We performed a comparison between Cynet and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The product integrates security into one tool instead of having third-party security tools."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"Microsoft 365 Defender is a stable solution."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"It provides good protection from ransomware and malware attacks. It is very good as compared to other products. If any threat is there, their support is very good. They immediately respond to the users and do a follow-up. They call us and also provide email support."
"The interface is exceptionally clear and easy to understand."
"The product has valuable front-end features."
"Its ability to revert back from a previous state is quite notable. This feature is particularly valuable because, for maintaining integrity, it can inspect the socket for any firewall modifications. In practice, it allows us to return to a previous configuration when everything was functioning correctly."
"In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats."
"I like that it is possible to use the solution to check more information about the users' devices."
"A reliable security system that automatically quarantines anything suspicious."
"It's stable."
"If they support a solution, it is easy to do an integration."
"It has efficient SCA capabilities."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"Wazuh is simple to use for PCI compliance."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"The web filtering solution needs to be improved because currently, it is very simple."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Sometimes, configurations take much longer than expected."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Stability could be improved by avoiding frequent changes to the interface."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Just like in any solution, the price can always be cheaper."
"Increased application for SOAR abilities across interconnected devices would be a welcome improvement."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"Linux servers are not supported."
"I would like to see support for mobile protection and some additional reports included."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"The command line interface could be improved."
"Sometimes, it is necessary for me to make important changes to a hard drive of a computer, and because Cynet does not allow me to do that, I have to go to the console and remove the computer from the security group just for Cynet. After that, I have to wait for 10 or 15 minutes for that to take effect. I would like to be able to disable Cynet locally. I shouldn’t have to go to the console to find the PC and then take it out of the group and then add it again to the group. I should locally be able to disable Cynet on a computer with a password or something like that, but it is currently not possible."
"The solution just needs to keep maturing and they need to keep up with the threat landscape to ensure they're protecting clients well as time passes."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The deployment is a bit complex."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Integration with Vyara could be better."
"Wazuh is missing many things that a typical SIEM should have."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"The tool doesn't detect anomalies or new environments."
Cynet is ranked 9th in Extended Detection and Response (XDR) with 35 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cynet is rated 8.8, while Wazuh is rated 7.4. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Bitdefender GravityZone EDR, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and SentinelOne Singularity Complete. See our Cynet vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.