We performed a comparison between Forescout Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The integration with other Microsoft solutions is the most valuable feature."
"It has great stability."
"Forescout has a feature that blocks the endpoint at the point of collection. It sets preconditions and will block the system if those aren't met."
"The most valuable feature of Forescout Platform is that it has everything that Aruba has at significantly less cost."
"The 802.1X compliance authentication feature of this solution is very good."
"I can integrate Forescout with products from multiple vendors in my environment, and also, the integration is searchable. It can be used with 802.1X and non-802.1X to integrate with my existing network. I don't need to upgrade any existing networks in my system, and I don't need to replace existing devices to integrate with Forescout. I find value in not having to spend money upgrading existing devices and networks."
"The user management has been very easy for the most part."
"Ease of deployment There's a great support team that becomes actively engaged whenever we encounter issues. Their technical support is amazing. Good documentation is available. The product is stable. The solution is highly scalable. I recommend using the solution because it gives verified control over the environment. It has a great visibility feature."
"The product is very easy to work with and easy to deploy."
"The most valuable feature of the Forescout Platform it's highly customizable and flexible."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"The deployment is easy and they provide very good documentation."
"The product’s interface is intuitive."
"It has efficient SCA capabilities."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"I like that the solution is on top of the Kubernetes stack."
"Wazuh has very flexible and robust features."
"The licensing is a nightmare and has room for improvement."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"This solution is not that easy to scale but this depends on a company's needs."
"The solution's customer support is bad and should be improved."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"Multitenancy should be included in the next version so it could be used as a managed service provider."
"We have found that the agent-based authentication, available within this solution could be improved."
"They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous."
"The solution needs more definitive pricing. The costs are hard to nail down."
"If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Forescout Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Forescout Platform vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.