We performed a comparison between Trend Vision One and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"Microsoft 365 Defender is a stable solution."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"Microsoft Defender XDR is scalable."
"I appreciate the value of real-time activity monitoring."
"It helps us with investigations."
"The centralized visibility is good."
"The solution is very easy to use."
"The zero-day vulnerability is valuable."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"It has efficient SCA capabilities."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"It offers built-in modules for file integrity and vulnerability management."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"Wazuh has very flexible and robust features."
"It is a stable solution."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"The support documentation could be more comprehensive."
"The information captured by Trend Vision One needs to be more detailed."
"The zero trust is a bit complicated compared to other parts of the solution."
"Vision One's search could be improved. While the platform is very user-friendly, the search feature uses terms that aren't as intuitive."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"The deployment is a bit complex."
Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Trend Vision One is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Kaspersky Endpoint Detection and Response Expert, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and SentinelOne Singularity Complete. See our Trend Vision One vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.