Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
6.3
LogRhythm SIEM's customer service is praised for quick, knowledgeable support, though higher-level assistance can have occasional delays.
Sentiment score
5.9
Trellix ESM customer support is inconsistent, with mixed reviews on responsiveness, expertise, and service speed; improvement needed.
 

Room For Improvement

Sentiment score
4.2
LogRhythm SIEM needs interface, integration, and performance improvements, enhanced tools, better documentation, streamlined processes, automation, and user-friendly dashboards.
Sentiment score
7.3
Trellix ESM requires a user-friendly interface, faster support, better integration, advanced features, improved performance, and enhanced customization.
 

Scalability Issues

Sentiment score
7.0
LogRhythm SIEM is mostly scalable but faces challenges with older models, licensing, and cloud environment costs for smaller businesses.
Sentiment score
8.5
Trellix ESM is highly scalable, accommodating various company sizes and environments, from on-premises enterprises to cloud-based small businesses.
 

Setup Cost

Sentiment score
6.8
LogRhythm SIEM offers transparency and competitive pricing, valued for features, despite high costs for large-scale deployments and services.
No sentiment score available
 

Stability Issues

Sentiment score
6.1
LogRhythm SIEM is stable and reliable, though minor issues occur during upgrades or with complex queries and high event rates.
Sentiment score
8.5
Users have mixed experiences with Trellix ESM's stability, ranging from perfect scores to issues with power interruptions and service failures.
 

Valuable Features

Sentiment score
8.5
LogRhythm SIEM excels in threat detection with AI, ease of use, extensive log collection, and seamless integration, enhancing security visibility.
Sentiment score
8.0
Trellix ESM offers robust security features, easy deployment, effective threat monitoring, user-friendly interface, and excellent vendor support.
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th)
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Q&A Highlights

AS
May 07, 2015
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Daniel Durian - PeerSpot reviewer
Helps to monitor and detect cyberattacks
The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Answers from the Community

AS
May 7, 2015
May 7, 2015
Hello , As someone who worked with Splunk, Arcsight and Qradar. I am sorry but you cant compare between those two . IBM QRADAR works great with 100 eps and with 100000 eps. IBM Qradar analyze not only logs but Traffic, Policey's, Vulnerabilities, OSINT Data and integrates them all into a single quilty event which made the analysis factor and easter Risk management Risk assessment. Even in an SM...
2 out of 6 answers
it_user123231 - PeerSpot reviewer
Jun 25, 2014
Its is now an easy and clear answer. It depends on the environment, the integration needed, and the staff expertise. IBM is usually a better solution for large/very large installations and integration. But it requires much more staff and skills. But for smaller environments Splunk and LogRhytm is better. McAfee is correctly rated against others. So the answer is YES/AGREE for large installations. And NO/DISAGREE for smaller ones.
it_user114555 - PeerSpot reviewer
Jun 25, 2014
Hi, I disgree for SME installation since Q1 is usually on a large scale installation. While expertise on the product is still needed including integration with other security platforms. Splunk/LogRythm is good for Network correlation only not focusing much on the security area. McAfee is ok for both SME and Enterprise whilst expertise should also be considered as they have an easy and available tool for integration with their ticketing system, IPS, and AV. Hope this helps. Cheers, Lilet
 

Top Industries

By visitors reading reviews
Educational Organization
44%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Educational Organization
75%
Financial Services Firm
4%
Computer Software Company
3%
Government
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about McAfee ESM?
The solution's technical support is great.
What is your experience regarding pricing and costs for McAfee ESM?
Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.
What needs improvement with McAfee ESM?
The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Learn More

Video not available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about LogRhythm SIEM vs. Trellix ESM and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.