We performed a comparison between Darktrace and LogRhythm UEBA based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The good part is that you don't have to configure it, which is very convenient."
"The basic features are okay and I'm satisfied with the Defender."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"The product is not resource-intensive."
"At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us."
"I would say that 90% of the spam and phishing attack emails get blocked right off the bat."
"I am impressed with the product's ability to give insights into network traffic."
"The platform has many modules, and each module examines a different situation in the behavior."
"The solution is stable. We've never had any problems with it."
"The active threat dashboard is the most valuable feature of this solution."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"The NDR is good in their solution and they have NTG for email."
"The most valuable features are file activity monitoring and registry activity monitoring."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"Good capability pinpointing specific cyber incidents."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The solution's most valuable features are the graphical user interface and the reporting."
"The tool's most valuable feature is server threat hunting."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"The visibility for the weaknesses in the system and unauthorized access can be improved."
"The phishing and spam filters could use some improvement."
"The pre-sales cost calculations could be more transparent."
"One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration."
"I'd like some additional features any product can give me to protect our environment in a better way."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"The initial setup is more complex and time-consuming than some solutions."
"The module can improve so that every time it's more intelligent."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"The pricing model is a little too high and could be more flexible."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The cloud version is lacking and not up to par."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The search feature needs to be improved."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 12th in Email Security with 66 reviews while LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews. Darktrace is rated 8.2, while LogRhythm UEBA is rated 7.2. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas LogRhythm UEBA is most compared with Wazuh, CrowdStrike Falcon, Microsoft Purview Insider Risk Management, Trend Micro Deep Discovery and Aruba IntroSpect.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.