We performed a comparison between Trellix Endpoint Security and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Its most significant advantage lies in its affordability."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"I have found the ability to delete unwanted threats beneficial."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"Initially, the DLP was very valuable for disabling access to USB drives."
"I have found many of the features to be useful."
"The most valuable features are the adaptive tech on McAfee."
"It has been protecting us for many years, and we hope it will continue to do so for many years to come."
"It's quite easy to install agents."
"The endpoint protection and disk encryption features are the most valuable."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"The user behavioral analysis feature is great."
"Its cost-effectiveness is the most valuable aspect."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"It offers built-in modules for file integrity and vulnerability management."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"The tool is stable."
"Wazuh has very flexible and robust features."
"Wazuh is simple to use for PCI compliance."
"The MITRE ATT&CK correlation is most valuable."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The solution does not offer a unified response and standard data."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"The initial setup is complex. It is a very complex product. You must have experience with it."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"It would be nice if the solution was a bit more stable."
"The management console is a little bit difficult to understand for admins. You need a lot of time in order to become familiar with that. It is a little bit complicated and not too easy to understand. Its price can also be improved. Its price is higher than its competitors. McAfee also needs to have better cloud integration and more data centers in the EU. The cloud center should be in Europe or in Germany. In Germany, it is really important to have access to your data within the same country. Customer data needs to be placed and processed in the same country."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"A lack of certain features creates limitations."
"The computing resources are consuming and do not make sense."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"The implementation is very complex."
"The only challenge we faced with Wazuh was the lack of direct support."
Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Trellix Endpoint Security is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Security vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.