We performed a comparison between LogRhythm UEBA and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"Microsoft Defender XDR is scalable."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The tool's most valuable feature is server threat hunting."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"It has a lot of features. It has file integration monitoring."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"It also allows multifunctionality within a single platform."
"Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features."
"The endpoint protection and disk encryption features are the most valuable."
"The primary reason the solution is good is because of its ease-of-use."
"The loss prevention feature would be the most valuable."
"The package of protection that it provides is useful. It has antivirus, malware protection, VPN, and a whole bunch of other features."
"The initial setup is straightforward, not complex."
"I like trap prevention DNS and threat prevention."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The tool gives inconsistent answers and crashes a lot."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The UI could be improved a little bit."
"The cloud version is lacking and not up to par."
"The search feature needs to be improved."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
"The price of the solution is high in Asia."
"Tech support is not as helpful as they were in the past."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"It would be a lot easier if I could add multiple user accounts within a single device."
"McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews. LogRhythm UEBA is rated 7.2, while Trellix Endpoint Security is rated 8.0. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Microsoft Purview Insider Risk Management and Trend Micro Deep Discovery, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our LogRhythm UEBA vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.