Try our new research platform with insights from 80,000+ expert users
Wazuh Logo

Wazuh pros and cons

Vendor: Wazuh
3.7 out of 5
Badge Leader
123 followers
Post review

Pros & Cons summary

Wazuh is valued for its integration with ELK and cloud-native infrastructure, offering features like MITRE ATT&CK correlation, log monitoring, and compliance reporting with PCI DSS and GDPR. Cost-effective and flexible, it enhances security and compliance management. However, its detection capabilities and limited scalability in on-premise environments pose challenges. The need for easier configurations and expanded cloud integration is evident. Lack of threat intelligence hampers rapid incident feedback.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Wazuh is appreciated for its MITRE ATT&CK correlation and ease of integration with various environments and applications.
It offers comprehensive log monitoring and analysis tools, enhancing security incident event management and file activity monitoring.
Wazuh's cost-effectiveness and open-source nature provide good value, allowing for extensive customizations and integrations.
It features robust compliance management capabilities, adhering to standards like PCI DSS and GDPR across multiple regions.
Wazuh is instrumental in managing security through features like file monitoring, compliance reporting, and enhanced detection and response capabilities.

CONS

Wazuh does not cover sources of events as comprehensively as Splunk, resulting in a painful integration process for some.
The lack of inbuilt threat intelligence is a significant gap, hindering real-time monitoring for Unix systems.
Wazuh has issues with scalability, especially in the on-prem version, due to Elastic DB constraints and open-source nature.
The customization and flexibility for integrating various plug-ins or modules into its core system are limited.
The technical support and configuration process of Wazuh are complex and time-consuming, requiring extensive research for effective implementation.
 

Wazuh Pros review quotes

MB
Dec 16, 2024
Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.
Read full review
Buyer's Guide
Wazuh
November 2024
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Wazuh offers an enhanced HDR version that outperforms its competitors.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems.
Read full review
NH
Jul 11, 2024
The solution is easy to maintain.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The product is easy to customize.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.
Read full review
MS
Jul 10, 2024
The product's initial setup phase was easy.
Read full review
Sulabh Khanal - PeerSpot reviewer
Nov 7, 2022
The deployment is easy and they provide very good documentation.
Read full review
Show 10 more reviews (out of 45)
 

Wazuh Cons review quotes

MB
Dec 16, 2024
The only challenge we faced with Wazuh was the lack of direct support.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
They could include flexibility and customization capabilities by modifying for customers based on partner agreements.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage.
Read full review
Buyer's Guide
Wazuh
November 2024
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
While it is scalable, it can suffer from reduced latencies.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions.
Read full review
NH
Jul 11, 2024
The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The tool does not provide CTI to monitor darknet.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh.
Read full review
MS
Jul 10, 2024
Wazuh currently fails to provide its users with AI and ML.
Read full review
Sulabh Khanal - PeerSpot reviewer
Nov 7, 2022
We would like to see more improvements on the cloud.
Read full review
Show 10 more reviews (out of 45)

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
Sumo Logic Security vs Wazuh Logo
Sumo Logic Security vs Wazuh
LogRhythm SIEM vs Wazuh Logo
LogRhythm SIEM vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Fortinet FortiAnalyzer vs Wazuh Logo
Fortinet FortiAnalyzer vs Wazuh
syslog-ng vs Wazuh Logo
syslog-ng vs Wazuh
Devo vs Wazuh Logo
Devo vs Wazuh
Amazon CloudWatch vs Wazuh Logo
Amazon CloudWatch vs Wazuh
See all alternatives

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
Sumo Logic Security vs Wazuh Logo
Sumo Logic Security vs Wazuh
LogRhythm SIEM vs Wazuh Logo
LogRhythm SIEM vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Fortinet FortiAnalyzer vs Wazuh Logo
Fortinet FortiAnalyzer vs Wazuh
syslog-ng vs Wazuh Logo
syslog-ng vs Wazuh
Devo vs Wazuh Logo
Devo vs Wazuh
Amazon CloudWatch vs Wazuh Logo
Amazon CloudWatch vs Wazuh
See all alternatives
Related questions
  • 475
What is the difference between SIEM and Next-Gen SIEM solutions?
  • 37
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 4,270
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 127
Which Windows event log monitoring tool do you recommend?
  • 370
What is the difference between log management and SIEM?
  • 43
Splunk vs. Elastic Stack
  • 77
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 435
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 67
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 13
When evaluating Log Management solutions, what aspects do you think are the most important to look for?