We performed a comparison between Symantec XDR and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The summarization of emails is a valuable feature."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The product is very easy to use."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"You can advise the solution and protect your environment."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"The product’s interface is intuitive."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The solution does not offer a unified response and standard data."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The tool gives inconsistent answers and crashes a lot."
"There could be a way to proactively monitor unusual activity ."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The solution should have better reporting."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"The deployment is a bit complex."
"The tool doesn't detect anomalies or new environments."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"The tool does not provide CTI to monitor darknet."
"Its configuration process is time-consuming."
"There could be a hardware monitoring tool for the solution."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
Symantec XDR is ranked 26th in Extended Detection and Response (XDR) with 1 review while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Symantec XDR is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Symantec XDR writes "A scalable and stable solution with straightforward deployment". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Symantec XDR is most compared with , whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.