Logpoint and Trellix Helix Connect compete in the security information and event management (SIEM) category. Logpoint holds an advantage with its cost-effective pricing and advanced correlation engine, while Trellix Helix Connect excels with AI-driven threat detection and a broad ecosystem for integration.
Features: Logpoint provides a sophisticated logging and analysis platform featuring a fast setup, user-friendly search, dashboards, and log collection. It integrates seamlessly with third-party SIEMs and features a unique translation service for obscure log formats. Trellix Helix Connect focuses on speed and AI capabilities, offering advanced threat detection, integration with over 400 connectors, and an enriched ecosystem suitable for large environments.
Room for Improvement: Logpoint struggles with complex log handling and needs better third-party integration and user guidance. Improvements in UI, flexibility, and cloud-native capabilities could enhance its competitiveness. Trellix Helix Connect is perceived as expensive with a need for improved integration and licensing structures. Additionally, enhancements in its graphical interface and access to professional services are desired by users.
Ease of Deployment and Customer Service: Logpoint primarily offers on-premises deployment with some hybrid cloud options and satisfactory initial support, though advanced support is challenging due to limited staff. Trellix Helix Connect provides cloud-native deployments and receives mixed customer service reviews, noting delays in response. Both solutions lack a strong US presence, impacting support delivery.
Pricing and ROI: Logpoint offers competitive pricing based on device count, appealing to cost-conscious users, delivering predictability, and value especially for SOC services. Trellix Helix Connect's pricing is higher but justified for enterprise-level capabilities, with additional licenses required for third-party logs. Both solutions show ROI through effective log management and compliance facilitation, though Logpoint's model is noted for better cost stability.
The technical support for Logpoint is very good, and I would rate it as nine out of ten.
Logpoint's customer support is not sufficient with only one engineer in the US.
We experienced some challenges due to the ongoing transformation and fusion of McAfee and FireEye, but we are committed to improving response times.
It is web-based and accommodates the expansion of our organization.
Logpoint is scalable and capable of expanding.
We support the largest companies in the world and can cater to large environments.
I have received reports indicating glitches and downtimes with Logpoint.
The availability is high, which is critical for our customers who rely on a single panel of glass to operate.
Dealing with foreign entities for support was a challenge, leading us to switch providers due to lack of adequate support.
Logpoint needs to be cloud-native, as currently, it is not.
We have just released the solutions to the market recently, making it a revolution in the cybersecurity sector.
I rate the pricing at eight, suggesting it's relatively good or affordable.
It is not the cheapest, but also not the most expensive solution.
The UEBA enables us to monitor at the device level, and SOAR provides playbooks and templates that we can modify and incorporate into the platform.
It effectively facilitates logging and log storage and assists in security event management by ingesting security events.
Trellix Helix, as an AI XDR platform, helps our organization by offering an extensive number of connectors for integration, enabling us to consolidate all information in a single dashboard.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Benefits of Logpoint
Some of the benefits of using Logpoint include:
Reviews from Real Users
Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.
The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”
A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”
Trellix Helix Connect is known for its seamless API integration, automation capabilities, and efficient data correlation. It offers robust solutions in email threat prevention and malware detection, catering to cybersecurity needs with a user-friendly query language and extensive connector support.
Trellix Helix Connect integrates incident response, centralized SIEM tasks, and data correlation using native support for FireEye products. It rapidly handles alerts, enhances ticket management, and prevents network attacks. Its XDR platform supports a wide range of environments, providing DDI and IOC feeds for comprehensive data, email, and endpoint security. Users appreciate the deployment and API integration, but improvements in graphical interface and pricing could increase satisfaction. Additional infrastructure enhancements and optimized support can address current challenges resulting from recent mergers.
What are the key features of Trellix Helix Connect?Enterprises utilize Trellix Helix Connect for its ability to manage managed detection and response services, logging, and ransomware/ phishing mitigation. It operates efficiently in restrictive environments, enabling cybersecurity functions in industries requiring robust data, email, and endpoint security strategies.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
