We performed a comparison between Trellix Endpoint Security and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the network security."
"I have found the ability to delete unwanted threats beneficial."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"Microsoft 365 Defender is simple to upgrade."
"The integration between all the Defender products is the most valuable feature."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"Microsoft 365 Defender is a stable solution."
"We like the management of the ePO, and we like the management console."
"A big advantage of McAfee Endpoint Security is the ability to manage very big environments. We are supporting environments with 200,000 to 300,000 endpoints. The ability to manage with one single console is very important for us. McAfee has phenomenally improved in terms of detection. It provides real-time detection and response with the error, Real Protect, and reputations. It is not only based on signatures but also on behavior analytics, artificial intelligence, or machine learning. We have environments that never had issues with ransomware in the last 20 years. McAfee has a very good performance in this field."
"The loss prevention feature would be the most valuable."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"I have found many of the features to be useful."
"The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us."
"It can be deployed quickly, and it's scalable. Those are the two advantages of it."
"This is a good solution for antivirus and malware protection."
"The most valuable features are the modules and metrics."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh has very flexible and robust features."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"We should be able to use the product on devices like Apple, Linux, etc."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
"We’re facing remote installation issues sometimes:"
"The solution could provide open XDR in addition to EDR."
"Its pricing needs to be improved."
"The interface is complex."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
"It would be great if there could be customization for the decoder portion."
"A lack of certain features creates limitations."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"The implementation is very complex."
"Wazuh is missing many things that a typical SIEM should have."
"There could be a hardware monitoring tool for the solution."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Trellix Endpoint Security is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Security vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.