We performed a comparison between ConnectWise SIEM and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"Sentinel pricing is good"
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The pricing of the product is excellent."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"We have found the solution has great functionality and it is easy to use."
"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"Its cost-effectiveness is the most valuable aspect."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Good for monitoring, active response, and for vulnerabilities."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"It's stable."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"One key area that can be improved is by building a strong integration with our XDR platform."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The solution could improve the playbooks."
"The AI capabilities must be improved."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."
"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."
"It would be great if there could be customization for the decoder portion."
"While it is scalable, it can suffer from reduced latencies."
"The tool does not provide CTI to monitor darknet."
"The tool doesn't detect anomalies or new environments."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Its configuration process is time-consuming."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
ConnectWise SIEM is ranked 30th in Security Information and Event Management (SIEM) with 2 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. ConnectWise SIEM is rated 10.0, while Wazuh is rated 7.4. The top reviewer of ConnectWise SIEM writes "Efficiently monitoring and detecting suspicious activities". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". ConnectWise SIEM is most compared with SentinelOne Vigilance, Huntress, CrowdStrike Falcon Complete and Sophos MDR, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and CrowdStrike Falcon. See our ConnectWise SIEM vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.