Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.7%, up from 0.5% compared to the previous year. The mindshare of Wazuh is 13.0%, up from 10.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Peter Nowak - PeerSpot reviewer
Integration of multiple firewalls enables advanced threat detection
The integration of data from firewalls and Active Directory is most valuable. Cybereason XDR facilitates two-way communication, where the firewall sends data to the Cybereason system, and it can communicate with the firewall to stop unwanted communication. Customers can deal with multiple types of firewalls with ease. The behavioral analytics help detect advanced threats when attackers use existing software. The multilayered protection approach, including NGAV, integrates XDR detection with antivirus to assess and counter threats effectively.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has an investigation feature, which is useful for building storylines."
"The integration of data from firewalls and Active Directory is most valuable."
"Cybereason XDR's most useful feature is the investigation."
"The integration of data from firewalls and Active Directory is most valuable."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"It has efficient SCA capabilities."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"It offers built-in modules for file integrity and vulnerability management."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"The most valuable features are the modules and metrics."
 

Cons

"There could be more integrations with other data sources like NDR systems."
"Customer service is rated as a five out of ten. When they work and reach the right level, they are helpful, but getting to the right person can be time-consuming."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Cybereason's customer support could be better."
"A lack of certain features creates limitations."
"Wazuh is missing many things that a typical SIEM should have."
"Its configuration process is time-consuming."
"I want more support for regional compliance standards to serve my ANZ region customers better."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"The tool does not provide CTI to monitor darknet."
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"The current pricing is open source."
"They have a good pricing strategy for market expansion."
"The solution's pricing is very competitive."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"It is a free-of-cost solution."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Manufacturing Company
13%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
There could be more integrations with other data sources like NDR systems. Additionally, technical support has been slow in recent times. Enabling multifactor authentication has been problematic fo...
What is your primary use case for Cybereason XDR?
I use Cybereason XDR for customers who don't have a SOC or managed SOC yet and want to be protected on more than their desktops. It is especially used in the manufacturing industry, yet not exclusi...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.