We performed a comparison between SentinelOne Singularity Complete and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The most valuable feature is the network security."
"The visibility component is the most valuable feature."
"The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs."
"It provides network and asset visibility for us."
"It uses AI technology so it can find known and unknown threats. It is stable and provides one of the best technical support."
"Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even what we are not talking from a security standpoint."
"SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control."
"Singularity's threat-hunting platform is user-friendly, and I like the built-in remote access feature."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"The configuration assessment and Pile integrity monitoring features are decent."
"The product’s interface is intuitive."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh is simple to use for PCI compliance."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"Stability could be improved by avoiding frequent changes to the interface."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The anti-ransomware technology takes up a lot of disc space."
"There are features that I would like them to add. They have little to do with endpoint protection, but if they could add encryption and DLP on, it would make it even better."
"It has all the features that other leading products in the market provide. They should keep enhancing it based on the challenges in the market. I am fine with its detection capability, but they can work more on deep inspection."
"Periodically we have an application that does not work correctly when SentinelOne is installed, yet performs as expected when SentinelOne is removed."
"There is not much flexibility in terms of policy fine-tuning. We can turn it off or turn it on, but, there's nothing much else to do. Everything is predefined. It's good in a way, but you don't get much flexibility if you want to do something particular."
"The way Singularity Complete handles blocking external mass storage is annoying because it is so difficult to unblock single endpoints."
"The stability of SentinelOne should be improved."
"I would have liked the dashboard to be more user-friendly."
"The tool does not provide CTI to monitor darknet."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"Integration with Vyara could be better."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"The deployment is a bit complex."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Extended Detection and Response (XDR) with 177 reviews while Wazuh is ranked 3rd in Extended Detection and Response (XDR) with 38 reviews. SentinelOne Singularity Complete is rated 8.8, while Wazuh is rated 7.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, ThreatLocker Protect and Fortinet FortiEDR, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM and Splunk Enterprise Security. See our SentinelOne Singularity Complete vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.