We performed a comparison between Secureworks Taegis XDR and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The initial setup was straightforward."
"It's a complete solution package."
"The product’s interface is intuitive."
"It's stable."
"The MITRE ATT&CK correlation is most valuable."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh has very flexible and robust features."
"The configuration assessment and Pile integrity monitoring features are decent."
"If they support a solution, it is easy to do an integration."
"Its cost-effectiveness is the most valuable aspect."
"The data recovery and backup could be improved."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The licensing is a nightmare and has room for improvement."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
"The pricing could be improved."
"There could be a hardware monitoring tool for the solution."
"The computing resources are consuming and do not make sense."
"Since it's an open-source tool, scalability is the main issue."
"It would be great if there could be customization for the decoder portion."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"The deployment is a bit complex."
Secureworks Taegis XDR is ranked 28th in Extended Detection and Response (XDR) with 2 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Secureworks Taegis XDR is rated 6.0, while Wazuh is rated 7.4. The top reviewer of Secureworks Taegis XDR writes " It's a complete solution package". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Secureworks Taegis XDR is most compared with Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Microsoft Defender for Cloud, IBM Security QRadar and LogRhythm UEBA, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and USM Anywhere.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.