We performed a comparison between Microsoft Defender for Cloud and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"PingSafe offers comprehensive security posture management."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"It's got a lot of great features."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"The product’s interface is intuitive."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The tool is stable."
"It has efficient SCA capabilities."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"I used to work on AWS. At times, I would generate a normal bug in my system, and then I would check PingSafe. The alert used to come after about three and a half hours. It used to take that long to generate the alert about the vulnerability in my system. If a hacker attacks a system and PingSafe takes three to four hours to generate an alert, it will not be beneficial for the company. It would be helpful if we get the alert in five to ten minutes."
"Bugs need to be disclosed quickly."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"I would like additional integrations."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"We can customize security policies but lack auditing capabilities."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"I would like to have the ability to customize executive reporting."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"They could always work to make the pricing a bit lower."
"The only challenge we faced with Wazuh was the lack of direct support."
"Since it's an open-source tool, scalability is the main issue."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"Some features, like alerting, are complex with Wazuh."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"The computing resources are consuming and do not make sense."
"Its configuration process is time-consuming."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
More Singularity Cloud Security by SentinelOne Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Microsoft Defender for Cloud is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Trend Vision One - Cloud Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and SentinelOne Singularity Complete. See our Microsoft Defender for Cloud vs. Wazuh report.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
