Try our new research platform with insights from 80,000+ expert users

Darktrace vs LogRhythm UEBA comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Darktrace
Ranking in Extended Detection and Response (XDR)
6th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
77
Ranking in other categories
Email Security (9th), Intrusion Detection and Prevention Software (IDPS) (1st), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), AI-Powered Chatbots (2nd), Cloud Security Posture Management (CSPM) (15th), Cloud-Native Application Protection Platforms (CNAPP) (12th), Attack Surface Management (ASM) (3rd), AI-Powered Cybersecurity Platforms (2nd)
LogRhythm UEBA
Ranking in Extended Detection and Response (XDR)
25th
Average Rating
7.0
Reviews Sentiment
6.7
Number of Reviews
11
Ranking in other categories
User Entity Behavior Analytics (UEBA) (11th)
 

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Darktrace is 9.7%, down from 10.3% compared to the previous year. The mindshare of LogRhythm UEBA is 1.1%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Peter-Murphy - PeerSpot reviewer
Enables proactive threat detection and immediate response through AI monitoring
The most valuable feature of Darktrace is its ability to detect and counter threats before they occur. The autonomous response capability is always enabled, blocking threats immediately without hesitation. Additionally, the Darktrace email platform is a significant asset since it addresses incoming threats before they reach the network, enhancing our security measures. Protecting the business is essential, and ensuring security through 24/7 AI monitoring is invaluable.
Sheikh Abu Ayub Azad - PeerSpot reviewer
Great at managing cyber incidents; the technical support could be improved
The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is that it works autonomously."
"Darktrace is very stable, and I would rate its stability a ten out of ten."
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"The product offers us a very good user interface and we've found the network visibility to be very good so far."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"One thing I appreciate is Antigena Email, which is for email protection."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The solution's most valuable features are the graphical user interface and the reporting."
"The tool's most valuable feature is server threat hunting."
"I can investigate attacks more quickly using machine learning tools."
"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."
"Good capability pinpointing specific cyber incidents."
"The most valuable features are file activity monitoring and registry activity monitoring."
 

Cons

"Darktrace could improve its features, such as monitoring and detecting ransomware."
"Darktrace does not have any capabilities to configure."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"This is quite an expensive product so the pricing is something that can be improved."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"In general, if something needs to be improved in the algorithm, it would be the dashboards."
"The search feature needs to be improved."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The UI could be improved a little bit."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
 

Pricing and Cost Advice

"The pricing is reasonable."
"It is pretty expensive, but it is worth it. Its licensing is yearly."
"If you consider the features and the cost of market leaders, we are satisfied with the pricing."
"The pricing is expensive. It costs over $100,000 a year."
"We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once. Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution."
"It is a very expensive product."
"The cost is moderate."
"When it comes to large installations, it can be expensive, but for small accounts it's fine."
"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
"It is quite a budget-friendly product."
"Licensing is on a yearly basis. It's not expensive compared to its competitors."
"LogRhythm UEBA's pricing is affordable for small and medium businesses."
"The pricing is nice when compared to other products in the industry."
"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Manufacturing Company
8%
Financial Services Firm
8%
Government
7%
Computer Software Company
19%
Financial Services Firm
11%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
What do you like most about LogRhythm UserXDR?
The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
What is your experience regarding pricing and costs for LogRhythm UserXDR?
I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
What needs improvement with LogRhythm UserXDR?
In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
 

Also Known As

No data available
LogRhythm UserXDR, LogRhythm Enterprise UEBA
 

Overview

 

Sample Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Information Not Available
Find out what your peers are saying about Darktrace vs. LogRhythm UEBA and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.