We performed a comparison between LogRhythm SIEM and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"NextGen SIEM's best feature is how it presents logs."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"AXON has the ability to add and compare use cases."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"NetWitness can be highly beneficial for incident detection and response."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"Incident management is its most valuable feature."
"Their technical support responds quickly and are knowledgable."
"Offers a good wireless feature."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The user interface needs improvement. The more the user can slide around and know what's going on, the better it will be."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"It is a product that is very hard to use."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"The solution is likely not the best option for a smaller organization."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The log system is a bit complex and has room for improvement."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"Its technical support could be better."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"An area for improvement would be better automation and more inbuilt use cases."
LogRhythm SIEM is ranked 7th in Log Management with 166 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. LogRhythm SIEM is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Fortinet FortiSIEM. See our LogRhythm SIEM vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.