We performed a comparison between Mandiant Advantage and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The integration between all the Defender products is the most valuable feature."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"Wazuh has very flexible and robust features."
"It is a stable solution."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"It offers built-in modules for file integrity and vulnerability management."
"The main thing I like about it is that it has an EDR."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The web filtering solution needs to be improved because currently, it is very simple."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"While it is scalable, it can suffer from reduced latencies."
"We would like to see more improvements on the cloud."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"The tool doesn't detect anomalies or new environments."
"It would be great if there could be customization for the decoder portion."
Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Mandiant Advantage is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Cymulate, Microsoft Defender External Attack Surface Management and IBM Security Randori Recon, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Mandiant Advantage vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.