Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs ZeroFOX comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th)
ZeroFOX
Average Rating
8.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Threat Intelligence Platforms (8th), Digital Risk Protection (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. LogRhythm SIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.3%, down 4.5% compared to last year.
ZeroFOX, on the other hand, focuses on Digital Risk Protection, holds 17.1% mindshare, down 20.8% since last year.
Security Information and Event Management (SIEM)
Digital Risk Protection
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
AS
Efficiently identify and address online threats with timely alerts and thorough takedown capabilities
The most valuable features are its threat intel platform, which provides the latest trends and indicators of compromise (IOCs) that I can act on. I quickly obtain data, such as leaked email IDs and passwords, from the ZeroFOX ( /products/zerofox-reviews ) portal or the threat intel portal when required. The platform's GUI-based features stand out and provide thorough takedown capabilities for domains, social media accounts, and phishing numbers.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that makes it usable is the web interface."
"The initial setup process is very user-friendly."
"LogRhythm SIEM has some valuable features, including its ability to maintain backups of events and manage alerts separately through an engine that handles content and administration tasks."
"Our clients enjoy having one dashboard to monitor their environments in real time."
"LogRhythm SIEM offers advanced features such as AI engine modules, machine learning, and threat intelligence integration, which help reduce false positives. Advanced analytics streamlines incident response processes, enabling incident responders to prioritize and automate alerts."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"ZeroFOX has no language limitations. It can detect many languages."
"I rate ZeroFOX a ten overall."
"The best thing about the tool is that its backend team is pretty good and has a strong engineering team."
 

Cons

"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"It is a product that is very hard to use."
"The software needs to work on its pricing."
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"The responses provided by the cloud team are inefficient."
"Appliance-based setups can sometimes pose scalability issues"
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"ZeroFOX needs improvement in handling duplicate alerts. If an alert on a domain, such as abcd.com, has not been addressed or is still in progress, similar new alerts are not combined into a single incident."
"ZeroFOX is not configured to grab the information automatically, including the news."
"Social media takedowns are a major issue. The takedowns should not take more than two to three hours."
 

Pricing and Cost Advice

"NextGen SIEM's pricing is moderate."
"The product is inexpensive than other tools."
"It is a very cost-effective solution."
"In comparison to the competition, they are more affordable. This allows us to do more with less."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"I give the price a six out of ten."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
Financial Services Firm
19%
Computer Software Company
16%
Government
6%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about ZeroFOX?
The best thing about the tool is that its backend team is pretty good and has a strong engineering team.
What needs improvement with ZeroFOX?
ZeroFOX is not configured to grab the information automatically, including the news.
What is your primary use case for ZeroFOX?
ZeroFOX is a threat intelligence platform and a brand monitoring tool. It provides information on leaks in the dark web, the deep web, and credit cards. It also provides brand monitoring services t...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
LookingGlass Manage Intelligence, VigilanteATI
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Royal Farms, Hootsuite, BAE Systems, True Citrus
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: April 2025.
849,190 professionals have used our research since 2012.