Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs ZeroFOX comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th)
ZeroFOX
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (8th), Digital Risk Protection (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. LogRhythm SIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.3%, down 4.5% compared to last year.
ZeroFOX, on the other hand, focuses on Digital Risk Protection, holds 17.1% mindshare, down 20.8% since last year.
Security Information and Event Management (SIEM)
Digital Risk Protection
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
reviewer2384535 - PeerSpot reviewer
Provides information on leaks in the dark web, the deep web, and credit cards
ZeroFOX is deployed on the cloud in our organization. Before using ZeroFOX, users should also get demo sessions from other vendors. Then, you will get a better picture of ZeroFOX and how it works. ZeroFOX is a very good tool that will provide value if you can afford it. One of the key advantages of ZeroFOX is that it has a team where everyone is skilled in programming and scripting knowledge. If my team has some task, we don't have to go through the engineering. ZeroFOX is very easy for a beginner to learn. I would recommend ZeroFOX to other users. Overall, I rate the solution eight and a half out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The content in the community is very helpful and useful for new users."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"The best thing about the tool is that its backend team is pretty good and has a strong engineering team."
"ZeroFOX has no language limitations. It can detect many languages."
 

Cons

"LogRhythm SIEM needs improvement in data grouping and manipulation capabilities."
"We've had issues with scaling and local support."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"I don't think the cloud model in LogRhythm is developed enough."
"LogRhythm SIEM can improve its user interface. The current interface is quite complex and can be challenging to navigate. While it offers many valuable features, understanding how to access and utilize them efficiently takes time. Simplifying the client console's user interface would significantly enhance the user experience and make it more user-friendly."
"The software needs to work on its pricing."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"ZeroFOX is not configured to grab the information automatically, including the news."
"Social media takedowns are a major issue. The takedowns should not take more than two to three hours."
 

Pricing and Cost Advice

"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"In the context of our country, the price of this solution is too high."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"I think the tool is reasonably priced. There is a need to pay per year towards the licensing costs of the tool."
"I would rate the tool's pricing around eight out of ten."
"In comparison to the competition, they are more affordable. This allows us to do more with less."
"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Financial Services Firm
6%
Government
6%
Financial Services Firm
18%
Computer Software Company
16%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about ZeroFOX?
The best thing about the tool is that its backend team is pretty good and has a strong engineering team.
What needs improvement with ZeroFOX?
ZeroFOX is not configured to grab the information automatically, including the news.
What is your primary use case for ZeroFOX?
ZeroFOX is a threat intelligence platform and a brand monitoring tool. It provides information on leaks in the dark web, the deep web, and credit cards. It also provides brand monitoring services t...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
LookingGlass Manage Intelligence, VigilanteATI
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Royal Farms, Hootsuite, BAE Systems, True Citrus
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
845,040 professionals have used our research since 2012.