Forescout Platform vs Wazuh comparison

Read 43 Wazuh reviews

15,448 Views
8,999 Comparison Views

78% willing to recommend

Forescout Platform

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Forescout Platform and Wazuh compete in the cybersecurity software category. Wazuh appears to have the upper hand due to its comprehensive feature set and cost-effectiveness.

Features: Forescout provides robust asset management, compliance capabilities, and network visibility. Wazuh offers open-source flexibility, customization, and versatile security monitoring with log analysis.

Room for Improvement: Forescout can improve API integration, cloud functionality, and complexity in operations. Wazuh requires enhanced user documentation, better integration ease, and broader accessibility.

Ease of Deployment and Customer Service: Forescout's deployment is thorough but complex, requiring support, while providing swift customer service. Wazuh has a straightforward deployment and community-driven support model that aids tech-savvy users.

Pricing and ROI: Forescout's pricing reflects a comprehensive feature set with significant ROI but requires a substantial initial investment. Wazuh provides cost-effective security as an open-source platform, appealing to budget-conscious buyers.

To learn more, read our detailed Forescout Platform vs. Wazuh Report (Updated: October 2024).

Forescout Platform vs. Wazuh

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

Forescout Platform

Ranking in Extended Detection and Response (XDR)

16th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Network Access Control (NAC) (4th), IoT Security (1st), Endpoint Compliance (4th)

Wazuh

Ranking in Extended Detection and Response (XDR)

4th

Average Rating

7.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (2nd), Security Information and Event Management (SIEM) (3rd)

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of Forescout Platform is 0.7%, up from 0.4% compared to the previous year. The mindshare of Wazuh is 11.2%, up from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Odai Halawani

Sr. Security Engineer at Topvision

May 27, 2024

It's an easy and effective solution, especially for device profiling without agents

Forescout Platform works as our next-gen solution, helping us monitor and manage devices connected or disconnected from the network. Additionally, it assists in remediating noncompliant devices Forescout Platform's most valuable aspect is its excellent device profiling for devices without agents,…

Read full review

SyedAli17

Confidential at PTA

Sep 25, 2023

Has excellent scalability when deployed on Azure

We primarily use Wazuh for internal security monitoring to ensure the safety of our organization's internal systems. We have two specific requirements: first, we use it to monitor our internal operations, which is essential for general security purposes. Second, we rely on Wazuh to manage the…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is the blocking of USB devices."

"The most valuable feature of the Forescout Platform it's highly customizable and flexible."

"The plugins are very robust -- the ability scanner, patch management system, and SQL integrator."

"The Forescout Platform's most valuable features include its agentless configuration, which allows for easy integration with switches, and its broad customizability of rules and conditions for policy configuration. By leveraging its Network Access Control capabilities, the tool controls network access, allowing administrators to enforce policies tailored to the organization's needs."

"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."

"The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability."

"The most valuable features of the Forescout Platform are NAC for sharing, Network Access Control, and port sharing of the devices."

"It has helped with improving our security posture in terms of controlling the access of rogue devices into our network through identification. We have been able to prevent rogue device activities on the network, check the health of the system, and ensure remediation."

More Forescout Platform pros

"If they support a solution, it is easy to do an integration."

"The configuration assessment and Pile integrity monitoring features are decent."

"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."

"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."

"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."

"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."

"Wazuh is simple to use for PCI compliance."

"Wazuh offers an enhanced HDR version that outperforms its competitors."

More Wazuh pros

Cons

"Forescout Platform sometimes returns false positives, so there's some fine-tuning to be done there."

"The initial setup was complex."

"The solution could always improve by adding more features to make it more robust."

"Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used."

"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."

"When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies."

"They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment."

"The biggest disadvantage is the pricing."

More Forescout Platform cons

"I want more support for regional compliance standards to serve my ANZ region customers better."

"There could be a hardware monitoring tool for the solution."

"While it is scalable, it can suffer from reduced latencies."

"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."

"Wazuh currently fails to provide its users with AI and ML."

"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."

"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."

"So far, the recent updates have addressed most challenges we previously faced."

More Wazuh cons

Pricing and Cost Advice

"The setup cost, pricing, and licensing are on the high side."

"It is expensive because you have to pay for their CSM, the customer's access manager, and their professional services on top of that, and they charge you roughly $400 per hour, which is overhead."

"The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access."

"We might have paid in the ballpark of $20,000 yearly for our licenses. I do not recall there being other fees over and above the standard licensing fee."

"Forescout Platform is on the expensive side."

"The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license."

"There are no additional costs that I am aware of."

"I would rate Forescout Platform's pricing as four out of five."

More Forescout Platform pricing and cost advice

"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."

"We use the free version of Wazuh."

"Wazuh is a cheaply priced product."

"The product is cheaper compared to other tools."

"Wazuh is an open-source tool, which means it is freely available for use."

"There is not a license required for Wazuh."

"Wazuh is not an expensive solution."

"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."

More Wazuh pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

32%

Computer Software Company

10%

Financial Services Firm

Government

Computer Software Company

16%

University

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What advice do you have for others considering Forescout Platform?

Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unauthorized devices very quickly. But it has a lot of capabilities and really would...

What advice do you have for others considering Forescout Platform?

I would rate the Forescout Device and Visibility Control Platform at a six out of ten.

What advice do you have for others considering Forescout Platform?

I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. That's the main recommendation is to do a proof of concept. If they do, they will...

What do you like most about Wazuh?

Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.

What needs improvement with Wazuh?

Wazuh doesn't have native support for some enterprise solutions. It requires an agent installed on the server, whether Windows Server or Linux, to collect logs. While you can gather information via...

What is your primary use case for Wazuh?

My company specializes in providing SIEM as a service. We leverage Wazoo for that. Since Wazoo is open-source, I hosted it on Azure. We provide Wazuh as a service to our customers. Currently, we ha...

Cisco Identity Services Engine (ISE) vs Forescout Platform

Comparisons

Compared 30% of the time

Aruba ClearPass vs Forescout Platform

Compared 20% of the time

Fortinet FortiNAC vs Forescout Platform

Compared 14% of the time

Nozomi Networks vs Forescout Platform

Compared 6% of the time

Armis vs Forescout Platform

Compared 3% of the time

More Forescout Platform Competitors

Security Onion vs Wazuh

Compared 16% of the time

AlienVault OSSIM vs Wazuh

Compared 10% of the time

Elastic Security vs Wazuh

Compared 9% of the time

Elastic Stack vs Wazuh

Compared 7% of the time

Splunk Enterprise Security vs Wazuh

Compared 6% of the time

More Wazuh Competitors

Product Reports

Download Forescout Platform product report

Forescout Platform

November 2024

Download Wazuh product report

October 2024

Also Known As

Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT

No data available

Learn More

Forescout

Overview

Forescout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

Forescout Platform Features

Real-time complete visibility: With Forescout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.
Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The Forescout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.
Intuitive real-time dashboards: Forescout Dashboards, a component of Forescout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.
Advanced reporting capabilities: The Forescout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.
Comprehensive third-party overview: Forescout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

Real User Reviews

An important main feature of Forescout is the visibility the solution offers.

One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

Users also appreciate that the user interface is clear and easy to understand.

An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
Wazuh manages the agents, can analyze agent data, and can scale horizontally.
Elastic Stack is where alerts are indexed and stored.

Wazuh Capabilities

Some of Wazuh’s most notable capabilities include:

Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.
Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.
Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.
Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.
Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.
Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.
Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.
Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

Wazuh Benefits

Some of the most valued benefits of Wazuh include:

No vendor lock-in
No license costs
Uses lightweight, multi-platform agents
Free community support

Wazuh Offers

Annual support and maintenance
Assistance with deployment and configuration
Training and instructional hands-on courses

Reviews From Real Users

"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

“The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

Sample Customers

NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust

Information Not Available