We performed a comparison between Symantec XDR and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The most valuable aspect is undoubtedly the exploration capability"
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"You can advise the solution and protect your environment."
"The product’s interface is intuitive."
"It's stable."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"The product is easy to customize."
"It has efficient SCA capabilities."
"The most valuable features are the modules and metrics."
"It offers built-in modules for file integrity and vulnerability management."
"Intrusion detection and prevention would be great to have with 365 Defender."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The price should be adjustable by region."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The solution does not offer a unified response and standard data."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The solution should have better reporting."
"Since it's an open-source tool, scalability is the main issue."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"The tool doesn't detect anomalies or new environments."
"The computing resources are consuming and do not make sense."
Symantec XDR is ranked 26th in Extended Detection and Response (XDR) with 1 review while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Symantec XDR is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Symantec XDR writes "A scalable and stable solution with straightforward deployment". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Symantec XDR is most compared with , whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.