USM Anywhere and Wazuh compete in the cybersecurity software category. USM Anywhere seems to have the upper hand with its comprehensive feature set and integrated solution approach.
Features: USM Anywhere offers integrated SIEM, IDS, and FIM capabilities combined with event correlation and vulnerability scanning using OTX, delivering a comprehensive security monitoring solution. Its all-in-one setup ensures easy deployment with robust features out-of-the-box. Wazuh, in contrast, provides open-source flexibility with seamless ELK stack integration and customizable security monitoring that adds significant value, especially in terms of cost-effectiveness and community support.
Room for Improvement: Users of USM Anywhere seek enhancements in reporting functions, faster database query processing, and easier plugin management. Streamlining the user interface can make it easier to navigate. In Wazuh, improvements are required in scalability, and the incorporation of built-in threat intelligence could enhance its capabilities. Enriching user experience with pre-configured templates can simplify initial deployments.
Ease of Deployment and Customer Service: USM Anywhere is praised for its straightforward deployment, particularly in cloud and hybrid environments. It has a responsive technical support team, though experiences can vary. Wazuh's deployment is equally straightforward, especially for on-premises environments, using its thriving open-source community to provide extensive support options. Both solutions receive varied responses about the quality and consistency of technical support, with USM Anywhere typically viewed as more established in customer service due to its commercial backing.
Pricing and ROI: USM Anywhere's pricing is considered competitive, particularly for small to medium enterprises, though costs can escalate with increased data coverage. It is seen as a worthwhile investment due to its capabilities in preventing losses from security breaches. Wazuh's open-source nature makes it exceptionally cost-effective for organizations that manage the tool independently, with ROI often found in low entry costs and deployment flexibility, although infrastructure and support costs might arise as usage intensifies.
Customers see ROI as they save on staff and other resources.
I have seen value in security cost savings with Wazuh, as using proprietary EDR versions could save us substantial money.
They responded quickly, which was crucial as I was on a time constraint.
We use the open-source version of Wazuh, which does not provide paid support.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
USM Anywhere faces scalability issues because of a 60 TB limit.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Currently, I don't see any limitations in terms of scalability as Wazuh can still connect many endpoints.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
The stability of Wazuh is largely dependent on maintenance.
The indexer frequently times out, requiring system restarts.
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks.
Machine learning is needed along with understanding user behavior and behavioral patterns.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
I think Wazuh should improve by introducing AI functionalities, as it would be beneficial to see AI incorporated in the threat hunting and detection functionalities.
The pricing is amazing and really cheap.
Wazuh is completely free of charge.
I would definitely recommend Wazuh, especially considering Fortinet's licensing model which is confusing and overpriced in my opinion.
Totaling around two lakh Indian rupees per month.
The 365-day block query is a major feature.
Wazuh is a SIEM tool that is highly customizable and versatile.
The system allows us to monitor endpoints effectively and collect security data that can be utilized across other platforms such as SOAR.
With this open source tool, organizations can establish their own customized setup.
| Product | Market Share (%) |
|---|---|
| Wazuh | 7.3% |
| USM Anywhere | 1.0% |
| Other | 91.7% |
| Company Size | Count |
|---|---|
| Small Business | 64 |
| Midsize Enterprise | 29 |
| Large Enterprise | 25 |
| Company Size | Count |
|---|---|
| Small Business | 27 |
| Midsize Enterprise | 15 |
| Large Enterprise | 8 |
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
Discover
Analyze
Detect
Respond
Assess
Report
Wazuh offers an open-source platform designed for seamless integration into diverse environments, making it ideal for enhancing security infrastructure. Its features include log monitoring, compliance support, and real-time threat detection, providing effective cybersecurity management.
Wazuh stands out for its ability to integrate easily with Kubernetes, cloud-native infrastructures, and various SIEM platforms like ELK. It features robust MITRE ATT&CK correlation, comprehensive log monitoring capabilities, and detailed reporting dashboards. Users benefit from its file integrity monitoring and endpoint detection and response (EDR) capabilities, which streamline compliance and vulnerability assessments. While appreciated for its customization and easy deployment, room for improvement exists in scalability, particularly in the free version, and in areas such as threat intelligence integration, cloud integration, and container security. The platform is acknowledged for its strong documentation and technical support.
What are the key features of Wazuh?In industries like finance, healthcare, and technology, Wazuh is utilized for its capabilities in log aggregation, threat detection, and vulnerability management. Companies often implement its features to ensure compliance with stringent regulations and to enhance security practices across cloud environments. By leveraging its integration capabilities, organizations can achieve unified security management, ensuring comprehensive protection of their digital assets.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
