USM Anywhere and Wazuh are both competitors in the security management and compliance sector. USM Anywhere seems to have the upper hand with its comprehensive suite of security tools and superior customer support.
Features: USM Anywhere provides robust event correlation, vulnerability scanning, and asset management. It integrates SIEM with intrusion detection and offers flexible deployment options. Wazuh, an open-source solution, offers cost-effectiveness and flexible deployment, particularly appealing to small teams. It provides PCI DSS compliance, real-time monitoring, and Kubernetes integration.
Room for Improvement: USM Anywhere users report issues with alarms, reporting capabilities, and database query speed, requiring better integration and documentation. Wazuh needs improved threat intelligence integration, alert configurations, and scalability, with suggestions for more user-friendly reporting capabilities. Both solutions could enhance their UI and threat detection features.
Ease of Deployment and Customer Service: USM Anywhere supports deployment across public, hybrid, and private clouds and has a strong hybrid infrastructure presence. It is praised for excellent customer service, offering responsive and knowledgeable support. Wazuh, mainly on-premises, supports various deployment types and relies on a large community for support, which can vary in quality.
Pricing and ROI: USM Anywhere offers competitive pricing with flexible licensing, potentially becoming expensive as it scales, with ROI seen in saved time and intelligence. Wazuh, being free and open-source, offers significant upfront cost savings but may require more effort for setup and support, providing savings on licensing fees compared to USM Anywhere.
Customers see ROI as they save on staff and other resources.
I have seen value in security cost savings with Wazuh, as using proprietary EDR versions could save us substantial money.
They responded quickly, which was crucial as I was on a time constraint.
There is no dedicated technical support for Wazuh as it is open source.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
USM Anywhere faces scalability issues because of a 60 TB limit.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Currently, I don't see any limitations in terms of scalability as Wazuh can still connect many endpoints.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
The indexer frequently times out, requiring system restarts.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
The stability of Wazuh is largely dependent on maintenance.
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks.
Machine learning is needed along with understanding user behavior and behavioral patterns.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
I think Wazuh should improve by introducing AI functionalities, as it would be beneficial to see AI incorporated in the threat hunting and detection functionalities.
The pricing is amazing and really cheap.
Wazuh is completely free of charge.
I would definitely recommend Wazuh, especially considering Fortinet's licensing model which is confusing and overpriced in my opinion.
Wazuh is free to use, but there are licensing fees for third parties.
The 365-day block query is a major feature.
Wazuh is a SIEM tool that is highly customizable and versatile.
With this open source tool, organizations can establish their own customized setup.
The system allows us to monitor endpoints effectively and collect security data that can be utilized across other platforms such as SOAR.
| Product | Market Share (%) |
|---|---|
| Wazuh | 10.9% |
| USM Anywhere | 1.0% |
| Other | 88.1% |
| Company Size | Count |
|---|---|
| Small Business | 64 |
| Midsize Enterprise | 29 |
| Large Enterprise | 25 |
| Company Size | Count |
|---|---|
| Small Business | 26 |
| Midsize Enterprise | 15 |
| Large Enterprise | 8 |
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
Discover
Analyze
Detect
Respond
Assess
Report
Wazuh offers comprehensive security features like MITRE ATT&CK correlation, log monitoring, and cloud-native infrastructure. It ensures compliance and provides intrusion detection with high scalability and open-source flexibility, ideal for businesses seeking robust SIEM capabilities.
Wazuh stands out in security information and event management by providing efficient log aggregation, vulnerability scanning, and event correlation against MITRE ATT&CK. Its capability to integrate seamlessly with environments, manage compliance, and monitor files makes it suitable for cloud-native infrastructures and financial sectors. Despite its technical support needing enhancement and opportunities for improving AI integration and threat intelligence, its open-source nature and cost-effectiveness make it appealing. Users can leverage custom dashboards powered by Elasticsearch for precise data analysis, even though there is a desire for a more user-friendly interface and better enterprise solution integration. Deployment may be complex, but its features contribute significantly to fortified security postures.
What are the essential features of Wazuh?Industries like finance and cloud infrastructure heavily utilize Wazuh for its security strengths. By monitoring endpoints and ensuring compliance with frameworks, companies can improve security posture and swiftly detect anomalies. The platform's focus on event correlation and alerts for security incidents is particularly beneficial.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
