We performed a comparison between CrowdStrike Falcon and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The summarization of emails is a valuable feature."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The integration between all the Defender products is the most valuable feature."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."
"We have seen a reduction to the performance hit to our operating systems."
"We are happy with CloudStrike's ease of use and touch notification."
"Falcon's best feature is its detection and blocking of threats."
"It offers built-in modules for file integrity and vulnerability management."
"Wazuh is simple to use for PCI compliance."
"The MITRE ATT&CK correlation is most valuable."
"The most valuable features are the modules and metrics."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"It has efficient SCA capabilities."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The management reporting functionality needs to be improved."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"The performance could be better."
"While it is scalable, it can suffer from reduced latencies."
"The tool does not provide CTI to monitor darknet."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"Its configuration process is time-consuming."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. CrowdStrike Falcon is rated 8.8, while Wazuh is rated 7.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Trellix Endpoint Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.