We performed a comparison between Microsoft Defender XDR and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The integration with other Microsoft solutions is the most valuable feature."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Microsoft Defender XDR is scalable."
"The product’s interface is intuitive."
"Its cost-effectiveness is the most valuable aspect."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The most valuable features are the modules and metrics."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"The main thing I like about it is that it has an EDR."
"It's stable."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The solution does not offer a unified response and standard data."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"We should be able to use the product on devices like Apple, Linux, etc."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Since it's an open-source tool, scalability is the main issue."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"There could be a hardware monitoring tool for the solution."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 78 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Microsoft Defender XDR is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Trend Vision One and Microsoft Sentinel, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Microsoft Defender XDR vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.