Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs ZeroFOX comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th)
ZeroFOX
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (8th), Digital Risk Protection (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. LogRhythm SIEM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.3%, down 4.5% compared to last year.
ZeroFOX, on the other hand, focuses on Digital Risk Protection, holds 17.1% mindshare, down 20.8% since last year.
Security Information and Event Management (SIEM)
Digital Risk Protection
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
reviewer2384535 - PeerSpot reviewer
Provides information on leaks in the dark web, the deep web, and credit cards
ZeroFOX is deployed on the cloud in our organization. Before using ZeroFOX, users should also get demo sessions from other vendors. Then, you will get a better picture of ZeroFOX and how it works. ZeroFOX is a very good tool that will provide value if you can afford it. One of the key advantages of ZeroFOX is that it has a team where everyone is skilled in programming and scripting knowledge. If my team has some task, we don't have to go through the engineering. ZeroFOX is very easy for a beginner to learn. I would recommend ZeroFOX to other users. Overall, I rate the solution eight and a half out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our clients enjoy having one dashboard to monitor their environments in real time."
"Overall, my rating for LogRhythm SIEM is nine out of ten."
"We have seen a massive increase in the amount of data that we can collect, the type of things that we can see, the way we can look at logs, the way we can get alerts, and the way can create our own customer roles, which has allowed us to customize the work in our environment."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"We integrated Azure logs with it and that makes it simpler. Rather than having to log into the portal, we can just check everything in one place. We can compare those to our Windows and host logs to see if any problems correlate between them."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"The best thing about the tool is that its backend team is pretty good and has a strong engineering team."
"ZeroFOX has no language limitations. It can detect many languages."
 

Cons

"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"I would really like to see some type of group or global management for RIM policies,"
"More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced."
"Appliance-based setups can sometimes pose scalability issues"
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"NextGen SIEM's integration with other software is good but could be improved."
"ZeroFOX is not configured to grab the information automatically, including the news."
"Social media takedowns are a major issue. The takedowns should not take more than two to three hours."
 

Pricing and Cost Advice

"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"LogRhythm's pricing and licensing is extremely competitive and it's one of the top three reasons we continue to invest in the platform."
"NextGen SIEM's pricing is moderate."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"I think the tool is reasonably priced. There is a need to pay per year towards the licensing costs of the tool."
"The license cost is around $10 per MPS."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Financial Services Firm
6%
Government
6%
Financial Services Firm
18%
Computer Software Company
16%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about ZeroFOX?
The best thing about the tool is that its backend team is pretty good and has a strong engineering team.
What needs improvement with ZeroFOX?
ZeroFOX is not configured to grab the information automatically, including the news.
What is your primary use case for ZeroFOX?
ZeroFOX is a threat intelligence platform and a brand monitoring tool. It provides information on leaks in the dark web, the deep web, and credit cards. It also provides brand monitoring services t...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
LookingGlass Manage Intelligence, VigilanteATI
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Royal Farms, Hootsuite, BAE Systems, True Citrus
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
845,040 professionals have used our research since 2012.