We performed a comparison between Microsoft Defender for Cloud and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is a good alerting tool."
"We noted immediate benefits from using the solution."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"My favorite feature is Storyline."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"The mean time to detect has been reduced."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The ease of use of the platform is very nice."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"DSPM is the most valuable feature."
"Threat protection is comprehensive and simple."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"The solution is very easy to deploy."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"The deployment is easy and they provide very good documentation."
"The most valuable features are the modules and metrics."
"The main thing I like about it is that it has an EDR."
"Scanning capabilities should be added for the dark web."
"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"The could improve their mean time to detect."
"There is a bit of a learning curve for new users."
"Customized queries should be made easier to improve PingSafe."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Since it's an open-source tool, scalability is the main issue."
"The computing resources are consuming and do not make sense."
"We would like to see more improvements on the cloud."
"The only challenge we faced with Wazuh was the lack of direct support."
"The deployment is a bit complex."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Some features, like alerting, are complex with Wazuh."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Microsoft Defender for Cloud is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and AWS Security Hub, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Datadog. See our Microsoft Defender for Cloud vs. Wazuh report.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
