We performed a comparison between LogRhythm SIEM and Palo Alto Networks AutoFocus based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"The most valuable features would be the automation, reporting, and the support."
"In terms of security, LogRhythm NextGen SIEM is great."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"The major feature of this solution is its easy configuration which helps different team members to work on it effectively. This kind of feature is not available in other solutions because of a request for specialised schemes for configuration report extraction and searching. Another feature that I really admire is the significant improvement in the compliance in the auditing process by the solution. Our organisation-specific complaints require where the mailbox data needs to be forwarded, stored and searchable for a certain time period. This solution categorises data based on different types, which include cold, warm and hot data. These features allow faster and easier extraction of any data even if the event was occurring several years ago. I also like other features, especially user behaviour analysis and automation. If suddenly someone accesses your side or an unusual traffic is recorded from a user the solution flags it very effectively."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"AXON has the ability to add and compare use cases."
"The user interface is good."
"I am impressed with the tool's integration of Palo Alto products which serves as a platform for security."
"It integrates well with other solutions and provides good threat intelligence in terms of external threats."
"The most valuable feature is alerting."
"The feature that I like best is the dashboard."
"The logs play a crucial role as they contribute to blocking unwanted Internet traffic."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"The initial setup is not so easy because it is quite a process."
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"One thing we have mentioned to them before is that we'd like to be able to do searches, or drill-downs, directly from an alarm. When you click it and the Inspector tab slides out, that might be a good place to be able to click the host to search for the last 24 hours. I know the search is right there but it would be even nicer to just click that and then have an option to search something there."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"It would be helpful to have better documentation for configuring and installing the solution."
"I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."
"I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate."
"It is a completely cloud-based product at present."
"It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Palo Alto Networks AutoFocus is ranked 11th in Threat Intelligence Platforms with 5 reviews. LogRhythm SIEM is rated 8.4, while Palo Alto Networks AutoFocus is rated 7.8. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Palo Alto Networks AutoFocus writes "Impressive performance and monitoring capabilities but lacks in documentation". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas Palo Alto Networks AutoFocus is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, VirusTotal and Cisco Threat Grid.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.