We performed a comparison between LogRhythm SIEM and Seceon Open Threat Management Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's pretty powerful and its performance is pretty good."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Free ingestion for Azure logs (with E5 licence)"
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The product can integrate with any device."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Technical support has always been helpful."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"The content in the community is very helpful and useful for new users."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"The most valuable features of the solution are network monitoring, user behavior analytics, and log collection."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team."
"The most valuable feature of this solution is its artificial intelligence."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The only thing is sometimes you can have a false positive."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The AI capabilities must be improved."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"The user interface needs improvement. The more the user can slide around and know what's going on, the better it will be."
"Move it to Linux. I would like to see it get off the SQL Server."
"In the next release, I would certainly like to see more HIPAA compliance. I would also like to see more integration with Palo Alto Networks, particularly their Traps, which is their endpoint solution."
"The customer support system is time-consuming."
"It is a product that is very hard to use."
"The installation was a bit complex because we are running a virtual infrastructure."
"Scalability-wise, it's not that great."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"It would be better if they offered global coverage."
"The management console could use some enhancements."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"The product should improve the triggering rate."
"It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization."
"The product could be improved by including sandboxing capabilities in the next release."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Seceon Open Threat Management Platform is ranked 25th in Security Information and Event Management (SIEM) with 10 reviews. LogRhythm SIEM is rated 8.4, while Seceon Open Threat Management Platform is rated 8.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Fortinet FortiSIEM and LogRhythm Axon, whereas Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security and ArcSight Enterprise Security Manager (ESM). See our LogRhythm SIEM vs. Seceon Open Threat Management Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.