LogRhythm NextGen SIEM Platform vs. NetWitness Cloud SIEM

LogRhythm NextGen SIEM Platform

NetWitness Cloud SIEM

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
LogRhythm NextGen SIEM Platform	Score 7.5 out of 10	N/A	The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.	N/A
NetWitness Cloud SIEM	Score 6.1 out of 10	N/A	NetWitness Cloud SIEM delivers log management, retention, and analytics services in a simplified cloud form. It aims t o eliminate traditional deployment and administration requirements with a simple throughput-based licensing model, to make high-quality SIEM quick and easy to acquire without sacrificing capability or power.	N/A

Pricing

LogRhythm NextGen SIEM Platform

NetWitness Cloud SIEM

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
LogRhythm NextGen SIEM Platform	NetWitness Cloud SIEM
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	LogRhythm NextGen SIEM Platform	NetWitness Cloud SIEM

Features

LogRhythm NextGen SIEM Platform

NetWitness Cloud SIEM

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	LogRhythm NextGen SIEM Platform 7.4 Ratings 4% below category average	NetWitness Cloud SIEM 7.6 Ratings 2% below category average
Centralized event and log data collection	9.00 Ratings	8.00 Ratings
Correlation	8.10 Ratings	10.00 Ratings
Event and log normalization/management	8.00 Ratings	8.00 Ratings
Deployment flexibility	4.60 Ratings	10.00 Ratings
Integration with Identity and Access Management Tools	7.10 Ratings	7.00 Ratings
Custom dashboards and workspaces	7.50 Ratings	6.00 Ratings
Host and network-based intrusion detection	7.10 Ratings	4.00 Ratings
Data integration/API management	8.00 Ratings	00 Ratings
Behavioral analytics and baselining	8.00 Ratings	00 Ratings
Rules-based and algorithmic detection thresholds	7.10 Ratings	00 Ratings
Response orchestration and automation	7.10 Ratings	00 Ratings
Reporting and compliance management	7.00 Ratings	00 Ratings
Incident indexing/searching	7.10 Ratings	00 Ratings

User Ratings
	LogRhythm NextGen SIEM Platform	NetWitness Cloud SIEM
Likelihood to Recommend	7.5 (0 ratings)	7.0 (0 ratings)
Likelihood to Renew	9.0 (0 ratings)	- (0 ratings)
Usability	8.0 (0 ratings)	- (0 ratings)
Support Rating	8.2 (0 ratings)	- (0 ratings)
Implementation Rating	8.0 (0 ratings)	- (0 ratings)

User Testimonials
	LogRhythm NextGen SIEM Platform	NetWitness Cloud SIEM
Likelihood to Recommend	LogRhythm is good for providing a comprehensive view of the environment. It gives a great outline of whatever is going on in our servers and systems regarding security malfunctions. The SIEM sends real-time notifications when there are some occurrences; like creating a new user and inappropriate login attempts. It also avails a good use case that meets our HIPAA compliance. Incentivized Verified User Anonymous Read full review	It is really a robust platform that can be heavily customized to suit requirements. Good for advanced hunting and forensics. Robust automation features. Incentivized Verified User Anonymous Read full review
Pros	LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated. The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all. LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events. Incentivized Joel Eng Content Development Lead Read full review	Log collection and parsing. Packet collection and parsing. Enhanched analytics and alerting. Robust integration. Incentivized Verified User Anonymous Read full review
Cons	While searching for log events is quick, the interface isn't as user-friendly as other SIEM products. Many of the administrative/management functions are only available through the full LogRhythm desktop console, not through the web console. The LogRhythm agent, when used for FIM and RIM, is very memory intensive. Incentivized Verified User Anonymous Read full review	Lacking out of the box best practice templates etc. It relies heavily on customization. Lack of up to date threat feeds. Difficult to learn and use initially. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases. Incentivized James Harrison Information Security Engineer Read full review	No answers on this topic
Usability	LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful. Incentivized Verified User Anonymous Read full review	No answers on this topic
Support Rating	Support has always been fantastic for this product compared to many other support providers I've worked with. They are always very friendly and seem to be well trained and knowledgeable and never have to wait long for a solution. We usually get the issue fixed in the first call, but also we really haven't had to use support a ton so that's also a plus Incentivized Verified User Anonymous Read full review	No answers on this topic
Implementation Rating	Buy professional services. Buy and implement the system if possible. Remember that the end point log configuration may require other teams in your company to assist you in getting the desired logs from all resources. Attend the end user and daily operations training after a period of usage so you are not overwhelmed with information on concepts not yet seen. Don't be afraid to call for help during your first months of use. Don't close any ticket until you are sure the expected results are verified. Use the community forums to discuss issues with your peers. Watch the training videos offered by L R University. Incentivized James Harrison Information Security Engineer Read full review	No answers on this topic
Alternatives Considered	The only thing we chose LogRhythm NextGen SIEM Platform for is to allow the Security Analysts to work on the dashboards which don't know much about programming and query languages but has good intuition about cyber-security. It is easy to get hands-on compared to Splunk, which has an initial learning curve before being able to start harnessing its true power. Also, the ticketing system is quite fancy and somehow shows us the recent tickets that we need to jump on, which is not in Splunk. Incentivized Verified User Anonymous Read full review	Best in Class for us, and was a good choice since we already are using a lot of other RSA products(DLP, Archer etc.) Incentivized Verified User Anonymous Read full review
Return on Investment	We were able to retire a few older log collection platforms that we had in house. There were 2-3 systems doing the job of LogRhythm. We were able to bring some part of the analysis of events back in house and not rely on third party MSS. Incentivized Verified User Anonymous Read full review	Hard to calculate ROI since it is not revenue based. It is a expensive solution, bit very capable. Incentivized Verified User Anonymous Read full review
ScreenShots