LogRhythm UEBA vs Trellix Endpoint Security Platform comparison

LogRhythm and Trellix are both solutions in the Extended Detection and Response (XDR) category. LogRhythm is ranked #25 with an average rating of 7.0, while Trellix is ranked #10 with an average rating of 7.8. LogRhythm holds a 1.0% mindshare in XDR, compared to Trellix’s 3.2% mindshare. Additionally, 55% of LogRhythm users are willing to recommend the solution, compared to 88% of Trellix users who would recommend it.

LogRhythm UEBA

Read 11 LogRhythm UEBA reviews

914 Views
307 Comparison Views

55% willing to recommend

Trellix Endpoint Security P...

Read 158 Trellix Endpoint Security Platform reviews

2,960 Views
1,126 Comparison Views

88% willing to recommend

LogRhythm UEBA

Trellix Endpoint Security P...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 9, 2025

Trellix Endpoint Security Platform and LogRhythm UEBA are leading solutions in the cybersecurity domain, competing in threat management and behavior analytics. Trellix holds the advantage in central management and security integration, while LogRhythm excels in behavioral analysis.

Features: Trellix Endpoint Security Platform is recognized for its Antivirus, Data Loss Prevention, and Drive Encryption. It integrates with ePolicy Orchestrator to provide a unified management experience. LogRhythm UEBA emphasizes behavioral analytics, anomaly detection, and user activity insights, making it ideal for identifying internal security threats.

Room for Improvement: Trellix could improve malware detection and simplify configuration processes for advanced integrations. Reducing resource consumption could enhance user experience. LogRhythm UEBA would benefit from enhancing its dashboard interface and expanding data aggregation capabilities for a more user-friendly experience.

Ease of Deployment and Customer Service: Trellix offers flexible deployment across hybrid and public clouds, catering to various IT environments, but its customer service shows regional variance. LogRhythm UEBA focuses on on-premises deployment with consistent support, preferred by organizations needing strong internal control.

Pricing and ROI: Trellix is on the higher end pricing-wise, justified by its comprehensive suite offering a good return on investment through efficient threat management. Users have noted some price increases over time. LogRhythm UEBA, while expensive in the cloud, offers flexible subscription options, appealing to smaller businesses needing specific modules at a lower cost.

To learn more, read our detailed LogRhythm UEBA vs. Trellix Endpoint Security Platform Report (Updated: April 2025).

Buyer's Guide

LogRhythm UEBA vs. Trellix Endpoint Security Platform

April 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

LogRhythm UEBA

Ranking in Extended Detection and Response (XDR)

25th

Average Rating

7.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (10th)

Trellix Endpoint Security P...

Ranking in Extended Detection and Response (XDR)

10th

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

158

Ranking in other categories

Endpoint Protection Platform (EPP) (9th), Endpoint Detection and Response (EDR) (10th)

Mindshare comparison

As of June 2025, in the Extended Detection and Response (XDR) category, the mindshare of LogRhythm UEBA is 1.0%, up from 0.9% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.2%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Sheikh Abu Ayub Azad

CEO at Trustaira

Great at managing cyber incidents; the technical support could be improved

The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.

Read full review

Abdullah Al Hadi

Information Security Engineer at Nhq Distribution Ltd

Customization capabilities allow clients to autonomously deploy policies

There are a few areas where Trellix Endpoint Security ( /categories/endpoint-protection-platform-epp ) can improve. Firstly, the high CPU utilization when agents are installed can negatively impact client systems. Another issue is with end-users outside the network, where the agent handler sometimes fails to deploy the product properly. Improvements are needed in forensic analytics to detect specific vulnerabilities. It would also help if detection specifics were identified more quickly and the problem-solving process accelerated, especially to meet larger clients' expectations.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features are file activity monitoring and registry activity monitoring."

"I can investigate attacks more quickly using machine learning tools."

"It has a lot of features. It has file integration monitoring."

"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."

"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."

"The solution's most valuable features are the graphical user interface and the reporting."

"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."

"The tool's most valuable feature is server threat hunting."

More LogRhythm UEBA pros

"The setup is not that complex. It takes five to ten minutes to set up."

"The most valuable feature is the centralized console where everything can be controlled by the administration."

"The detection capability of Trellix Endpoint Security is higher than traditional antivirus solutions."

"FireEye Endpoint Security is easy to use and lightweight compared to others."

"The compatibility with a variety of laptops is our biggest advantage."

"Would benefit with the addition of DLP features."

"The product is easy to use."

"Anyone can use it, the protection is good, and they have all of the features."

More Trellix Endpoint Security Platform pros

Cons

"The UI could be improved a little bit."

"The cloud version is lacking and not up to par."

"The product could be user-friendly for someone who doesn’t have any prior experience working with it."

"The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."

"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."

"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."

"In general, if something needs to be improved in the algorithm, it would be the dashboards."

"The search feature needs to be improved."

More LogRhythm UEBA cons

"We'd like better UI on the management screen."

"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."

"The platform needs improvement in terms of handling heavy databases."

"Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself."

"We would like to solution to offer better security."

"If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."

"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."

"McAfee MVISION Endpoint could improve by an overall simplification of the solution."

More Trellix Endpoint Security Platform cons

Pricing and Cost Advice

"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."

"The pricing is nice when compared to other products in the industry."

"LogRhythm UEBA's pricing is affordable for small and medium businesses."

"Licensing is on a yearly basis. It's not expensive compared to its competitors."

"It is quite a budget-friendly product."

"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."

"MVISION is intended as an enterprise product and it is priced like one. This solution is within the price range of competitors at the enterprise level."

"Its price is reasonable, but it could be made free."

"No comment."

"The license costs are very reasonable, around 1,000 to 1,200 rupees per year."

"It is not that expensive. There is no additional cost. We got the entire bundle together."

"It is reasonably priced."

"There is a one-year and a three-year license available for this solution, we are currently on a three-year license."

"It is based on an annual subscription."

More Trellix Endpoint Security Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Manufacturing Company

10%

Real Estate/Law Firm

Educational Organization

29%

Government

11%

Manufacturing Company

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about LogRhythm UserXDR?

The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...

See all answers

What is your experience regarding pricing and costs for LogRhythm UserXDR?

I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.

See all answers

What needs improvement with LogRhythm UserXDR?

In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...

See all answers

How does McAfee Endpoint Security compare with MVISION?

The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...

See all answers

How does Crowdstrike Falcon compare with FireEye Endpoint Security?

The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effective program. Its graphical design is such that it makes an extremely useful too...

See all answers

What do you like most about McAfee Endpoint Security?

It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts.

See all answers

Comparisons

Wazuh vs LogRhythm UEBA

Compared 43% of the time

Darktrace vs LogRhythm UEBA

Compared 20% of the time

Cortex XDR by Palo Alto Networks vs LogRhythm UEBA

Compared 10% of the time

Microsoft Purview Insider Risk Management vs LogRhythm UEBA

Compared 9% of the time

IBM Security QRadar vs LogRhythm UEBA

Compared 6% of the time

More LogRhythm UEBA Competitors

Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform

Compared 17% of the time

CrowdStrike Falcon vs Trellix Endpoint Security Platform

Compared 9% of the time

Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform

Compared 8% of the time

SentinelOne Singularity Complete vs Trellix Endpoint Security Platform

Compared 6% of the time

Kaspersky Endpoint Security for Business vs Trellix Endpoint Security Platform

Compared 5% of the time

More Trellix Endpoint Security Platform Competitors

Product Reports

Buyer's Guide

User Entity Behavior Analytics (UEBA)

June 2025

Download LogRhythm UEBA product report

Buyer's Guide

Trellix Endpoint Security Platform

May 2025

Trellix Endpoint Security Platform report

Download Trellix Endpoint Security Platform product report

Also Known As

LogRhythm UserXDR, LogRhythm Enterprise UEBA

McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)

Overview

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm

Trellix Endpoint Security Platform offers essential features like centralized management, threat prevention, and encryption, facilitating seamless scaling and integration with other systems while prioritizing user security.

This comprehensive platform focuses on endpoint protection, antivirus capabilities, and malware defense. It enhances cybersecurity with data loss prevention, advanced threat detection, and AI-driven features for reliable protection without impacting performance. Central management and advanced reporting streamline integration and ease of use. Flexible policy deployment through the management console and its robust security measures, such as DLP and device control, further increase protection. Challenges include high CPU and memory usage affecting performance, a complex interface, and lengthy deployment. Third-party integration and Windows Hello support need improvement. Additional concerns involve improved threat detection and faster technical support responses.

What are the key features of Trellix Endpoint Security Platform?

Centralized Management: Allows seamless integration and scaling with consistent control across environments.
Threat Prevention: Provides comprehensive antivirus and malware protection to secure systems.
Encryption: Ensures data security with robust encryption techniques.
Advanced Reporting: Facilitates detailed insights and analysis for better decision-making.
AI-Driven Detection: Offers reliable threat detection without impacting system performance.

What benefits should users look for in reviews?

Comprehensive Protection: Offers extensive security measures for protecting digital environments.
Ease of Integration: Simplifies the process of incorporating into current systems and processes.
Flexible Policy Deployment: Supports adaptable policy management to meet diverse requirements.
Scalability: Enables growth while maintaining efficiency and security.
Robust Security Features: Provides advanced security measures like DLP and device control.

Trellix Endpoint Security Platform is widely implemented in industries such as banking and government for securing mobile and desktop devices. Its capabilities cover network security, device control, and remote access protection, catering to diverse environments by offering robust cybersecurity management against advanced threats.

Trellix

Sample Customers

Information Not Available

inHouseIT, Seagate Technology

Buyer's Guide

LogRhythm UEBA vs. Trellix Endpoint Security Platform

April 2025

Free Report: LogRhythm UEBA vs. Trellix Endpoint Security Platform

Find out what your peers are saying about LogRhythm UEBA vs. Trellix Endpoint Security Platform and other solutions. Updated: April 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our LogRhythm UEBA vs. Trellix Endpoint Security Platform report.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.