We performed a comparison between Cynet and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The threat intelligence is excellent."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"If some unusual activity happens on the network, such as I open administrator sessions in a short duration of an hour on many computers in the lab, it sends me an alert about my network saying that one user opened three, four, or five sessions in one hour. Similarly, if I try to play with the disk size on a computer, it will send me an alert, and it will also stop the operation."
"Cynet is light and transparent when downloaded. The product's data aggregation is also valuable since you can see everything you need on a page."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"I like that you can implement it in the managed service portfolio."
"We are protecting all our workstations."
"It's transparent, so it's not something where every user has to press a button to download or do the thing. It is centralized, in fact. Personally, I use Malwarebytes and other tools, which are fine for home use. Cynet is also relatively silent in terms of operation, except when it's required to act."
"The initial setup is very fast and very easy."
"Advanced detection and protection against ransomware paired with SOC monitoring are the most valuable features. They have 24/7 SOC monitoring and file activity. It is a very robust tool."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"I like that the solution is on top of the Kubernetes stack."
"The configuration assessment and Pile integrity monitoring features are decent."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Its cost-effectiveness is the most valuable aspect."
"The product’s interface is intuitive."
"The MITRE ATT&CK correlation is most valuable."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The solution does not offer a unified response and standard data."
"Linux servers are not supported."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"Cynet could improve when a reverse proxy is being used to connect to the servers. There could be an easier configuration because it is not plug-and-play."
"I think the technical support could be better."
"The command line interface could be improved."
"An administration feature will be useful for Cynet."
"I would like to see more emphasis on building the data lake and storing all endpoint data in the enterprise data lake so that data mining can be performed"
"In future releases, I would like to see cloud security aspects included."
"The computing resources are consuming and do not make sense."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"It would be great if there could be customization for the decoder portion."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Wazuh is missing many things that a typical SIEM should have."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
Cynet is ranked 9th in Extended Detection and Response (XDR) with 35 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Cynet is rated 8.8, while Wazuh is rated 7.4. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Kaspersky Endpoint Detection and Response Expert, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Cynet vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.