We performed a comparison between Cortex XDR by Palo Alto Networks and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Microsoft 365 Defender is simple to upgrade."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"It's a nice product that's stable and scalable."
"Palo Alto is constantly adding new features."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"It'll not slow down your system when compared to others."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"They have a new GUI which is just fantastic."
"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"If there are multiple alerts, the app will automatically create and rate an event instead of going through each one."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"It is a stable solution."
"I like that the solution is on top of the Kubernetes stack."
"The deployment is easy and they provide very good documentation."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The solution lacks real-time, on-demand antivirus."
"The connection to the internet has not performed as expected."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"Impact on system performance is horrible, adding a lot of delays for users."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"The only challenge we faced with Wazuh was the lack of direct support."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"Since it's an open-source tool, scalability is the main issue."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Some features, like alerting, are complex with Wazuh."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 3rd in Extended Detection and Response (XDR) with 80 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Microsoft Defender for Cloud, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our Cortex XDR by Palo Alto Networks vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.