Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. The mindshare of Wazuh is 14.3%, down from 14.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The most valuable feature is auto-discovery. When you send logs from any device to port 514, it helps register those devices automatically."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"The most valuable feature is the ability to view all the network events on a single pane and find the point of contact or point of the incident."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"It is used as an alerting platform."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Technical support is helpful."
"It has efficient SCA capabilities."
"Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Its cost-effectiveness is the most valuable aspect."
"Regarding Wazuh, I find the SCA (Security Configuration Assessment) features most valuable. It's crucial for asset management and inventory, allowing us to monitorendpoints and servers' changes easily. This is particularly important for my customers, who aren't heavily focused on incident response but rely on asset management and inventories. Wazuh's compliance management features are very supportive, especially in regions like the Americas and Europe. However, it's less effective in the ANZ (Australia and New Zealand) region since Wazuh doesn't cater to the specific compliance standards there, such as those required in Australia. I appreciate that Wazuh fully complies with PCI DSS and GDPR standards, allowing us to generate necessary reports."
"Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
"It's stable."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
 

Cons

"Not very good on non-API features, lacks that functionality."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"The biggest thing that could be better is a quicker response to support cases."
"FortiSIEM could be better integrated with other vendors."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"The tool's technical team's response time is too high, and they are not available even when they know that there are many pending issues."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"The tool doesn't detect anomalies or new environments."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"An issue I noticed is with tag values in certain rules not functioning properly."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"We would like to see more improvements on the cloud."
 

Pricing and Cost Advice

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"Please be cheaper and more simplified."
"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."
"Manageable, however would be better as pay as you go versus CapEX."
"The price is competitive."
"This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
"We pay for a license for FortiSIEM. We pay for the license and renewal."
"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"My client uses the open-source version of Wazuh."
"The current pricing is open source."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"It is an open-source product."
"It is a cost-effective solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Also Known As

FortiSIEM, AccelOps
No data available
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Information Not Available
Find out what your peers are saying about Fortinet FortiSIEM vs. Wazuh and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.