Try our new research platform with insights from 80,000+ expert users

Symantec XDR vs Wazuh comparison

Broadcom and Wazuh are both solutions in the Extended Detection and Response (XDR) category. Broadcom is ranked #43, while Wazuh is ranked #5 with an average rating of 7.7. Broadcom holds a 0.1% mindshare in XDR, compared to Wazuh’s 10.7% mindshare. Additionally, 100% of Broadcom users are willing to recommend the solution, compared to 80% of Wazuh users who would recommend it.
Symantec XDR
Read 1 Symantec XDR review
  • 199 Views
  • 197 Comparison Views
100% willing to recommend
Wazuh
Read 49 Wazuh reviews
  • 43,564 Views
  • 12,198 Comparison Views
80% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Aug 25, 2025

Wazuh and Symantec XDR compete in the cybersecurity domain, with Wazuh favored for pricing and support, while Symantec XDR offers superior features.

Features: Wazuh's flexibility and open-source nature support robust threat detection, customizable log management, and an active community for expansion. Symantec XDR offers advanced analytics, comprehensive threat intelligence, and integration capabilities, providing a broader security outlook.

Ease of Deployment and Customer Service: Wazuh ensures a straightforward setup process, benefiting from extensive community-driven support. Symantec XDR, although more complex, provides strong vendor-backed support, aiding a smoother integration process. This reflects Wazuh's community-based approach versus Symantec's dedicated vendor support model.

Pricing and ROI: Wazuh is recognized for lower setup costs and increased ROI due to its open-source framework, effectively reducing licensing fees. Symantec XDR requires a higher initial investment with significant potential ROI driven by its robust security features. The pricing difference underscores Wazuh’s cost-effectiveness against Symantec's value-added offerings.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: August 2025).
Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Download the complete report
Helped 867,497 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Symantec XDR
Ranking in Extended Detection and Response (XDR)
43rd
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
49
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (2nd)
 

Mindshare comparison

As of September 2025, in the Extended Detection and Response (XDR) category, the mindshare of Symantec XDR is 0.1%, up from 0.1% compared to the previous year. The mindshare of Wazuh is 10.7%, down from 12.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Market Share Distribution
ProductMarket Share (%)
Wazuh10.7%
Symantec XDR0.1%
Other89.2%
Extended Detection and Response (XDR)
 

Featured Reviews

BR
A scalable and stable solution with straightforward deployment
We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.
Read full review
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"You can advise the solution and protect your environment."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"It offers built-in modules for file integrity and vulnerability management."
"It is a stable solution."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"Wazuh has very flexible and robust features."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
More Wazuh pros
 

Cons

"The solution should have better reporting."
"The only challenge we faced with Wazuh was the lack of direct support."
"While it is scalable, it can suffer from reduced latencies."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The computing resources are consuming and do not make sense."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Wazuh is missing many things that a typical SIEM should have."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"There could be a hardware monitoring tool for the solution."
More Wazuh cons
 

Pricing and Cost Advice

Information not available
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"Wazuh has a community edition, and I was using that. It's free and open source."
"It is an open-source product."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"My client uses the open-source version of Wazuh."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"They have a good pricing strategy for market expansion."
More Wazuh pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Computer Software Company
15%
Comms Service Provider
9%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business26
Midsize Enterprise15
Large Enterprise8
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
See all answers
What needs improvement with Wazuh?
That would require me to discuss with the Wazuh team regarding areas that could be improved, as I have numerous ideas. From a developer's perspective, this is a Linux system with an active communit...
See all answers
What is your primary use case for Wazuh?
Wazuh is a SIEM platform with various applications in today's environment. Compliance checks have helped with regulatory requirements. I pulled in PCI DSS to check for file integrity monitoring. I ...
See all answers
 

Comparisons

No data available
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 13% of the time
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Compared 12% of the time
Graylog Enterprise vs Wazuh Logo
Graylog Enterprise vs Wazuh
Compared 8% of the time
AlienVault OSSIM vs Wazuh Logo
AlienVault OSSIM vs Wazuh
Compared 6% of the time
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 4% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Symantec XDR reportDownload Symantec XDR product report
Buyer's Guide
Wazuh
August 2025
Wazuh reportDownload Wazuh product report
 

Also Known As

No data available
Wazuh All-In-One Deployment
 

Overview

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Wazuh offers comprehensive security features like MITRE ATT&CK correlation, log monitoring, and cloud-native infrastructure. It ensures compliance and provides intrusion detection with high scalability and open-source flexibility, ideal for businesses seeking robust SIEM capabilities.

Wazuh stands out in security information and event management by providing efficient log aggregation, vulnerability scanning, and event correlation against MITRE ATT&CK. Its capability to integrate seamlessly with environments, manage compliance, and monitor files makes it suitable for cloud-native infrastructures and financial sectors. Despite its technical support needing enhancement and opportunities for improving AI integration and threat intelligence, its open-source nature and cost-effectiveness make it appealing. Users can leverage custom dashboards powered by Elasticsearch for precise data analysis, even though there is a desire for a more user-friendly interface and better enterprise solution integration. Deployment may be complex, but its features contribute significantly to fortified security postures.

What are the essential features of Wazuh?
  • MITRE ATT&CK Correlation: Aligns events with recognized adversary tactics and techniques.
  • Log Monitoring: Collects and analyzes logs for threat detection.
  • Cloud-Native Infrastructure: Supports modern cloud environments.
  • Vulnerability Scanning: Identifies potential security weaknesses.
  • File Integrity Monitoring: Ensures the integrity of sensitive files.
  • Open-Source Flexibility: Customizable and adaptable code base.
What benefits should users consider?
  • Cost-Effectiveness: Offers a budget-friendly security solution.
  • Ease of Use: Simplified setup and management.
  • Comprehensive Compliance Management: Aids in meeting regulatory requirements.
  • High Scalability: Grows with businesses and adapts to different environments.
  • Extensive Third-Party Integrations: Connects to various existing systems.

Industries like finance and cloud infrastructure heavily utilize Wazuh for its security strengths. By monitoring endpoints and ensuring compliance with frameworks, companies can improve security posture and swiftly detect anomalies. The platform's focus on event correlation and alerts for security incidents is particularly beneficial.

Wazuh
Buyer's Guide
Extended Detection and Response (XDR)
August 2025
Download Free Report
Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Extended Detection and Response (XDR). Updated: August 2025.
DOWNLOAD NOW
867,497 professionals have used our research since 2012.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.