• Home
  • Logpoint vs. Trellix ESM

Logpoint vs Trellix ESM comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
Logpoint Logo
Logpoint
Read 20 Logpoint reviews
2,751 views|1,182 comparisons
88% willing to recommend
Trellix Logo
Trellix ESM
Read 34 Trellix ESM reviews
3,603 views|1,525 comparisons
76% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Logpoint vs. Trellix ESM
March 2024
Executive Summary

We performed a comparison between Logpoint and Trellix ESM based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Logpoint vs. Trellix ESM Report (Updated: March 2024).
Download the complete report
769,334 professionals have used our research since 2012.
Featured Review
Santhosh I
Helps prioritize threats and decreases time to detect and time to respond.
The solution improved our organization in a few ways. The key one is the cloud layer of integrations. When we were on-premises with SAP monitoring... Read more →
Johannes Kresse
Improves security, offers insightful technical support, and has attractive pricing
It improves security. You have more oversight of security incidents and everything that's wrong with the infrastructure you can see in LogPoint if... Read more →
Daniel Durian
Provides visibility of all the traffic within the company infrastructure
It provides threat monitoring from the Internet and if there is malicious activity on the end-point, the ESM can provide us what host is affected.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""One of the most valuable features of Microsoft Sentinel is that it's cloud-based.""It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment.""Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources.""The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."

More Microsoft Sentinel Pros →

"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets.""The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined.""The solution's most valuable aspect is the combination of the software and the support that they have.""Technical support is responsive and very friendly.""The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs.""The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform.""The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report.""The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."

More Logpoint Pros →

"The most valuable feature in ESM is its search and reporting feature. It's really nice.""It is easy to use and deploy. It comes with user-friendly manuals.""I like the ease of deployment.""Compared to other solutions, the user interface is good.""It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself.""It is user-friendly. The notification part of McAfee ESM is very easy.""I rate the tool's deployment an eight out of ten. The deployment is completed in two days.""The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."

More Trellix ESM Pros →

Cons
"The playbook is a bit difficult and could be improved.""I would like to see more AI used in processes.""I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used.""If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have.""Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field.""It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more.""Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."

More Microsoft Sentinel Cons →

"Sometimes, the product is not stable.""In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved.""Dashboards could be developed further.""It is complicated to collect daily logs from other systems.""LogPoint must find a way to integrate the servers without agents.""We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement.""The interface needs things like wizards that will assist with creating complex correlation rules.""The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."

More Logpoint Cons →

"Product-wise, adding accounts on a single data source by batch would be a really great help.""I would like to see improvements to the user interface.""McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made.""Product currently requires Flash.""The only drawback is that they don't have any packet capturing or network behavior analysis.""Tech support is required each time there is a system update of the solution.""We acquired the IBM product because McAfee is slightly confusing to use, and it's broader.""There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."

More Trellix ESM Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."
  • "Our licensing fees are about $10,000 USD per month, which I think is fair."
  • "It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
  • "LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
  • "It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
  • "It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
  • "My company used to pay for LogPoint costs annually. It's a cost-effective solution. I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had."
  • "It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."

    • More Logpoint Pricing and Cost Advice →

  • "You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
  • "We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
  • "The cost is dependent on the customer's environment and requirements."
  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We renew our license annually."
  • "McAfee is the right choice for a low-budget solution."
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

    • More Trellix ESM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    769,334 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about LogPoint?
    Top Answer:The solution is user-friendly.
    Read all 19 answers   →
    What is your experience regarding pricing and costs for LogPoint?
    Top Answer:The product should provide a perpetual license.
    Read all 14 answers   →
    What needs improvement with LogPoint?
    Top Answer:Logpoint is not flexible. Its documentation is not user-friendly.
    Read all 19 answers   →
    What do you like most about McAfee ESM?
    Top Answer:The solution's technical support is great.
    Read all 22 answers   →
    What is your experience regarding pricing and costs for McAfee ESM?
    Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should… more »
    Read all 16 answers   →
    What needs improvement with McAfee ESM?
    Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed… more »
    Read all 20 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
    Learn More
    Microsoft
    Logpoint
    Trellix
    Video Not Available
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs. 

    Benefits of Logpoint

    Some of the benefits of using Logpoint include:

    • Unifies data logs: Logpoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.
    • Intuitive solution design: Logpoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. Logpoint’s UI is simple enough that users can utilize it without undergoing extensive training. 
    • Highly flexible: Logpoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment. 
    • Simple role-based access security: Logpoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors. 

    Reviews from Real Users

    Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up. 

    The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

    A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

    Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
    San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Government27%
    Comms Service Provider18%
    Computer Software Company18%
    Financial Services Firm18%
    VISITORS READING REVIEWS
    Educational Organization60%
    Computer Software Company8%
    Comms Service Provider5%
    Manufacturing Company3%
    REVIEWERS
    Financial Services Firm25%
    Government15%
    Computer Software Company10%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Educational Organization70%
    Computer Software Company5%
    Government4%
    Financial Services Firm4%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business62%
    Midsize Enterprise14%
    Large Enterprise24%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise65%
    Large Enterprise19%
    REVIEWERS
    Small Business29%
    Midsize Enterprise15%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise74%
    Large Enterprise18%
    Buyer's Guide
    Logpoint vs. Trellix ESM
    March 2024
    Free Report: Logpoint vs. Trellix ESM
    Find out what your peers are saying about Logpoint vs. Trellix ESM and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    769,334 professionals have used our research since 2012.

    Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Logpoint is rated 7.4, while Trellix ESM is rated 7.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and LogRhythm SIEM, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Splunk Enterprise Security and SQRRL. See our Logpoint vs. Trellix ESM report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.