Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs ZeroFOX comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th)
ZeroFOX
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (8th), Digital Risk Protection (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. LogRhythm SIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.3%, down 4.5% compared to last year.
ZeroFOX, on the other hand, focuses on Digital Risk Protection, holds 17.1% mindshare, down 20.8% since last year.
Security Information and Event Management (SIEM)
Digital Risk Protection
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
reviewer2384535 - PeerSpot reviewer
Provides information on leaks in the dark web, the deep web, and credit cards
ZeroFOX is deployed on the cloud in our organization. Before using ZeroFOX, users should also get demo sessions from other vendors. Then, you will get a better picture of ZeroFOX and how it works. ZeroFOX is a very good tool that will provide value if you can afford it. One of the key advantages of ZeroFOX is that it has a team where everyone is skilled in programming and scripting knowledge. If my team has some task, we don't have to go through the engineering. ZeroFOX is very easy for a beginner to learn. I would recommend ZeroFOX to other users. Overall, I rate the solution eight and a half out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The content in the community is very helpful and useful for new users."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"Overall, my rating for LogRhythm SIEM is nine out of ten."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"It allows us to automate a lot of things with a smaller team."
"ZeroFOX has no language limitations. It can detect many languages."
"The best thing about the tool is that its backend team is pretty good and has a strong engineering team."
 

Cons

"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"The responses provided by the cloud team are inefficient."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
"In the next release, I would certainly like to see more HIPAA compliance. I would also like to see more integration with Palo Alto Networks, particularly their Traps, which is their endpoint solution."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"The user interface needs improvement. The more the user can slide around and know what's going on, the better it will be."
"Social media takedowns are a major issue. The takedowns should not take more than two to three hours."
"ZeroFOX is not configured to grab the information automatically, including the news."
 

Pricing and Cost Advice

"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"The license cost is around $10 per MPS."
"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."
"NextGen SIEM's pricing is moderate."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Financial Services Firm
6%
Government
6%
Financial Services Firm
18%
Computer Software Company
16%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about ZeroFOX?
The best thing about the tool is that its backend team is pretty good and has a strong engineering team.
What needs improvement with ZeroFOX?
ZeroFOX is not configured to grab the information automatically, including the news.
What is your primary use case for ZeroFOX?
ZeroFOX is a threat intelligence platform and a brand monitoring tool. It provides information on leaks in the dark web, the deep web, and credit cards. It also provides brand monitoring services t...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
LookingGlass Manage Intelligence, VigilanteATI
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Royal Farms, Hootsuite, BAE Systems, True Citrus
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
844,944 professionals have used our research since 2012.