We performed a comparison between Darktrace and LogRhythm UEBA based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Microsoft Defender for Office 365 is a stable solution."
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"Defender helps us prioritize threats across our organization."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Does a thorough job of examining email and URLs for malicious content."
"The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint."
"Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"One thing I appreciate is Antigena Email, which is for email protection."
"Artificial intelligence and machine learning functionalities are valuable."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"The solution is outstanding from a monitoring perspective."
"I find it very good in the way that they show the past events, including the attack history."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"Good capability pinpointing specific cyber incidents."
"The solution's most valuable features are the graphical user interface and the reporting."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"It has a lot of features. It has file integration monitoring."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"We need a separate license and we don't know how to get the license that is required."
"The pre-sales cost calculations could be more transparent."
"Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features."
"Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."
"The pricing model is a little too high and could be more flexible."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."
"It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"I believe their network monitoring device licensing module could use some improvement."
"The initial setup is more complex and time-consuming than some solutions."
"It's quite expensive to have."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The search feature needs to be improved."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The UI could be improved a little bit."
"The cloud version is lacking and not up to par."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews. Darktrace is rated 8.2, while LogRhythm UEBA is rated 7.2. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas LogRhythm UEBA is most compared with Wazuh, CrowdStrike Falcon, Trend Micro Deep Discovery, Aruba IntroSpect and Microsoft Purview Insider Risk Management.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.