We performed a comparison between SentinelOne Singularity Complete and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The most valuable feature is the network security."
"We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer."
"The most valuable feature is the automatic remediation."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"It's a plug-and-play solution that works well with other out of box integrations that we have."
"It has a one-click button that we can use to reverse all those dodgy changes made by the virus program and bring the system quickly back to what it was. That's one of the most important features."
"The product can scale."
"I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
"The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The tool is stable."
"It is a stable solution."
"Its cost-effectiveness is the most valuable aspect."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"At times, there may be delays in the execution of certain actions and their effects."
"The channel policy has room for improvement."
"SentinelOne could improve by reducing the price."
"SentinelOne should include Ranger Pro out of the box with Singularity Complete."
"There should be Terraform support for console administration. Dynamic tagging would be also useful."
"I am not a fan of the UI and feel it has room for improvement."
"It can be a little daunting at first. With the deep visibility feature, if I had more insights into how to troubleshoot things better, that would be helpful. Their documentation could be a lot better. It could be more in-depth."
"If they can extend their product further on the DLP side of it so that I don't have to have another agent run exclusively for DLP production, that would be ideal."
"I encountered issues running Singularity Complete alongside other machine-learning tools."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"The deployment is a bit complex."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"The only challenge we faced with Wazuh was the lack of direct support."
"Wazuh is missing many things that a typical SIEM should have."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Extended Detection and Response (XDR) with 176 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. SentinelOne Singularity Complete is rated 8.8, while Wazuh is rated 7.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and ESET Endpoint Protection Platform, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and USM Anywhere. See our SentinelOne Singularity Complete vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.