• Home
  • Forescout Platform vs. LogRhythm UEBA

Forescout Platform vs LogRhythm UEBA comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
Forescout Logo
Forescout Platform
Read 69 Forescout Platform reviews
462 views|249 comparisons
87% willing to recommend
LogRhythm Logo
LogRhythm UEBA
Read 10 LogRhythm UEBA reviews
533 views|457 comparisons
62% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Forescout Platform vs. LogRhythm UEBA
March 2024
Executive Summary

We performed a comparison between Forescout Platform and LogRhythm UEBA based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Forescout Platform vs. LogRhythm UEBA Report (Updated: March 2024).
Download the complete report
770,394 professionals have used our research since 2012.
Featured Review
Krzysztof Jóźwiak
Helps stop the lateral movement of advanced attacks, provides unified identity and access management
Microsoft Defender XDR provides unified identity and access management. Microsoft Defender XDR can extend beyond to cover more than just Microsoft... Read more →
Peter Gignac
Effective asset management, but user experience and technical support could be improved
The federal government's continuous diagnostics and mitigation programs are the focus of the current project I'm working on. It's one of the tools... Read more →
Anonymous User
The solution makes it easy to monitor users though it needs to improve its UI
It is easy to monitor users and that is how the solution is adding value to our firm.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment.""All of the security components are valuable including, antiphishing, antispam, and stage three antivirus.""The product is very easy to use.""The integration, visibility, vulnerability management, and device identification are valuable.""The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team.""We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing.""The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management.""The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."

More Microsoft Defender XDR Pros →

"The standout strength of this solution lies in its unique capability to effectively manage unmanaged switches.""Forescout Platform is stable, it is great.""The most valuable feature is the blocking of USB devices.""The interface is easy to use.""Provides a good overview of all devices on a network.""This is clearly the best product for the NAC use cases in this field for Forescout.""We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic.""The plugins are very robust -- the ability scanner, patch management system, and SQL integrator."

More Forescout Platform Pros →

"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs.""The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location.""The solution's most valuable features are the graphical user interface and the reporting.""It is easy to monitor users and that is how the solution is adding value to our firm.""Good capability pinpointing specific cyber incidents.""It has a lot of features. It has file integration monitoring.""The tool's most valuable feature is server threat hunting.""The most valuable features are file activity monitoring and registry activity monitoring."

More LogRhythm UEBA Pros →

Cons
"The price should be adjustable by region.""From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it.""Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging.""The tool gives inconsistent answers and crashes a lot.""I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things.""I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."

More Microsoft Defender XDR Cons →

"This solution is not that easy to scale but this depends on a company's needs.""It does not support the TACACS+ protocol.""Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns.""The installation is not secure because it takes high admin privileges.""The solution's customer support is bad and should be improved.""Can be expensive if it's only being used for one feature.""Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting.""Although Forescout manages endpoints and network devices, there is no capability for user management."

More Forescout Platform Cons →

"The search feature needs to be improved.""It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved.""What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product.""The product could be user-friendly for someone who doesn’t have any prior experience working with it.""LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users.""It would be helpful if there were more guidance provided for integrating with unsupported devices.""The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs.""The cloud version is lacking and not up to par."

More LogRhythm UEBA Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "Devices with multiple IP's count multiple times against your license count."
  • "The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access."
  • "We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility."
  • "The ROI is priceless."
  • "It might not be the cheapest solution, but you get what you pay for."
  • "Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money."
  • "The setup cost, pricing, and licensing are on the high side."
  • "Forescout Platform is too expensive, so the price should be reduced."

    • More Forescout Platform Pricing and Cost Advice →

  • "Licensing is on a yearly basis. It's not expensive compared to its competitors."
  • "The pricing is nice when compared to other products in the industry."
  • "As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
  • "It is quite a budget-friendly product."
  • "LogRhythm UEBA's pricing is affordable for small and medium businesses."
  • "I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."

    • More LogRhythm UEBA Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    770,394 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block… more »
    Read all 41 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
    Read all 41 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place… more »
    Read all 41 answers   →
    What do you like most about LogRhythm UserXDR?
    Top Answer:The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective… more »
    Read all 6 answers   →
    What is your experience regarding pricing and costs for LogRhythm UserXDR?
    Top Answer:I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional… more »
    Read all 5 answers   →
    What needs improvement with LogRhythm UserXDR?
    Top Answer:The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use… more »
    Read all 6 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
    LogRhythm UserXDR, LogRhythm Enterprise UEBA
    Learn More
    Microsoft
    Forescout
    LogRhythm
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Forescout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

    Forescout Platform Features

    • Real-time complete visibility: With Forescout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.

    • Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The Forescout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.

    • Intuitive real-time dashboards: Forescout Dashboards, a component of Forescout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.

    • Advanced reporting capabilities: The Forescout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.

    • Comprehensive third-party overview: Forescout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

    Real User Reviews

    An important main feature of Forescout is the visibility the solution offers.

    One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

    Users also appreciate that the user interface is clear and easy to understand.

    An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

    LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
    Information Not Available
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company13%
    Financial Services Firm13%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm17%
    Government12%
    Manufacturing Company10%
    Computer Software Company10%
    VISITORS READING REVIEWS
    Educational Organization29%
    Computer Software Company11%
    Government8%
    Financial Services Firm7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Manufacturing Company8%
    Government8%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business37%
    Midsize Enterprise12%
    Large Enterprise51%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise36%
    Large Enterprise50%
    REVIEWERS
    Small Business40%
    Midsize Enterprise30%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise14%
    Large Enterprise63%
    Buyer's Guide
    Forescout Platform vs. LogRhythm UEBA
    March 2024
    Free Report: Forescout Platform vs. LogRhythm UEBA
    Find out what your peers are saying about Forescout Platform vs. LogRhythm UEBA and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    770,394 professionals have used our research since 2012.

    Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews. Forescout Platform is rated 8.4, while LogRhythm UEBA is rated 7.2. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect. See our Forescout Platform vs. LogRhythm UEBA report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.