We performed a comparison between Trellix Endpoint Security and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The integration with other Microsoft solutions is the most valuable feature."
"The solution is well integrated with applications. It is easy to maintain and administer."
"It has great stability."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"Microsoft 365 Defender is simple to upgrade."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster."
"This is a good solution for antivirus and malware protection."
"Tech support is responsive. They're good, the very best."
"We like the management of the ePO, and we like the management console."
"The central management console is powerful. You can manage endpoints, DLP, encryption, and all the other features from a single console."
"The solution offers very good endpoint security."
"The performance is good."
"Communication with all Mcafee products (also 3rd parties) by DXL infrastructure."
"Wazuh has very flexible and robust features."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"If they support a solution, it is easy to do an integration."
"Wazuh is simple to use for PCI compliance."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The MITRE ATT&CK correlation is most valuable."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"The support team is not competent or responsive."
"At times, there may be delays in the execution of certain actions and their effects."
"The security of this solution needs improvement."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"I've encountered minor challenges related to encryption."
"The local technical support could be better."
"I think it would be nice if Dynamic Application Control would come together with McAfee Endpoint Security."
"The tool could provide more advanced protection."
"We’re facing remote installation issues sometimes:"
"I would like to see more integration with third-party products."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"It would be great if there could be customization for the decoder portion."
"The computing resources are consuming and do not make sense."
"The only challenge we faced with Wazuh was the lack of direct support."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Trellix Endpoint Security is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Security vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.