We performed a comparison between LogRhythm UEBA and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The comprehensiveness of Microsoft's threat detection is good."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The integration with other Microsoft solutions is the most valuable feature."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Good capability pinpointing specific cyber incidents."
"The tool's most valuable feature is server threat hunting."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"It has a lot of features. It has file integration monitoring."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The search features help us try to correlate information and identify any suspicious activity."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"The setup is fairly simple."
"We've found the pricing to be reasonable."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"We haven't had any issues with configurations or customizations."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"Sometimes, configurations take much longer than expected."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The search feature needs to be improved."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The UI could be improved a little bit."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"It is very expensive."
"The zero trust is a bit complicated compared to other parts of the solution."
"It should integrate with more tools. There are a lot of tools that can do the PTP dump."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"We'd like to see a few more integrations."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"Reporting could be a little bit better. They are working on it, and it is getting better."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 42 reviews. LogRhythm UEBA is rated 7.2, while Trend Vision One is rated 8.6. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Fortinet FortiEDR. See our LogRhythm UEBA vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.