We performed a comparison between Gurucul Next Gen SIEM and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel pricing is good"
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The UI-based analytics are excellent."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The pricing of the product is excellent."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Gurucul Next Gen SIEM stands out for its user-friendliness, making it accessible to business users."
"The customization of reporting rules, reporting configuration, and alerting configuration are good."
"The configuration assessment and Pile integrity monitoring features are decent."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"The deployment is easy and they provide very good documentation."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"The product’s interface is intuitive."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The only thing is sometimes you can have a false positive."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The user interface could be made simpler."
"I would like Gurucul to identify the use cases that have already been reviewed by someone when detection occurs."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Wazuh is missing many things that a typical SIEM should have."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"The implementation is very complex."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"The only challenge we faced with Wazuh was the lack of direct support."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
Gurucul Next Gen SIEM is ranked 40th in Security Information and Event Management (SIEM) with 2 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. Gurucul Next Gen SIEM is rated 7.0, while Wazuh is rated 7.4. The top reviewer of Gurucul Next Gen SIEM writes "Has a strong technical foundation and helps reduce our detection time, but the UI can be more user-friendly". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Gurucul Next Gen SIEM is most compared with , whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our Gurucul Next Gen SIEM vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.