We performed a comparison between LogRhythm SIEM and Recorded Future based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Free ingestion for Azure logs (with E5 licence)"
"The UI of Sentinel is very good and easy to use, even for beginners."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"The GUI is very intuitive and the solution has good integration."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"The most valuable features of the solution are network monitoring, user behavior analytics, and log collection."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"The feature that makes it usable is the web interface."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"It can collect data from various sources, including social media and the dark web."
"The solution is diverse and provides me with a lot of different mechanisms for evaluation."
"The most valuable feature is Recorded Future's protection of exposed customer data on the hardware side."
"The intel that they were providing us over the emails was very good. If it found any hashtag in our organization's name on the dark web, a rogue IP, or a marketplace, it would send us an email and notify us that this is being mentioned, and if we want, they can take some action."
"Has the ability to conduct and build any query without limitations."
"The most valuable feature of Recorded Future is how it detects everything regarding our domain."
"From the feedback I've received from my clients, the most valuable feature is the ability to personalize the solution. The ability to have a customized dashboard makes it easy for leadership and management to obtain details. Intelligence analysts or security engineers care about the actions and results, whereas the leadership care about graphs and reports. Recorded Future helps my clients create reports and also determine how the intelligence that is generated is consumed. They can easily show the benefits to the leadership without them having to invest 10 hours a week into transferring numbers into a graph or into creating reports."
"As a threat intelligence tool, it's very helpful."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"The AI capabilities must be improved."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The on-prem log sources still require a lot of development."
"Sentinel's reporting is complex and can be more user-friendly."
"The solution should allow for a streamlined CI/CD procedure."
"The troubleshooting has room for improvement."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"More help and assistance with some of the open source products, everything seems to be focused on Windows versus giving some guidance and some documentation on how to use it."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"When you add one website to Recorded Future, it should automatically call all other websites and social media platforms."
"Recorded Future is a very expensive solution, and its pricing could be improved."
"It sometimes detects false positives and reduces the overall accuracy of the system."
"The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload."
"At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations."
"Lacks sufficient visibility of malware and international APT attacks."
"We can get the data of different malware active throughout the globe, but it would be good if we can do sandboxing of a file. For example, on Any Run, we can perform sandboxing of malware along with their intel about a particular file or hash. It would be great if they have a feature like that."
"There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Recorded Future is ranked 1st in Threat Intelligence Platforms with 10 reviews. LogRhythm SIEM is rated 8.4, while Recorded Future is rated 8.6. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Recorded Future writes "Traceless online searches, stable, and scalable". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Fortinet FortiSIEM and LogRhythm Axon, whereas Recorded Future is most compared with ZeroFOX, CrowdStrike Falcon, Intel 471, Digital Shadows and Anomali ThreatStream.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.