We performed a comparison between Cynet and LogRhythm UEBA based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"It is a very stable solution...It is a very scalable solution...The initial setup of Cynet was easy."
"Cynet is light and transparent when downloaded. The product's data aggregation is also valuable since you can see everything you need on a page."
"We are very satisfied with the level of performance we get."
"The initial setup is very fast and very easy."
"The most valuable feature is the monitored support behind it."
"It's transparent, so it's not something where every user has to press a button to download or do the thing. It is centralized, in fact. Personally, I use Malwarebytes and other tools, which are fine for home use. Cynet is also relatively silent in terms of operation, except when it's required to act."
"The product is very easy to use. Customers really appreciate that."
"I like the Cynet Correlator™ feature."
"Good capability pinpointing specific cyber incidents."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"It has a lot of features. It has file integration monitoring."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The tool's most valuable feature is server threat hunting."
"The solution's most valuable features are the graphical user interface and the reporting."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"I cannot provide more details about Cynet's automation features. While Cynet claims to be automated, the specifics of this automation are unclear. They claim to have a high capability to detect and block attacks, but I am cautious about companies that claim to solve every problem without limitations. It does help in identifying malware on the network but doesn't specifically identify vulnerabilities."
"They have some things in the pipeline, we understand, and they're going to be able to support Android and all these other devices soon. The key is the devices - which is an aspect that is lacking right now. Every company has that problem, not just Cynet."
"Management of the console could be simplified and made more user-friendly because right now it's not very easy to use."
"The solution lacks URL filtering."
"The inability to add contact information inside the Cynet is also an issue because it makes things more complicated. I would like to have a simple feature to enter a contact name and number for the person taking care of that unit or that server."
"Automation could be improved, and orchestration could be added to the features."
"Most of their times are in Greenwich Mean Time. I would like to see more local time zones."
"The reporting functionality in Cynet may not be as comprehensive or flexible as desired."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The search feature needs to be improved."
"The cloud version is lacking and not up to par."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The UI could be improved a little bit."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
Cynet is ranked 4th in User Entity Behavior Analytics (UEBA) with 35 reviews while LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews. Cynet is rated 8.8, while LogRhythm UEBA is rated 7.2. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Microsoft Purview Insider Risk Management and Trend Micro Deep Discovery. See our Cynet vs. LogRhythm UEBA report.
See our list of best User Entity Behavior Analytics (UEBA) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
