We performed a comparison between LogRhythm UEBA and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"It has great stability."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The tool's most valuable feature is server threat hunting."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"Good capability pinpointing specific cyber incidents."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The solution's most valuable features are the graphical user interface and the reporting."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"We had a quick deployment. The solution is easy to set up."
"We can scale the product as needed."
"Scaling is not a problem at all."
"It has good vulnerability protection."
"The most valuable feature is the network protection shield on every server, which isolates attacks and prevents our clients from being affected."
"The setup is fairly simple."
"The zero-day vulnerability is valuable."
"There could be a way to proactively monitor unusual activity ."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The cloud version is lacking and not up to par."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The UI could be improved a little bit."
"The search feature needs to be improved."
"Trend Micro doesn't have the next-generation firewall."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"It would be ideal if they could improve the control of connectivity between sensors."
"The centralized dashboard has room for improvement."
"The information captured by Trend Vision One needs to be more detailed."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"I would like to have more integration with mobile device management."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trend Vision One is ranked 5th in Extended Detection and Response (XDR) with 42 reviews. LogRhythm UEBA is rated 7.2, while Trend Vision One is rated 8.6. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Secureworks Taegis XDR, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and Fortinet FortiEDR. See our LogRhythm UEBA vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.