Logpoint and Trellix Active Response are both robust cybersecurity solutions. While users report being happier with Logpoint's pricing and support, Trellix Active Response offers more expansive features, providing better value overall.
Features: Logpoint is praised for its intuitive, customizable dashboards and comprehensive log management capabilities. Additionally, it offers real-time monitoring. Trellix Active Response stands out for its advanced threat detection, automated response features, and extensive integration capabilities. Despite Logpoint's strong offerings, Trellix's superior threat detection capabilities give it an edge.
Room for Improvement: Users suggest Logpoint could enhance integration with third-party tools, improve documentation quality, and streamline its user interface. For Trellix Active Response, users feel it could benefit from simplifying the setup process, reducing the learning curve, and optimizing its user interface for better usability. Trellix's initial complexity is a more common concern.
Ease of Deployment and Customer Service: Logpoint users find the deployment relatively straightforward and appreciate responsive customer service. Trellix Active Response poses challenges during setup, but users find customer service effective once past deployment hurdles. Logpoint's ease of deployment is generally better received, although both products have strong support teams.
Pricing and ROI: Logpoint is often noted for its competitive pricing and favorable ROI. Trellix Active Response, while perceived as pricier, justifies this cost with its advanced features and higher ROI due to enhanced threat detection capabilities. Logpoint is more cost-effective upfront, but Trellix's features potentially offer a greater long-term return.
While we haven't yet quantified the financial benefits, we recognize that there has been a return on investment, particularly with operational efficiencies provided by the alerts.
The technical support for Logpoint is very good, and I would rate it as nine out of ten.
Logpoint's customer support is not sufficient with only one engineer in the US.
It is web-based and accommodates the expansion of our organization.
Logpoint is scalable and capable of expanding.
The scalability of Active Response is satisfactory.
I have received reports indicating glitches and downtimes with Logpoint.
Dealing with foreign entities for support was a challenge, leading us to switch providers due to lack of adequate support.
Logpoint needs to be cloud-native, as currently, it is not.
We would like Trellix to optimize the technology for these systems similarly to how it is deployed for normal endpoints.
I rate the pricing at eight, suggesting it's relatively good or affordable.
Based on our evaluations, Trellix Active Response's pricing was the most feasible from a cost perspective.
The UEBA enables us to monitor at the device level, and SOAR provides playbooks and templates that we can modify and incorporate into the platform.
It effectively facilitates logging and log storage and assists in security event management by ingesting security events.
They notify us immediately of any vulnerabilities on the endpoints, allowing us to deploy a response quickly.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Benefits of Logpoint
Some of the benefits of using Logpoint include:
Reviews from Real Users
Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.
The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”
A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”
Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.
Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.
Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
