We performed a comparison between Intercept X Endpoint and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"I have found the ability to delete unwanted threats beneficial."
"The most valuable feature of Sophos Intercept X is cloud management."
"One of the best use cases involves synchronized security staff, which allows us to manage both the firewall and the anti-virus features from the cloud."
"The solution is scalable."
"Sophos Intercept X is easy to install and has a lower price than similar solutions."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
"It is very easy to set up and easy to use. It is also not resource-intensive."
"It offers built-in modules for file integrity and vulnerability management."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"The main thing I like about it is that it has an EDR."
"It's stable."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"If they support a solution, it is easy to do an integration."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The choices offered for the on-premises and cloud-based platforms are the reverse of each other."
"Sophos Intercept X could improve on its setup process. They could make it easier to have a baseline set up for the system, or at least provide more understanding of what the baseline is when you first install it. This could be a matter of lack of training on my part, but it's difficult to receive training on solutions that are not Cisco. Cisco is the only vendor with classes or courses."
"The customer service and support could be improved in regards to response time. It could be faster."
"It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
"The solution's pricing could be better."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc."
"The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The computing resources are consuming and do not make sense."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The deployment is a bit complex."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
Intercept X Endpoint is ranked 9th in Extended Detection and Response (XDR) with 101 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. Intercept X Endpoint is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Trend Vision One, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our Intercept X Endpoint vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.