We performed a comparison between Cofense Intelligence ThreatHQ and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."
"The deployment capability is a great feature."
"Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications."
"For instance, if any phishing emails come into the environment and employees see it, we direct the email to Triage. The Triage system will investigate it through AI technology to see if it's a phishing email or not. If it is a phishing email, it will quarantine it and erase it from the environment."
"The product is great for medium to large-scale organizations."
"It supports most standard log sources."
"It allows us to automate a lot of things with a smaller team."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"AXON has the ability to add and compare use cases."
"The most valuable features of the solution are network monitoring, user behavior analytics, and log collection."
"NextGen SIEM's best feature is how it presents logs."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"The XDR dashboard has room for improvement."
"You should be able to deploy Defender for every subscription without the need to add servers."
"Several simulation options are available within 365, and the phishing simulation could be better."
"Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking. From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment."
"The custom alerts have to improve a lot."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"We need a separate license and we don't know how to get the license that is required."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"If they continue improving and enhancing this solution, it could be even faster and more accurate."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"We would like to see more things out of the console into the web UI. I guess this is what they are doing in 7.4."
"The installation was a bit complex because we are running a virtual infrastructure."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Cofense Intelligence ThreatHQ is ranked 62nd in Email Security while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Cofense Intelligence ThreatHQ is rated 0.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Cofense Intelligence ThreatHQ writes "Secures the business for customers quickly and accurately". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Cofense Intelligence ThreatHQ is most compared with , whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.