We performed a comparison between Darktrace and LogRhythm UEBA based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"Microsoft Defender for Office 365's most valuable features are safe attachments and safe links."
"The good part is that you don't have to configure it, which is very convenient."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"The initial setup was easy."
"Microsoft Defender for Office 365 is a stable solution."
"Defender helps us prioritize threats across our organization."
"Since we have started using the solution, there have been fewer compromises."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"I find it very good in the way that they show the past events, including the attack history."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"It is a very simple product to use."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"It has a lot of features. It has file integration monitoring."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The solution's most valuable features are the graphical user interface and the reporting."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"Good capability pinpointing specific cyber incidents."
"The most valuable features are file activity monitoring and registry activity monitoring."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"We need a separate license and we don't know how to get the license that is required."
"This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"The pricing model is a little too high and could be more flexible."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"The initial setup is more complex and time-consuming than some solutions."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"The interface and dashboards could be improved for ease-of-use."
"The pricing is a bit high for the region."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The search feature needs to be improved."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The UI could be improved a little bit."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews. Darktrace is rated 8.2, while LogRhythm UEBA is rated 7.2. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas LogRhythm UEBA is most compared with Wazuh, CrowdStrike Falcon, Trend Micro Deep Discovery, Aruba IntroSpect and Microsoft Purview Insider Risk Management.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.