We performed a comparison between Group-IB Threat Intelligence and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms."The most valuable Group-IB Threat Intelligence features are their detections, especially in terms of account and card information leakage. This data sets Group-IB apart from some of the competition."
"The tool's most valuable feature is the sandbox."
"We have found the site intelligence features to be the most valuable."
"Threat Intelligence's best feature is threat activation."
"The totality of the recordings is quite important. The networks, the new threat actors, the new methods, tactics, techniques, and procedures."
"NextGen SIEM's most valuable feature is its user-friendliness."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"The artificial intelligence engine."
"The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network."
"We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot."
"Threat Intelligence's OT security could be improved."
"The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often."
"As the landscape evolves, they could provide a little more detail or specificity to map it to the MITRE ATT&CK framework."
"Group-IB Threat Intelligence should improve integration for SIEM and SOAR solutions."
"The web intelligence could be improved. It is not as good as the intelligence from other solutions."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"I would like to see case management become more independent from LogRhythm itself."
"The product's stability needs improvement."
"We do about 750 million a day and some days we do 715 million. Some days we do 820 million or 1.2 billion. But there's no way to drill in and find out: "Where did I get 400,000 extra logs today?" What was going on in my environment that I was able to absorb that peak? I have no way to identify it without running reports, which will produce a long-running PDF that I have to somehow compare to another long-running PDF... I would like to see like profiling behavior awareness around systems like they've been gunned to do around users with UEBA."
Group-IB Threat Intelligence is ranked 9th in Threat Intelligence Platforms with 5 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Group-IB Threat Intelligence is rated 8.8, while LogRhythm SIEM is rated 8.4. The top reviewer of Group-IB Threat Intelligence writes "Easy to setup, highly stable and scalable and efficiently tracks threat actors and analyze their tactics". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Group-IB Threat Intelligence is most compared with Recorded Future, Kaspersky Threat Intelligence Services, CrowdStrike Falcon and Mandiant Advantage, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm Axon.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.