Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
7.4
Reviews Sentiment
6.6
Number of Reviews
45
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of January 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.9%, up from 0.7% compared to the previous year. The mindshare of Wazuh is 11.8%, up from 4.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Ivan Burke - PeerSpot reviewer
Provides effective incident response and investigation features
We also use Palo Alto's XDR, SentinelOne, Trend Micro, and quite a few others. SentinelOne is nice because you have a centralized dashboard. You just have a single instance and can manage all your clients from one central dashboard, which Cybereason currently lacks. It hinders our use case because we have to redeploy our rules. However, SentinelOne's search feature is slightly more limited than Cybereason's. SentinelOne's search feature is very restrictive, and they have a certain way you have to do it. If you don't follow that way, you're kind of stuck. The deployability is the same, and we have not had scalability issues. We don't work with a larger client. Our largest deployment was about 3,000 endpoints. Cybereason's tech support or the support engineer tends to be slightly better than SentinelOne's because there is no direct contact for support in our region. We usually have to reach out to either the European or the American branches for assistance. There's a bit of a time delay or something that happens. Those are the only major differences.
AKASH MAJUMDER - PeerSpot reviewer
Open-source platform with custom alerting
There are three key strengths of Wazuh that stand out to me. Firstly, Wazuh offers an enhanced HDR version that outperforms the Elastic Stack. Wazuh has achieved this by running a config or a sec in the background, which has improved the XBR for endpoint security significantly. Secondly, Wazuh comes with built-in frameworks, such as the NISC and ISO, that make it easy to comply with various industry standards. We didn't need to configure any custom frameworks for this, as Wazuh had it built in. Lastly, Wazuh has the ability to collect terabytes of data within seconds, which is a crucial feature for modern enterprises dealing with large amounts of data.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"The product’s interface is intuitive."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The configuration assessment and Pile integrity monitoring features are decent."
"We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Good for monitoring, active response, and for vulnerabilities."
 

Cons

"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Cybereason's customer support could be better."
"An issue I noticed is with tag values in certain rules not functioning properly."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"There could be a hardware monitoring tool for the solution."
"The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh."
"Wazuh currently fails to provide its users with AI and ML."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"The support channel is not optimal, and extensive research is required on our part to implement Wazuh effectively."
"Wazuh should come up with more in-built rules and integrations for the cloud."
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh has a community edition, and I was using that. It's free and open source."
"Wazuh is free and open source."
"The solution's cost is above the average."
"We use the free version of Wazuh."
"Wazuh is an open-source tool."
"The product is cheaper compared to other tools."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
830,455 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
24%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
8%
Computer Software Company
16%
Comms Service Provider
7%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
The one thing we sometimes have issues with is its integration with other security applications like antiviruses. We connect this solution to many companies, so we set up new custom rules for every...
What is your primary use case for Cybereason XDR?
We have mostly been using it to help us look into responses. We usually deploy it during the incident response scenarios, trying to find out what happened in an environment.
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
I am investigating more about the community support for Wazuh. I can't provide a definitive answer yet. An issue I noticed is with tag values in certain rules not functioning properly. It's unclear...
What is your primary use case for Wazuh?
I am currently evaluating and using Wazuh for file monitoring and compliance reporting. We are in the process of conducting a POC to understand how the rules work. I lead this effort to explore and...
 

Comparisons

 

Learn More

 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: December 2024.
830,455 professionals have used our research since 2012.