We performed a comparison between ConnectWise SIEM and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Sentinel pricing is good"
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."
"We have found the solution has great functionality and it is easy to use."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"The configuration assessment and Pile integrity monitoring features are decent."
"Its cost-effectiveness is the most valuable aspect."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"If they support a solution, it is easy to do an integration."
"The most valuable features are the modules and metrics."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"I like that the solution is on top of the Kubernetes stack."
"I would like to be able to monitor applications outside of the Azure Cloud."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The reporting could be more structured."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The playbook is a bit difficult and could be improved."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."
"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."
"Some features, like alerting, are complex with Wazuh."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"It would be great if there could be customization for the decoder portion."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"Its configuration process is time-consuming."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
ConnectWise SIEM is ranked 30th in Security Information and Event Management (SIEM) with 2 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. ConnectWise SIEM is rated 10.0, while Wazuh is rated 7.4. The top reviewer of ConnectWise SIEM writes "Efficiently monitoring and detecting suspicious activities". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". ConnectWise SIEM is most compared with SentinelOne Vigilance, Huntress, CrowdStrike Falcon Complete, Sophos MDR and Red Canary MDR, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.