LogRhythm SIEM and Fortinet FortiSIEM compete in the security information and event management category. While LogRhythm is more cost-effective and easier to deploy, FortiSIEM offers a superior feature set and professional customer service.
Features: LogRhythm SIEM offers comprehensive log management, advanced analytics, and robust support. Fortinet FortiSIEM provides integrated network and security monitoring, enhanced overall visibility, and extensive feature sets. FortiSIEM's integrated capabilities provide a competitive edge.
Room for Improvement: LogRhythm SIEM users suggest enhancements in incident response automation, more intuitive correlation engines, and improved dashboard designs. Fortinet FortiSIEM users highlight the need for simplified workflow management, better threat intelligence integration, and more user-friendly interfaces.
Ease of Deployment and Customer Service: LogRhythm SIEM is known for its straightforward deployment process and responsive customer support. Fortinet FortiSIEM, although powerful, is often seen as more complex to deploy, but offers highly professional and helpful customer service.
Pricing and ROI: LogRhythm SIEM is regarded as more cost-effective with a quicker ROI. Fortinet FortiSIEM has a higher upfront cost but offers substantial long-term value due to its extensive features. LogRhythm's pricing is more attractive initially, yet FortiSIEM's features justify its higher price over time.
Local tech support is available, however, for more critical or technical issues, we depend on the OEM directly, especially when it comes to on-prem solutions.
There is a knowledgeable, though small, team of support engineers around the world.
They take some time to respond because they need logs and investigations, which delays the response time.
The technical support is good; we have a separate portal for partners, and since we are paying for the service, they provide a response timeframe based on severity—critical issues are addressed within four hours, medium issues within one day, and non-urgent issues may take a couple of days.
LogRhythm SIEM is quite complex, but that complexity allows us to specifically tailor a solution to the customer while some others are not as flexible.
Customer support is very helpful and effectively solves my problems.
At any point in time, when network devices increase or there is a change in the infrastructure, we can add more workers and collectors to expand our infrastructure setup.
Fortinet FortiSIEM is highly scalable.
Fortinet FortiSIEM is easy to scale.
LogRhythm SIEM is highly scalable as it has modular components allowing me to expand storage, indexing, or other resources as needed.
LogRhythm SIEM is scalable; it can handle about 200 or 500 devices without much difference.
The scalability of LogRhythm SIEM is good enough, warranting an eight out of ten rating.
It stabilizes itself in an appropriate time, so its uptime is good.
These issues may cause unusual errors and user interface issues.
Some stability issues occur, but Fortinet's technical support team provides assistance.
The platform needs regular updates to fix problems encountered with each quarterly patch and version release.
LogRhythm SIEM still needs improvement regarding stability, particularly in environments with heavy data consumption.
Recently, they revised it to a subscription-based, all-inclusive license.
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products.
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management.
I have noticed some problems with parsing errors, event mismatches, and data mismatching, so ensuring accurate parsing and continuous improvement according to device updates are my basic expectations as a detection engineer.
There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments.
If LogRhythm SIEM could make a lightweight version of their solution, that would be quite competitive because some of my customers have a very large need but refuse to go with LogRhythm SIEM due to its complexity and high resource intensity.
Setting it up for oneself as an enterprise-licensed product can be quite expensive.
Windows agent licenses cost around 3,000 Rupees per device per year.
The revised model is subscription-based and more flexible.
The license cost is around $10 per MPS.
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar.
It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security.
I find the real-time monitoring and correlation capabilities effective for security alerts.
The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient.
We have enough budget for cloud deployment, but we choose to keep it on-prem to ensure data privacy; cyberattacks are a concern, but data privacy is the foremost priority due to sensitive government information.
This helps SOC analysts significantly as they can monitor all log sources through a dashboard, quickly identifying which sources haven't reported within their specified timeframes.
| Product | Mindshare (%) |
|---|---|
| Fortinet FortiSIEM | 2.3% |
| LogRhythm SIEM | 2.5% |
| Other | 95.2% |
| Company Size | Count |
|---|---|
| Small Business | 34 |
| Midsize Enterprise | 22 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 38 |
| Midsize Enterprise | 39 |
| Large Enterprise | 83 |
Fortinet FortiSIEM offers robust features like automation, real-time monitoring, and scalable log correlation. It integrates SOC and NOC, enhancing security by seamlessly managing data. A preferred choice for threat management, its comprehensive reports and competitive pricing add value.
Fortinet FortiSIEM serves as a comprehensive platform for security monitoring, threat detection, and incident management. It streamlines operations by integrating seamlessly with Fortinet and third-party tools, offering dynamic service discovery and user-friendly analytics. Leveraging its stable infrastructure, organizations conduct log analysis and behavioral monitoring across networks and applications. It supports compliance reporting and enhances security environments through integration with firewalls and security devices. Its cloud and on-premise options cater to regulatory and operational needs, while multitenant capabilities enable managed security service providers to extend robust security services. Users have highlighted areas for improvement in API integration, data retrieval speed, resource consumption, automation, and reporting flexibility.
What are the key features of Fortinet FortiSIEM?In healthcare, Fortinet FortiSIEM ensures compliance and secure health data management. Financial institutions utilize it for real-time monitoring and fraud detection, while educational sectors deploy for network security and data integrity. Service providers leverage its multitenant features for expansive client management.
LogRhythm SIEM offers advanced threat intelligence, scalable deployment, and streamlined log management. It enhances security posture with AI-driven threat detection and comprehensive monitoring.
LogRhythm SIEM stands out for its AI-driven threat correlation, ease of log aggregation, and robust reporting. Offering real-time visibility and analytics through consistent navigation and dashboards, it integrates with security components for enhanced monitoring and response. Advanced threat intelligence and customizable alerts streamline processes and bolster security. While it faces challenges with log parsing, reporting, and dashboard intuitiveness, plans to enhance cloud integration and transition to Linux are noted.
What are the standout features?In industries like banking and finance, organizations utilize LogRhythm SIEM for centralized log management, security monitoring, and compliance. It helps detect insider threats, analyze server logs, correlate events, and monitor user behaviors. Appreciated for log ingestion and anomaly identification, it ensures robust cybersecurity and incident response by integrating data from multiple sources.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
