We performed a comparison between LogRhythm UEBA and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender is simple to upgrade."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The integration with other Microsoft solutions is the most valuable feature."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The integration between all the Defender products is the most valuable feature."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The tool's most valuable feature is server threat hunting."
"The solution's most valuable features are the graphical user interface and the reporting."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"It has a lot of features. It has file integration monitoring."
"We can scale the product as needed."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"VisionOne offers a clear window into the security posture of our endpoints."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"We've found the pricing to be reasonable."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"XDR provided a much more deep view into what is actually happening."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Stability could be improved by avoiding frequent changes to the interface."
"The tool gives inconsistent answers and crashes a lot."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The mobile app support for Android and iOS is difficult and needs improvement."
"The UI could be improved a little bit."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The cloud version is lacking and not up to par."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The search feature needs to be improved."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"It would be ideal if they could improve the control of connectivity between sensors."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"The price could be lower."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"The centralized dashboard has room for improvement."
"There isn't a lot I'd do to change it. The web interface could be improved to sort of make it a little easier to manage multiple clients out of one location. It could also be made a bit easier to sort of manage the licensing side of it."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"We'd like to see a few more integrations."
LogRhythm UEBA is ranked 22nd in Extended Detection and Response (XDR) with 10 reviews while Trend Vision One is ranked 5th in Extended Detection and Response (XDR) with 42 reviews. LogRhythm UEBA is rated 7.2, while Trend Vision One is rated 8.6. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Secureworks Taegis XDR, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and Fortinet FortiEDR. See our LogRhythm UEBA vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
