LogRhythm UEBA vs Vectra AI comparison

Read 42 Vectra AI reviews

5,269 Views
2,637 Comparison Views

97% willing to recommend

LogRhythm UEBA

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Vectra AI and LogRhythm UEBA are competing products in the cybersecurity domain. Vectra AI seems to have the upper hand in user satisfaction with features and deployment ease, while LogRhythm UEBA shines in pricing and ROI benefits.

Features: Vectra AI offers advanced threat detection powered by AI, efficient automation, and real-time threat response. LogRhythm UEBA provides robust analytics, comprehensive incident response, and detailed reporting functions.

Room for Improvement: Vectra AI users suggest improving usability, adding better integration capabilities, and enhancing interface design. LogRhythm UEBA users highlight the need for performance upgrades, improved interface, and faster processing speeds.

Ease of Deployment and Customer Service: Vectra AI is noted for straightforward deployment and effective customer support, ensuring a smooth setup. LogRhythm UEBA offers flexible deployment models but faces challenges in deployment speed and support response times.

Pricing and ROI: Vectra AI is known for competitive setup costs with a satisfactory ROI. LogRhythm UEBA, though initially more expensive, provides a positive ROI over time, making it a valuable investment for users with its extensive features.

To learn more, read our detailed LogRhythm UEBA vs. Vectra AI Report (Updated: October 2024).

LogRhythm UEBA vs. Vectra AI

Download the complete report

Helped 814,763 peers since 2012

Categories and Ranking

LogRhythm UEBA

Ranking in Extended Detection and Response (XDR)

27th

Average Rating

7.2

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (13th)

Vectra AI

Ranking in Extended Detection and Response (XDR)

9th

Average Rating

8.6

Number of Reviews

Ranking in other categories

Intrusion Detection and Prevention Software (IDPS) (2nd), Network Detection and Response (NDR) (2nd), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)

Featured Reviews

Sheikh Abu Ayub Azad

CEO at Trustaira

Sep 16, 2022

Great at managing cyber incidents; the technical support could be improved

We have the standard use cases for this product including monitoring of any kind. I'm the company CEO and we are partners with LogRhythm. The capability of pinpointing specific cyber incidents is a valuable feature for us. It's very good in correlation and it can pinpoint exactly what happened in…

Read full review

Tony Whelton

Director IT at Wellington College

Mar 7, 2023

Integrates well with other security solutions and provides good technical support

The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution's most valuable features are the graphical user interface and the reporting."

"The tool's most valuable feature is server threat hunting."

"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."

"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."

"It is easy to monitor users and that is how the solution is adding value to our firm."

"The most valuable features are file activity monitoring and registry activity monitoring."

"Good capability pinpointing specific cyber incidents."

"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."

More LogRhythm UEBA pros

"What I like best about Vectra AI is that it alerts you about suspicious activities."

"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."

"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."

"The core product provides excellent visibility, but my favorite feature is Vectra Recall."

"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."

"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."

"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."

"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."

More Vectra AI pros

Cons

"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."

"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."

"The cloud version is lacking and not up to par."

"The product could be user-friendly for someone who doesn’t have any prior experience working with it."

"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."

"The search feature needs to be improved."

"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."

"It would be helpful if there were more guidance provided for integrating with unsupported devices."

More LogRhythm UEBA cons

"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."

"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."

"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."

"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."

"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."

"The false positives and the tuning side of it is something that could use improvement. But that could be from our side."

"Other alternatives, like Darktrace, have a fancier UI."

"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."

More Vectra AI cons

Pricing and Cost Advice

"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."

"Licensing is on a yearly basis. It's not expensive compared to its competitors."

"It is quite a budget-friendly product."

"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."

"LogRhythm UEBA's pricing is affordable for small and medium businesses."

"The pricing is nice when compared to other products in the industry."

"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."

"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."

"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."

"Vectra AI's pricing is cheaper than that of Darktrace."

"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."

"Vectra AI is not a cheap solution."

"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."

"The pricing is high."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

814,763 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

20%

Manufacturing Company

10%

Financial Services Firm

Government

Computer Software Company

17%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about LogRhythm UserXDR?

The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...

What is your experience regarding pricing and costs for LogRhythm UserXDR?

I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.

What needs improvement with LogRhythm UserXDR?

The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as othe...

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

The licensing is on annual basis.

Darktrace vs LogRhythm UEBA

Comparisons

Wazuh vs LogRhythm UEBA

Compared 46% of the time

Compared 18% of the time

CrowdStrike Falcon vs LogRhythm UEBA

Compared 11% of the time

Microsoft Purview Insider Risk Management vs LogRhythm UEBA

Compared 5% of the time

Cortex XDR by Palo Alto Networks vs LogRhythm UEBA

Compared 4% of the time

More LogRhythm UEBA Competitors

Darktrace vs Vectra AI

Compared 35% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 12% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Arista NDR vs Vectra AI

Compared 5% of the time

Corelight vs Vectra AI

Compared 5% of the time

More Vectra AI Competitors

Product Reports

User Entity Behavior Analytics (UEBA)

Download LogRhythm UEBA product report

Download Vectra AI product report

Also Known As

LogRhythm UserXDR, LogRhythm Enterprise UEBA

Vectra Networks, Vectra AI NDR

Learn More

LogRhythm

Overview

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

Information Not Available

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association

LogRhythm UEBA vs. Vectra AI