We performed a comparison between Microsoft Defender for Cloud and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is fairly simple. Anybody can use it."
"The UI is responsive and user-friendly."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"The cloud misconfiguration is the most valuable feature."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The integration with Logic Apps allows for automated responses to incidents."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"The main thing I like about it is that it has an EDR."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh has very flexible and robust features."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"The configuration assessment and Pile integrity monitoring features are decent."
"Wazuh is simple to use for PCI compliance."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"The categorization of the results from the vulnerability assessment could be improved."
"Whenever I view the processes and the process aspect, it takes a long time to load."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"We can customize security policies but lack auditing capabilities."
"PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process."
"They need more experienced support personnel."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"It needs to be simplified and made more user-friendly for a non-technical person."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"You cannot create custom use cases."
"The product must improve its UI."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Its configuration process is time-consuming."
"While it is scalable, it can suffer from reduced latencies."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"The deployment is a bit complex."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Microsoft Defender for Cloud is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Trend Vision One - Cloud Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and SentinelOne Singularity Complete. See our Microsoft Defender for Cloud vs. Wazuh report.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
