We performed a comparison between Symantec XDR and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The most valuable aspect is undoubtedly the exploration capability"
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The integration, visibility, vulnerability management, and device identification are valuable."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"You can advise the solution and protect your environment."
"It offers built-in modules for file integrity and vulnerability management."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"It's stable."
"The configuration assessment and Pile integrity monitoring features are decent."
"The MITRE ATT&CK correlation is most valuable."
"I like that the solution is on top of the Kubernetes stack."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"It has efficient SCA capabilities."
"The price should be adjustable by region."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"There could be a way to proactively monitor unusual activity ."
"The solution should have better reporting."
"While it is scalable, it can suffer from reduced latencies."
"Integration with Vyara could be better."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"The tool doesn't detect anomalies or new environments."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"There could be a hardware monitoring tool for the solution."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
Symantec XDR is ranked 26th in Extended Detection and Response (XDR) with 1 review while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Symantec XDR is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Symantec XDR writes "A scalable and stable solution with straightforward deployment". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Symantec XDR is most compared with , whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.