We performed a comparison between LogRhythm SIEM and Palo Alto Networks AutoFocus based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Provides visibility into the network."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"We should be able to response to threats and gain visibility into our environment that we don't currently have."
"The user interface is pretty good compared to other SIEM tools."
"The major feature of this solution is its easy configuration which helps different team members to work on it effectively. This kind of feature is not available in other solutions because of a request for specialised schemes for configuration report extraction and searching. Another feature that I really admire is the significant improvement in the compliance in the auditing process by the solution. Our organisation-specific complaints require where the mailbox data needs to be forwarded, stored and searchable for a certain time period. This solution categorises data based on different types, which include cold, warm and hot data. These features allow faster and easier extraction of any data even if the event was occurring several years ago. I also like other features, especially user behaviour analysis and automation. If suddenly someone accesses your side or an unusual traffic is recorded from a user the solution flags it very effectively."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"It integrates well with other solutions and provides good threat intelligence in terms of external threats."
"I am impressed with the tool's integration of Palo Alto products which serves as a platform for security."
"The feature that I like best is the dashboard."
"The logs play a crucial role as they contribute to blocking unwanted Internet traffic."
"The most valuable feature is alerting."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm."
"It is a completely cloud-based product at present."
"It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."
"It would be helpful to have better documentation for configuring and installing the solution."
"I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate."
"I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Palo Alto Networks AutoFocus is ranked 11th in Threat Intelligence Platforms with 5 reviews. LogRhythm SIEM is rated 8.4, while Palo Alto Networks AutoFocus is rated 7.8. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Palo Alto Networks AutoFocus writes "Impressive performance and monitoring capabilities but lacks in documentation". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas Palo Alto Networks AutoFocus is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, VirusTotal and Cisco Threat Grid.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.