Try our new research platform with insights from 80,000+ expert users
Wazuh Logo

Wazuh pros and cons

Vendor: Wazuh
3.7 out of 5
Badge Ranked 1
134 followers
Start review

Pros & Cons summary

Wazuh excels with integration in cloud environments and solutions, offering customizable open-source tools. Its logging features include AWS support, vulnerability scanning, and file integrity monitoring, contributing to its value. However, challenges exist due to lacking threat intelligence integration, limited real-time monitoring for Unix, and insufficient scalability and event coverage. Technical support and AI capabilities also need enhancement, though its SCA and compliance management align with PCI DSS and GDPR standards, aiding monitoring and security.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Wazuh's integration capabilities with other environments, cloud applications, and on-premises applications are highly valued, making it easy to implement and integrate with various solutions.
Wazuh is appreciated for its comprehensive features, such as ELK integration, PCI DSS compliance, and CIS benchmark monitoring, offering capabilities comparable to premium solutions in the market for free.
Wazuh's open-source nature and ability to define custom rules make it flexible and compatible with various security solutions, enhancing its utility for different use cases.
Wazuh is highly regarded for its file monitoring and compliance reporting capabilities, providing valuable insights without incurring excessive costs.
Wazuh's stability, scalability, and robust documentation make it easy to deploy and maintain, and its EDR capabilities make it a preferred choice for many users.

CONS

Wazuh's threat intelligence is lacking and not integrated with SIEM tools, creating a gap in value for clients.
Real-time monitoring for Unix systems is not supported by Wazuh, which could impact scalability and performance.
Wazuh requires improvements in log data analysis, container security, and malware detection to meet IT team needs.
Technical support for Wazuh needs enhancement, with quicker responses and a focus on regional compliance standards.
Wazuh's configuration process is complex and time-consuming, requiring significant maintenance and system restarts.
 

Wazuh Pros review quotes

MB
Dec 16, 2024
Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.
Read full review
Buyer's Guide
Wazuh
May 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
Wazuh offers an enhanced HDR version that outperforms its competitors.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems.
Read full review
NH
Jul 11, 2024
The solution is easy to maintain.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The product is easy to customize.
Read full review
EO
Jun 3, 2025
Overall, I rate Wazuh a nine out of ten.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.
Read full review
MS
Jul 10, 2024
The product's initial setup phase was easy.
Read full review
Show 10 more reviews (out of 48)
 

Wazuh Cons review quotes

MB
Dec 16, 2024
The only challenge we faced with Wazuh was the lack of direct support.
Read full review
reviewer2301372 - PeerSpot reviewer
Feb 9, 2024
They could include flexibility and customization capabilities by modifying for customers based on partner agreements.
Read full review
Vikrant Puranik - PeerSpot reviewer
Aug 1, 2022
Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage.
Read full review
Buyer's Guide
Wazuh
May 2025
Free Report: Wazuh Reviews and More
Learn what your peers think about Wazuh. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
AKASH MAJUMDER - PeerSpot reviewer
Mar 20, 2023
While it is scalable, it can suffer from reduced latencies.
Read full review
Wajih Ul Hasan - PeerSpot reviewer
May 11, 2022
Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions.
Read full review
NH
Jul 11, 2024
The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh.
Read full review
PrzemekAndula - PeerSpot reviewer
Feb 7, 2024
The tool does not provide CTI to monitor darknet.
Read full review
EO
Jun 3, 2025
When I face a challenge, I prefer not to spend too much time on it and may move to another solution that will give us the results.
Read full review
Robert Cheruiyot - PeerSpot reviewer
Oct 28, 2021
Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh.
Read full review
MS
Jul 10, 2024
Wazuh currently fails to provide its users with AI and ML.
Read full review
Show 10 more reviews (out of 48)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Wazuh Logo
CrowdStrike Falcon vs Wazuh
Microsoft Sentinel vs Wazuh Logo
Microsoft Sentinel vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Darktrace vs Wazuh Logo
Darktrace vs Wazuh
SentinelOne Singularity Complete vs Wazuh Logo
SentinelOne Singularity Complete vs Wazuh
Microsoft Defender XDR vs Wazuh Logo
Microsoft Defender XDR vs Wazuh
Cortex XDR by Palo Alto Networks vs Wazuh Logo
Cortex XDR by Palo Alto Networks vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Trellix Endpoint Security Platform vs Wazuh Logo
Trellix Endpoint Security Platform vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Wazuh Logo
CrowdStrike Falcon vs Wazuh
Microsoft Sentinel vs Wazuh Logo
Microsoft Sentinel vs Wazuh
Dynatrace vs Wazuh Logo
Dynatrace vs Wazuh
Datadog vs Wazuh Logo
Datadog vs Wazuh
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Darktrace vs Wazuh Logo
Darktrace vs Wazuh
SentinelOne Singularity Complete vs Wazuh Logo
SentinelOne Singularity Complete vs Wazuh
Microsoft Defender XDR vs Wazuh Logo
Microsoft Defender XDR vs Wazuh
Cortex XDR by Palo Alto Networks vs Wazuh Logo
Cortex XDR by Palo Alto Networks vs Wazuh
IBM Security QRadar vs Wazuh Logo
IBM Security QRadar vs Wazuh
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Elastic Observability vs Wazuh Logo
Elastic Observability vs Wazuh
Trellix Endpoint Security Platform vs Wazuh Logo
Trellix Endpoint Security Platform vs Wazuh
Grafana Loki vs Wazuh Logo
Grafana Loki vs Wazuh
Graylog vs Wazuh Logo
Graylog vs Wazuh
See all alternatives
Related questions
  • 544
What is the difference between SIEM and Next-Gen SIEM solutions?
  • 229
What Solution for SIEM is Best To Be NIST 800-171 Compliant?
  • 51
When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
  • 112
What are the main differences between Nessus and Arcsight?
  • 7
What's The Best Way to Trial SIEM Solutions?
  • 171
Which is the best SIEM solution for a government organization?
  • 1,020
What is the difference between IT event correlation and aggregation?
  • 134
What Is SIEM Used For?
  • 19
RSA-EMC vs. other SIEM products?
  • 445
What Questions Should I Ask Before Buying SIEM?