We performed a comparison between LogRhythm UEBA and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"Good capability pinpointing specific cyber incidents."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The tool's most valuable feature is server threat hunting."
"It has a lot of features. It has file integration monitoring."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"Microsoft 365 Defender is simple to upgrade."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"Microsoft 365 Defender is a good solution and easy to use."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The cloud version is lacking and not up to par."
"The search feature needs to be improved."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The UI could be improved a little bit."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The web filtering solution needs to be improved because currently, it is very simple."
"Stability could be improved by avoiding frequent changes to the interface."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The logs could be better."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Microsoft Defender XDR is ranked 6th in Extended Detection and Response (XDR) with 76 reviews. LogRhythm UEBA is rated 7.2, while Microsoft Defender XDR is rated 8.4. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our LogRhythm UEBA vs. Microsoft Defender XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
