Try our new research platform with insights from 80,000+ expert users

Symantec XDR vs Wazuh comparison

Broadcom and Wazuh are both solutions in the Extended Detection and Response (XDR) category. Broadcom is ranked #43, while Wazuh is ranked #5 with an average rating of 7.7. Broadcom holds a 0.1% mindshare in XDR, compared to Wazuh’s 11.1% mindshare. Additionally, 100% of Broadcom users are willing to recommend the solution, compared to 80% of Wazuh users who would recommend it.
Symantec XDR
Read 1 Symantec XDR review
  • 186 Views
  • 184 Comparison Views
100% willing to recommend
Wazuh
Read 48 Wazuh reviews
  • 45,325 Views
  • 12,691 Comparison Views
80% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Aug 25, 2025

Wazuh and Symantec XDR compete in the cybersecurity domain, with Wazuh favored for pricing and support, while Symantec XDR offers superior features.

Features: Wazuh's flexibility and open-source nature support robust threat detection, customizable log management, and an active community for expansion. Symantec XDR offers advanced analytics, comprehensive threat intelligence, and integration capabilities, providing a broader security outlook.

Ease of Deployment and Customer Service: Wazuh ensures a straightforward setup process, benefiting from extensive community-driven support. Symantec XDR, although more complex, provides strong vendor-backed support, aiding a smoother integration process. This reflects Wazuh's community-based approach versus Symantec's dedicated vendor support model.

Pricing and ROI: Wazuh is recognized for lower setup costs and increased ROI due to its open-source framework, effectively reducing licensing fees. Symantec XDR requires a higher initial investment with significant potential ROI driven by its robust security features. The pricing difference underscores Wazuh’s cost-effectiveness against Symantec's value-added offerings.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: August 2025).
Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Download the complete report
Helped 866,300 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Symantec XDR
Ranking in Extended Detection and Response (XDR)
43rd
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
7.4
Reviews Sentiment
6.7
Number of Reviews
48
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of August 2025, in the Extended Detection and Response (XDR) category, the mindshare of Symantec XDR is 0.1%, down from 0.1% compared to the previous year. The mindshare of Wazuh is 11.1%, down from 12.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Market Share Distribution
ProductMarket Share (%)
Wazuh11.1%
Symantec XDR0.1%
Other88.8%
Extended Detection and Response (XDR)
 

Featured Reviews

BR
A scalable and stable solution with straightforward deployment
We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.
Read full review
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"You can advise the solution and protect your environment."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"It allows you to aggregate all your logs in one place and provides a unified view to monitor your security environment."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Its cost-effectiveness is the most valuable aspect."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The deployment is easy and they provide very good documentation."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
More Wazuh pros
 

Cons

"The solution should have better reporting."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"The computing resources are consuming and do not make sense."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"The implementation is very complex."
"There could be a hardware monitoring tool for the solution."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Wazuh is missing many things that a typical SIEM should have."
"Wazuh doesn't have native support for some enterprise solutions."
More Wazuh cons
 

Pricing and Cost Advice

Information not available
"The solution's cost is above the average."
"We use the free version of Wazuh."
"They have a good pricing strategy for market expansion."
"Wazuh is not an expensive solution."
"It is an open-source product."
"There is not a license required for Wazuh."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"It is a free-of-cost solution."
More Wazuh pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
866,300 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Computer Software Company
15%
Comms Service Provider
9%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business25
Midsize Enterprise15
Large Enterprise8
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
See all answers
What needs improvement with Wazuh?
That would require me to discuss with the Wazuh team regarding areas that could be improved, as I have numerous ideas. From a developer's perspective, this is a Linux system with an active communit...
See all answers
What is your primary use case for Wazuh?
Wazuh is a SIEM platform with various applications in today's environment. Compliance checks have helped with regulatory requirements. I pulled in PCI DSS to check for file integrity monitoring. I ...
See all answers
 

Comparisons

No data available
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 13% of the time
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Compared 12% of the time
Graylog vs Wazuh Logo
Graylog vs Wazuh
Compared 7% of the time
AlienVault OSSIM vs Wazuh Logo
AlienVault OSSIM vs Wazuh
Compared 7% of the time
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 4% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Symantec XDR reportDownload Symantec XDR product report
Buyer's Guide
Wazuh
August 2025
Wazuh reportDownload Wazuh product report
 

Also Known As

No data available
Wazuh All-In-One Deployment
 

Overview

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Wazuh offers comprehensive security features like MITRE ATT&CK correlation, log monitoring, and cloud-native infrastructure. It ensures compliance and provides intrusion detection with high scalability and open-source flexibility, ideal for businesses seeking robust SIEM capabilities.

Wazuh stands out in security information and event management by providing efficient log aggregation, vulnerability scanning, and event correlation against MITRE ATT&CK. Its capability to integrate seamlessly with environments, manage compliance, and monitor files makes it suitable for cloud-native infrastructures and financial sectors. Despite its technical support needing enhancement and opportunities for improving AI integration and threat intelligence, its open-source nature and cost-effectiveness make it appealing. Users can leverage custom dashboards powered by Elasticsearch for precise data analysis, even though there is a desire for a more user-friendly interface and better enterprise solution integration. Deployment may be complex, but its features contribute significantly to fortified security postures.

What are the essential features of Wazuh?
  • MITRE ATT&CK Correlation: Aligns events with recognized adversary tactics and techniques.
  • Log Monitoring: Collects and analyzes logs for threat detection.
  • Cloud-Native Infrastructure: Supports modern cloud environments.
  • Vulnerability Scanning: Identifies potential security weaknesses.
  • File Integrity Monitoring: Ensures the integrity of sensitive files.
  • Open-Source Flexibility: Customizable and adaptable code base.
What benefits should users consider?
  • Cost-Effectiveness: Offers a budget-friendly security solution.
  • Ease of Use: Simplified setup and management.
  • Comprehensive Compliance Management: Aids in meeting regulatory requirements.
  • High Scalability: Grows with businesses and adapts to different environments.
  • Extensive Third-Party Integrations: Connects to various existing systems.

Industries like finance and cloud infrastructure heavily utilize Wazuh for its security strengths. By monitoring endpoints and ensuring compliance with frameworks, companies can improve security posture and swiftly detect anomalies. The platform's focus on event correlation and alerts for security incidents is particularly beneficial.

Wazuh
Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Download Free Report
Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Extended Detection and Response (XDR). Updated: August 2025.
DOWNLOAD NOW
866,300 professionals have used our research since 2012.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.