We performed a comparison between Forescout Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The summarization of emails is a valuable feature."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"I have found the ability to delete unwanted threats beneficial."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"The most valuable feature is the ease of deployment, which does not require the use of an agent."
"The solution's implementation and operation are very easy."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"The 802.1X compliance authentication feature of this solution is very good."
"Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability."
"Forescout is easy to integrate with a lot of end systems."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"The tool is stable."
"The main thing I like about it is that it has an EDR."
"It offers built-in modules for file integrity and vulnerability management."
"The deployment is easy and they provide very good documentation."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The support could be more knowledgable to improve their offering."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"Advanced attacks could use an improvement."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Regarding pricing, there is room for improvement to enhance competitiveness with other vendors and solutions."
"Definitely, having more third-party integration would be an improvement."
"The solution needs more definitive pricing. The costs are hard to nail down."
"Forescout Platform's technical support is slow to respond and could be more knowledgeable."
"Although Forescout manages endpoints and network devices, there is no capability for user management."
"The installation is not secure because it takes high admin privileges."
"Other solutions have TACACS+, but Forescout does not. In the next release, I would like to see Forescout have accounting."
"Forescout Platform sometimes returns false positives, so there's some fine-tuning to be done there."
"Wazuh is missing many things that a typical SIEM should have."
"Its configuration process is time-consuming."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"There could be a hardware monitoring tool for the solution."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"The only challenge we faced with Wazuh was the lack of direct support."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Forescout Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Forescout Platform vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.