We performed a comparison between Forescout Platform and LogRhythm UEBA based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The product is very easy to use."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The standout strength of this solution lies in its unique capability to effectively manage unmanaged switches."
"Forescout Platform is stable, it is great."
"The most valuable feature is the blocking of USB devices."
"The interface is easy to use."
"Provides a good overview of all devices on a network."
"This is clearly the best product for the NAC use cases in this field for Forescout."
"We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic."
"The plugins are very robust -- the ability scanner, patch management system, and SQL integrator."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The solution's most valuable features are the graphical user interface and the reporting."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"Good capability pinpointing specific cyber incidents."
"It has a lot of features. It has file integration monitoring."
"The tool's most valuable feature is server threat hunting."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The price should be adjustable by region."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The tool gives inconsistent answers and crashes a lot."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"This solution is not that easy to scale but this depends on a company's needs."
"It does not support the TACACS+ protocol."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"The installation is not secure because it takes high admin privileges."
"The solution's customer support is bad and should be improved."
"Can be expensive if it's only being used for one feature."
"Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting."
"Although Forescout manages endpoints and network devices, there is no capability for user management."
"The search feature needs to be improved."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The cloud version is lacking and not up to par."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews. Forescout Platform is rated 8.4, while LogRhythm UEBA is rated 7.2. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect. See our Forescout Platform vs. LogRhythm UEBA report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.