Try our new research platform with insights from 80,000+ expert users
Wazuh Logo

Wazuh pros and cons

Vendor: Wazuh
3.7 out of 5
Badge Ranked 1
140 followers
Start review

Pros & Cons summary

Wazuh integrates easily but requires enhancements in detection, scalability, and cloud support. Its robust ELK investigation and cost-effective implementation are notable, yet it lacks threat intelligence feeds and AI capabilities. Wazuh's compliance management excels with PCI DSS and GDPR standards, although regional support is missing. Essential features include syscheck and vulnerability resolution, but integration options need expansion. Despite its open-source nature, Wazuh's on-premises scalability and feature set require further development for competitive edge.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

MITRE ATT&CK correlation and easy integration make Wazuh valuable for combining with other environments, cloud applications, and on-premises applications.
Wazuh offers strong features like ELK for investigations, vulnerability scanning, host-based intrusion detection, and file integrity monitoring, integrating seamlessly with AWS cloud-native services.
Its open-source nature allows for cost-effective, customizable security solutions that include compliance with PCI DSS and GDPR standards and efficient SCA capabilities.
Valuable features include scalability on platforms like Azure and built-in capabilities for malware detection, inventory management, and vulnerability management, bolstered by machine learning data handling.
The platform provides comprehensive compliance management and is recognized for its enhanced HDR version, built-in rules, and ability to define custom rules for detecting malicious activities.

CONS

Wazuh struggles with real-time monitoring, especially for Unix systems, and lacks a comprehensive threat intelligence integration, requiring users to seek out external intelligence for incident handling.
Wazuh's configuration and deployment processes are notably complex, proving to be time-consuming and challenging for integration, requiring significant manual setup and expertise.
Scalability is a recurring issue with Wazuh, particularly with the on-premise version, constraining its ability to manage a high volume of logs effectively and efficiently.
Technical support from Wazuh is often not optimal, with slow response times and insufficient assistance, which places a burden on users to conduct extensive independent research for effective implementation.
Wazuh lacks some critical features such as native support for enterprise solutions, comprehensive reporting mechanisms, and AI capabilities, which are essential for enhancing its functionality and meeting enterprise demands.
 

Wazuh Pros review quotes

MB
Dec 16, 2024
Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.
Read full review
Buyer's Guide
Wazuh
March 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
DOWNLOAD NOW
842,296 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Wazuh offers an enhanced HDR version that outperforms its competitors.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems.
Read full review
NH
Jul 11, 2024
The solution is easy to maintain.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The product is easy to customize.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.
Read full review
MS
Jul 10, 2024
The product's initial setup phase was easy.
Read full review
Sulabh Khanal - PeerSpot reviewer
Nov 7, 2022
The deployment is easy and they provide very good documentation.
Read full review
Show 10 more reviews (out of 46)
 

Wazuh Cons review quotes

MB
Dec 16, 2024
The only challenge we faced with Wazuh was the lack of direct support.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
They could include flexibility and customization capabilities by modifying for customers based on partner agreements.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage.
Read full review
Buyer's Guide
Wazuh
March 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
DOWNLOAD NOW
842,296 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
While it is scalable, it can suffer from reduced latencies.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions.
Read full review
NH
Jul 11, 2024
The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The tool does not provide CTI to monitor darknet.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh.
Read full review
MS
Jul 10, 2024
Wazuh currently fails to provide its users with AI and ML.
Read full review
Sulabh Khanal - PeerSpot reviewer
Nov 7, 2022
We would like to see more improvements on the cloud.
Read full review
Show 10 more reviews (out of 46)

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
LogRhythm SIEM vs Wazuh Logo
LogRhythm SIEM vs Wazuh
Sumo Logic Security vs Wazuh Logo
Sumo Logic Security vs Wazuh
Fortinet FortiAnalyzer vs Wazuh Logo
Fortinet FortiAnalyzer vs Wazuh
syslog-ng vs Wazuh Logo
syslog-ng vs Wazuh
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Amazon CloudWatch vs Wazuh Logo
Amazon CloudWatch vs Wazuh
See all alternatives

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
LogRhythm SIEM vs Wazuh Logo
LogRhythm SIEM vs Wazuh
Sumo Logic Security vs Wazuh Logo
Sumo Logic Security vs Wazuh
Fortinet FortiAnalyzer vs Wazuh Logo
Fortinet FortiAnalyzer vs Wazuh
syslog-ng vs Wazuh Logo
syslog-ng vs Wazuh
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Amazon CloudWatch vs Wazuh Logo
Amazon CloudWatch vs Wazuh
See all alternatives
Related questions
  • 464
What is the difference between SIEM and Next-Gen SIEM solutions?
  • 31
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 3,078
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 74
Which Windows event log monitoring tool do you recommend?
  • 263
What is the difference between log management and SIEM?
  • 40
Splunk vs. Elastic Stack
  • 39
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 353
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 103
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 13
When evaluating Log Management solutions, what aspects do you think are the most important to look for?