Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs RSA enVision comparison

LogRhythm and RSA are both solutions in the Security Information and Event Management (SIEM) category. LogRhythm is ranked #7 with an average rating of 7.6, while RSA is ranked #32 with an average rating of 8.0. LogRhythm holds a 3.6% mindshare in SIEM, compared to RSA’s 0.4% mindshare. Additionally, 89% of LogRhythm users are willing to recommend the solution, compared to 83% of RSA users who would recommend it.
LogRhythm SIEM
Read 172 LogRhythm SIEM reviews
  • 7,946 Views
  • 4,617 Comparison Views
89% willing to recommend
RSA enVision
Read 6 RSA enVision reviews
  • 597 Views
  • 495 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

LogRhythm SIEM and RSA enVision are strong contenders in the SIEM market. LogRhythm SIEM has an edge in customer satisfaction, while RSA enVision is noted for its deeper technical features.

Features: LogRhythm SIEM is known for real-time monitoring, extensive logs, and advanced correlation capabilities. RSA enVision offers detailed reporting, compliance support, and in-depth analytics.

Room for Improvement: LogRhythm SIEM needs better integration with third-party tools, more customization options, and enhanced reporting. RSA enVision requires simplification, easier use, and a more intuitive interface.

Ease of Deployment and Customer Service: LogRhythm SIEM features smoother deployment and responsive customer service. RSA enVision's deployment is complex and time-consuming, with reliable but slower customer service.

Pricing and ROI: LogRhythm SIEM has reasonable setup costs and strong ROI. RSA enVision is more expensive but offers a comprehensive feature set that justifies the cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed LogRhythm SIEM vs. RSA enVision Report (Updated: December 2024).
Buyer's Guide
LogRhythm SIEM vs. RSA enVision
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th)
RSA enVision
Ranking in Security Information and Event Management (SIEM)
32nd
Average Rating
7.2
Reviews Sentiment
6.7
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.6%, down from 5.0% compared to the previous year. The mindshare of RSA enVision is 0.4%, down from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Read full review
SF
Support both French and English, which is important for us and adapted to the evolving security landscape over time in my experience
You need a skilled engineer to deploy it because you can do anything with this tool. You can see everything on the network. A good engineer will be surprised and have fun using this tool because it's very powerful. Deployment process: You need to build a recipe/layout when you want to deploy something. Once the recipe is done, you just have to copy it. So you really need a good engineer at first, but then any other technician can copy the recipe. You don't need to be an expert once the recipe is finalized. So, once you have it set up, it's easy to deploy. But you need a good engineer to deploy it correctly. You will get alerts from the system, but if you want to fully explore and maximize the tool, the engineering needs are different.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"It supports most standard log sources."
"The user interface is good."
"The security operation center is excellent."
"LogRhythm SIEM offers advanced features such as AI engine modules, machine learning, and threat intelligence integration, which help reduce false positives. Advanced analytics streamlines incident response processes, enabling incident responders to prioritize and automate alerts."
"We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources."
More LogRhythm SIEM pros
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"We developed around this solution and received excellent support from the company."
"The most valuable feature of this solution is the reporting."
 

Cons

"The web and on-premise console interface should be the same instead of having a separate engine for each."
"I would like to see case management become more independent from LogRhythm itself."
"Sometimes the Platform Manager crashes because it's built around Windows."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"Move it to Linux. I would like to see it get off the SQL Server."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
More LogRhythm SIEM cons
"RSA enVision log manager is out of date and is not in use anymore."
"The integration could be easier, it should support more products."
"Licensing could be improved to be more oriented towards Managed Service Providers (MSPs)."
"In general, the solution currently isn't user-friendly."
 

Pricing and Cost Advice

"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."
"It is a very cost-effective solution."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"NextGen SIEM's pricing is moderate."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
More LogRhythm SIEM pricing and cost advice
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."
"We no longer pay a licensing fee because it is out of date and don't pay for support."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
12%
Manufacturing Company
12%
Financial Services Firm
10%
Energy/Utilities Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
See all answers
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
See all answers
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
See all answers
What do you like most about RSA enVision?
The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten.
See all answers
What needs improvement with RSA enVision?
Licensing could be improved to be more oriented towards Managed Service Providers (MSPs). Perhaps offering different types of licensing would be beneficial, as it can be expensive for industries wi...
See all answers
What advice do you have for others considering RSA enVision?
Overall, I would rate it a nine out of ten. I recommend using it, but it also depends on the needs and the budget. If I still had my company, I think we would continue using RSA enVision. However, ...
See all answers
 

Comparisons

IBM Security QRadar vs LogRhythm SIEM Logo
IBM Security QRadar vs LogRhythm SIEM
Compared 14% of the time
Splunk Enterprise Security vs LogRhythm SIEM Logo
Splunk Enterprise Security vs LogRhythm SIEM
Compared 13% of the time
Wazuh vs LogRhythm SIEM Logo
Wazuh vs LogRhythm SIEM
Compared 7% of the time
LogRhythm Axon vs LogRhythm SIEM Logo
LogRhythm Axon vs LogRhythm SIEM
Compared 6% of the time
Fortinet FortiSIEM vs LogRhythm SIEM Logo
Fortinet FortiSIEM vs LogRhythm SIEM
Compared 5% of the time
More LogRhythm SIEM Competitors
NetWitness Platform vs RSA enVision Logo
NetWitness Platform vs RSA enVision
Compared 36% of the time
Splunk Enterprise Security vs RSA enVision Logo
Splunk Enterprise Security vs RSA enVision
Compared 35% of the time
IBM Security QRadar vs RSA enVision Logo
IBM Security QRadar vs RSA enVision
Compared 29% of the time
More RSA enVision Competitors
 

Product Reports

Buyer's Guide
LogRhythm SIEM
December 2024
LogRhythm SIEM reportDownload LogRhythm SIEM product report
Buyer's Guide
Security Information and Event Management (SIEM)
December 2024
RSA enVision reportDownload RSA enVision product report
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Learn More

LogRhythm
RSA
 

Overview

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

● Streamlined workflow

● Secure data access

● Real-time visibility

● A unified user experience

● Management customization

Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

LogRhythm SIEM has many key features and capabilities, including:

High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

Benefits to Using LogRhythm SIEM

The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

Reviews from Real Users

LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

RSA enVision is a comprehensive security information and event management (SIEM) solution offered by RSA, a leading provider of cybersecurity solutions. It enables organizations to collect, analyze, and manage security event data from various sources, providing real-time visibility into their IT infrastructure. With RSA enVision, organizations can proactively detect and respond to security incidents, ensuring the protection of critical assets and sensitive data. 

The solution offers a wide range of features, including log management, event correlation, threat intelligence, and compliance reporting. One of the key strengths of RSA enVision is its ability to collect and normalize data from diverse sources, such as network devices, servers, applications, and databases. This allows organizations to gain a holistic view of their security posture and identify potential threats or vulnerabilities. 

The event correlation capabilities of RSA enVision enable the detection of complex attack patterns and the identification of potential security incidents. By analyzing events in real-time and correlating them with historical data, the solution can provide actionable insights and alerts to security teams, enabling them to respond quickly and effectively. RSA enVision also offers advanced threat intelligence capabilities, leveraging machine learning and behavioral analytics to identify anomalous activities and potential indicators of compromise. This helps organizations stay ahead of emerging threats and proactively mitigate risks. 

RSA enVision provides comprehensive compliance reporting capabilities, helping organizations meet regulatory requirements and demonstrate adherence to industry standards. The solution offers pre-built compliance reports for various regulations, such as PCI DSS, HIPAA, and GDPR, simplifying the audit process and reducing compliance-related costs. In summary, RSA enVision is a powerful SIEM solution that enables organizations to effectively manage their security events, detect and respond to threats, and meet compliance requirements. 

With its robust features and capabilities, it provides organizations with the necessary tools to enhance their cybersecurity posture and protect their critical assets.

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
Buyer's Guide
LogRhythm SIEM vs. RSA enVision
December 2024
Free Report: LogRhythm SIEM vs. RSA enVision
Find out what your peers are saying about LogRhythm SIEM vs. RSA enVision and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our LogRhythm SIEM vs. RSA enVision report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.