We performed a comparison between Forescout Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Microsoft 365 Defender is a good solution and easy to use."
"Its most significant advantage lies in its affordability."
"The most valuable feature is the network security."
"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
"Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
"Obtaining visibility into the network and connected devices is very simple with this tool. It takes me three minutes to do a base deployment when all the parameters are available."
"Being able to actively identify the client without a certificate allows you to control every device on your network regardless of the make, model, and software running. This allows for end-to-end security."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies."
"Forescout CounterACT has allowed us to better open our access and control wireless access globally from our HQ. This allows us to monitor the network access for every office globally. This has improved overall security, reducing risk and opening up the opportunity to provide greater end user flexibility."
"The stability is amazing for the Forescout Platform. We have been using Forescout for four years, and no one complained about the stability."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"If they support a solution, it is easy to do an integration."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"The configuration assessment and Pile integrity monitoring features are decent."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The licensing is a nightmare and has room for improvement."
"The biggest disadvantage is the pricing."
"They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous."
"The installation is not secure because it takes high admin privileges."
"The fact that Forescout Platform doesn't have a presence in the South African region is a weakness because of which you can't ask for help from them if you have any problems."
"Search - needs boolean functionality (or pseudo operand now working)."
"Forescout needs to upgrade its development in the future."
"The reporting feature needs improvement."
"I believe that the overall user experience has not always been preferable."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"Its configuration process is time-consuming."
"The deployment is a bit complex."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
Forescout Platform is ranked 14th in Extended Detection and Response (XDR) with 69 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. Forescout Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our Forescout Platform vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.