Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
7.4
Reviews Sentiment
6.7
Number of Reviews
48
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of July 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.8%, up from 0.5% compared to the previous year. The mindshare of Wazuh is 11.6%, down from 11.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Peter Nowak - PeerSpot reviewer
Integration of multiple firewalls enables advanced threat detection
The integration of data from firewalls and Active Directory is most valuable. Cybereason XDR facilitates two-way communication, where the firewall sends data to the Cybereason system, and it can communicate with the firewall to stop unwanted communication. Customers can deal with multiple types of firewalls with ease. The behavioral analytics help detect advanced threats when attackers use existing software. The multilayered protection approach, including NGAV, integrates XDR detection with antivirus to assess and counter threats effectively.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration of data from firewalls and Active Directory is most valuable."
"The solution has an investigation feature, which is useful for building storylines."
"Cybereason XDR's most useful feature is the investigation."
"The integration of data from firewalls and Active Directory is most valuable."
"Overall, I rate Wazuh a nine out of ten."
"Wazuh has very flexible and robust features."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"It allows you to aggregate all your logs in one place and provides a unified view to monitor your security environment."
"The most valuable feature of Wazuh is its EDR capabilities."
"The product is easy to customize."
"I would recommend Wazuh to others."
 

Cons

"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"There could be more integrations with other data sources like NDR systems."
"Customer service is rated as a five out of ten. When they work and reach the right level, they are helpful, but getting to the right person can be time-consuming."
"Cybereason's customer support could be better."
"Wazuh doesn't have native support for some enterprise solutions."
"We would like to see more improvements on the cloud."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"An issue I noticed is with tag values in certain rules not functioning properly."
"The support channel is not optimal, and extensive research is required on our part to implement Wazuh effectively."
"I want more support for regional compliance standards to serve my ANZ region customers better."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"The current pricing is open source."
"Wazuh is not an expensive solution."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"Wazuh is an open-source tool."
"Wazuh is free and open source."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
862,514 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Manufacturing Company
15%
Financial Services Firm
9%
Comms Service Provider
9%
Computer Software Company
15%
Comms Service Provider
9%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
There could be more integrations with other data sources like NDR systems. Additionally, technical support has been slow in recent times. Enabling multifactor authentication has been problematic fo...
What is your primary use case for Cybereason XDR?
I use Cybereason XDR for customers who don't have a SOC or managed SOC yet and want to be protected on more than their desktops. It is especially used in the manufacturing industry, yet not exclusi...
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
What needs improvement with Wazuh?
That would require me to discuss with the Wazuh team regarding areas that could be improved, as I have numerous ideas. From a developer's perspective, this is a Linux system with an active communit...
What is your primary use case for Wazuh?
Wazuh is a SIEM platform with various applications in today's environment. Compliance checks have helped with regulatory requirements. I pulled in PCI DSS to check for file integrity monitoring. I ...
 

Comparisons

 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Information Not Available
Find out what your peers are saying about Cybereason XDR vs. Wazuh and other solutions. Updated: June 2025.
862,514 professionals have used our research since 2012.