We performed a comparison between Cisco SecureX and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"Microsoft 365 Defender is simple to upgrade."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Its most significant advantage lies in its affordability."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"Integrates well with our existing security infrastructure."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"The automation and orchestration tools are the most valuable features."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"I like that the solution is on top of the Kubernetes stack."
"The MITRE ATT&CK correlation is most valuable."
"Wazuh is simple to use for PCI compliance."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"The product’s interface is intuitive."
"It offers built-in modules for file integrity and vulnerability management."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"At times, there may be delays in the execution of certain actions and their effects."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The management and automation of the cloud apps have room for improvement."
"The price should be adjustable by region."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"Remediation stuff could be integrated into the product's automation."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"Enhancing automation capabilities could further improve the product."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"The computing resources are consuming and do not make sense."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Integration with Vyara could be better."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"The only challenge we faced with Wazuh was the lack of direct support."
"The tool does not provide CTI to monitor darknet."
Cisco SecureX is ranked 13th in Extended Detection and Response (XDR) with 13 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cisco SecureX is rated 9.0, while Wazuh is rated 7.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cisco SecureX is most compared with Trend Vision One, Cortex XDR by Palo Alto Networks, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Cisco SecureX vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.