We performed a comparison between Trend Vision One and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The threat intelligence is excellent."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The product is very easy to use."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The summarization of emails is a valuable feature."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The automatic EDR system that notifies us when something is wrong is valuable."
"We are very impressed with the single pane of glass visibility that Trend Micro XDR provides."
"It helps us with investigations."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"We've found the pricing to be reasonable."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"The solution is stable."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"The main thing I like about it is that it has an EDR."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The product is easy to customize."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Wazuh has very flexible and robust features."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The data recovery and backup could be improved."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The price should be adjustable by region."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"I think that continued optimization of the environment towards automation and orchestration, a kind of layer that sits underneath all of the technologies, would be extremely important."
"While the continuous addition of features is commendable, the sheer volume of changes makes it difficult to stay abreast of the latest developments."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"Integration with Vyara could be better."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The computing resources are consuming and do not make sense."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Trend Vision One is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Kaspersky Endpoint Detection and Response Expert, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and SentinelOne Singularity Complete. See our Trend Vision One vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.