We performed a comparison between Forescout Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has great stability."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The integration between all the Defender products is the most valuable feature."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The most valuable aspect is undoubtedly the exploration capability"
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Microsoft 365 Defender is a good solution and easy to use."
"I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"The most valuable features of the Forescout Platform are NAC for sharing, Network Access Control, and port sharing of the devices."
"The interface is easy to use."
"The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability."
"Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
"We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic."
"This is clearly the best product for the NAC use cases in this field for Forescout."
"The product’s interface is intuitive."
"It has efficient SCA capabilities."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The most valuable features are the modules and metrics."
"Wazuh is simple to use for PCI compliance."
"The MITRE ATT&CK correlation is most valuable."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"Just like in any solution, the price can always be cheaper."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"Forescout Platform sometimes returns false positives, so there's some fine-tuning to be done there."
"The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup."
"More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"Definitely, having more third-party integration would be an improvement."
"I believe that the overall user experience has not always been preferable."
"The solution's customer support is bad and should be improved."
"We would like to see more improvements on the cloud."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"The implementation is very complex."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
Forescout Platform is ranked 14th in Extended Detection and Response (XDR) with 69 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Forescout Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Forescout Platform vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.