We performed a comparison between Cofense Intelligence ThreatHQ and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"The email protection is excellent, especially in terms of anti-phishing policies."
"Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors."
"The good part is that you don't have to configure it, which is very convenient."
"Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications."
"Microsoft Defender for Office 365 is a stable solution."
"For instance, if any phishing emails come into the environment and employees see it, we direct the email to Triage. The Triage system will investigate it through AI technology to see if it's a phishing email or not. If it is a phishing email, it will quarantine it and erase it from the environment."
"The user interface is good."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network."
"I find LogRhythm's log management capabilities to be beneficial."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"It supports most standard log sources."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration."
"The visibility for the weaknesses in the system and unauthorized access can be improved."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"If they continue improving and enhancing this solution, it could be even faster and more accurate."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"The product's stability needs improvement."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"The installation was a bit complex because we are running a virtual infrastructure."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Cofense Intelligence ThreatHQ is ranked 62nd in Email Security while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Cofense Intelligence ThreatHQ is rated 0.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Cofense Intelligence ThreatHQ writes "Secures the business for customers quickly and accurately". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Cofense Intelligence ThreatHQ is most compared with , whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.