Wazuh Reviews

We are using Wazuh for our SOC environment. We are managing and monitoring our infrastructure using the Wazuh SIEM

The most valuable feature of Wazuh is the ELK for doing an investigation.  

Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions.

I have been using Wazuh for approximately six months.

Wazuh is a stable solution.

I have found Wazuh to be scalable.

We have approximately six people using the solution. We plan to increase the usage of the solution.

I have not used the support from Wazuh.

I have used Splunk previously.

The installation of Wazuh is simple.

We did the implementation of the solution ourselves.

We have six technicians supporting the solution.

There is not a license required for Wazuh.

My advice to others is Wazuh is a good starter solution but there are other more advanced solutions on the market, such as Splunk which is an industry-level solution.

I rate Wazuh a five out of ten.

We use Wazuh for internal testing, instant response, security operations, and compliance.

Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation.

At the moment, we haven't tried the cloud version yet. My customers are mostly into the cloud. Wazuh should come up with more in-built rules and integrations for the cloud.

I have been using Wazuh for one year.

I rate Wazuh seven and a half out of ten for stability.

Around 10 users are using the solution in our organization.

For a technical and experienced person, the solution's initial setup is easy. The setup would be a little hard for a non-technical person with less experience.

The initial implementation and configuration may take a maximum of one week.

Wazuh is not an expensive solution.

If correctly configured, Wazuh can support threat detection and response for SMBs. Wazuh is a good solution if you can implement, integrate, and fine-tune it in the right way.

Overall, I rate Wazuh an eight out of ten.

The log monitoring and analysis tools are great in addition to SIEM file activity monitoring.

I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions.

I have been working with this solution for about four months.

For mid-level customer, stability is okay.

This is a scalable solution.

Support needs to be purchased on an annual basis but the support required is excellent.

The initial setup is rather complex and takes a few days to perform. 

This is a very price sensitive product.

No hardware is required for this solution but be prepared to purchase implementation support. I would rate this solution a six or seven out of ten.

We collect logs in it, and then we correlate logs against the MITRE ATT&CK framework. We have configured some notifications.

The MITRE ATT&CK correlation is most valuable.

Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs.

I have been using this solution for the last two years.

It is stable.

I am not sure about scalability. We have a total of seven users. Our department has two people, and there are five people from the IT department. We don't have any plans to increase its usage at this time.

I didn't use their technical support.

I was not involved in its installation. I am just using it.

Other colleagues from the IT department handle its installation. 

For our usage, I would rate Wazuh a six out of ten.