Try our new research platform with insights from 80,000+ expert users

ArcSight Intelligence vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
8.5
ArcSight Intelligence has slow but capable customer support, with mixed user satisfaction regarding problem resolution and feedback sufficiency.
Sentiment score
6.3
LogRhythm SIEM's customer service is praised for quick, knowledgeable support, though higher-level assistance can have occasional delays.
 

Room For Improvement

Sentiment score
4.0
ArcSight Intelligence requires frequent updates, improved usability, better speed, enhanced scalability, lower pricing, and higher ranking compared to QRadar and Splunk.
Sentiment score
4.2
LogRhythm SIEM needs interface, integration, and performance improvements, enhanced tools, better documentation, streamlined processes, automation, and user-friendly dashboards.
 

Scalability Issues

Sentiment score
6.3
ArcSight Intelligence is scalable but complex, with user ratings ranging from moderately to highly, influenced by partner support.
Sentiment score
7.0
LogRhythm SIEM is mostly scalable but faces challenges with older models, licensing, and cloud environment costs for smaller businesses.
 

Setup Cost

No sentiment score available
ArcSight Intelligence is costly, suited for enterprises, and offers various licensing options with extra charges for new features.
Sentiment score
6.8
LogRhythm SIEM offers transparency and competitive pricing, valued for features, despite high costs for large-scale deployments and services.
 

Stability Issues

Sentiment score
8.4
ArcSight Intelligence is highly rated for stability and consistent performance, with users giving it a nine out of ten.
Sentiment score
6.1
LogRhythm SIEM is stable and reliable, though minor issues occur during upgrades or with complex queries and high event rates.
 

Valuable Features

Sentiment score
8.1
ArcSight Intelligence offers a powerful log correlation engine, customizable alerts, seamless dashboard, user-friendly interface, and easy rule creation.
Sentiment score
8.5
LogRhythm SIEM excels in threat detection with AI, ease of use, extensive log collection, and seamless integration, enhancing security visibility.
 

Categories and Ranking

ArcSight Intelligence
Ranking in Security Information and Event Management (SIEM)
37th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (17th)
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Intelligence is 0.3%, down from 0.3% compared to the previous year. The mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Nagendra Nekkala - PeerSpot reviewer
A user-friendly solution that can be used to integrate the logs properly with different connectors
ArcSight Intelligence is easy to maintain; one person is enough for the solution's maintenance. The maintenance person will add new features or devices, make policy changes or configurations, and learn and guide other engineers about new threats. ArcSight Intelligence is a user-friendly solution, and users should buy it if their company can afford its cost. Overall, I rate ArcSight Intelligence a nine out of ten.
Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Government
21%
Computer Software Company
18%
Financial Services Firm
9%
Manufacturing Company
7%
Educational Organization
44%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about ArcSight Interset / Intelligence?
The platform helps us improve threat detection capabilities.
What needs improvement with ArcSight Interset / Intelligence?
The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice amon...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about ArcSight Intelligence vs. LogRhythm SIEM and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.