Cynet vs Wazuh comparison

Sponsored
Microsoft Defender XDR
Read 87 Microsoft Defender XDR reviews
  • 6,230 Views
  • 4,702 Comparison Views
97% willing to recommend
Cynet
Read 35 Cynet reviews
  • 4,939 Views
  • 2,370 Comparison Views
96% willing to recommend
Wazuh
Read 38 Wazuh reviews
  • 15,672 Views
  • 8,558 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Cynet and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cynet vs. Wazuh Report (Updated: May 2024).
Buyer's Guide
Cynet vs. Wazuh
May 2024
Download the complete report
Helped 789,135 peers since 2012
 

Categories and Ranking

Microsoft Defender XDR
Sponsored
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
87
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Microsoft Security Suite (1st)
Cynet
Ranking in Extended Detection and Response (XDR)
9th
Average Rating
8.8
Number of Reviews
35
Ranking in other categories
Endpoint Protection Platform (EPP) (16th), User Entity Behavior Analytics (UEBA) (4th), Endpoint Detection and Response (EDR) (15th), Threat Deception Platforms (3rd), Network Detection and Response (NDR) (4th), Ransomware Protection (5th)
Wazuh
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
7.4
Number of Reviews
38
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (3rd)
 

Mindshare comparison

As of June 2024, in the Extended Detection and Response (XDR) category, the mindshare of Microsoft Defender XDR is 23.3%, up from 6.7% compared to the previous year. The mindshare of Cynet is 2.9%, down from 5.9% compared to the previous year. The mindshare of Wazuh is 17.0%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
Unique Categories:
Endpoint Detection and Response (EDR)
8.4%
Microsoft Security Suite
4.9%
Endpoint Protection Platform (EPP)
0.9%
User Entity Behavior Analytics (UEBA)
5.3%
Log Management
18.1%
Security Information and Event Management (SIEM)
26.3%
 

Featured Reviews

David Shlingbaum - PeerSpot reviewer
May 27, 2024
It gives you reports and updates about the latest hotfixes and zero-day vulnerabilities
We're a small business. Defender XDR gives us a centralized security solution for monitoring our servers and some user PCs. We have around 30 machines, 10 of which are servers.  Defender XDR saves the security team time by telling us what patches to apply. We also get preemptive notes about things…
Read full review
Mebbert Chiyangi - PeerSpot reviewer
Aug 29, 2023
Efficient endpoint protection features and highly stable and scalable solution
Our primary use case would be incident response Cynet has mostly helped with endpoint protection. Its ability to revert back from a previous state is quite notable. This feature is particularly valuable because, for maintaining integrity, it can inspect the socket for any firewall modifications.…
Read full review
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Open-source platform with custom alerting
There are three key strengths of Wazuh that stand out to me. Firstly, Wazuh offers an enhanced HDR version that outperforms the Elastic Stack. Wazuh has achieved this by running a config or a sec in the background, which has improved the XBR for endpoint security significantly. Secondly, Wazuh comes with built-in frameworks, such as the NISC and ISO, that make it easy to comply with various industry standards. We didn't need to configure any custom frameworks for this, as Wazuh had it built in. Lastly, Wazuh has the ability to collect terabytes of data within seconds, which is a crucial feature for modern enterprises dealing with large amounts of data.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its most significant advantage lies in its affordability."
"The integration between all the Defender products is the most valuable feature."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
More Microsoft Defender XDR pros
"The product is very easy to use. Customers really appreciate that."
"The initial setup is very fast and very easy."
"Cynet is light and transparent when downloaded. The product's data aggregation is also valuable since you can see everything you need on a page."
"We are using almost all of the features and we find it quite good overall."
"Cynet's most valuable features are laptop and server performance, internal network monitoring, and external firewall lock management."
"If some unusual activity happens on the network, such as I open administrator sessions in a short duration of an hour on many computers in the lab, it sends me an alert about my network saying that one user opened three, four, or five sessions in one hour. Similarly, if I try to play with the disk size on a computer, it will send me an alert, and it will also stop the operation."
"It can be deployed in autonomous mode, and then it automatically blocks malware threats."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
More Cynet pros
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"The main thing I like about it is that it has an EDR."
"The MITRE ATT&CK correlation is most valuable."
More Wazuh pros
 

Cons

"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
More Microsoft Defender XDR cons
"Most of their times are in Greenwich Mean Time. I would like to see more local time zones."
"An administration feature will be useful for Cynet."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"Cynet fails to deploy the same technology in mobile devices."
"Could have better integration with other security applications."
"The inability to add contact information inside the Cynet is also an issue because it makes things more complicated. I would like to have a simple feature to enter a contact name and number for the person taking care of that unit or that server."
"There is room for improvement in terms of support. The support should be faster to respond."
"Cynet could improve when a reverse proxy is being used to connect to the servers. There could be an easier configuration because it is not plug-and-play."
More Cynet cons
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"Wazuh is missing many things that a typical SIEM should have."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
More Wazuh cons
 

Pricing and Cost Advice

"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."
"The price of the solution is high compared to others and we have lost some customers because of it."
"Microsoft Defender XDR is priced high."
"Microsoft Defender XDR is already included in our Office 365 licensing. It is better because we're saving money by using it."
"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."
"The licensing fee for Microsoft 365 Defender is fair."
"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."
"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."
More Microsoft Defender XDR pricing and cost advice
"We purchase the product’s yearly license."
"I don't have specific information about integration capabilities or licensing costs."
"My company's customers have to make yearly payments towards the licensing costs of the solution. Cynet is not expensive."
"The price is very competitive."
"The licensing for Cynet is yearly. The solution pricing depends on the customer, but it is not very expensive."
"Its licensing is on a monthly basis."
"Cynet has a pay-as-you-go pricing model."
"Cynet is cheap."
More Cynet pricing and cost advice
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"Wazuh is free and open source."
"The current pricing is open source."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"The solution's cost is above the average."
"Wazuh has a community edition, and I was using that. It's free and open source."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
More Wazuh pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
789,135 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Computer Software Company
19%
Comms Service Provider
8%
Financial Services Firm
7%
Manufacturing Company
6%
Computer Software Company
17%
Comms Service Provider
7%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...
See all answers
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying mu...
See all answers
What needs improvement with Microsoft 365 Defender?
Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionall...
See all answers
When evaluating User Activity Monitoring, what aspect do you think is the most important to look for?
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you ...
See all answers
What do you like most about Cynet?
In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not con...
See all answers
What is your experience regarding pricing and costs for Cynet?
I don't have specific information about integration capabilities or licensing costs.
See all answers
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
See all answers
What needs improvement with Wazuh?
I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidat...
See all answers
What is your primary use case for Wazuh?
We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. Th...
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Compared 44% of the time
Microsoft Defender for Cloud vs Microsoft Defender XDR Logo
Microsoft Defender for Cloud vs Microsoft Defender XDR
Compared 15% of the time
Microsoft Purview Compliance Manager vs Microsoft Defender XDR Logo
Microsoft Purview Compliance Manager vs Microsoft Defender XDR
Compared 5% of the time
Trend Vision One vs Microsoft Defender XDR Logo
Trend Vision One vs Microsoft Defender XDR
Compared 3% of the time
Microsoft Sentinel vs Microsoft Defender XDR Logo
Microsoft Sentinel vs Microsoft Defender XDR
Compared 2% of the time
More Microsoft Defender XDR Competitors
CrowdStrike Falcon vs Cynet Logo
CrowdStrike Falcon vs Cynet
Compared 13% of the time
SentinelOne Singularity Complete vs Cynet Logo
SentinelOne Singularity Complete vs Cynet
Compared 11% of the time
ESET Endpoint Protection Platform vs Cynet Logo
ESET Endpoint Protection Platform vs Cynet
Compared 7% of the time
Microsoft Defender for Endpoint vs Cynet Logo
Microsoft Defender for Endpoint vs Cynet
Compared 7% of the time
Bitdefender GravityZone EDR vs Cynet Logo
Bitdefender GravityZone EDR vs Cynet
Compared 2% of the time
More Cynet Competitors
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 15% of the time
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 14% of the time
AlienVault OSSIM vs Wazuh Logo
AlienVault OSSIM vs Wazuh
Compared 10% of the time
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Compared 10% of the time
SentinelOne Singularity Complete vs Wazuh Logo
SentinelOne Singularity Complete vs Wazuh
Compared 2% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender XDR
June 2024
Microsoft Defender XDR reportDownload Microsoft Defender XDR product report
Buyer's Guide
Cynet
June 2024
Cynet reportDownload Cynet product report
Buyer's Guide
Wazuh
May 2024
Wazuh reportDownload Wazuh product report
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
No data available
No data available
 

Learn More

Microsoft
Cynet
Wazuh
 

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Cynet has pioneered the security industry’s first all-in-one security platform purposely built for organizations that need the ability to effortlessly identify, block and respond to all types of attacks inside the perimeter - defending endpoints, network, files and users - without the heavy burden of deep cyber expertise and the overhead of integrating and managing multiple products. Our approach converges and brings synergy with technology: endpoint protection, EDR, vulnerability management, deception, threat intelligence and network and end-user analytics, and expertise: a 24/7 cyber SWAT team for incident response, malware analysis, threat hunting and forensics. Cynet deploys in hours and simplifies management with automated monitoring to complement any sized staff.

Cynet Consists Of:

  • Next-generation AV (NGAV)
  • Endpoint Protection (EPP)
  • Endpoint Detection Response (EDR)
  • NDR and MDR
  • UBA Rules
  • Network Detection Rules
  • Intelligent Deception

With Cynet You Can:

  • Consolidate network and endpoint protection in one central place
  • Protect against a very wide range of attacks, including common attacks as well as complex multi-layered attacks
  • Have access to a team of world-class cybersecurity experts available around the clock that complements whatever expertise you have in place

Cynet Supports:

Four different deployment methods: On-premise, IAAS, SAAS, and a Hybrid mode

Cynet Benefits and Features:

  • Advanced threat detection
  • Incident response capabilities
  • Extended detection and response(XDR)
  • Managed detection and response (MDR)
  • Response automation
  • Network-specific playbook
  • Multi-layer protection
  • Alerts delivered to a single point for visibility
  • In-house SOC for clientele

Features Users Find Most Valuable:

  • IT hygiene: By scanning assets, including endpoints, users, files, and network traffic to render a dashboard of security issues, Cynet is able to quickly map an entire IT infrastructure.
  • Prevention: Various prevention capabilities include UBA, deception, and traditional endpoint protection.
  • Detection: This includes traditional endpoint security, EDR, UBA, deception and network analytics, which helps detect malicious behavior, ransomware, exploitation, user login anomalies, DNS tunneling, and much more.
  • Vulnerability management: Cynet can find Windows vulnerabilities, unauthorized and outdated applications, and security policy violations.
  • Response: Cynet includes various analyses, response and remediation capabilities, across endpoints, files, users and networks.
  • Automated response: Users can create an automatic remediation rule for each alert Cynet creates, which helps improve the incident response process and can prevent a real-time threat.
  • 24/7 Support: For no additional cost, Cynet includes CyOp, a 24/7 operations team available to you at all times.

Reviews from Real Users

“I have found the continued support and pretty much all the features to be valuable. They all stand out as being positive. It continues to detect unusual activity when it's supposed to, and so far we haven't had any issues.” - Ken S., Director InfoSec and Audit at a manufacturing company

"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use." - Senior Cyber Security Manager at a financial services firm

"The dashboard is beautiful, overall ease of use, and the UBA and NBA features are valued." - Harsh P., Cyber Security Operations Center Analyst at Vincacyber

Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

  • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
  • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
  • Elastic Stack is where alerts are indexed and stored.

Wazuh Capabilities

Some of Wazuh’s most notable capabilities include:

  • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

  • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

  • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

  • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

  • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
  • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

  • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

  • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

  • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

Wazuh Benefits

Some of the most valued benefits of Wazuh include:

  • No vendor lock-in
  • No license costs
  • Uses lightweight, multi-platform agents
  • Free community support

Wazuh Offers

  • Annual support and maintenance
  • Assistance with deployment and configuration
  • Training and instructional hands-on courses

Reviews From Real Users

"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Meuhedet, East Boston Neighborhood Health Center
Information Not Available
Buyer's Guide
Cynet vs. Wazuh
May 2024
Free Report: Cynet vs. Wazuh
Find out what your peers are saying about Cynet vs. Wazuh and other solutions. Updated: May 2024.
DOWNLOAD NOW
789,135 professionals have used our research since 2012.
See our Cynet vs. Wazuh report.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.