We performed a comparison between Trend Vision One and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"It is a stable product. It works very well."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"It has the feature to track an attack back. If there is an incident or an attack occurs, you can get a bird's eye view of that attack. You can see how the attackers came in and how they managed the attack. You can trace an attack. If you are giving a presentation to the management, you can easily show it to them in a live environment how the attackers came, which is amazing."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"The search features help us try to correlate information and identify any suspicious activity."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The main thing I like about it is that it has an EDR."
"It has efficient SCA capabilities."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"I like that the solution is on top of the Kubernetes stack."
"It's stable."
"The tool is stable."
"The management and automation of the cloud apps have room for improvement."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The tool gives inconsistent answers and crashes a lot."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"The zero trust is a bit complicated compared to other parts of the solution."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"The price could be lower."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"Its configuration process is time-consuming."
"It would be great if there could be customization for the decoder portion."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"The tool doesn't detect anomalies or new environments."
"A lack of certain features creates limitations."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The computing resources are consuming and do not make sense."
Trend Vision One is ranked 5th in Extended Detection and Response (XDR) with 42 reviews while Wazuh is ranked 4th in Extended Detection and Response (XDR) with 38 reviews. Trend Vision One is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and Cisco SecureX, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security and AlienVault OSSIM. See our Trend Vision One vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.