Home IT LogRhythm NextGen SIEM
LogRhythmNextGenSIEMreviews

LogRhythm NextGen SIEM

Integrated SIEM platform for rapid threat detection, response, and neutralization
our rating 4 out of 5 Stars

LogRhythm NextGen SIEMProduct Overview

  1. About LogRhythm NextGen SIEM
  2. Pros of LogRhythm NextGen SIEM
  3. Cons of LogRhythm NextGen SIEM
  4. Breakdown of core features

LogRhythm NextGen SIEM product overview

LogRhythm NextGen SIEM platform delivers security analytics, UEBA, NTA, and SOAR within a single, integrated platform for rapid detection, response, and neutralization of threats. It strengthens the maturity of security operations, better aligning the technology, team, and processes.

LogRhythm compiles user and host data into one view to create a straightforward security narrative to help the team quickly remediate the attack. Its intuitive, high-performance analytics and seamless incident response workflow allow teams to uncover threats faster, mitigate risks more efficiently, and produce measurable results.

The platform combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps.

Pros of LogRhythm NextGen SIEM

Back to top ↑

  • IT teams can improve threat detection with the software’s advanced models and machine learning (ML) that reduces false positives.
  • LogRhythm automates mundane tasks, letting users focus on complex problems that require creativity.

Cons of LogRhythm NextGen SIEM

Back to top ↑

  • According to users, setting up the platform is complex.
  • It offers limited in-depth documentation.

Breakdown of core features

Back to top ↑

Log management

LogRhythm enables users to understand what their data means. The software specializes in normalizing log and machine data and identifying actionable insights, so IT professionals can protect the network and automate compliance, threat detection, and response. It collects from every device, application, and sensor in the environment. Furthermore, its Machine Data Intelligence (MDI) Fabric classifies and contextually structures every log message to bring deep intelligence into over 800 unique data source types.​

Search analytics

The platform’s Elasticsearch-based back-end allows for both Contextual Search and Unstructured Search. Unstructured Search lets users search data based on keyword criteria. On the other hand, Contextualized Search gives a more precise search so users can get to the correct data and make fast decisions. LogRhythm displays data in an intuitive UI, leveraging customizable analysis widgets. Powered by people and supported by technology, security operations teams can use search analytics to actively hunt for threats.

Automated incident response​

LogRhythm’s SmartResponse™ empowers teams to decide the best solution to automate work so members can focus on complex incident responses that call for skill. IT teams can choose from fully-automated playbook actions or semi-automated, approval-based response actions that allow users to review before executing countermeasures. Users can also identify the network port where a suspicious device is and disable the port or device.

MITRE ATT&CK

The software presents actionable intelligence based on known adversary behaviors modeled from specific threat observations. Its MITRE ATT&CK features provide immediate insight for security teams to respond effectively and address gaps in their security visibility, operations, and infrastructure. LogRhythm has prebuilt content mapped to ATT&CK within the platform, including analytics, dashboard views, and threat hunting tools. This content enables users to detect adversaries and improve their security programs as prescribed by the MITRE ATT&CK framework.

(Last updated on 04/13/2022 by Liz Laurente-Ticong)

Quick Facts

  • Industry Specialties
    All Industries
  • Pricing
    Average
  • Works Best For
    Any Sized Businesses

Screenshots

LogRhythm1LogRhythm2LogRhythm3LogRhythm4

Video

Features

  • Log management
  • Automated incident response​
  • MITRE ATT&CK
  • Threat Detection
  • Machine Data Intelligence (MDI) Fabric
  • Security analytics
  • Security Information and Event Management (SIEM)
  • Security Orchestration, Automation, and Response (SOAR)
  • User and Entity Behavior Analytics (UEBA)

Integrations

  • Box
  • Cilasoft
  • Cisco
  • Code42
  • Digital Defense
  • Fortinet
  • Okta
  • Palo Alto Networks
  • Qualys
  • SentinelOne

Pricing Model

  • Subscription or perpetual license

Languages

  • English