Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

Cybereason and Wazuh are both solutions in the Extended Detection and Response (XDR) category. Cybereason is ranked #22 with an average rating of 8.5, while Wazuh is ranked #4 with an average rating of 7.7. Cybereason holds a 0.9% mindshare in XDR, compared to Wazuh’s 11.2% mindshare. Additionally, 100% of Cybereason users are willing to recommend the solution, compared to 78% of Wazuh users who would recommend it.
Cybereason XDR
Read 2 Cybereason XDR reviews
  • 1,530 Views
  • 479 Comparison Views
100% willing to recommend
Wazuh
Read 43 Wazuh reviews
  • 15,448 Views
  • 8,999 Comparison Views
78% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Cybereason XDR and Wazuh are two security platforms in the advanced detection and response category. Cybereason XDR seems to have an advantage in customer support and pricing satisfaction, while Wazuh offers strong feature sets.

Features: Cybereason XDR offers advanced threat detection, automation capabilities, and robust analytics for detailed threat intelligence. Wazuh provides open-source flexibility with comprehensive integration capabilities and is highly customizable, which allows for tailored security solutions.

Room for Improvement: Cybereason XDR could improve its third-party tool integration and expand custom reporting options. Wazuh users note the need for better documentation, enhanced user support, and smoother troubleshooting for complex configurations.

Ease of Deployment and Customer Service: Cybereason XDR offers seamless deployment with proactive customer support for a smooth onboarding process. Wazuh is more self-service, relying heavily on community support for setup and troubleshooting.

Pricing and ROI: Cybereason XDR has a higher price but provides a comprehensive support and feature set, leading to positive ROI. Wazuh, being open-source, has lower initial costs, but customization needs and limited support potentially affect overall ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason XDR vs. Wazuh Report (Updated: October 2024).
Buyer's Guide
Cybereason XDR vs. Wazuh
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
43
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (3rd)
 

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.9%, up from 0.6% compared to the previous year. The mindshare of Wazuh is 11.2%, up from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Ivan Burke - PeerSpot reviewer
Sep 11, 2023
Provides effective incident response and investigation features
We also use Palo Alto's XDR, SentinelOne, Trend Micro, and quite a few others. SentinelOne is nice because you have a centralized dashboard. You just have a single instance and can manage all your clients from one central dashboard, which Cybereason currently lacks. It hinders our use case because we have to redeploy our rules. However, SentinelOne's search feature is slightly more limited than Cybereason's. SentinelOne's search feature is very restrictive, and they have a certain way you have to do it. If you don't follow that way, you're kind of stuck. The deployability is the same, and we have not had scalability issues. We don't work with a larger client. Our largest deployment was about 3,000 endpoints. Cybereason's tech support or the support engineer tends to be slightly better than SentinelOne's because there is no direct contact for support in our region. We usually have to reach out to either the European or the American branches for assistance. There's a bit of a time delay or something that happens. Those are the only major differences.
Read full review
SyedAli17 - PeerSpot reviewer
Sep 25, 2023
Has excellent scalability when deployed on Azure
We primarily use Wazuh for internal security monitoring to ensure the safety of our organization's internal systems. We have two specific requirements: first, we use it to monitor our internal operations, which is essential for general security purposes. Second, we rely on Wazuh to manage the…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has an investigation feature, which is useful for building storylines."
"Cybereason XDR's most useful feature is the investigation."
"The most valuable feature of Wazuh is its EDR capabilities."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"It's stable."
"Regarding Wazuh, I find the SCA (Security Configuration Assessment) features most valuable. It's crucial for asset management and inventory, allowing us to monitorendpoints and servers' changes easily. This is particularly important for my customers, who aren't heavily focused on incident response but rely on asset management and inventories. Wazuh's compliance management features are very supportive, especially in regions like the Americas and Europe. However, it's less effective in the ANZ (Australia and New Zealand) region since Wazuh doesn't cater to the specific compliance standards there, such as those required in Australia. I appreciate that Wazuh fully complies with PCI DSS and GDPR standards, allowing us to generate necessary reports."
"The product's initial setup phase was easy."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
More Wazuh pros
 

Cons

"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Cybereason's customer support could be better."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Its configuration process is time-consuming."
"We would like to see more improvements on the cloud."
"The deployment is a bit complex."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
More Wazuh cons
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"There is not a license required for Wazuh."
"Wazuh is a cheaply priced product."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"Wazuh is free and open source."
"The solution's pricing is very competitive."
"It is an open-source product."
"The solution's cost is above the average."
More Wazuh pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
8%
Computer Software Company
16%
University
7%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
See all answers
What needs improvement with Cybereason XDR?
The one thing we sometimes have issues with is its integration with other security applications like antiviruses. We connect this solution to many companies, so we set up new custom rules for every...
See all answers
What is your primary use case for Cybereason XDR?
We have mostly been using it to help us look into responses. We usually deploy it during the incident response scenarios, trying to find out what happened in an environment.
See all answers
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
See all answers
What needs improvement with Wazuh?
Wazuh doesn't have native support for some enterprise solutions. It requires an agent installed on the server, whether Windows Server or Linux, to collect logs. While you can gather information via...
See all answers
What is your primary use case for Wazuh?
My company specializes in providing SIEM as a service. We leverage Wazoo for that. Since Wazoo is open-source, I hosted it on Azure. We provide Wazuh as a service to our customers. Currently, we ha...
See all answers
 

Comparisons

Microsoft Defender XDR vs Cybereason XDR Logo
Microsoft Defender XDR vs Cybereason XDR
Compared 21% of the time
Cortex XDR by Palo Alto Networks vs Cybereason XDR Logo
Cortex XDR by Palo Alto Networks vs Cybereason XDR
Compared 13% of the time
Cynet vs Cybereason XDR Logo
Cynet vs Cybereason XDR
Compared 9% of the time
TEHTRIS XDR vs Cybereason XDR Logo
TEHTRIS XDR vs Cybereason XDR
Compared 8% of the time
More Cybereason XDR Competitors
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 16% of the time
AlienVault OSSIM vs Wazuh Logo
AlienVault OSSIM vs Wazuh
Compared 10% of the time
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 9% of the time
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Compared 7% of the time
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Compared 6% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
Extended Detection and Response (XDR)
October 2024
Cybereason XDR reportDownload Cybereason XDR product report
Buyer's Guide
Wazuh
October 2024
Wazuh reportDownload Wazuh product report
 

Learn More

Cybereason
Wazuh
 

Overview

Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, and managed monitoring services. Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries.

Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

  • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
  • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
  • Elastic Stack is where alerts are indexed and stored.

Wazuh Capabilities

Some of Wazuh’s most notable capabilities include:

  • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

  • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

  • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

  • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

  • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
  • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

  • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

  • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

  • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

Wazuh Benefits

Some of the most valued benefits of Wazuh include:

  • No vendor lock-in
  • No license costs
  • Uses lightweight, multi-platform agents
  • Free community support

Wazuh Offers

  • Annual support and maintenance
  • Assistance with deployment and configuration
  • Training and instructional hands-on courses

Reviews From Real Users

"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Buyer's Guide
Cybereason XDR vs. Wazuh
October 2024
Free Report: Cybereason XDR vs. Wazuh
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our Cybereason XDR vs. Wazuh report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.