We performed a comparison between Mandiant Advantage and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Microsoft 365 Defender is simple to upgrade."
"Microsoft 365 Defender is a stable solution."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The product’s interface is intuitive."
"I like that the solution is on top of the Kubernetes stack."
"It offers built-in modules for file integrity and vulnerability management."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Good for monitoring, active response, and for vulnerabilities."
"The tool is stable."
"It has efficient SCA capabilities."
"If they support a solution, it is easy to do an integration."
"The support could be more knowledgable to improve their offering."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"Stability could be improved by avoiding frequent changes to the interface."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The mobile app support for Android and iOS is difficult and needs improvement."
"The support team is not competent or responsive."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"There could be a hardware monitoring tool for the solution."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Some features, like alerting, are complex with Wazuh."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. Mandiant Advantage is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Microsoft Defender External Attack Surface Management and Cymulate, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our Mandiant Advantage vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.