Try our new research platform with insights from 80,000+ expert users
reviewer1804125 - PeerSpot reviewer
Tech Lead Security at a comms service provider with 51-200 employees
Real User
Poor detection, lacking features, but simple installation
Pros and Cons
  • "The most valuable feature of Wazuh is the ELK for doing an investigation."
  • "Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."

What is our primary use case?

We are using Wazuh for our SOC environment. We are managing and monitoring our infrastructure using the Wazuh SIEM

What is most valuable?

The most valuable feature of Wazuh is the ELK for doing an investigation.  

What needs improvement?

Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions.

For how long have I used the solution?

I have been using Wazuh for approximately six months.

Buyer's Guide
Wazuh
November 2024
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.

What do I think about the stability of the solution?

Wazuh is a stable solution.

What do I think about the scalability of the solution?

I have found Wazuh to be scalable.

We have approximately six people using the solution. We plan to increase the usage of the solution.

How are customer service and support?

I have not used the support from Wazuh.

Which solution did I use previously and why did I switch?

I have used Splunk previously.

How was the initial setup?

The installation of Wazuh is simple.

What about the implementation team?

We did the implementation of the solution ourselves.

We have six technicians supporting the solution.

What's my experience with pricing, setup cost, and licensing?

There is not a license required for Wazuh.

What other advice do I have?

My advice to others is Wazuh is a good starter solution but there are other more advanced solutions on the market, such as Splunk which is an industry-level solution.

I rate Wazuh a five out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2342391 - PeerSpot reviewer
Security engineer at a tech services company with 51-200 employees
Real User
Top 5
A flexible solution that can be used for instant response, security operations, and compliance
Pros and Cons
  • "Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
  • "Wazuh should come up with more in-built rules and integrations for the cloud."

What is our primary use case?

We use Wazuh for internal testing, instant response, security operations, and compliance.

What is most valuable?

Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation.

What needs improvement?

At the moment, we haven't tried the cloud version yet. My customers are mostly into the cloud. Wazuh should come up with more in-built rules and integrations for the cloud.

For how long have I used the solution?

I have been using Wazuh for one year.

What do I think about the stability of the solution?

I rate Wazuh seven and a half out of ten for stability.

What do I think about the scalability of the solution?

Around 10 users are using the solution in our organization.

How was the initial setup?

For a technical and experienced person, the solution's initial setup is easy. The setup would be a little hard for a non-technical person with less experience.

What about the implementation team?

The initial implementation and configuration may take a maximum of one week.

What's my experience with pricing, setup cost, and licensing?

Wazuh is not an expensive solution.

What other advice do I have?

If correctly configured, Wazuh can support threat detection and response for SMBs. Wazuh is a good solution if you can implement, integrate, and fine-tune it in the right way.

Overall, I rate Wazuh an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Wazuh
November 2024
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
reviewer1785186 - PeerSpot reviewer
CBO at a security firm with 11-50 employees
Reseller
Offers good log monitoring and analysis tools
Pros and Cons
  • "The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
  • "I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."

What is most valuable?

The log monitoring and analysis tools are great in addition to SIEM file activity monitoring.

What needs improvement?

I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions.

For how long have I used the solution?

I have been working with this solution for about four months.

What do I think about the stability of the solution?

For mid-level customer, stability is okay.

What do I think about the scalability of the solution?

This is a scalable solution.

How are customer service and support?

Support needs to be purchased on an annual basis but the support required is excellent.

How was the initial setup?

The initial setup is rather complex and takes a few days to perform. 

What's my experience with pricing, setup cost, and licensing?

This is a very price sensitive product.

What other advice do I have?

No hardware is required for this solution but be prepared to purchase implementation support. I would rate this solution a six or seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
reviewer1593909 - PeerSpot reviewer
Chief Information Security Officer at a financial services firm with 501-1,000 employees
Real User
Stable with good MITRE ATT&CK correlation, but needs a better user interface
Pros and Cons
  • "The MITRE ATT&CK correlation is most valuable."
  • "Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."

What is our primary use case?

We collect logs in it, and then we correlate logs against the MITRE ATT&CK framework. We have configured some notifications.

What is most valuable?

The MITRE ATT&CK correlation is most valuable.

What needs improvement?

Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs.

For how long have I used the solution?

I have been using this solution for the last two years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

I am not sure about scalability. We have a total of seven users. Our department has two people, and there are five people from the IT department. We don't have any plans to increase its usage at this time.

How are customer service and technical support?

I didn't use their technical support.

How was the initial setup?

I was not involved in its installation. I am just using it.

What about the implementation team?

Other colleagues from the IT department handle its installation. 

What other advice do I have?

For our usage, I would rate Wazuh a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sandip_Patel - PeerSpot reviewer
Student at Dakota State University
Real User
Top 10
Evaluating robust file monitoring with insights for community support improvements
Pros and Cons
  • "Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
  • "Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
  • "An issue I noticed is with tag values in certain rules not functioning properly."
  • "An issue I noticed is with tag values in certain rules not functioning properly."

What is our primary use case?

I am currently evaluating and using Wazuh for file monitoring and compliance reporting. We are in the process of conducting a POC to understand how the rules work. I lead this effort to explore and evaluate Wazuh as part of my learning and work experience.

What is most valuable?

Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

What needs improvement?

I am investigating more about the community support for Wazuh. I can't provide a definitive answer yet. An issue I noticed is with tag values in certain rules not functioning properly. It's unclear if this is a design flaw or intentional. These are areas I'm still exploring.

For how long have I used the solution?

I have been using Wazuh for about seven months.

What do I think about the scalability of the solution?

Wazuh offers scaling options and is scalable from a mid to advanced level. However, I am still evaluating if it meets enterprise-scale requirements.

How are customer service and support?

The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Before Wazuh, we used market products for our needs. We are exploring other options due to Wazuh being open source.

How was the initial setup?

The initial setup of Wazuh was not complex once the requirements were understood. In a POC environment, setting up took about a day and a half.

What about the implementation team?

I am spearheading this POC effort. Once completed, more people will likely be involved.

What was our ROI?

There is high potential for ROI, especially for small to medium businesses comparing Wazuh to market solutions. Wazuh offers more cost-effective options without compromising on security.

What's my experience with pricing, setup cost, and licensing?

Since Wazuh is open source, the pricing for support could be applicable to medium-sized companies without much issue. However, I haven't fully explored what comes with this pricing.

Which other solutions did I evaluate?

We have looked into the Elastic Stack and haven't explored integrating it with Wazuh since Elastic Stack is no longer open source.

What other advice do I have?

I would recommend Wazuh. It's a valuable tool for security operations. On a scale of one to ten, I currently rate Wazuh as a six. I may rate it higher after more experience.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Wazuh Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Wazuh Report and get advice and tips from experienced pros sharing their opinions.