Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Trellix Helix comparison

LogRhythm and Trellix are both solutions in the Security Information and Event Management (SIEM) category. LogRhythm is ranked #7 with an average rating of 7.6, while Trellix is ranked #31 with an average rating of 9.0. LogRhythm holds a 3.6% mindshare in SIEM, compared to Trellix’s 0.5% mindshare. Additionally, 89% of LogRhythm users are willing to recommend the solution, compared to 100% of Trellix users who would recommend it.
LogRhythm SIEM
Read 172 LogRhythm SIEM reviews
  • 7,946 Views
  • 4,617 Comparison Views
89% willing to recommend
Trellix Helix
Read 10 Trellix Helix reviews
  • 1,034 Views
  • 694 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

LogRhythm SIEM and Trellix Helix are competing SIEM solutions with distinct strengths and weaknesses. Users find Trellix Helix superior in feature sets yet consider LogRhythm SIEM better in pricing.

Features: LogRhythm SIEM users highlight its comprehensive analytics, fast incident response, and integration capabilities. Trellix Helix is praised for advanced threat detection, extensive customization, and automation options. Trellix Helix offers a richer feature set, though LogRhythm SIEM provides reliable core functionalities.

Room for Improvement: LogRhythm SIEM users suggest enhancements in scalability and more intuitive system operations. Trellix Helix reviewers desire better documentation and more streamlined updates. LogRhythm SIEM presents more significant challenges in user operation, while Trellix Helix could benefit from improved support resources.

Ease of Deployment and Customer Service: LogRhythm SIEM is noted for its complex deployment process but benefits from effective customer service. Trellix Helix offers relatively easy deployment yet faces criticism for occasional unresponsiveness in customer support. Trellix Helix is easier to deploy, while LogRhythm SIEM excels in customer service response.

Pricing and ROI: LogRhythm SIEM is often considered more economical with substantial returns on investment. Trellix Helix has higher upfront costs but provides significant ROI due to its advanced capabilities. Users find LogRhythm SIEM more cost-efficient, though Trellix Helix justifies its price with robust features leading to a high ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed LogRhythm SIEM vs. Trellix Helix Report (Updated: December 2024).
Buyer's Guide
LogRhythm SIEM vs. Trellix Helix
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th)
Trellix Helix
Ranking in Security Information and Event Management (SIEM)
31st
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
10
Ranking in other categories
Security Incident Response (7th)
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.6%, down from 5.0% compared to the previous year. The mindshare of Trellix Helix is 0.5%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Read full review
Abanoub Alfy - PeerSpot reviewer
Helps prevent email attacks, like phishing and email spoofing attacks
We use Trellix Helix for protection against network attacks, TLS, and SSL attacks. We also use the solution for user behaviour accesses Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks. Trellix Helix's configuration and learning could be improved to identify…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has allowed us to dive deeper into our network and figure out what is going on by parsing logs properly and being able to reduce the time it takes to work cases down from seven days to approximately two days."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
More LogRhythm SIEM pros
"As far as its core functionality goes, it’s spot-on."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"The most valuable features include predefined use cases and threatening states."
"We have started working with various customers, one of whom is particularly concerned about adjacency. We have identified several use cases where automation is possible."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"We are able to block some advanced malware and other things."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
More Trellix Helix pros
 

Cons

"We've had issues with scaling and local support."
"Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution."
"Right now there is the concern about being able to gather all of the data into the system."
"Move it to Linux. I would like to see it get off the SQL Server."
"NextGen SIEM's integration with other software is good but could be improved."
"The integration is slightly difficult with other assets, like EDR technologies or firewalls."
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
More LogRhythm SIEM cons
"There is room for improvement in the integration capabilities of third-party tools."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Integrations could be improved, and the dashboard could be a little better."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"It should have more cloud connectors. It could also be cheaper."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
More Trellix Helix cons
 

Pricing and Cost Advice

"In comparison to the competition, they are more affordable. This allows us to do more with less."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"The product is inexpensive than other tools."
"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
More LogRhythm SIEM pricing and cost advice
"I rate Trellix Helix a five out of ten for pricing."
"The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."
"FireEye Helix is a little expensive."
"It could be cheaper, but that applies to every product."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
17%
Comms Service Provider
13%
Manufacturing Company
12%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
See all answers
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
See all answers
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
See all answers
What do you like most about FireEye Helix?
Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks.
See all answers
What is your experience regarding pricing and costs for FireEye Helix?
The pricing is reasonable compared to its competitors.
See all answers
What needs improvement with FireEye Helix?
There is room for improvement in the integration capabilities of third-party tools. It has no problem connecting all solutions to Helix. Right now, we only connect one of Trellix's appliances to th...
See all answers
 

Comparisons

IBM Security QRadar vs LogRhythm SIEM Logo
IBM Security QRadar vs LogRhythm SIEM
Compared 14% of the time
Splunk Enterprise Security vs LogRhythm SIEM Logo
Splunk Enterprise Security vs LogRhythm SIEM
Compared 13% of the time
Wazuh vs LogRhythm SIEM Logo
Wazuh vs LogRhythm SIEM
Compared 7% of the time
LogRhythm Axon vs LogRhythm SIEM Logo
LogRhythm Axon vs LogRhythm SIEM
Compared 6% of the time
Fortinet FortiSIEM vs LogRhythm SIEM Logo
Fortinet FortiSIEM vs LogRhythm SIEM
Compared 5% of the time
More LogRhythm SIEM Competitors
Splunk Enterprise Security vs Trellix Helix Logo
Splunk Enterprise Security vs Trellix Helix
Compared 31% of the time
Microsoft Sentinel vs Trellix Helix Logo
Microsoft Sentinel vs Trellix Helix
Compared 23% of the time
Trellix ESM vs Trellix Helix Logo
Trellix ESM vs Trellix Helix
Compared 16% of the time
Fortinet FortiSIEM vs Trellix Helix Logo
Fortinet FortiSIEM vs Trellix Helix
Compared 11% of the time
Palo Alto Networks Cortex XSOAR vs Trellix Helix Logo
Palo Alto Networks Cortex XSOAR vs Trellix Helix
Compared 9% of the time
More Trellix Helix Competitors
 

Product Reports

Buyer's Guide
LogRhythm SIEM
December 2024
LogRhythm SIEM reportDownload LogRhythm SIEM product report
Buyer's Guide
Trellix Helix
November 2024
Trellix Helix reportDownload Trellix Helix product report
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
FireEye Helix, FireEye Threat Analytics
 

Learn More

LogRhythm
Video not available
Trellix
 

Overview

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

● Streamlined workflow

● Secure data access

● Real-time visibility

● A unified user experience

● Management customization

Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

LogRhythm SIEM has many key features and capabilities, including:

High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

Benefits to Using LogRhythm SIEM

The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

Reviews from Real Users

LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

Trellix Helix is a cutting-edge product that revolutionizes the way businesses manage their data and streamline their operations. With its advanced features and user-friendly interface, Trellix Helix offers a comprehensive solution for businesses of all sizes. One of the key features of Trellix Helix is its powerful data management capabilities. 

The product allows businesses to store, organize, and analyze large volumes of data in a secure and efficient manner. With its intuitive interface, users can easily navigate through the system and access the information they need, saving valuable time and effort. Trellix Helix also offers seamless integration with other business applications, making it a versatile tool for businesses. It can be easily integrated with existing systems, such as CRM and ERP software, allowing for a smooth flow of data across different platforms. This integration ensures that businesses have a holistic view of their operations and can make informed decisions based on accurate and up-to-date information. 

Another standout feature of Trellix Helix is its robust reporting and analytics capabilities. It provides businesses with real-time insights and actionable intelligence, enabling them to identify trends, spot opportunities, and make data-driven decisions. The customizable dashboards and reports allow users to visualize data in a meaningful way, making it easier to understand complex information and communicate it effectively to stakeholders. 

Trellix Helix offers advanced security features to protect sensitive business data. It employs industry-standard encryption protocols and access controls to ensure that data is secure and only accessible to authorized personnel. This level of security gives businesses peace of mind, knowing that their valuable information is protected from unauthorized access or breaches.

Helix is a comprehensive and user-friendly solution for businesses looking to optimize their data management and streamline their operations. With its advanced features, seamless integration, robust reporting, and analytics capabilities, as well as top-notch security, Trellix Helix empowers businesses to make informed decisions, improve efficiency, and drive growth.

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Police Bank, Verisk Analytics, Teck Resources
Buyer's Guide
LogRhythm SIEM vs. Trellix Helix
December 2024
Free Report: LogRhythm SIEM vs. Trellix Helix
Find out what your peers are saying about LogRhythm SIEM vs. Trellix Helix and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our LogRhythm SIEM vs. Trellix Helix report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.