LogRhythm SIEM Questions
Oct 18 2022
What do you like most about LogRhythm SIEM?
Thanks for sharing your thoughts with the community!
Oct 18 2022
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
Oct 18 2022
How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
Oct 18 2022
If you were talking to someone whose organization is considering LogRhythm SIEM, what would you say?
How would you rate it and why? Any other tips or advice?
I work as an information technology security specialist for a mid-sized bank.
I am currently researching SIEM solutions. Does LogRhythm NextGen SIEM offer good security? Would you recommend it?
Thanks! I appreciate your help.
Oct 18 2022
Please share with the community what you think needs improvement with LogRhythm NextGen SIEM.
What are its weaknesses? What would you like to see changed in a future version?
I would like to know the evaluation parameters and reviews for SIEM-Alien Vault and LogRhythm to implement in a banking environment in Gulf region.
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
What are your experiences with these vendors/solutions? Pros and Cons?
Security Information and Event Management (SIEM) Questions
Nov 17 2022
Hi community, I am a Service Delivery Manager at a medium-sized tech services company. I am researching PSIM (Physical Security Information Management). What are the main use cases and benefits of products that fall under this category? Thank you for your help. Read More »
Aug 05 2022
Hi dear professionals, Can you share with the community 2-3 top pain points you've been experiencing during the Security Information and Event Management (SIEM) solution purchase? How have you been able to overcome them, if at all? Thanks for sharing your knowledge with other peers. Read More »
Nov 11 2022
The GDPR compliance is demanding that we use automated event log monitoring on our 8-9 servers.
Which tool would you recommend using for this Windows environment? Why?
Thanks in advance for your help!
Hi everyone, I am looking for SIEM use cases and triggers. On this thread https://www.peerspot.com/questions/what-are-the-top-use-cases-to-implement-after-deploying-a-siem, @David Swift said he has written SANS papers. I have looked for them (in white papers and gold papers) and cannot find th... Read More »
Hi all,I'm a Tech Lead at a Tech Services company with 1K+ employees. I've been looking at the following SIEM products: Elastic Enterprise Search, IBM QRadar, LogRhythm NextGen SIEM, McAfee ESM, Splunk, Splunk Cloud and Elastic Security. Which SIEM would you recommend for an enterprise as the ... Read More »
Hi infosec professionals, What are the main architectural differences between those two technologies? What are the relations between the two of them? Are they complementary? What does an XDR solution provide that SIEM doesn't and vice versa? Thanks for sharing your knowledge with the community! Read More »
What are your top 5 (or less) cyber security trends in 2022?
Thanks in advance!
In your opinion, which is the best SaaS-based SIEM tool and why?
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
Oct 03 2022
Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?
Hi, community! Usually, when professionals administer the network, they use an Active Directory tool and a cybersecurity solution (e.g., EPP, anti-virus, or SIEM) separately. Are you aware of SIEM platforms that integrate these tools? Read More »
Hi infosec professionals,
Which deployment model should an enterprise organization choose and in which case?
Sep 15 2022
When would you suggest using an internal SOC and when SOC-as-a-Service? What are the pros and cons of each?
I'm working on a document about the Security Operation Center best practices, and I would like to get your inputs about it.
Have you tried Google Chronicle? What's your opinion about it?
What are your methods to automate Azure Sentinel content deployment?
Are you adopting a Detection-As-Code approach? What main challenges have you faced?
Thank you in advance!
Hot data is necessary for live security monitoring. Archive data (cold data) is not available fastly. It takes days to make archive data live if the archive data time frame is more than 30 days (in most of the SIEM solutions). As an example, SolarWinds said the attackers first compromised its... Read More »
What is the best way to deploy agents/sensors (such as a SIEM agent) in large-scale Windows environments?
Any hands-on tips or recommendations?
Sep 15 2022
Once a SIEM is deployed successfully, what are the top use cases you'd recommend to implement for the Microsoft environment?
Thank you in advance!
Which SIEM for small/medium-sized companies do you consider the most economical?
Splunk, Security Onion, UTMStack, other? What do you like about it vs other ones?
Is Rapid7 InsightIDR an efficient solution (to be used in SOC as an analysis tool) in comparison with other SIEM products, such as IBM QRadar, Splunk, and LogRhythm NextGen SIEM?
Hi community members,
Let's discuss what are the main differences between UEBA (User and Entity Behavior Analytics) and SIEM (Security Information and Event Management) solutions.
Aug 23 2022
Hi community members, We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting? Please share your opinions on how these trends are going to influence the future of the relevant tools and solutions used in SOC. Thanks! Read More »
I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions.
Can anyone help with the insights?
I have slowly switched our entire network over to Fortinet products over the past few years and been pleased with the products overall. I would like to utilize FortiSIEM for more robust monitoring and response, but the cost is extremely prohibitive for my company (<25 employees). Suggestions? Read More »
There are many cybersecurity tools available, but some aren't doing the job that they should be doing. What are some of the threats that may be associated with using 'fake' cybersecurity tools? What can people do to ensure that they're using a tool that actually does what it says it does? Read More »
How do log management and SIEM differ? Is it necessary to have separate tools for each function or can these functions be rolled into one solution? Which products are best for SIEM, and which are better for log management? Do you have recommendations of products that effectively combine both log... Read More »
Do you have recommendations for the best SIEM tool to invest in for a large financial services provider? What particular features of your recommended tool make it the best choice?
Hello community, What are the differences between how NDR and SIEM work? What are the pros and cons of each? Is it necessary to have both types of tools? Read More »
Can anyone advise on which SIEM will work best with Palo Alto Cortex XDR?
What features should companies look out for when selecting an event monitoring tool?
I work at mid-sized enterprise bank. I am researching SIEM solutions. Which is the best tool for security information and event management: Arcsight or Securonix?
SIEM and SOAR have a lot of components in common. How do they differ in the role they play in Cyber Security? If you've been working in cybersecurity, you've likely come across SOAR and SIEM technologies. There are differences between their capabilities, although they have a fair amount of commo... Read More »
Are event correlation and aggregation both needed for effective event monitoring and SIEM?
Is AWS Cloudwatch enough on its own, or is it a good idea to use a SIEM platform in conjunction with it? Read More »
I am the technical director of a science and technology division for the government.
Which SIEM solution would deliver the best ability to identify, protect, detect, respond and recover from a cyber attack?
Thanks! I appreciate your help.
Hi dear community members, There's a lot of SIEM solutions. SIEMs are not something you just install and wait for great things to happen, right? What questions should someone ask before purchasing a SIEM? Help your peers ask the right questions so that they'll make the best decision. Thanks Read More »
SIEM is one of the fastest trending topics on IT Central Station. Why do companies need to purchase SIEM? Is it due to compliance reporting, system monitoring, intrusion detection, or something else? Why is it so important? Thanks for helping your peers cut through vendor hype and make the r... Read More »
My organization has one last piece to the puzzle in our completion for NIST 800-171 compliance. I know nothing about Network Security and Event Management. I have a team of two Systems and Network Admins that already spend a lot of time ensuring the organization is running smooth, dealing with an... Read More »
I do not have a business email address. How can I download PDFs?
Is there any comparison criteria on Tableau depicting SIEM vendors weaknesses and strengths?
We're looking for real-life experience on behalf of a client in integrating QRadar data into Splunk ES, or Splunk/Splunk ES into QRadar or both into a 3rd option for PA/SA. This client has one of the largest and most complex networks among the federal agencies, currently is using both products in... Read More »
Features comparison between AlienVault, Solarwinds LEM, HPE Arcsight, and any other similar enterprise grade products
I am looking for features comparison between AlienVault, SolarWinds LEM, HPE Arcsight, and any other similar enterprise grade products. Can you share a feature comparison document?
I would like to understand the basic difference between Nessus and Arcsight. Thanks.
I'm comparing RSA Envision to some of its competitor SIEM products. Can you help me with a comparison matrix?
When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
One of our community members wrote that what's important is "compatibility with diverse sources, including the ability to adapt to unknown ones, performance, and the ability to do multi-level correlation." What do you think? See other excellent answers below. Let the community know what you t... Read More »
Looking at SolarWinds LEM as a SIEM tool. Several of my managers are questioning the scalability for a global deployment. I am having difficulty providing adequate information as to its distributed architecture and the ability to access the raw (and/or) normalized data directly so that I can ex... Read More »
The Wall Street Journal this week reported on new additions to the Splunk App to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data. The app also includes new features to help users connect and visualize data on the fly and introduces guid... Read More »
Has anyone got experience in deployment of a SIEM solution using either McAfee Nitro or IBM Qradar or AlienVault USM? I am looking to understand the pitfalls associated. I find that the vendor documentation is often short on specifics in relation to the overall components needed and am concerned ... Read More »
Download our free LogRhythm SIEM Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2022
- Between Alien Vault and LogRhythm, which solution is suitable for Banks in Gulf Region
- IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
- Does LogRhythm NextGen SIEM offer good security?
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- What Questions Should I Ask Before Buying SIEM?