate. They have mentioned that it can take time and effort to learn how to effectively use all the features and functionalities of the software.
Users commonly recommend LogRhythm's SIEM for its ease of use and monitoring capabilities, making it a good all-in-one tool for SIEM needs in larger and mid-sized setups. They consider LogRhythm one of the best SIEM tools available, praising its impact and GUI compared to RSA NetWitness. Users appreciate LogRhythm's cost-effectiveness, easy configuration and administration, as well as its ability to consume less CPU memory. They also highlight the availability of support and conferences in the community. Users suggest having patience during the initial setup and build-out process, as they believe the end result is worth it. Improved overall performance, control, and functionality with LogRhythm's instrument panel are also praised.
Furthermore, users recommend LogRhythm for companies that can develop sufficient expertise in its software and have an in-house SQL expert. They advise making the best use of LogRhythm for complete visibility of the network. Some suggestions for improvement include enhancing the dashboard process, offering a community version for trial and certification preparation purposes, adding more features to the web interface, and incorporating AI capabilities to streamline threat identification. Users find LogRhythm to be a great tool for work in medium-large size companies, suitable for achieving high fidelity security context. It is recommended for security event analysis and considered a leader in SIEM solutions that provide good support and meet customer requirements. Users suggest trying LogRhythm for better results in enterprise solutions compared to other SIEM tools.
Additionally, users emphasize LogRhythm's affordability, streamlining SIEM experience, and its suitability for mid-size and large organizations, especially those with widely dispersed endpoints and multi-tiered SOCs. LogRhythm is seen as a powerful network monitoring tool with pricing advantages. Recommendations include purchasing it for specific compliance requirements and critical environment protection, involving system administrators early to help filter traffic, and allowing multiple people to administer the system to avoid bottlenecks.
In conclusion, LogRhythm's SIEM is consistently recommended for its ease of use, monitoring capabilities, impact and GUI, cost-effectiveness, configuration flexibility, support availability, improved performance and control, integration possibilities, and affordability. It is considered a leader in the market and an alternative worth considering for organizations seeking a reliable SIEM solution.
Attribute Ratings
Reviews
(1-20 of 20)Top Rated SIEM Platform
- Intrusion Detection
- Executive Level Reports
- Centralized log search and lookup
- It gives the overall view of the environment so we are always aware of our security position.
- It has created operational effectiveness; we are able to rapidly detect threats and resolve it fast.
- We have been able to track inappropriate login attempts through tickets.
Fantastic Product For SIEM LogRhythm
- Improve business process agility
- Create internal/operational efficiencies
- Improve business process outcomes
LogRhythm Logging for the masses (of stuff you own)
- LogRhythm has had a positive impact on our reporting capabilities, although the reporting module is very difficult to use.
- Our support teams use LogRhythm to alert on, track and troubleshoot issues with authentication, inappropriate access attempts and other anomalous behavior.
- The cost of deployment was significantly lower than the competitor QRadar.
Great SIEM, especially the auto-defending piece
- It has been a positive impact. This has helped us react better to threats.
LogRhythm: A NextGen tool for NextGen analysts
- One of the positive impacts that we experienced from LogRhythm NextGen SIEM Platform is the Dynamic Alarming System. It shows the recent tickets, and we know what exactly to prioritize at the start of the day.
- The search tool also helped us trace back wireless users by log correlation that we almost gave up our hope for.
- A slightly negative impact that can be featured it relying too much on it. We have been a victim of a false alarm and went on a completely wrong direction until we tallied with the Log source and found the problem. It is good, but we must correspond against the log source to be confirmed.
Delivers enterprise level SIEM at a reasonable cost
- The central logging function has greatly improved out research capability.
- Having a central location for security incident investigation has been a great add to our environment.
- Historical data stored for audit purposes has been very useful.
If we were a smaller environment, LogRhythm's NextGen SIEM Platform would be perfect
- We were able to consolidate two legacy SIEM products into LogRhythm NextGen SIEM Platform.
- We are able to provide reporting on SOX and Compliance requests immediately whereas it might have taken a couple of days with our previous SIEM platforms.
- Since we are not using the LogRhythm agent on servers, we had to spin up a large number of VMs to act as data collectors.
SIEM That Ticks All Major Boxes With a User Friendly Platform
- Positive - being able to understand the security posture of the organization.
- It has helped us maintain level 1 PCI compliance
- It makes it easier to track or identify problems across our environment
- Daily and weekly reports makes our management happy
A very powerful SIEM with a robust AI engine
- The ability to search through logs in a centralized location really helps us to provide RCA (Root Cause Analysis) to management for outages. This helps us to quickly identify the cause of outages and thus saves money due to reduced downtime.
- Being able to configure the alarms to provide real-time notification (and responses) to security events helps to prevent potential loss due to compromises (such as a fraudulent wire transfer).
- The initial investment in LogRhythm SIEM is somewhat expensive, however, the appliance is built to your specific needs so you won't have to constantly be upgrading the device as your company grows.
LogRhythm is on beat!
- Less time spent managing access lists on edge firewalls
- Increased accuracy of security policies
- Highly increased visibility of network logs
- By preventing intrusion and increasing our security posture, we would like to believe the ROI is immediate and immense. Any breach is drastically more expensive than the cost of these tools.
- We took a bit of a hit by using LR for our cloud SIEM tool.
Effective security at your hands.
- If your company is big enough (mid-size and upwards), you can see ROI pretty fast along with your other security systems and devices. The renewal process is easy also.
- LogRhythm has helped us in detecting external attacks on our organization and stopping them, if you spent the time configuring those properly.
LogRhythm - excelling in customer support and innovation
- LogRhythm allowed us to meet several compliance needs with very minimal investment of time.
- Overlal cost of ownership is much less than with other platforms that we had used.
LogRhythm is a clear winner
- Our ROI has been positive, we have improved our ability to investigate incidents
- We have also used LogRhythm to be able to block attacks in progress based on the real time alerting
- LogRhythm has improved our posture in terms of security framework and significantly improved our score as measured by alignment with NIST CSF framwork
- In our last completed Pen Test engagement we caught the Pen testers 5 times in the course of their objectives
LogRhythm = A good Investment
- This product saves our company on average around $10k per year. When we are in the midst of a CIP audit this number is much higher.
LogRhythm for your SIEM Needs
- We were able to retire a few older log collection platforms that we had in house. There were 2-3 systems doing the job of LogRhythm.
- We were able to bring some part of the analysis of events back in house and not rely on third party MSS.
So you want to know which SIEM to buy
- LogRhythm is just good for content, which means I catch more threats with it. The cost of the SIEM is always less than the cost of a breach.
LogRhythm does what it promises.
- It helps us satisfy log file monitoring requirements for PCI.