How has it helped my organization?
Key challenge, of course, is how the threat situation changes every day. LogRhythm is on top of that and very helpful. Another challenge, of course, like many other companies, staffing is not where it should be, money is not where it's supposed to be, but we do well.
We service the University of Massachusetts, but we also have other customers, all higher-end. It's up to the customer what they want us to look at and LogRhythm, absolutely, has the tools that we need to find the data threats that the customers are interested in.
We're MSSP and we've only been using LogRhythm this past year and we've actually found several instances where we've benefited our customers with the data that we have found, that we've collected. We were able to find out what was wrong, deep dive into it, and suggest to our customers what they need to do.
What is most valuable?
I would say the amount of data that it collects and the way it correlates it, extracts it, and makes it easy for an analyst to look at it and deep dive into it. I had another SIEM before LogRhythm and it was nowhere near what LogRhythm does.
The idea to me is collecting all this data and then extrapolating all that data, and it's phenomenal.
What needs improvement?
From what I saw yesterday here at the conference, they seem to be right on track with making the Web Console much easier, case management much easier.
When you're searching on something, you see something that you think may be a threat, you have to keep threat-hunting, deep diving, and from what I saw yesterday, it looks like it's going to get a lot easier and more helpful.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
Very good. I was very impressed, especially yesterday, here at the LogRhythm User Conference, I did the 7.3 session, what's coming out. We've been around, as I said, less than a year and within that time frame - and from what I saw yesterday - it's unbelievable the way LogRhythm is moving forward.
How is customer service and technical support?
If I look back to my other SIEM solution providers, the one we had before this, it's light years difference. LogRhythm support is very, very helpful, very knowledgeable. There's always somebody there. If they don't know the answer, they're going to go find someone who knows the answer. So it's very good.
How was the initial setup?
We used their Professional Services, I was one of a group of three - and the professional services - that helped roll out. It was pretty straightforward. Of course, it was different because it was all new to us, and using the Professional Services was very helpful.
What other advice do I have?
The driving factor in searching for a security solution would be, in this day and age, the threats that are out there are incredible. I think LogRhythm addresses a lot of the issues that are out there. Again, it's on us to make sure LogRhythm is a solution. It's a tool. If we don't use it properly it's pretty useless at that point. It's on us.
I would say it's very important that a solution be a unified, end-to-end platform, especially in a higher-end environment.
My nine out of 10 rating is based on what they offer, and what I saw yesterday at the conference, what they're coming out with. They seem to be on top of things.
Among the different SIEMs that are out there, the companies, I would definitely recommend LogRhythm.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Nov 07 2017