We performed a comparison between Forescout Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"Ease of deployment There's a great support team that becomes actively engaged whenever we encounter issues. Their technical support is amazing. Good documentation is available. The product is stable. The solution is highly scalable. I recommend using the solution because it gives verified control over the environment. It has a great visibility feature."
"It allows for good detection of all the vendor products we have on-site."
"The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x."
"The most valuable feature of the Forescout Platform it's highly customizable and flexible."
"The most valuable features are remote access and administration scripts."
"This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"It offers built-in modules for file integrity and vulnerability management."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"The product is easy to customize."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The product’s interface is intuitive."
"The main thing I like about it is that it has an EDR."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on."
"The ability to block external devices in Mac is lacking and needs to be added."
"Can be expensive if it's only being used for one feature."
"The installation is not secure because it takes high admin privileges."
"Initially, the implementation of the Forescout Platform took some time to figure out. The reason is we are a manufacturing unit and we have certain silos that are insulated areas where certain systems will not connect to the internet or to the LAN. Since there are many parts of it, we have to have an inclusive view of all those systems. It took a while for us to initially implement, but after a few months, everything worked well."
"Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly."
"The tool doesn't detect anomalies or new environments."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"It would be great if there could be customization for the decoder portion."
"The only challenge we faced with Wazuh was the lack of direct support."
"The deployment is a bit complex."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"The computing resources are consuming and do not make sense."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Forescout Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Forescout Platform vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.