Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Securonix Next-Gen SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
172
Ranking in other categories
Log Management (10th)
Securonix Next-Gen SIEM
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
30
Ranking in other categories
Identity Threat Detection and Response (ITDR) (7th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. The mindshare of Securonix Next-Gen SIEM is 1.2%, down from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Oct 18, 2022
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Mohammed Nadeem Rais - PeerSpot reviewer
Sep 23, 2024
The visibility and analytics from Securonix SIEM have become indispensable in identifying and stopping potential threats before they escalate.
We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations.  It is integrated with threat intelligence and utilizes frameworks like MITRE ATT&CK and the Cyber Kill Chain.  The solution helps in threat…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"It supports most standard log sources."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"The log analysis feature is valuable."
"The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network."
"NextGen SIEM's best feature is how it presents logs."
"I find LogRhythm's log management capabilities to be beneficial."
"In general, the visibility of events and advanced analysis of events are good."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"One of the most valuable features is the integration of all types of data sources to extract relevant information regarding events. It is a good solution when it comes to the correlations that it makes within all the data handled in our company."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us."
"The user interface is easy to learn and navigate."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
 

Cons

"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"The initial setup is not so easy because it is quite a process."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"Scalability-wise, it's not that great."
"Sometimes the error-logging is not altogether helpful. For example, on an upgrade, a systems data processor, a Windows box, was throwing an error code like 1083. Then it just stopped and it died right out of the installer and nobody looked. We searched through Google and what it means is the Windows Firewall wasn't turned on so that it could create a rule for the product. Why wouldn't they bubble up that description so that I wouldn't have to call support and I could just know, "Okay, the firewall wasn't turned on. Turn it back on. Re-run the installer and keep going.""
"LogRhythm SIEM needs improvement in data grouping and manipulation capabilities."
"Other than issues with the training, there have been issues with the encryption. There have also been issues with some of the reporting, minor glitches that they have fixed as they've gone along."
"The technical support of the solution is an area with shortcomings and needs improvement."
"We would like to see better integration with other products."
"The solution could provide more automation."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything."
"The incident response area should be improved."
"One aspect that could be improved is the pricing of the product in Brazil."
 

Pricing and Cost Advice

"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
"NextGen SIEM's pricing is moderate."
"Everything is expensive with LogRhythm, and you don't get anything for free."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"I think the tool is reasonably priced. There is a need to pay per year towards the licensing costs of the tool."
"The solution's price is double the competitors."
"Its price is fine. We found it to be cheaper than LogRhythm, Exabeam, Splunk, as well as Elastic Security. A few months ago, when we were comparing Securonix with Elastic Security, we found Securonix to be cheaper than Elasticsearch. We were pretty surprised that Elastic Security is more expensive than Securonix because Elasticsearch is just starting, and it cannot compete with Securonix at this time. So, the pricing of Securonix is pretty good for now."
"Compared to other known brands in the industry, the overall cost of the licenses is a bit higher than what customers expect."
"A good thing about Securonix is that they don't charge by volume of data or number of devices... They charge by the number of employees, which is a much more predictable number for me, versus data. Our costs are in the $100,000 range over a three-year subscription."
"We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
"The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."
"I rate the pricing an eight on a scale of one to ten, where one is cheap, and ten is very expensive. It is a pretty expensive tool."
"Compared to other brands it seems more affordable to us."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
43%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
19%
Financial Services Firm
12%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What is your primary use case for Securonix Security Analytics?
We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations. It is integrated with threat intelligen...
What do you like most about Securonix Next-Gen SIEM?
The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
Securonix Security Analytics
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Dtex Systems, Pfizer, Western Union, Harris, ITG
Find out what your peers are saying about LogRhythm SIEM vs. Securonix Next-Gen SIEM and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.