We performed a comparison between Cisco SecureX and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The solution is well integrated with applications. It is easy to maintain and administer."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"The automation and orchestration tools are the most valuable features."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"It's stable."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"I like that the solution is on top of the Kubernetes stack."
"The main thing I like about it is that it has an EDR."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"Wazuh has very flexible and robust features."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The management and automation of the cloud apps have room for improvement."
"Stability could be improved by avoiding frequent changes to the interface."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"Enhancing automation capabilities could further improve the product."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"One of the improvements the product needs is more integration with collaboration platforms."
"Remediation stuff could be integrated into the product's automation."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"what's missing right now is the multi-tenant capability."
"Some features, like alerting, are complex with Wazuh."
"Wazuh is missing many things that a typical SIEM should have."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
"Integration with Vyara could be better."
Cisco SecureX is ranked 13th in Extended Detection and Response (XDR) with 13 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cisco SecureX is rated 9.0, while Wazuh is rated 7.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cisco SecureX is most compared with Trend Vision One, Cortex XDR by Palo Alto Networks, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Cisco SecureX vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.