Fortinet FortiSIEM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 20, 2023
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
7.6
Number of Reviews
65
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Security Information and Event Management (SIEM)
3rd
Average Rating
7.4
Number of Reviews
38
Ranking in other categories
Log Management (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 4.0%, up from 3.6% compared to the previous year. The mindshare of Wazuh is 26.3%, up from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
Unique Categories:
No other categories found
Log Management
18.1%
Extended Detection and Response (XDR)
17.0%
 

Featured Reviews

Ali Mohamed - PeerSpot reviewer
Jan 11, 2023
The log correlation is good
FortiSIEM analyzes the logs from all the servers and firewalls FortiSIEM provides visibility into what happens on our corporate network. We can see traffic from users and detect brute force or bot attacks. It's clear in the SIEM solution.  FortiSIEM's log correlation is good.  FortiSIEM could…
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Open-source platform with custom alerting
There are three key strengths of Wazuh that stand out to me. Firstly, Wazuh offers an enhanced HDR version that outperforms the Elastic Stack. Wazuh has achieved this by running a config or a sec in the background, which has improved the XBR for endpoint security significantly. Secondly, Wazuh comes with built-in frameworks, such as the NISC and ISO, that make it easy to comply with various industry standards. We didn't need to configure any custom frameworks for this, as Wazuh had it built in. Lastly, Wazuh has the ability to collect terabytes of data within seconds, which is a crucial feature for modern enterprises dealing with large amounts of data.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortinet FortiSIEM provides good detection against advanced threats."
"FortiSIEM is a great tool for making security processes transparent."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"The product's initial setup phase was easy."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"It's very easy for anyone to work with."
"To add workers and even collectors is pretty easy."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"The main thing I like about it is that it has an EDR."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The tool is stable."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Its cost-effectiveness is the most valuable aspect."
"The MITRE ATT&CK correlation is most valuable."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
 

Cons

"Fortinet FortiSIEM could improve to extend to several locations or sites."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"They need to integrate better with Cisco and Palo Alto."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"I would like to see easier implementation in the future."
"The tool does not provide CTI to monitor darknet."
"Since it's an open-source tool, scalability is the main issue."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"A lack of certain features creates limitations."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
 

Pricing and Cost Advice

"They have a yearly subscription."
"Please be cheaper and more simplified."
"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."
"The price is competitive."
"The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
"Fortinet FortiSIEM is cheaper compared to other products."
"Fortinet FortiSIEM is very cost-efficient compared to other SIEM solutions."
"Fortinet FortiSIEM is not an expensive solution."
"There is not a license required for Wazuh."
"It is a cost-effective solution."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"We use the free version of Wazuh."
"Wazuh has a community edition, and I was using that. It's free and open source."
"Wazuh is not an expensive solution."
"My client uses the open-source version of Wazuh."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
9%
Comms Service Provider
8%
Financial Services Firm
7%
Computer Software Company
17%
Comms Service Provider
7%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
I don't have the price list of any of the competitors of Fortinet FortiSIEM. I work with the technical part of the tool. There is a need to make yearly payments towards the licensing charges attach...
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM is a better solution than other products. As a SIEM solution, it can meet all the requirements of customers. The product already offers good integration capabilities with multipl...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating mu...
What is your primary use case for Wazuh?
We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
 

Also Known As

FortiSIEM, AccelOps
No data available
 

Learn More

 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Information Not Available
Find out what your peers are saying about Fortinet FortiSIEM vs. Wazuh and other solutions. Updated: May 2024.
787,779 professionals have used our research since 2012.