We performed a comparison between Intercept X Endpoint and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Advanced hunting is good. I like that. We can drill down to lots of details."
"Microsoft 365 Defender is a stable solution."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"The most valuable feature of the solution is that it is less hash-based than competitors."
"The initial setup is pretty straightforward."
"I have found the most valuable feature to be the EDR."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"The client isolation feature is a very effective feature."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"I appreciate the ability to use the latest endpoint protection features in case of an infection or cyber threat. This is especially true when using the product with a Sophos firewall solution, like the XG series. They collaborate effectively in the event of a cyber threat."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"If they support a solution, it is easy to do an integration."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"Its cost-effectiveness is the most valuable aspect."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"The configuration assessment and Pile integrity monitoring features are decent."
"The product is easy to customize."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The support could be more knowledgable to improve their offering."
"Advanced attacks could use an improvement."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The management and automation of the cloud apps have room for improvement."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The solution's pricing could be better."
"If Sophos Intercept allows users to restrict website access based on specific needs, such as streaming new videos for business purposes, we would prefer to use that."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"The customer service and support could be improved in regards to response time. It could be faster."
"Deployment on cloud needs to be carried out manually."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"Its configuration process is time-consuming."
"While it is scalable, it can suffer from reduced latencies."
"The tool does not provide CTI to monitor darknet."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The deployment is a bit complex."
"The computing resources are consuming and do not make sense."
Intercept X Endpoint is ranked 8th in Extended Detection and Response (XDR) with 101 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. Intercept X Endpoint is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Panda Adaptive Defense 360, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and USM Anywhere. See our Intercept X Endpoint vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.