We performed a comparison between Cisco Threat Grid and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Check Point Software Technologies, Microsoft and others in Threat Intelligence Platforms."It is easy to implement and is very scalable. It also comes with very good documentation. Cisco provides good technical support as well."
"The simplicity of implementation is valuable."
"The most valuable feature is the integration with firewalls. It's integrated with AMP so the ecosystem with equal solutions from Threat Grid is good with CISCO products."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"Technical support is very helpful and responsive."
"The artificial intelligence engine."
"The product is great for medium to large-scale organizations."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"It seems like it will scale easily with the way our environment is set up."
"I was told that the user interface could be more user friendly and easy in comparison to that of competitors. I remember that there is a competitor who has a much easier interface for many users to interact with."
"Support must be improved."
"They come in and have multiple management solutions but it doesn't scan or doesn't have the ability to look at every file extension."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"I would like to see more integration with more products that are out there within the same security field."
"I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm."
"Right now there is the concern about being able to gather all of the data into the system."
Cisco Threat Grid is ranked 21st in Threat Intelligence Platforms with 3 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Cisco Threat Grid is rated 7.6, while LogRhythm SIEM is rated 8.4. The top reviewer of Cisco Threat Grid writes "Has good integration with firewalls but has limited file extensions". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Cisco Threat Grid is most compared with CrowdStrike Falcon, Microsoft Defender Threat Intelligence and Palo Alto Networks AutoFocus, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm Axon.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.