# Wazuh Reviews **Vendor:** Wazuh Inc. **Category:** [Endpoint Detection & Response (EDR) Software](https://www.g2.com/categories/endpoint-detection-response-edr) **Average Rating:** 4.5/5.0 **Total Reviews:** 67 ## About Wazuh Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh, with over 30 million downloads per year, has one of the largest open-source security communities in the world. Wazuh helps organizations of all sizes protect their data assets against security threats. Learn more about the project at wazuh.com ## Wazuh Pros & Cons **What users like:** - Users find Wazuh's **ease of use** remarkable, with a simple learning curve that enhances user experience. (3 reviews) - Users appreciate the **affordability** of Wazuh, enjoying enterprise-level security without the high costs of licensing. (2 reviews) - Users value Wazuh for its **enhanced visibility and control** over security events across their entire infrastructure. (1 reviews) - Users value the **easy management** of Wazuh, benefiting from its cost-effective open-source nature and extensive resources. (1 reviews) - Users find the **easy setup** of Wazuh beneficial, enabling a quick and efficient deployment process. (1 reviews) - Experience Satisfaction (1 reviews) - Users find the **implementation ease** of Wazuh impressive, facilitating quick deployment and efficient monitoring. (1 reviews) - Log Management (1 reviews) - Management Ease (1 reviews) - Monitoring (1 reviews) **What users dislike:** - Users find the **complex interface** challenging, particularly for new users during setup and configuration. (2 reviews) - Users find the **not user-friendly interface** of Wazuh challenging, especially during setup and configuration adjustments. (2 reviews) - Users find the **complicated implementation** of Wazuh's on-prem console to be a significant challenge. (1 reviews) - Users find the **difficult learning** curve challenging, particularly with initial setup and complex configurations in Wazuh. (1 reviews) - Users face a **difficult setup** process with a steep learning curve and lack of intuitive guidance for configurations. (1 reviews) - Integration Issues (1 reviews) - Learning Curve (1 reviews) - Limited Integration (1 reviews) - Not Intuitive (1 reviews) - Rules Management (1 reviews) ## Wazuh Reviews ### 1. Powerful Open-Source On-Prem Security Monitoring with Easy Integration **Rating:** 4.5/5.0 stars **Reviewed by:** Yogesh G. | Linux Administrator, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** January 27, 2026 **What do you like best about Wazuh?** It’s an open-source platform that’s easy to install in an on-prem environment. I can easily create rules and decoders for custom logs, and the integrations are straightforward to set up. It also provides excellent tools for log analysis, vulnerability detection, FIM, threat detection, compliance management, and incident management. Deploying the agent across multiple hosts is simple via the command line. Wazuh supports real-time monitoring of system logs and configuration, with automated alerts and VM detection. The documentation is also well maintained. **What do you dislike about Wazuh?** It’s very difficult for new users to learn and get started with. It also uses a lot of resources when working with large data. Sometimes, it causes problems when upgrading to a newer version. **What problems is Wazuh solving and how is that benefiting you?** We are using Wazuh for file integrity monitoring, and the results for this purpose have been exceptional. You don’t need to spend any money if you want to try it. It also comes with many dashboards where you can view the number of vulnerabilities on the agents, agent syslogs, and other useful insights, and you can create a custom dashboard as well. ### 2. Wazuh: FREE - Powerful, Customizable Security Monitoring with Smart Alerts **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Networking | Small-Business (50 or fewer emp.) **Reviewed Date:** March 12, 2026 **What do you like best about Wazuh?** Wazuh helps keep all your computers and servers safe by watching for bad behavior, checking for weaknesses, and sending alerts when something suspicious happens. It’s free, open, and can be customized to fit any setup, from small networks to large companies. **What do you dislike about Wazuh?** Some common drawbacks of Wazuh are that it can be complex to set up and configure, especially for large environments, and managing rules, alerts, and integrations can require significant time and expertise. Additionally, its UI and reporting features are less polished compared to some commercial alternatives, which can make monitoring at scale more cumbersome. **What problems is Wazuh solving and how is that benefiting you?** Wazuh detects security threats, monitors system activity, and checks for vulnerabilities, helping prevent breaches and maintain compliance. This benefits you by giving real-time alerts, centralized visibility, and actionable insights, so you can respond quickly to issues and keep your environment secure without manually checking each system. ### 3. Open-Source Security Platform with Strong Visibility and Control **Rating:** 5.0/5.0 stars **Reviewed by:** Ayush G. | Customer Success Engineer, Computer & Network Security, Small-Business (50 or fewer emp.) **Reviewed Date:** January 29, 2026 **What do you like best about Wazuh?** Wazuh is the level of visibility and control it provides over security events across the entire infrastructure. The real-time threat detection, log analysis, and compliance monitoring are very powerful for an open-source platform. It delivers enterprise-level security capabilities without high licensing costs. **What do you dislike about Wazuh?** The main drawback is the steep learning curve, especially for new users during initial setup and tuning. Some configurations and rule customizations can be time-consuming, and the UI could be more intuitive. Better guided setup and clearer documentation for advanced use cases would help a lot. **What problems is Wazuh solving and how is that benefiting you?** I use Wazuh for centralized security monitoring and threat detection, solving fragmented security visibility by centralizing logs. It helps us quickly detect threats and compliance issues, improving security posture without multiple tools. ### 4. A Very Good, Fully Open-Source SIEM **Rating:** 4.0/5.0 stars **Reviewed by:** Gibrain S. | information security engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** May 05, 2026 **What do you like best about Wazuh?** which is a very good SIEM and is completely open source **What do you dislike about Wazuh?** that in order for it to work optimally, you need to spend a lot of time fine-tuning the settings **What problems is Wazuh solving and how is that benefiting you?** traceability of connections, access, and specific file usage; vulnerability detection; and integration with various technologies ### 5. Free, Open-Source, and User-Friendly SIEM for SMB **Rating:** 4.5/5.0 stars **Reviewed by:** naty d. | Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 26, 2026 **What do you like best about Wazuh?** The main reasons that i like about wazuh is being free and opensouce, having simpler learning curve and ease of use, it is user friendly and best choice for small scale companies **What do you dislike about Wazuh?** In my openion the down side of wazuh is it is difficult to integrate it with 3rd party solutions, and don't have built in plugins to do so compared to other SIEMs in the ecosystem. **What problems is Wazuh solving and how is that benefiting you?** The main problem that i used to tackel wazuh is endpoint security and log coorelation/normalization. i have deployed the agent in all of our company assets and able to analyze logs, better visibility regarding security events and much more. ### 6. Wazuh Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Parth R. | Cyber Security Intern, Small-Business (50 or fewer emp.) **Reviewed Date:** May 14, 2026 **What do you like best about Wazuh?** We can see all the different types by adding a field, which makes it easier to use. **What do you dislike about Wazuh?** Many times the dashboard gets disconnected, and the logs come in with a delay. Also, there is no option for a normal user to switch the theme. **What problems is Wazuh solving and how is that benefiting you?** It’s easy to configure, and I appreciate that it’s free and open source. ### 7. It is an inexpensive tool that has a lot of capabilities. **Rating:** 4.5/5.0 stars **Reviewed by:** Matthew C. | Information Security Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** July 29, 2025 **What do you like best about Wazuh?** It does not cost me anything. The agents that are installed are preconfigured to look at specific details of my end points. It can ID out of date patches on all major applications. It identifies certain items that have CVE's associated with them. I can custom query anything. It was pretty easy to roll out. My organization does not use PowerShell on typical endpoints, so we have to use kind of a modified .msi to roll out updates. **What do you dislike about Wazuh?** It cannot push end point agent updates without a paid subscription. Setting up the user roles is a little tough - it is very convoluted and hard to follow the process. **What problems is Wazuh solving and how is that benefiting you?** It allows me to easily see activity per end point for at least 30 days at a time. It is not a full XDR/MDR platform for me - I use it to gather information daily. I could use it to find files or other end point actions if needed. ### 8. Cost-Saving Open Source, Easy to Implement—But Comes with Risk **Rating:** 3.5/5.0 stars **Reviewed by:** Bartłomiej P. | System Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** January 23, 2026 **What do you like best about Wazuh?** Reduce costs with open source product. Popularity - a lot informations and big KB. Easy to management. **What do you dislike about Wazuh?** Opensource is always a risk. Complicated implementation on-prem console. **What problems is Wazuh solving and how is that benefiting you?** Practice wizard to implementation on-prem server. ### 9. Efficient and Comprehensive Security Monitoring with Wazuh SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Mohd Bilal K. | Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** June 24, 2024 **What do you like best about Wazuh?** Wazuh SIEM stands out as an exceptional security solution that combines powerful threat detection with extensive monitoring capabilities. As a user, I am particularly impressed by its ability to integrate seamlessly with various data sources, providing a holistic view of our security posture. The platform’s ability to process and analyze large volumes of data in real-time has significantly enhanced our incident response capabilities **What do you dislike about Wazuh?** While Wazuh SIEM is robust, the initial setup and configuration can be somewhat complex, especially for users without extensive SIEM experience. The documentation is detailed but could benefit from more examples and clearer step-by-step instructions for common use cases. Additionally, the learning curve can be steep for new users, and more interactive tutorials or guided setups would be beneficial. **What problems is Wazuh solving and how is that benefiting you?** Wazuh SIEM has significantly bolstered our security operations by providing real-time visibility and automated threat detection across our infrastructure. Its ability to correlate events from various sources and provide actionable insights has been invaluable. ### 10. Great product with a lot to Offer **Rating:** 5.0/5.0 stars **Reviewed by:** Yuri K. | CEO, Small-Business (50 or fewer emp.) **Reviewed Date:** May 29, 2024 **What do you like best about Wazuh?** Great open source, free Security Operation Center for small and mid-size businesses. Very easy and fast deployment. Real-time monitoring of the connected endpoints. It integrates very well on the Windows and Linux platforms. If you need to make sure that your organization is HIPAA compliant, this tool will help you to verify your compliance in a few fast clicks **What do you dislike about Wazuh?** The main dashboard is a little incomplete. Wazuh would greatly benefit from the implementation of aggregation issues (per issue). Currently, admin has to hope from endpoint to endpoint screen to see problematic areas **What problems is Wazuh solving and how is that benefiting you?** Wazuh is a complete, out-of-the-box SOC solution for small and mid-size business concerned about their cybersecurity ### 11. Wazuh is the Best open source security platform. **Rating:** 5.0/5.0 stars **Reviewed by:** Yash U. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 19, 2024 **What do you like best about Wazuh?** "Wazuh - The Open Source Security Platform" is an impressive tool that offers comprehensive security solutions for both small-scale and enterprise-level environments. As an open-source platform, it provides users with the flexibility to tailor security measures according to their specific needs without the constraints of proprietary software. Wazuh stands out as a powerful open-source security platform that effectively addresses modern cybersecurity challenges. Its comprehensive features, scalability, and active community support make it a valuable asset for organizations seeking robust protection against evolving threats. **What do you dislike about Wazuh?** At this point of time i dont find any downside of wazuh. **What problems is Wazuh solving and how is that benefiting you?** •File Integrity Monitoring: Wazuh monitors file integrity on endpoints, continuously verifying the integrity of critical system files and configurations. Any unauthorized modifications or tampering attempts trigger alerts, allowing administrators to investigate and remediate potential security breaches promptly. • Log Analysis and Correlation: Wazuh aggregates and correlates endpoint logs with data from other sources, such as network traffic and system events. This holistic view of security data enables comprehensive threat detection and enhances the accuracy of incident analysis, helping organizations identify sophisticated threats that may span multiple endpoints. • Active Response: Wazuh’s active response capabilities allow for automated responses to security incidents at the endpoint level. In addition to alerting administrators, Wazuh can execute predefined response actions, such as isolating compromised endpoints, blocking malicious processes, or quarantining suspicious​⬤ ### 12. Good incident and events managment tool **Rating:** 4.0/5.0 stars **Reviewed by:** Falgun U. | Developer, Small-Business (50 or fewer emp.) **Reviewed Date:** March 18, 2024 **What do you like best about Wazuh?** -Wazuh is opensource and free to use -Easily scalable -Can run in standalone server as well as in cluster mode -Has great agent functioality -Easy to onboard multiple data sources -Supports 3rd party integrations for alerts and communications **What do you dislike about Wazuh?** -I can not think of anything to dislike about except it may be reaource consuming sometimes **What problems is Wazuh solving and how is that benefiting you?** wazuh is SIEM tool as well as it has great EDR support which helps in endopint monitoring, active response also allows to run custom commands on agent. It supports windows, linux as well as macos that makes it very easy to manage all kinds of devices. ### 13. A powerful open source HIDS and SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Lorenzo M. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 02, 2024 **What do you like best about Wazuh?** Relatively easy to implement, needs a bit of time for proper configuration and management. It is a turnkey SIEM solution if you can deploy agents to all or most of your assets. Gives a lot of value from the beginning, even if it becomes really powerful only if it is properly customized and tailored to your needs. Gorgeous interface! Based on Elastic technology, this has a lot of value as it makes it easily scaled and customized. **What do you dislike about Wazuh?** Very little known in Italy so it is difficult to find commercial support for it. Needs Kinux/Unix knowledge to be properly installed, configured and managed (lot of things are still only possible on the CLI). Cloud and container support are still minimal, unless you're ready to spend some time for writing your own parsers / integration modules. **What problems is Wazuh solving and how is that benefiting you?** Full visibility on A LOT of information from endpoints with just one simple, low weight agent. Multiple platform support, capability to ingest, parse and manage also logs from platforms where the agent can't be deployed. ### 14. Finest Opensource SIEM **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 07, 2024 **What do you like best about Wazuh?** -Completely opensource -Free to use -Has great features such as active response, support for 3rd generation party integrations etc. - Easy to configure and manage compared to other SIEM -Can easily handle large amount of incoming logs -Supports loads of data sources -Easy to create visualization and perform analysis **What do you dislike about Wazuh?** -Opensearch can be trickier to deal with -May require more resources if logs are frequent and in large volume. **What problems is Wazuh solving and how is that benefiting you?** Wazuh is fantastic SIEM tool. Main benefit of using Wazuh is that its completely free to use and they are actively realising new updates. We use Wazuh for log analysis and for security monitoring. Wazuh has great EDR functionalities as well such as agent control features, active response, agent grouping etc. ### 15. A great open source tool for SIEM **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** February 12, 2024 **What do you like best about Wazuh?** Wazuh is a SIEM tool which can be integrated with so many security apps and it is very flexible. The wazuh-manager is powerful enough to manage all the different open source tools we want to integrate with a very easy and light configuration of the agent and as many people say wazuh is the world's no.1 open source SIEM tool. **What do you dislike about Wazuh?** Well wazuh is quite helpful but when i am stuck i don't know what to do coz there is no support available if we get stuck. I personally had so many problems configuring graylog with wazuh. I am still stuck on an issue of proxy and i am seeking help from the wazuh community. **What problems is Wazuh solving and how is that benefiting you?** Well it is trying to increase the performance and trying solve the problems with community. ### 16. Excellent OPEN SOURCE SIEM **Rating:** 4.5/5.0 stars **Reviewed by:** Franck Justin T. | Teaching Assistant Tutor, Small-Business (50 or fewer emp.) **Reviewed Date:** July 08, 2024 **What do you like best about Wazuh?** What I like the most is its ease of use, its scalability, and its integration with other tools. **What do you dislike about Wazuh?** the fact that it is not available on Windows **What problems is Wazuh solving and how is that benefiting you?** Wazuh helps me by monitoring and categorizing the different security events that occur on the endpoints. ### 17. Empowering Comprehensive Cybersecurity Defense with Open Source Innovation **Rating:** 5.0/5.0 stars **Reviewed by:** Smith S. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 19, 2024 **What do you like best about Wazuh?** Its comprehensive suite of security features covering intrusion detection, log analysis, file integrity monitoring, and compliance management. The flexibility and scalability it offers, making it suitable for organizations of all sizes and industries. Its active community support, providing valuable resources, insights, and collaboration opportunities. **What do you dislike about Wazuh?** The initial setup process can be complex, especially for users with limited cybersecurity or system administration experience. Some advanced features may have a steep learning curve, requiring additional training or support to fully utilize. **What problems is Wazuh solving and how is that benefiting you?** Wazuh - The Open Source Security Platform effectively addresses several critical cybersecurity challenges, providing numerous benefits to our organization. ### 18. Empowering Users with Proactive Security **Rating:** 5.0/5.0 stars **Reviewed by:** Ankur P. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 20, 2024 **What do you like best about Wazuh?** --Wazuh excels in real-time threat detection. Its interface is user-friendly and intuitive. --Wazuh simplifies compliance management effortlessly. --The platform seamlessly scales to meet growing demands. --Active community support ensures timely assistance. **What do you dislike about Wazuh?** Initial setup can be complex for users lacking technical expertise. Limited documentation for customization may pose challenges for advanced users **What problems is Wazuh solving and how is that benefiting you?** --Enhanced threat detection capabilities bolster our organization's cybersecurity defenses. --Streamlined compliance management simplifies adherence to regulatory standards, reducing the risk of non-compliance penalties. --Centralized monitoring facilitates proactive identification and mitigation of security threats across our entire IT infrastructure. ### 19. Very Good for startup companies **Rating:** 5.0/5.0 stars **Reviewed by:** Rahul S. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 20, 2024 **What do you like best about Wazuh?** The platform’s centralized logging and monitoring features enable administrators to gain insights into their infrastructure’s security posture, allowing for proactive threat hunting and incident response. Additionally, Wazuh’s scalability ensures that it can adapt to the evolving needs of organizations, whether they are small businesses **What do you dislike about Wazuh?** They need to improve Ai. Overall its not an big issue **What problems is Wazuh solving and how is that benefiting you?** It saving my time and its very Secured as well. ### 20. Wazuh-The all in one open Source Security Platform **Rating:** 5.0/5.0 stars **Reviewed by:** Nikhil D. | Tech Evangelist | Cloud Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 01, 2024 **What do you like best about Wazuh?** What i like about Wazuh is that it is an open source with the functionalities like highly paid softwares. It is very easy to implement, we have deployed it on our On Premise VM Ware ESXi. **What do you dislike about Wazuh?** There is no such thing i dont like about wazuh but sometimes when we face challenges, we face problems to get support and precise solutions to our problems. **What problems is Wazuh solving and how is that benefiting you?** I use Wazuh for monitoring the security of my AWS accounts on the company and it is working preety well in this scenario. ### 21. One Of The Finest Open-Source SIEM Solution **Rating:** 4.0/5.0 stars **Reviewed by:** Hardik U. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 18, 2024 **What do you like best about Wazuh?** -Wazuh is very easy in integrates with system **What do you dislike about Wazuh?** -Wazuh need to provide document in easy language that can be easy to understand current once is complex one took so much time just to understand **What problems is Wazuh solving and how is that benefiting you?** Wazuh is protecting against many cyber threats that is the most amazing thing for our company we don't need to worry about any cyber threats or malware ### 22. Wazuh - A Comprehensive and Robust Open Source Security Platform **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 26, 2024 **What do you like best about Wazuh?** Wazuh's ability to simplify compliance management and provide real-time monitoring and threat detection further enhances its appeal. Overall, Wazuh offers a well-rounded security solution that caters to various needs and environments. **What do you dislike about Wazuh?** Secondly, Wazuh's advanced features, such as threat intelligence and correlation capabilities, might be overwhelming for users with limited technical knowledge. Providing more simplified explanations and tutorials for these advanced features could make them more accessible to a broader audience. **What problems is Wazuh solving and how is that benefiting you?** Wazuh - The Open Source Security Platform is solving several problems related to cybersecurity and threat detection, which ultimately benefits users in various ways. ### 23. An extensive OPEN SOURCE SIEM! **Rating:** 4.5/5.0 stars **Reviewed by:** Vira r. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 23, 2023 **What do you like best about Wazuh?** One of the best things about Wazuh is its flexibility and ease of use. It supports a wide range of platforms, including Linux, Windows, macOS, and Docker. It also integrates with various other security tools such as Elasticsearch, Kibana, and Suricata IDS. Additionally, its scalable architecture supports deployments of different sizes, from small businesses to large enterprises. **What do you dislike about Wazuh?** One downside to Wazuh is that it requires a fair amount of technical knowledge to set up and configure. Users who are not familiar with security tools may find it challenging to install and deploy. Furthermore, although Wazuh offers vast documentation and a user-friendly web interface, it can sometimes be overwhelming to navigate. **What problems is Wazuh solving and how is that benefiting you?** Wazuh is solving critical cybersecurity challenges for businesses by providing real-time threat detection, compliance management, and streamlining security operations. This platform helps organizations improve their security posture, protect their data, maintain compliance, and respond quickly to threats. It reduces the risks associated with data breaches, downtime, and reputation damage. By automating many security operations, Wazuh simplifies security management, making it easier to detect suspicious behavior and respond to threats. ### 24. Very good software **Rating:** 5.0/5.0 stars **Reviewed by:** Ravi P. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 20, 2024 **What do you like best about Wazuh?** Best thing about this software is its really time Saving. I dont need to hire extra menpower i can easily use this software and stay secure from every malware **What do you dislike about Wazuh?** Everything is perfect , only keep provide updates faster. **What problems is Wazuh solving and how is that benefiting you?** Its very powerfull to detect threats and its very safe as well ### 25. Enhancing Security and Simplifying Threat Detection with Wazuh **Rating:** 4.0/5.0 stars **Reviewed by:** Nisarg S. | Security Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** June 06, 2023 **What do you like best about Wazuh?** The complete and centralised approach to security that Wazuh - The Open Source Security Platform uses is one of its distinguishing qualities. The platform specialises at gathering, analysing, and correlating security events from many sources, giving an organisation a complete picture of its security landscape. This centralised strategy dramatically streamlines incident response and threat identification, enabling effective risk mitigation. Wazuh's open-source design also encourages a thriving community, ensuring consistent updates, ongoing development, and a large variety of plugins and integrations for smooth integration with current security infrastructure. **What do you dislike about Wazuh?** Wazuh - The Open Source Security Platform has many advantages, but there are also some places where it may be improved. The procedure of initial setup and setting is one thing that some people could find difficult. Users who are unfamiliar with security tools and technologies may find setting up Wazuh to be time-consuming and demand a certain amount of technical competence. Additionally, Wazuh's documentation may be improved to be more thorough and user-friendly. This would help users much more while setting up and debugging their systems. Last but not least, even though Wazuh provides integration with many third-party products, there may be times when certain integrations or use cases necessitate more development or customisation, which could be a disadvantage for organisations with particular needs. **What problems is Wazuh solving and how is that benefiting you?** Wazuh - The Open Source Security Platform effectively addresses critical security challenges by enhancing threat detection through comprehensive monitoring of security events from various sources. It enables real-time threat intelligence and correlation, facilitating early detection of security breaches. Wazuh also assists organizations in meeting compliance requirements by providing support for regulatory standards. The platform improves security posture, minimizes potential impacts of incidents, streamlines security operations, and empowers organizations with efficient incident response, leading to enhanced security resilience and protection of data and assets. ### 26. Review of Wazuh: Open-Source Security Platform **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 22, 2024 **What do you like best about Wazuh?** One of the standout features of Wazuh that I particularly appreciate is its versatility and comprehensiveness. Wazuh covers a wide range of security needs, from intrusion detection to compliance monitoring, making it a one-stop solution for organizations seeking robust cybersecurity measures. **What do you dislike about Wazuh?** While Wazuh's user interface is generally intuitive and user-friendly, some users may find the customization options limited. **What problems is Wazuh solving and how is that benefiting you?** Wazuh addresses several critical cybersecurity challenges, and its solutions have tangible benefits for users like myself. -Threat Detection and Response -Centralized Security Monitoring ### 27. A Next-gen SIEM in Open-source market! **Rating:** 4.5/5.0 stars **Reviewed by:** Raj V. | Mid-Market (51-1000 emp.) **Reviewed Date:** May 27, 2023 **What do you like best about Wazuh?** Wazuh dazzles with its robust security capabilities, which include log analysis, intrusion detection, and threat intelligence. Because it is open-source, it encourages community cooperation and continual progress, while simple interaction with standard security tools improves threat detection and response. The platform's user-friendly interface, simple setup, and extensive reporting improve its efficiency in maintaining a secure computing environment. **What do you dislike about Wazuh?** After using Wazuh, I discovered a few flaws. These include the high learning curve, restricted compatibility with particular operating systems such as macOS, extensive configuration processes, and the need for more robust support channels and documentation. Improvements in these areas would make Wazuh more accessible, adaptable, and user-friendly, attracting a broader user base searching for an open-source security solution. **What problems is Wazuh solving and how is that benefiting you?** Wazuh is a robust solution that handles various security issues while providing multiple benefits. It effectively solves real-time threat detection, log analysis, compliance monitoring, and incident response challenges. Businesses may improve their security posture, proactively identify and mitigate possible threats, ensure compliance with industry laws, and streamline incident handling processes by utilizing Wazuh. This platform offers a complete and centralized approach to security, assisting organizations in strengthening their defenses and protecting critical data from cyber threats, resulting in a more secure and resilient business environment. ### 28. Best XDR & SIEM Solution for On-Prem & Cloud Security. **Rating:** 5.0/5.0 stars **Reviewed by:** Rohan G. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 22, 2023 **What do you like best about Wazuh?** Wazuh is an open-source Tool that will help us monitor On-Prem & Cloud Environment. We can Integrate our wazuh with tools like case-management and threat intelligence(MISP, Cortex). By integrating our wazuh with sysmon we can catch suspicious activity in our windows environment. Also Wazuh give us the option to add additional fields using Decoder. Also we can integrate our cloud Environment with Wazuh to monitor Cloud Services. **What do you dislike about Wazuh?** Wazuh may require more Computing power because it needs more ability to operate. Also, sometimes wazuh generates false positive alerts because wazuh in-built create more noise. **What problems is Wazuh solving and how is that benefiting you?** We are using wazuh to monitor our customer's Environment & Monitor On-premises to detect suspicious activity, we monitor Cloud Environment (AWS,Azure,GCP) to monitor their services & Taking care of infrastructure, we are integrating our tool with different case-management,threat-intel to maintain their security posture. ### 29. Wazuh The Finest Security Platform **Rating:** 4.0/5.0 stars **Reviewed by:** Abhishek D. | web assistant, Small-Business (50 or fewer emp.) **Reviewed Date:** March 13, 2024 **What do you like best about Wazuh?** -It has the Best Active Community Support -Gives You Update On Regular Basis. **What do you dislike about Wazuh?** -I was quite frustrated when I was integrating Wazuh , need to make it more smooth. **What problems is Wazuh solving and how is that benefiting you?** It helps alot inFinding responsible Threat and Malware and protect againts all. ### 30. Elevating Security Standards with Wazuh **Rating:** 5.0/5.0 stars **Reviewed by:** vinod v. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 20, 2024 **What do you like best about Wazuh?** easy to use Comprehensive security functionalities including intrusion detection Easy to deploy Highly scalable helpful community support **What do you dislike about Wazuh?** Little Complex to Configure the level of monitoring required **What problems is Wazuh solving and how is that benefiting you?** It help me to detect threats ### 31. Loved Wazuh **Rating:** 4.5/5.0 stars **Reviewed by:** Harsh V. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 18, 2024 **What do you like best about Wazuh?** Easy to use Easy to setup Interface is easy use and understand Easy to integrate **What do you dislike about Wazuh?** Documentation is not proper Should have live customer support **What problems is Wazuh solving and how is that benefiting you?** Threat Detection and Prevention Incident Response Efficiency Monitoring ### 32. Open Source Security Solutions for Modern Threat **Rating:** 3.5/5.0 stars **Reviewed by:** Hardik U. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 11, 2024 **What do you like best about Wazuh?** - Scalable Architecture - Real-time Threat Detection - Integration with Security Tools **What do you dislike about Wazuh?** - Limited Reporting and Analytics - Learning Curve - Integration Complexity **What problems is Wazuh solving and how is that benefiting you?** Threat Detection and Response,Compliance Management and Centralized Security Monitoring ### 33. accurate open source Siem in the market **Rating:** 3.5/5.0 stars **Reviewed by:** hardik p. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 19, 2024 **What do you like best about Wazuh?** -this one is the best firewall that works for our organization **What do you dislike about Wazuh?** -configuration is not easy -take some time to detect things **What problems is Wazuh solving and how is that benefiting you?** Wazuh is best at the job to prevent malware attacks ### 34. free and robust opensource SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** January 02, 2024 **What do you like best about Wazuh?** it's free and it's opensource and has lots of integrations. it's easy to implement and even has ansible playbooks and docker compose files to get you a POC instance up and running in no time. **What do you dislike about Wazuh?** Not really something i dislike but due to it's complexity, it does have bit of a learning curve and getting used to the various terminologies and security terms. also when they switched from elastic search to opensearch we had to re-architect our environment. ouch **What problems is Wazuh solving and how is that benefiting you?** - looking at logins across our aws services with cloudtrail integration - vulnerability assessment and scanning - SOP auditing ### 35. review of Wazuh - The Open Source Security Platform **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 11, 2024 **What do you like best about Wazuh?** Wazuh - The Open Source Security Platform provide a document about how to install it. this is smooth way to implement it. **What do you dislike about Wazuh?** Wazuh's default configuration might generate false positive alerts, leading to alert fatigue and hindering security teams' ability to focus on genuine threats. **What problems is Wazuh solving and how is that benefiting you?** it is provide customer support to solve your future problems and inspecting network traffic and enforcing security policies. ### 36. Review about Wazuh - The Open Source Security Platform **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 19, 2024 **What do you like best about Wazuh?** - Centralized Security Management - Improved Threat Detection - Faster Incident Response **What do you dislike about Wazuh?** Wazuh - The Open Source Security Platform Organizations may require skilled personnel to handle the initial setup and ongoing maintenance. **What problems is Wazuh solving and how is that benefiting you?** Wazuh - The Open Source Security Platform provide customer support to solve your future problems and Disparate Security Tools. ### 37. User Friendly Open Source Security Platform **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** March 18, 2024 **What do you like best about Wazuh?** -it is really good at keeping your computer systems safe. - spotting suspicious activity vert quickly **What do you dislike about Wazuh?** -setup process could be much easier or maybe better **What problems is Wazuh solving and how is that benefiting you?** Mainly at Threat Detections malware and harmful stuff ### 38. Powerful Security Monitoring: Wazuh - A Comprehensive Review **Rating:** 4.0/5.0 stars **Reviewed by:** Harsh M. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 14, 2023 **What do you like best about Wazuh?** Wazuh's key strengths include robust threat detection, scalability, real-time alerts, compliance monitoring, integration capabilities, and an active open-source community. **What do you dislike about Wazuh?** Some potential challenges with Wazuh include the complexity of setup, a learning curve for understanding its features, resource requirements, and varying levels of community support. **What problems is Wazuh solving and how is that benefiting you?** Wazuh solves problems related to real-time threat detection, compliance management, centralized security monitoring, scalability, and benefits from an active open-source community. ### 39. Open-source SIEM and highly Coustomisable **Rating:** 5.0/5.0 stars **Reviewed by:** Karsh T. | cybersecurity Analyst, Computer & Network Security, Mid-Market (51-1000 emp.) **Reviewed Date:** December 22, 2022 **What do you like best about Wazuh?** Wazuh is open-source and highly coustomizeble **What do you dislike about Wazuh?** it randomly stops working sometimes with no proper analysis of what happend **What problems is Wazuh solving and how is that benefiting you?** it is Solving my problem of day to day monitoring in clients to better understand logs and security events ### 40. Efficient **Rating:** 5.0/5.0 stars **Reviewed by:** Anderson S. | Analista de segurança da informação, Enterprise (> 1000 emp.) **Reviewed Date:** November 10, 2023 **What do you like best about Wazuh?** ease in assessing the vulnerabilities of assets. easy to implement **What do you dislike about Wazuh?** I would like it to have integration with Active Directory-AD. **What problems is Wazuh solving and how is that benefiting you?** Identify vulnerabilities ### 41. Good Open Source SIEM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Kathan P. | SOC Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** December 09, 2022 **What do you like best about Wazuh?** The SIEM being open source allows the company to save on license costs on this product. This SIEM tool also allows modification in all rules present or added into the SIEM which makes monitoring easier. **What do you dislike about Wazuh?** There are not many rules and decoders are available for many popular services by default. The newer version does not have few features that old features had such as Ananolmy detectors. **What problems is Wazuh solving and how is that benefiting you?** Monitoring and security of network and systems was made easy and allowed the team to secure or provide support to other teams by providing valuable inputs from those logs. ### 42. Best Open Source SEIM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Dhrumil P. | Assistant Sales, Mid-Market (51-1000 emp.) **Reviewed Date:** December 22, 2022 **What do you like best about Wazuh?** The best thing about this SIEM tool is that it saves the license cost. It also allows the user to modify the rules created before and add them to the SIEM, which makes Monitoring easier. It also includes features like Vulnerability detection and File integrity Monitoring. **What do you dislike about Wazuh?** The database is unstable, making it very difficult to maintain; there are significantly fewer rules, and for many popular services decoder is enabled by default. And fewer details are there in the documentation. **What problems is Wazuh solving and how is that benefiting you?** It gives the best services at a meager cost and also solves the problem of the organization sorting the risk. It also helps other teams by providing the inputs through logs. ### 43. Server Security **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** April 04, 2023 **What do you like best about Wazuh?** I like the Interface of Wazuh as well as how its features are laid out with a brief description of the functions **What do you dislike about Wazuh?** The fact that you have to create the groups before installing agents and not the other way round **What problems is Wazuh solving and how is that benefiting you?** It specifies the rule levels so it helps to easily detect the activities which have happened with a server that has the agent installed on this is specified by the rule levels ### 44. The Best Open-Source HIDS/EDR Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Azar N. | Information Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 12, 2023 **What do you like best about Wazuh?** Wazuh is a open-source security platform helps information security engineers to detect intrusions. It can be deployed in cloud/on-premise systems and different operating systems. **What do you dislike about Wazuh?** There are only timeout issues I dislike. **What problems is Wazuh solving and how is that benefiting you?** It helps me to detect malware incidents, create rules and test it. ### 45. HIDS Security features offered by Wazuh Cloud platform for application endpoint security is good **Rating:** 3.0/5.0 stars **Reviewed by:** Komal J. | Software Developer, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** March 08, 2022 **What do you like best about Wazuh?** Wazuh offers cloud-based application monitoring & security solutions that effectively collect data, aggregate them, and analyze them through proper indexing. Its Wazuh agents are suitably fast & lightweight that provide good monitoring & response capabilities. They analyze OS & application logs and then transfer them to the central manager for system errors, misconfigurations, and policy violations. **What do you dislike about Wazuh?** You won't be able to access your environment deployed in the Wazuh cloud using SSH access, unlike AWS EC2 instances. This restricts various customization features at the infrastructure level, and also communications are passed only through Wazuh agents. **What problems is Wazuh solving and how is that benefiting you?** Wazuh promotes Host-Based Intrusion Detection system in which various Wazuh agents operate in our application cluster to detect intrusions and vulnerabilities. It offers file integrity monitoring features for threat identification & compromised host statuses. Wazuh handles automatic environment updates so no need to download any patches or schedule downtime for getting the latest version. Its SSO features are suitable for our Endpoint authentication as we can access Wazuh web user interface through our SSO tools such as Okta, LADP & active directories. Incident response can be enabled to define criteria which will effectively block the access in case of detecting any active threats to our environment. ### 46. The best Open-source SIEM and EDR tool available! **Rating:** 4.5/5.0 stars **Reviewed by:** Raj V. | Reviewer, Mid-Market (51-1000 emp.) **Reviewed Date:** June 29, 2022 **What do you like best about Wazuh?** It is one of the best SIEM tool which comes with tons of features. It is Open-source. It has File Integrity Monitoring. It has vulnerability detection. It has the Mitre ATT&CK Framework mapping. It has a lot more stuff! **What do you dislike about Wazuh?** It has to get a stable database or shall maintain and give documentation for all available options. **What problems is Wazuh solving and how is that benefiting you?** Wazuh is giving out the best security solution at a very low cost and solving the problems of the enterprises by minimizing the risks. ### 47. It’s totally customisable where we can achieve all integration **Rating:** 5.0/5.0 stars **Reviewed by:** Yash P. | Senior SOC ANALYST, Mid-Market (51-1000 emp.) **Reviewed Date:** December 03, 2021 **What do you like best about Wazuh?** Wazuh is open source tool. Free to use. We can achieve all various use cases using wazuh easily. Any one can manage easily **What do you dislike about Wazuh?** Some times after updating wazuh it's by default rules and decoders not work properly **What problems is Wazuh solving and how is that benefiting you?** There are various kind of problems we have solved using wazuh. ### 48. integration of Amazon Linux AMI (64-bit) with Wazuh-The Open-Source Security Platform **Rating:** 5.0/5.0 stars **Reviewed by:** Nisarg S. | Cyber Security Expert, Mid-Market (51-1000 emp.) **Reviewed Date:** June 24, 2022 **What do you like best about Wazuh?** As an open-source security platform wazuh is providing so many features that sometimes even paid tools are not provided. Some Features are Security Analytics, Log Data Analysis, File Integrity Monitoring, and Configuration Assessment. **What do you dislike about Wazuh?** Nothing to dislike about Wazuh, you can use it in whatever manner you want to use as it is open-source. All type of customization is available. **What problems is Wazuh solving and how is that benefiting you?** It is saving costs for the organization for the security platform. Also unlike other paid security tools, we can use it at our convenience. ### 49. An end-to-end Host Intrusion Detection System and SIEM tool **Rating:** 4.5/5.0 stars **Reviewed by:** Rushabh M. | Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** December 05, 2021 **What do you like best about Wazuh?** - Well documented - Helpful community on slack - Easy on-premise setup; if you don't want to use their cloud service - Easy integration with Elasticsearch and Kibana - Convenient Kubernetes deployment guide - It is pretty configurable. Integration with Slack and email for receiving alerts is seamless. - Open source and free - Distributed system for better availability for large systems **What do you dislike about Wazuh?** - Coverage for all operating systems. It lacks some features for a few operating systems. - Learning curve in understanding the system - Some services can drain your host machines, requires you to monitor and adjust the configs to make it optimum. **Recommendations to others considering Wazuh:** - Has some learning curve if you want to set it up yourself. But not impossible. There is good documentation and a helpful community that will unblock you any chance they get. - It took our team (two engineers and one security engineer) to host the on-premise system using Elasticsearch and deploy a distributed HIDS system in three months, although those were some long hours. The initial setup took over a month, and then we spent most of our time ensuring the Wazuh agents didn't eat up the majority of our machine resources. - If you wish to avoid the setup time and effort, go for their managed solution. However, that isn't cheap, and I haven't used it, so I can't comment on its benefits. **What problems is Wazuh solving and how is that benefiting you?** - Wazuh helped us monitor all the host machines in our production environment. - Logging suspicious activity, instrumenting machine health (needs some work), checking the packages installed on hosts, and detecting vulnerabilities. - It has been beneficial in identifying shellshock attacks and mitigating them for hosts with the older version of operating systems. ### 50. Wazuh is open source cyber Security solution with EDR and HIDS/NIDS based on ELK stack **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** April 22, 2022 **What do you like best about Wazuh?** Very easy to configure and deploy, centralized management of agents, can be configured to work with prowler which is excellent to monitor AWS environment **What do you dislike about Wazuh?** I believe documentation is not that detailed, gui is a little complex for my taste **What problems is Wazuh solving and how is that benefiting you?** We are using wazuh as our SIEM and EDR solution to detect and respond to threats ## Wazuh Discussions - [What is Wazuh - The Open Source Security Platform used for?](https://www.g2.com/discussions/what-is-wazuh-the-open-source-security-platform-used-for) - 1 comment - [View Wazuh pricing details and edition comparison](https://www.g2.com/products/wazuh/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-19+07%3A45%3A19+-0500&secure%5Bsession_id%5D=22d723b9-c945-4bb6-8805-32704a148bce&secure%5Btoken%5D=2a7359b2c7072f2557f8a93438567bd7b090835668f17417b3fb855f41220ce5&format=llm_user) ## Wazuh Integrations - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [Discord](https://www.g2.com/products/textaify-discord/reviews) - [Grafana Labs](https://www.g2.com/products/grafana-labs/reviews) - [n8n](https://www.g2.com/products/n8n/reviews) - [Safetica](https://www.g2.com/products/safetica/reviews) - [Shuffle](https://www.g2.com/products/shuffle/reviews) - [TheHive](https://www.g2.com/products/thehive/reviews) - [VirusTotal](https://www.g2.com/products/virustotal/reviews) - [WatchGuard Network Security](https://www.g2.com/products/watchguard-network-security/reviews) ## Wazuh Features **Services - Endpoint Detection & Response (EDR) ** - Managed Services **Response** - Resolution Automation - Resolution Guidance - System Isolation - Threat Intelligence - Incident Investigation **System Control** - Device Control - Web Control - Application Control - Asset Management - System Isolation **Records** - Incident Logs - Incident Reports **Vulnerability Prevention** - Endpoint Intelligence - Firewall - Malware Detection **Management** - Incident Alerts - Incident Case Management - Workflow Management **Security Management** - Incident Reports - Security Validation - Compliance **Generative AI** - AI Text Generation - AI Text Summarization ## Top Wazuh Alternatives - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - 4.7/5.0 (374 reviews) - [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews) - 4.7/5.0 (195 reviews) - [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) - 4.4/5.0 (280 reviews)