We performed a comparison between Cybereason XDR and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The product integrates security into one tool instead of having third-party security tools."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The threat intelligence is excellent."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The integration, visibility, vulnerability management, and device identification are valuable."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"I like that the solution is on top of the Kubernetes stack."
"The MITRE ATT&CK correlation is most valuable."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"The support team is not competent or responsive."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Just like in any solution, the price can always be cheaper."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The logs could be better."
"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"The tool does not provide CTI to monitor darknet."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"We would like to see more improvements on the cloud."
"The only challenge we faced with Wazuh was the lack of direct support."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
"Since it's an open-source tool, scalability is the main issue."
"The tool doesn't detect anomalies or new environments."
Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cybereason XDR is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cybereason XDR is most compared with Cortex XDR by Palo Alto Networks, Cynet and Trend Vision One, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Cybereason XDR vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.