No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 15, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CompassOne by Blackpoint Cyber
Ranking in Security Information and Event Management (SIEM)
37th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Vulnerability Management (47th), Endpoint Detection and Response (EDR) (39th), Application Control (10th), Managed Detection and Response (MDR) (11th), Identity Threat Detection and Response (ITDR) (14th)
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
176
Ranking in other categories
Log Management (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of CompassOne by Blackpoint Cyber is 0.6%, up from 0.1% compared to the previous year. The mindshare of LogRhythm SIEM is 2.5%, down from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
LogRhythm SIEM2.5%
CompassOne by Blackpoint Cyber0.6%
Other96.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

Gary Herbstman - PeerSpot reviewer
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
SumitKumar20 - PeerSpot reviewer
Security Engineer at Granicus Inc.
Tool consistently aids in effective threat detection and monitoring but could benefit from improved log source management and resource optimization
One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution also watches over Microsoft 365 and keeps a copy of logs."
"The solution is all encompassing and can incorporate email monitoring."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"On a scale from one to ten, I would rate the overall solution as a ten."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"It’s a very powerful and robust device and application."
"The LogRhythm platform has helped my organization by being able to have 24 analyses on logs and events from all the various systems that feed into the LogRhythm platform."
"I have used a lot of tech support, and I think it's the best out of other SIEMs that I have worked with: McAfee ESM and IBM QRadar."
"We have seen a massive increase in the amount of data that we can collect, the type of things that we can see, the way we can look at logs, the way we can get alerts, and the way can create our own customer roles, which has allowed us to customize the work in our environment."
"Mostly for us the most valuable feature is its aggregation of all the logs into a single platform, and then doing the real-time monitoring based on that."
"Being able to see when one of our assets is down and being able to restart it really quickly has been a definite benefit."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"The LogRhythm support system is phenomenal."
 

Cons

"The feature we keep asking for is a vulnerability scan."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"Some texts seem to report items as normal too quickly."
"The interface could be more intuitive."
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"A cleaner interface. I keep getting confused and forgetting where everything is."
"Report-building is in Crystal Reports and has a limitation."
"Appliance-based setups can sometimes pose scalability issues"
"What still needs improvement is automation. The SmartResponse obviously does not use open APIs at the moment, so we're having a lot of problems connecting it with things like Palo Alto Traps and some other systems, things like Cisco."
 

Pricing and Cost Advice

"The pricing is in line with other products."
"The pricing is reasonable."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"In the context of our country, the price of this solution is too high."
"LogRhythm's pricing and licensing is extremely competitive and it's one of the top three reasons we continue to invest in the platform."
"The product is inexpensive than other tools."
"I would rate the tool's pricing around eight out of ten."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
10%
Financial Services Firm
9%
Outsourcing Company
7%
Healthcare Company
7%
Construction Company
13%
Financial Services Firm
10%
Manufacturing Company
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business38
Midsize Enterprise39
Large Enterprise83
 

Questions from the Community

What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement.
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat bette...
What is your experience regarding pricing and costs for LogRhythm SIEM?
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar, although I have not been involved in negotiation charges; however, from the manager's approval, I see it as affordable.
 

Also Known As

Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

CoreRecon, Peerless Tech Solutions, Lorien Health
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. LogRhythm SIEM and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.