We performed a comparison between Anomali ThreatStream and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Check Point Software Technologies, Microsoft and others in Threat Intelligence Platforms."The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts."
"We now have a central point of monitoring for all potential threats."
"The feature that makes it usable is the web interface."
"Less code in integration would be nice when building blocks."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"The initial setup is not so easy because it is quite a process."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"The user interface needs improvement. The more the user can slide around and know what's going on, the better it will be."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"I would probably look for more things to go into the web console that is currently on the fat client."
Anomali ThreatStream is ranked 5th in Threat Intelligence Platforms with 1 review while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Anomali ThreatStream is rated 7.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Anomali ThreatStream writes "Easy and quick credential monitoring; tech support could be improved". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Anomali ThreatStream is most compared with Recorded Future, ThreatConnect Threat Intelligence Platform (TIP), ThreatQ, Splunk Enterprise Security and Group-IB Threat Intelligence, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.