Try our new research platform with insights from 80,000+ expert users
Wazuh Logo

Wazuh pros and cons

Vendor: Wazuh
3.7 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Wazuh is valued for its integration capabilities with AWS and cloud-native infrastructure, enabling seamless integration with cloud services. The open-source model supports customization and scalability, particularly on Azure, while offering efficient compliance management with PCI DSS and GDPR standards. However, it lacks threat intelligence integration, has detection and security weaknesses on Unix and container systems, constrained scalability for on-premises, limited customization, and insufficient technical support, affecting effective asset management and inventory monitoring.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Wazuh's seamless integration with other environments and applications enhances its adaptability and ease of use.
Wazuh's open-source nature offers a cost-effective solution with flexibility and customization possibilities.
Wazuh's compatibility with numerous security solutions and ability to define custom rules strengthens its role in threat detection and compliance management.
Wazuh supports a wide range of modules, such as ELK for investigations and security assessments like PCI DSS and GDPR compliance.
Wazuh's machine learning data handling capabilities enhance its value for asset management and monitoring endpoint changes.

CONS

Wazuh lacks comprehensive threat intelligence integration, resulting in a gap in feedback during sudden incidents.
Scalability is a constraint with Wazuh's on-prem version regarding the volume of logs, leading to challenges in distributed architecture and complex deployment.
Wazuh does not provide real-time monitoring for Unix systems and demands more advanced detection and feature sets compared to competitors.
The lack of AI capabilities and challenges in integrating various sources for log data analysis are major concerns for users seeking efficient solutions.
Multiple users have reported that alerts in Wazuh are complex, not specific, and frequently lead to inefficiencies, requiring constant manual intervention.
 

Wazuh Pros review quotes

MB
Dec 16, 2024
Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.
Read full review
Buyer's Guide
Wazuh
August 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
DOWNLOAD NOW
867,676 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Wazuh offers an enhanced HDR version that outperforms its competitors.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems.
Read full review
NH
Jul 11, 2024
The solution is easy to maintain.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The product is easy to customize.
Read full review
EO
Jun 3, 2025
Overall, I rate Wazuh a nine out of ten.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.
Read full review
MS
Jul 10, 2024
The product's initial setup phase was easy.
Read full review
Show 10 more reviews (out of 48)
 

Wazuh Cons review quotes

MB
Dec 16, 2024
The only challenge we faced with Wazuh was the lack of direct support.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
They could include flexibility and customization capabilities by modifying for customers based on partner agreements.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage.
Read full review
Buyer's Guide
Wazuh
August 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
DOWNLOAD NOW
867,676 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
While it is scalable, it can suffer from reduced latencies.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions.
Read full review
NH
Jul 11, 2024
The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The tool does not provide CTI to monitor darknet.
Read full review
EO
Jun 3, 2025
When I face a challenge, I prefer not to spend too much time on it and may move to another solution that will give us the results.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh.
Read full review
MS
Jul 10, 2024
Wazuh currently fails to provide its users with AI and ML.
Read full review
Show 10 more reviews (out of 48)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Wazuh Logo
CrowdStrike Falcon vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Microsoft Sentinel vs Wazuh Logo
Microsoft Sentinel vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Darktrace vs Wazuh Logo
Darktrace vs Wazuh
SentinelOne Singularity Complete vs Wazuh Logo
SentinelOne Singularity Complete vs Wazuh
Microsoft Defender XDR vs Wazuh Logo
Microsoft Defender XDR vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Cortex XDR by Palo Alto Networks vs Wazuh Logo
Cortex XDR by Palo Alto Networks vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Trellix Endpoint Security Platform vs Wazuh Logo
Trellix Endpoint Security Platform vs Wazuh
Graylog Enterprise vs Wazuh Logo
Graylog Enterprise vs Wazuh
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Wazuh Logo
CrowdStrike Falcon vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Microsoft Sentinel vs Wazuh Logo
Microsoft Sentinel vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Darktrace vs Wazuh Logo
Darktrace vs Wazuh
SentinelOne Singularity Complete vs Wazuh Logo
SentinelOne Singularity Complete vs Wazuh
Microsoft Defender XDR vs Wazuh Logo
Microsoft Defender XDR vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Cortex XDR by Palo Alto Networks vs Wazuh Logo
Cortex XDR by Palo Alto Networks vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Trellix Endpoint Security Platform vs Wazuh Logo
Trellix Endpoint Security Platform vs Wazuh
Graylog Enterprise vs Wazuh Logo
Graylog Enterprise vs Wazuh
See all alternatives
Related questions
  • 494
What is the difference between SIEM and Next-Gen SIEM solutions?
  • 168
What Solution for SIEM is Best To Be NIST 800-171 Compliant?
  • 58
When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
  • 94
What are the main differences between Nessus and Arcsight?
  • 37
What's The Best Way to Trial SIEM Solutions?
  • 137
Which is the best SIEM solution for a government organization?
  • 752
What is the difference between IT event correlation and aggregation?
  • 59
What Is SIEM Used For?
  • 43
RSA-EMC vs. other SIEM products?
  • 334
What Questions Should I Ask Before Buying SIEM?