We performed a comparison between Cofense Intelligence ThreatHQ and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Microsoft Defender for Office 365's most valuable feature is its performance."
"The basic features are okay and I'm satisfied with the Defender."
"The product's scalability is good."
"Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors."
"Microsoft Defender for Office 365's most valuable features are safe attachments and safe links."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"For instance, if any phishing emails come into the environment and employees see it, we direct the email to Triage. The Triage system will investigate it through AI technology to see if it's a phishing email or not. If it is a phishing email, it will quarantine it and erase it from the environment."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"The content in the community is very helpful and useful for new users."
"We now have a central point of monitoring for all potential threats."
"The user interface is pretty good compared to other SIEM tools."
"It seems like it will scale easily with the way our environment is set up."
"Provides visibility into the network."
"The initial setup is pretty easy."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"The visibility for the weaknesses in the system and unauthorized access can be improved."
"Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking. From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"The pre-sales cost calculations could be more transparent."
"Microsoft Defender for Office 365 should be more proactive."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"If they continue improving and enhancing this solution, it could be even faster and more accurate."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"I don't think the cloud model in LogRhythm is developed enough."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"We would like to see more things out of the console into the web UI. I guess this is what they are doing in 7.4."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Earn 20 points
Cofense Intelligence ThreatHQ is ranked 63rd in Email Security while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Cofense Intelligence ThreatHQ is rated 0.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Cofense Intelligence ThreatHQ writes "Secures the business for customers quickly and accurately". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Cofense Intelligence ThreatHQ is most compared with , whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm Axon.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.