We performed a comparison between CrowdStrike Falcon and LogRhythm UEBA based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The unified view of the threat landscape on a central dashboard is the most valuable feature."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The most valuable aspect is undoubtedly the exploration capability"
"The most valuable feature is the network security."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The initial setup was straightforward."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"Falcon's best feature is its detection and blocking of threats."
"I like the feature called RTC, the remote time connector."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"Good capability pinpointing specific cyber incidents."
"It has a lot of features. It has file integration monitoring."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The tool's most valuable feature is server threat hunting."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The support could be more knowledgable to improve their offering."
"There could be a way to proactively monitor unusual activity ."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"This solution could be improved with greater scope for admins to make changes to the solution."
"Forensic controls have room for improvement."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"The management of the solution could improve."
"They respond quickly on the weekdays, but the weekend response times are slower."
"The performance could be better."
"We'd like to see more integration capabilities."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The UI could be improved a little bit."
"The cloud version is lacking and not up to par."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The search feature needs to be improved."
CrowdStrike Falcon is ranked 2nd in Extended Detection and Response (XDR) with 104 reviews while LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews. CrowdStrike Falcon is rated 8.6, while LogRhythm UEBA is rated 7.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas LogRhythm UEBA is most compared with Wazuh, Darktrace, Trend Micro Deep Discovery, Aruba IntroSpect and Microsoft Defender for Identity. See our CrowdStrike Falcon vs. LogRhythm UEBA report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
