We performed a comparison between Seceon Open Threat Management Platform and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The machine learning and artificial intelligence on offer are great."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The main benefit is the ease of integration."
"The initial setup is very simple and straightforward."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"The solution is stable."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team."
"The most valuable feature of this solution is its artificial intelligence."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"If they support a solution, it is easy to do an integration."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"Good for monitoring, active response, and for vulnerabilities."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"Wazuh is simple to use for PCI compliance."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"It would be better if they offered global coverage."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"The product could be improved by including sandboxing capabilities in the next release."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"The management console could use some enhancements."
"It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"The tool does not provide CTI to monitor darknet."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"There could be a hardware monitoring tool for the solution."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"The deployment is a bit complex."
"Integration with Vyara could be better."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
Seceon Open Threat Management Platform is ranked 21st in Security Information and Event Management (SIEM) with 10 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. Seceon Open Threat Management Platform is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our Seceon Open Threat Management Platform vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.