We performed a comparison between LogRhythm UEBA and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The tool's most valuable feature is server threat hunting."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"The solution's most valuable features are the graphical user interface and the reporting."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The most valuable features are file activity monitoring and registry activity monitoring."
"Good capability pinpointing specific cyber incidents."
"It has a lot of features. It has file integration monitoring."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"Scaling is not a problem at all."
"The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"We've found the pricing to be reasonable."
"The setup is fairly simple."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The management and automation of the cloud apps have room for improvement."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The web filtering solution needs to be improved because currently, it is very simple."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Sometimes, configurations take much longer than expected."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The cloud version is lacking and not up to par."
"The search feature needs to be improved."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The UI could be improved a little bit."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"They should increase their potential for third-party integrations."
"The price could be lower."
"The support should be improved."
"The information captured by Trend Vision One needs to be more detailed."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. LogRhythm UEBA is rated 7.2, while Trend Vision One is rated 8.6. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Microsoft Purview Insider Risk Management and Trend Micro Deep Discovery, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks. See our LogRhythm UEBA vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.