Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
74
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of May 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 3.0% compared to the previous year. The mindshare of Wazuh is 13.9%, down from 15.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is used as an alerting platform."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"It's a very nice solution to work with."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"Fortinet FortiSIEM provides good detection against advanced threats."
"It works well with medium to large-scale enterprises."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Good for monitoring, active response, and for vulnerabilities."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"The main thing I like about it is that it has an EDR."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
 

Cons

"Patching is not great - we're not getting the support we'd expect."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"While it is scalable, it can suffer from reduced latencies."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"The tool doesn't detect anomalies or new environments."
"The only challenge we faced with Wazuh was the lack of direct support."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"So far, the recent updates have addressed most challenges we previously faced."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
 

Pricing and Cost Advice

"The solution is available for both, perpetual and subscription licenses."
"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
"Manageable, however would be better as pay as you go versus CapEX."
"Please be cheaper and more simplified."
"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."
"There are additional features that cost more than the standard licensing fees."
"They have a yearly subscription."
"We pay for a license for FortiSIEM. We pay for the license and renewal."
"We use the free version of Wazuh."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"It is an open-source product."
"Wazuh is an open-source tool."
"Wazuh is free and open source."
"Wazuh is not an expensive solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
851,604 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Government
7%
Comms Service Provider
6%
Computer Software Company
15%
Comms Service Provider
9%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Also Known As

FortiSIEM, AccelOps
No data available
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Information Not Available
Find out what your peers are saying about Fortinet FortiSIEM vs. Wazuh and other solutions. Updated: April 2025.
851,604 professionals have used our research since 2012.