We performed a comparison between CrowdStrike Falcon and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"It has great stability."
"The most valuable feature is the network security."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The integration between all the Defender products is the most valuable feature."
"Microsoft 365 Defender is simple to upgrade."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like the feature called RTC, the remote time connector."
"The solution offers great stability."
"The most valuable features are the complete IPS and IDS."
"We are happy with CloudStrike's ease of use and touch notification."
"The solution is silent and sits on your system as one single agent."
"The detection and response console is the most valuable feature."
"Scalability is good. We have had no issues with it."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"I like that the solution is on top of the Kubernetes stack."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"Its cost-effectiveness is the most valuable aspect."
"Good for monitoring, active response, and for vulnerabilities."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"The configuration assessment and Pile integrity monitoring features are decent."
"It's stable."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Intrusion detection and prevention would be great to have with 365 Defender."
"The tool gives inconsistent answers and crashes a lot."
"The pricing structure should allow for some flexibility."
"Technical support could be better than what is currently offered."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"This solution is relatively expensive."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"The pricing is a bit too high."
"The installation process for this software needs to be simplified."
"The computing resources are consuming and do not make sense."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"The tool doesn't detect anomalies or new environments."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
CrowdStrike Falcon is ranked 2nd in Extended Detection and Response (XDR) with 105 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. CrowdStrike Falcon is rated 8.8, while Wazuh is rated 7.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our CrowdStrike Falcon vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.