Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
No sentiment score available
Wazuh's customer service is highly rated, with excellent paid support and active community forums for troubleshooting assistance.
We use the open-source version of Wazuh, which does not provide paid support.
 

Room For Improvement

No sentiment score available
Sentiment score
5.1
Wazuh's interface is complex, lacking integration, scalability, AI capabilities, and requires better support, efficiency, and automated features.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
 

Scalability Issues

No sentiment score available
Sentiment score
7.1
Wazuh's scalability is mixed, requiring technical expertise, with feedback ranging from four to ten, noting resource challenges.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
 

Setup Cost

No sentiment score available
No sentiment score available
Wazuh is cost-effective but includes support and infrastructure expenses, appealing to smaller organizations despite scalability limitations.
Totaling around two lakh Indian rupees per month.
 

Stability Issues

No sentiment score available
Sentiment score
7.2
Wazuh is generally stable with minor glitches, suitable for small to mid-level businesses, often affected by configuration issues.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
 

Valuable Features

No sentiment score available
Sentiment score
7.9
Wazuh provides cost-effective, open-source security with integration, compliance, monitoring, and vulnerability assessment for diverse systems and platforms.
We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh.
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
7.4
Reviews Sentiment
6.5
Number of Reviews
44
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (3rd)
 

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.9%, up from 0.6% compared to the previous year. The mindshare of Wazuh is 11.2%, up from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Ivan Burke - PeerSpot reviewer
Provides effective incident response and investigation features
We also use Palo Alto's XDR, SentinelOne, Trend Micro, and quite a few others. SentinelOne is nice because you have a centralized dashboard. You just have a single instance and can manage all your clients from one central dashboard, which Cybereason currently lacks. It hinders our use case because we have to redeploy our rules. However, SentinelOne's search feature is slightly more limited than Cybereason's. SentinelOne's search feature is very restrictive, and they have a certain way you have to do it. If you don't follow that way, you're kind of stuck. The deployability is the same, and we have not had scalability issues. We don't work with a larger client. Our largest deployment was about 3,000 endpoints. Cybereason's tech support or the support engineer tends to be slightly better than SentinelOne's because there is no direct contact for support in our region. We usually have to reach out to either the European or the American branches for assistance. There's a bit of a time delay or something that happens. Those are the only major differences.
Vikrant Puranik - PeerSpot reviewer
It integrates seamlessly with AWS cloud-native services
I worked with Splunk, Curator, ArcSight, and some legacy solutions that no longer exist. They became obsolete or transitioned to a different product. Cost-effectiveness was one reason we switched. We had to decide whether to spend $500,000 on a commercial product or rely on our skills to deploy an open-source solution. The big difference between Wazuh and other solutions is maturity and customization. Wazuh's scalability and out-of-the-box functionality are slightly lagging behind, but Wazuh has improved a lot since the first time we saw it. Others have more search capabilities, whereas Wazuh depends on Elasticsearch. Searching is a bit slower in Wazuh.
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
23%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
8%
Computer Software Company
16%
University
7%
Comms Service Provider
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
The one thing we sometimes have issues with is its integration with other security applications like antiviruses. We connect this solution to many companies, so we set up new custom rules for every...
What is your primary use case for Cybereason XDR?
We have mostly been using it to help us look into responses. We usually deploy it during the incident response scenarios, trying to find out what happened in an environment.
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
The latest version, 4.9, has improved the interface significantly. I am yet to explore more about the update to identify further areas for improvement. So far, the recent updates have addressed mos...
What is your primary use case for Wazuh?
We use Wazuh for our Security Information and Event Management (SIEM) needs. It serves as a log aggregator and provides us the capability to monitor our servers for brute force attacks and other se...
 

Comparisons

 

Learn More

 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.