We performed a comparison between LogRhythm SIEM and Palo Alto Networks AutoFocus based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"We have seen a massive increase in the amount of data that we can collect, the type of things that we can see, the way we can look at logs, the way we can get alerts, and the way can create our own customer roles, which has allowed us to customize the work in our environment."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"NextGen SIEM's most valuable feature is its user-friendliness."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"Their customer support is friendly and willing to help."
"The feature that I like best is the dashboard."
"The logs play a crucial role as they contribute to blocking unwanted Internet traffic."
"It integrates well with other solutions and provides good threat intelligence in terms of external threats."
"The most valuable feature is alerting."
"I am impressed with the tool's integration of Palo Alto products which serves as a platform for security."
"Scalability-wise, it's not that great."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
"More help and assistance with some of the open source products, everything seems to be focused on Windows versus giving some guidance and some documentation on how to use it."
"Sometimes the Platform Manager crashes because it's built around Windows."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
"It should be improved for automated setup and auto-configuration. There should be ease of integration and ease of setup."
"It's not easy for someone new to the solution."
"It would be helpful to have better documentation for configuring and installing the solution."
"I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate."
"It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."
"I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."
"It is a completely cloud-based product at present."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Palo Alto Networks AutoFocus is ranked 11th in Threat Intelligence Platforms with 5 reviews. LogRhythm SIEM is rated 8.4, while Palo Alto Networks AutoFocus is rated 7.8. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Palo Alto Networks AutoFocus writes "Impressive performance and monitoring capabilities but lacks in documentation". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas Palo Alto Networks AutoFocus is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, VirusTotal and Cisco Threat Grid.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.