No more typing reviews! Try our Samantha, our new voice AI agent.

IBM X-Force Exchange vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM X-Force Exchange
Average Rating
8.2
Reviews Sentiment
8.6
Number of Reviews
4
Ranking in other categories
Threat Intelligence Platforms (TIP) (16th)
LogRhythm SIEM
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
176
Ranking in other categories
Log Management (14th), Security Information and Event Management (SIEM) (14th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. IBM X-Force Exchange is designed for Threat Intelligence Platforms (TIP) and holds a mindshare of 1.5%, down 1.5% compared to last year.
LogRhythm SIEM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 2.5% mindshare, down 3.1% since last year.
Threat Intelligence Platforms (TIP) Mindshare Distribution
ProductMindshare (%)
IBM X-Force Exchange1.5%
Recorded Future6.7%
CrowdStrike Falcon4.6%
Other87.2%
Threat Intelligence Platforms (TIP)
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
LogRhythm SIEM2.5%
Splunk Enterprise Security7.3%
IBM Security QRadar5.3%
Other84.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

JohnTamakloe - PeerSpot reviewer
Solutions Architect at ostec
A threat intelligence platform aiming to enhance its intelligence
It falls under the category of AI-embedded threat intelligence, which makes detection more efficient by reducing the rate of false positives and improving the overall detection rate. When the threat intelligence alone doesn’t provide enough information, we use other methods to verify the threat. For example, IBM has its threat intelligence team and tools. If the threat intelligence doesn’t yield much information, the tool has a framework that can identify suspicious activity. We then use our judgment and experience to implement compensating controls, whether for a potentially malicious patch, IP address, or any other threat. Customers benefit from it, even if they’re not directly integrating it. Through our service, they receive the benefits of the integration. Overall, I rate the solution a nine out of ten.
SumitKumar20 - PeerSpot reviewer
Security Engineer at Granicus Inc.
Tool consistently aids in effective threat detection and monitoring but could benefit from improved log source management and resource optimization
One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This product has helped to increase staff productivity."
"It's quite integratable so you can actually integrate and get IP malware and URL information. It also gives you some form of intelligence into what you're trying to investigate or what you're trying to understand."
"IBM X-Force has shortened our lifecycle for cyber security investigations, allowing me to quickly leverage a tool that gives quick visibility, quick understanding, quick investigation, quick drill down, and the ability to close offenses and issues as fast as I can."
"One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent."
"The most valuable feature is you have the expertise of human experience directly involved. There is a team of experts."
"So far, my experience has been seamless."
"In general, the visibility of events and advanced analysis of events are good."
"LogRhythm's improved our organization by allowing all sorts of members of the organization to be able to access this data in a much easier way than they have been able to in the past."
"We should be able to response to threats and gain visibility into our environment that we don't currently have."
"It makes it possible to stay aware of much more of what's going on; we get an overview, a macro view that we can zoom in on as opposed to prior to that when we had individual panes of glass and might be stuck in the firewall interface for half a day while something going on is not getting addressed that we really should probably investigate."
"We really appreciate the new cloud functionality."
"You can request support and they respond immediately."
"NextGen SIEM's best feature is how it presents logs."
 

Cons

"We would like to have more AI capabilities to detect threats and improve its productivity from a cybersecurity standpoint."
"I would like to see better integration with other systems, solutions, and vendors."
"It is very expensive."
"You have to look for the new information from X-Force. X-Force will provide it but you have to look for it. We need clearer visibility."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"Apparently, it's sitting in a state that's getting a little stale."
"Sometimes, LogRhythm will parse the rule but perhaps it won't get every little detail out of the rule."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"Right now you have to apply what they call RIM policies, Registry Integrity Monitoring policies, one agent at a time. If you have thousands of endpoint agents, you have to touch each one of those one at a time."
 

Pricing and Cost Advice

"One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent."
"Cost is clearly a consideration, but the important thing is what we do with the data and how we protect it."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"Everything is expensive with LogRhythm, and you don't get anything for free."
"In the context of our country, the price of this solution is too high."
"I would rate the tool's pricing around eight out of ten."
"NextGen SIEM's pricing is moderate."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"I give the price a six out of ten."
report
Use our free recommendation engine to learn which Threat Intelligence Platforms (TIP) solutions are best for your needs.
904,680 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Construction Company
10%
Outsourcing Company
8%
Comms Service Provider
8%
Construction Company
13%
Financial Services Firm
10%
Manufacturing Company
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business38
Midsize Enterprise39
Large Enterprise83
 

Questions from the Community

What is your primary use case for IBM X-Force?
It's a threat intelligence platform, and we aim to enhance its intelligence by integrating additional security solutions.
What advice do you have for others considering IBM X-Force?
It falls under the category of AI-embedded threat intelligence, which makes detection more efficient by reducing the rate of false positives and improving the overall detection rate. When the threa...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat bette...
What is your experience regarding pricing and costs for LogRhythm SIEM?
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar, although I have not been involved in negotiation charges; however, from the manager's approval, I see it as affordable.
 

Also Known As

X-Force Exchange, X-Force
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

Information Not Available
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about Recorded Future, CrowdStrike, Anomali and others in Threat Intelligence Platforms (TIP). Updated: June 2026.
904,680 professionals have used our research since 2012.