Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.7%, up from 0.5% compared to the previous year. The mindshare of Wazuh is 13.0%, up from 10.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Peter Nowak - PeerSpot reviewer
Integration of multiple firewalls enables advanced threat detection
The integration of data from firewalls and Active Directory is most valuable. Cybereason XDR facilitates two-way communication, where the firewall sends data to the Cybereason system, and it can communicate with the firewall to stop unwanted communication. Customers can deal with multiple types of firewalls with ease. The behavioral analytics help detect advanced threats when attackers use existing software. The multilayered protection approach, including NGAV, integrates XDR detection with antivirus to assess and counter threats effectively.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration of data from firewalls and Active Directory is most valuable."
"Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"The integration of data from firewalls and Active Directory is most valuable."
"The MITRE ATT&CK correlation is most valuable."
"The product's initial setup phase was easy."
"It is a stable solution."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh has very flexible and robust features."
"Its cost-effectiveness is the most valuable aspect."
 

Cons

"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"There could be more integrations with other data sources like NDR systems."
"Customer service is rated as a five out of ten. When they work and reach the right level, they are helpful, but getting to the right person can be time-consuming."
"The tool does not provide CTI to monitor darknet."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements."
"Since it's an open-source tool, scalability is the main issue."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"There could be a hardware monitoring tool for the solution."
"The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"It is an open-source product."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"Wazuh is free and open source."
"The solution's cost is above the average."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"Wazuh is an open-source tool, which means it is freely available for use."
"My client uses the open-source version of Wazuh."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Manufacturing Company
13%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
There could be more integrations with other data sources like NDR systems. Additionally, technical support has been slow in recent times. Enabling multifactor authentication has been problematic fo...
What is your primary use case for Cybereason XDR?
I use Cybereason XDR for customers who don't have a SOC or managed SOC yet and want to be protected on more than their desktops. It is especially used in the manufacturing industry, yet not exclusi...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.