We performed a comparison between Microsoft Defender XDR and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The integration, visibility, vulnerability management, and device identification are valuable."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"It's stable."
"The product is easy to customize."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"It offers built-in modules for file integrity and vulnerability management."
"The product’s interface is intuitive."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The licensing is a nightmare and has room for improvement."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The tool gives inconsistent answers and crashes a lot."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"It would be great if there could be customization for the decoder portion."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"We would like to see more improvements on the cloud."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 78 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Microsoft Defender XDR is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Trend Vision One and Microsoft Sentinel, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Microsoft Defender XDR vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.