CyberSponse was a security orchestration, automation and response (SOAR) solution, now known as FortiSOAR. Fortinet acquired and now supports the solution (December 2019).
N/A
LogRhythm NextGen SIEM Platform
Score 7.5 out of 10
N/A
The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.
N/A
Pricing
FortiSOAR
LogRhythm NextGen SIEM Platform
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FortiSOAR
LogRhythm NextGen SIEM Platform
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
FortiSOAR
LogRhythm NextGen SIEM Platform
Features
FortiSOAR
LogRhythm NextGen SIEM Platform
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
FortiSOAR
-
Ratings
LogRhythm NextGen SIEM Platform
7.4
Ratings
4% below category average
Centralized event and log data collection
00 Ratings
9.00 Ratings
Correlation
00 Ratings
8.10 Ratings
Event and log normalization/management
00 Ratings
8.00 Ratings
Deployment flexibility
00 Ratings
4.60 Ratings
Integration with Identity and Access Management Tools
I recommend it to all companies with scenarios that are looking for a SOC queue management tool, vulnerabilities, assets, indicators, visualization panels with alarms and real-time notifications, and personalized reports of all the functions present in the tool. It's easy to install and configure on a VM. The interface is user-friendly and fully customizable and can even create infinite mini-panels of platforms, incidents, alarms, and other functions. The price is great and it's an investment to improve security and visibility and incident handling.
LogRhythm is good for providing a comprehensive view of the environment. It gives a great outline of whatever is going on in our servers and systems regarding security malfunctions. The SIEM sends real-time notifications when there are some occurrences; like creating a new user and inappropriate login attempts. It also avails a good use case that meets our HIPAA compliance.
LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Training Services- Fortinet offers courses geared towards administration and designed and development of FortiSOAR , Which required multiples access , we need all training services with self pace basis , I think here Fortinet need to improve.
Licensing Model- Being as a new technology Licensing model should be crystal & Clear, be it Concurrent Users or The number of FortiSOAR nodes there should be no ambiguity .
LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases.
LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful.
Support has always been fantastic for this product compared to many other support providers I've worked with. They are always very friendly and seem to be well trained and knowledgeable and never have to wait long for a solution. We usually get the issue fixed in the first call, but also we really haven't had to use support a ton so that's also a plus
Done prove of concept (POC) thoroughly , where we judged the solution on every aspect & We came to know FortiSOAR will work well in our environment as it is blended with features like Case managements , Product Flexibility * Scalable Architecture . These features were much required to optimum use of our SOC solution. Since we have all the Fortinet security stack in our environment it helped us a lot in selection (POC) and also commercially.
The only thing we chose LogRhythm NextGen SIEM Platform for is to allow the Security Analysts to work on the dashboards which don't know much about programming and query languages but has good intuition about cyber-security. It is easy to get hands-on compared to Splunk, which has an initial learning curve before being able to start harnessing its true power. Also, the ticketing system is quite fancy and somehow shows us the recent tickets that we need to jump on, which is not in Splunk.
