We performed a comparison between Cybereason XDR and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The product is very easy to use."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The solution has an investigation feature, which is useful for building storylines."
"Cybereason XDR's most useful feature is the investigation."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"It is a stable solution."
"The main thing I like about it is that it has an EDR."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"The tool is stable."
"Good for monitoring, active response, and for vulnerabilities."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The tool gives inconsistent answers and crashes a lot."
"The licensing is a nightmare and has room for improvement."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"A lack of certain features creates limitations."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"There could be a hardware monitoring tool for the solution."
"We would like to see more improvements on the cloud."
Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cybereason XDR is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cybereason XDR is most compared with Cortex XDR by Palo Alto Networks, Cynet, TEHTRIS XDR and Trend Vision One, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and SentinelOne Singularity Complete. See our Cybereason XDR vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.