We performed a comparison between LogRhythm SIEM and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The GUI is very intuitive and the solution has good integration."
"We now have a central point of monitoring for all potential threats."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"The security operation center is excellent."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"It supports most standard log sources."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"Performance and reporting are very good."
"The most valuable features are the integration and ease of use."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"NetWitness can be highly beneficial for incident detection and response."
"It's quite economical compared to other solutions in the market."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"One area for improvement in LogRhythm NextGen SIEM is that it's a Windows-based tool, and I feel it should be on the Linux operating system instead. Another area for improvement in the tool is the UI. There should be minor changes in the UI to make it better, though I like the dashboards in LogRhythm NextGen SIEM."
"The product's stability needs improvement."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"The responses provided by the cloud team are inefficient."
"Sometimes the Platform Manager crashes because it's built around Windows."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"The user interface is a little bit difficult for new users and it needs to be improved."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The initial setup is complex. There are other solutions that are easier to implement."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"The implementation needs assistance."
LogRhythm SIEM is ranked 8th in Log Management with 166 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. LogRhythm SIEM is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Fortinet FortiSIEM. See our LogRhythm SIEM vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.