We performed a comparison between CrowdStrike Falcon and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The solution was relatively easy to deploy."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet is very user-friendly for customers."
"NGAV and EDR features are outstanding."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"The solution can scale easily."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"The detection is very reliable. Also, OverWatch is a great feature."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"I find LogRhythm's log management capabilities to be beneficial."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"It supports most standard log sources."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
"The most valuable features would be the automation, reporting, and the support."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The dashboard isn't easy to access and manage."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"The management of log aggregation is in need of improvement."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"The product's stability needs improvement."
"It is a product that is very hard to use."
"When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. CrowdStrike Falcon is rated 8.8, while LogRhythm SIEM is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Rapid7 InsightIDR.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.