Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
73
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.1%, up from 3.0% compared to the previous year. The mindshare of Wazuh is 14.3%, down from 14.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"The Threat Hunting feature provides complete traffic analysis."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"FortiSIEM is a great tool for making security processes transparent."
"The stability is very reliable. It offers very good performance."
"It is a stable solution."
"It's stable."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"The most valuable features are the modules and metrics."
"Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
"It allows you to aggregate all your logs in one place and provides a unified view to monitor your security environment."
"Good for monitoring, active response, and for vulnerabilities."
 

Cons

"The graphs on the user interface could be improved as we often experience glitches."
"There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore."
"The backup and recovery process for this solution needs improvement."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Patching is not great - we're not getting the support we'd expect."
"FortiSIEM is a bit resource-hungry, so work should be done on hardware resource utilization to consume less hardware."
"Customer support service could be better."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Since it's an open-source tool, scalability is the main issue."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"Some features, like alerting, are complex with Wazuh."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
"The tool does not provide CTI to monitor darknet."
"It would be great if there could be customization for the decoder portion."
"Wazuh currently fails to provide its users with AI and ML."
 

Pricing and Cost Advice

"Fortinet FortiSIEM is cheaper compared to other products."
"Manageable, however would be better as pay as you go versus CapEX."
"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"The tool is really expensive. For what the tool does for our team, the price is fair."
"Pricing is determined based on the customer's budget."
"The price of Fortinet FortiSIEM was reasonable compared to other solutions."
"Fortinet FortiSIEM is not an expensive solution."
"They have a yearly subscription."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"Wazuh is a cheaply priced product."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"Wazuh is not an expensive solution."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"It is a cost-effective solution."
"Wazuh is an open-source tool."
"The solution's pricing is very competitive."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Government
7%
Comms Service Provider
7%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite...
What needs improvement with Fortinet FortiSIEM?
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a ...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Also Known As

FortiSIEM, AccelOps
No data available
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Information Not Available
Find out what your peers are saying about Fortinet FortiSIEM vs. Wazuh and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.