We performed a comparison between IBM Security QRadar and LogRhythm UEBA based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender is a good solution and easy to use."
"I have found the ability to delete unwanted threats beneficial."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The UBA feature is the most valuable because you can see everything about users' activities."
"I like that it's easy to use and the performance is good."
"The most valuable feature is user behavior analytics (UBA)."
"This solution has allowed us to correlate logs from multiple sources."
"The solution is easy to use, manage, and review all incidents."
"The scalability is very good. It's not a problem."
"Overall a great solution."
"A nice benefit is when we go to the process of selecting our youth cases, they go by building blocks. QRadar links it to building blocks."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"It has a lot of features. It has file integration monitoring."
"The tool's most valuable feature is server threat hunting."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"Good capability pinpointing specific cyber incidents."
"The solution's most valuable features are the graphical user interface and the reporting."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The most valuable features are file activity monitoring and registry activity monitoring."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Stability could be improved by avoiding frequent changes to the interface."
"The mobile app support for Android and iOS is difficult and needs improvement."
"The management and automation of the cloud apps have room for improvement."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"The dashboards are all legacy and old."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"Technical support is good, but not great."
"The whole process for support is something that needs to be improved."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"Whenever we are upgrading or installing any type of patch, at that time we have some delays."
"The cloud version is lacking and not up to par."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The UI could be improved a little bit."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The search feature needs to be improved."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews. IBM Security QRadar is rated 8.0, while LogRhythm UEBA is rated 7.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Microsoft Purview Insider Risk Management and Splunk User Behavior Analytics. See our IBM Security QRadar vs. LogRhythm UEBA report.
See our list of best User Entity Behavior Analytics (UEBA) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.