We performed a comparison between LogRhythm UEBA and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product integrates security into one tool instead of having third-party security tools."
"The summarization of emails is a valuable feature."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"Good capability pinpointing specific cyber incidents."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"The solution's most valuable features are the graphical user interface and the reporting."
"It has a lot of features. It has file integration monitoring."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"Dynamic Application Containment."
"The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security."
"Communication with all Mcafee products (also 3rd parties) by DXL infrastructure."
"The solution offers very good endpoint security."
"It's easy to use."
"The initial setup of Trellix Endpoint Security was straightforward."
"It has been protecting us for many years, and we hope it will continue to do so for many years to come."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"We should be able to use the product on devices like Apple, Linux, etc."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The tool gives inconsistent answers and crashes a lot."
"Sometimes, configurations take much longer than expected."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Intrusion detection and prevention would be great to have with 365 Defender."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The search feature needs to be improved."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The cloud version is lacking and not up to par."
"The UI could be improved a little bit."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"The software download features could stand improvement."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"It would be nice if the solution was a bit more stable."
"While we are pleased with the endpoint solution, there should also be a separate one for the firewall."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
"They can improve its resource consumption, such as memory, and maybe provide better or smaller updates. It always takes a lot of resources, but it has been getting better. I have been using McAfee products for the last 20 years or so, and I know it is getting better."
"The initial setup is complex. It is a very complex product. You must have experience with it."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews. LogRhythm UEBA is rated 7.2, while Trellix Endpoint Security is rated 8.0. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Microsoft Purview Insider Risk Management and Trend Micro Deep Discovery, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our LogRhythm UEBA vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.