Try our new research platform with insights from 80,000+ expert users

LogRhythm UEBA vs Microsoft Defender XDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

LogRhythm UEBA
Ranking in Extended Detection and Response (XDR)
27th
Average Rating
7.2
Number of Reviews
10
Ranking in other categories
User Entity Behavior Analytics (UEBA) (13th)
Microsoft Defender XDR
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
89
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Microsoft Security Suite (2nd)
 

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of LogRhythm UEBA is 1.3%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender XDR is 10.2%, up from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Sheikh Abu Ayub Azad - PeerSpot reviewer
Sep 16, 2022
Great at managing cyber incidents; the technical support could be improved
We have the standard use cases for this product including monitoring of any kind. I'm the company CEO and we are partners with LogRhythm.  The capability of pinpointing specific cyber incidents is a valuable feature for us. It's very good in correlation and it can pinpoint exactly what happened in…
Desray Liu - PeerSpot reviewer
Nov 28, 2023
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"Good capability pinpointing specific cyber incidents."
"The tool's most valuable feature is server threat hunting."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"It has a lot of features. It has file integration monitoring."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The product is very easy to use."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
 

Cons

"The search feature needs to be improved."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The cloud version is lacking and not up to par."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The UI could be improved a little bit."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"Advanced attacks could use an improvement."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The support could be more knowledgable to improve their offering."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
 

Pricing and Cost Advice

"LogRhythm UEBA's pricing is affordable for small and medium businesses."
"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
"The pricing is nice when compared to other products in the industry."
"Licensing is on a yearly basis. It's not expensive compared to its competitors."
"It is quite a budget-friendly product."
"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."
"The price of the solution is high compared to others and we have lost some customers because of it."
"I believe that the pricing of the licensing is fair."
"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."
"It is 15 dollars per server per month. It is worth it, but it can be costly. It depends on the company's size."
"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."
"I believe the pricing is fair and acceptable. I consider it to be reasonable and satisfactory."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Manufacturing Company
10%
Financial Services Firm
9%
Government
9%
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about LogRhythm UserXDR?
The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
What is your experience regarding pricing and costs for LogRhythm UserXDR?
I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
What needs improvement with LogRhythm UserXDR?
The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as othe...
What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
 

Also Known As

LogRhythm UserXDR, LogRhythm Enterprise UEBA
Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
 

Overview

 

Sample Customers

Information Not Available
Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Find out what your peers are saying about LogRhythm UEBA vs. Microsoft Defender XDR and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.