Wazuh Reviews

We use Wazuh for PCI compliance monitoring. It can detect whether a server or PCA node is PCI compliant.

Wazuh is simple to use for PCI compliance.

Some features, like alerting, are complex with Wazuh. Setting up alerts and triggers can be difficult, and the interface could be better. Compared to other platforms, such as New Relic, Wazuh's UI could be improved. New Relic has a similar interface, but the UI updates have made it a better product.

We have certain requirements regarding monitoring and whether Wazuh is completely compliant with them. It would be helpful to know if Wazuh is a complete solution for log monitoring, including the requirements of PCA and other security aspects.

I have been using Wazuh for a couple of months. We are using the latest version of the solution.

While installing some agents, our team faced some issues. However, the stability is otherwise good. I rate the solution's stability a seven out of ten.

The solution is scalable. We've three to five users using this solution. I rate the solution's scalability a seven or eight out of ten.

Wazuh provided good support for whatever usage or issues we were facing. They were ready to support us at any point.

We have used ELK before, but it was not a complete solution for our needs. We needed to integrate it with other solutions. Wazuh seemed a more comprehensive solution, especially compared to other providers. We also tried products from a local company, but their service was not as good as Wazuh. It is also an established company. We decided to use Wazuh.

The initial setup of Wazuh is simple. The internal person sets up the application and installs the agents. They were able to do it in a day. Both setup and configuration are straightforward.

The solution's pricing is very competitive. I rate the solution's pricing a nine out of ten, where one is expensive and ten is cheap.

Overall, I rate the solution an eight out of ten.

We wanted a solution as an in-house SIEM tool, which can collect security and order logs for compliance purposes. We tried to explore a lot of tools and considering our budget and use cases, this tool matched our requirements.

We have five to seven users and we will be adding more users.

There are two features that stand out. Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work. Second, we can configure the logs per our requirement. 

The scalability of this solution could be improved. 

We have been Wazah for the past month. 

This is a stable solution but we have only tested that for one month. 

Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application. 

We have not reached out to the support team. We have just followed the Wazuh online documentation.

The initial setup is a little bit complex as it takes some time to understand the configurations. 

We started the implementation with the assistance of a consultant but completed it in-house. 

I would definitely recommend Wazuh to those who want a SIEM tool as a central logging system and for log management. You can complete the necessary security audits using this tool and have your security alerts configured if your system is receiving unknown attacks.

Overall, this is a fantastic tool but you will need an expert to assist with configuration. Scaling this solution is also challenging. We have not tested migrating from one server to another. 

I would rate this solution a six out of ten.

It is a basic level requirement for the compliance factor. There is regulatory compliance by the regulator called CDDISR, and we need to ensure that all the network's critical components send the logs. Wazuh allows us to complete forensic tasks to track any attacks.

The reporting and attractive dashboard are the most valuable features. We used Splunk, but it was a bit expensive. On the other hand, Wazuh has very flexible and robust features.

The computing resources are consuming and do not make sense. It should be lighter in terms of memory, CPU, and computing. There is a direct need for improvisation for any user, and it should be lighter than the current version. In the next release, they should include secure mobile app integration.

We have been using this solution for almost three months. It is deployed on-premises by our vendor.

It is a stable solution, and the performance is good.

It is scalable and does not require adding further devices. The number of devices that we already have are listed there. The basic use case is the compliance factor, and there's no additional need. However, if we start doing more extensive logging, we might need Splunk because Wazuh has some limitations in consuming heavier resources. Splunk is the best for large data computing and big data.

The vendor provides support, but we haven't approached them for support yet.

We hired a third-party company for the setup, and they took considerable time to complete it. They were not experts, and it took them about a week. It should have taken only about three days. I rate the setup an eight out of ten. After setup, it does not require any additional maintenance.

We paid a lump sum as managed services, so the operator charges an amount for a year using a complete compliance system. The complete compliance system is just one component, so we are not being charged separately for the suite. This means we have the luxury of using it as a combo deal.

I rate this solution an eight out of ten. Regarding advice, if anyone is going for Wazuh, they have to understand their buying compute if they're going on cloud. They should ideally evaluate the Apple-to-Apple comparison between the products in terms of how computing-intensive the product is. So if Wazuh is inefficient in computing, it should be option two. They should identify any other product which has efficient computing capabilities. There should also be a skilled resource available as an implementation partner.

We integrated all of our services and infrastructure in the cloud with Wazuh.

I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform.

It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism.

I have been working with Wazuh for two and a half years.

Wazuh is a stable solution.

Wazuh is a scalable solution. We had 18 employees using this solution.

We had an AlienVault setup, but it does not support the cloud servers and infrastructure. Wazuh is known for cloud security event management.

It took less than ten days for the integration and to get the complete setup up and running.

Wazuh was implemented by one of my team members, who is a Wazuh expert. This employee did the complete installation and everything else.

Wazuh has a community edition, and I was using that. It's free and open source.

I would tell potential users to review the technical implementation documentation before setting up Wazuh. This is because setting up Wazuh is a little bit tricky for a newbie because they won't be able to understand the technicalities of the solution. Just go through the technical documentation and implementation documentation once before installing Wazuh.

On a scale from one to ten, I would give Wazuh a seven.

We use the solution for vulnerability metrics, auditing, and detecting SQL injection attacks.

The solution's most valuable feature is its SCA capabilities.

There could be a hardware monitoring tool for the solution. It helps reduce the cost of utilizing external resources for the same.

We have been using the solution for five to six months.

I rate the solution's scalability a ten out of ten. We have enterprise business clients.

We are currently evaluating the cost of the solution's support services.

We have multiple teams using the solution in the virtual environment. It was easy to deploy for a few teams while challenging for others.

I rate the solution's pricing a seven out of ten.

I rate the solution a seven out of ten. There needs to be monitoring for the hardware similar to Zabbix and Nagios solutions.

We use the solution for endpoint detection and response. It helps us detect malicious files.

The solution is easy to integrate with other SOC tools. Also, it has a lot of capabilities like active response, cloud security, etc.

The solution's configuration could be faster.

We have been using the solution for two months.

The solution is easy to install. However, it takes a long time to configure.

It is a stable solution.

It is an open-source solution.

I recommend the solution to others and rate it a seven. It has many features and integrates with other substitutes like QRadar, Hive, etc.

It is used primarily for event management in our organization, which falls into the category of an edge Intrusion Detection System (IDS) or host Internet protection system. Our company is not very large, with around twenty to thirty servers and approximately one hundred fifty to two hundred endpoints. Wazuh serves as a centralized platform for collecting security events and managing vulnerabilities across your systems. Its main purpose is to analyze and improve the overall security posture of our organization.

Before the deployment of Wazuh, we faced challenges related to vulnerability management and version change history. Vulnerabilities often went unreported, and there was no organized system for managing vulnerabilities. Since we implemented it, there has been a notable improvement. Vulnerabilities have significantly decreased, with nearly fifty percent of servers now reporting zero vulnerabilities. This positive change is attributed to regular reporting, remediation efforts, and frequent system updates.

It offers built-in modules for file integrity and vulnerability management. This provides the convenience of having these features integrated into one platform rather than using separate dedicated tools. Wazuh's comprehensive compliance with various modules aligns well with our organization's needs, making it a highly suitable and efficient solution.

It is an open-source tool with a strong community. We had positive experiences with community support, having received solutions for most of your inquiries in the past. However, it would be beneficial if Wazuh could provide clearer guidance or tutorials on how to add components to the user interface (UI), especially when integrating tools that aren't inherently supported by Wazuh. A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for such custom integrations would be beneficial.

I have been working with it for the last three years.

The stability capabilities are almost perfect. I would rate it nine out of ten.

It offers excellent scalability features. I would rate it nine out of ten.

Their customer support services are excellent. I would rate it nine out of ten.

Positive

We use other tools like SpamTitan and Fortis for specific purposes. SpamTitan is employed for email spam filtering and Fortis for client-related tasks. These tools complement our overall cybersecurity and client management efforts.

While generally straightforward, there were some challenges during the initial setup process, particularly when dealing with certificate-related issues. I would rate it seven out of ten.

The deployment took a total of five days, involving three individuals. Once deployed, the solution is efficiently maintained by just one person.

Wazuh is an open-source tool, which means it is freely available for use.

I recommend it for its flexibility and adaptability to specific organizational needs. I would rate it eight out of ten.

We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.

Wazuh can integrate with various open-source and paid products, allowing for flexibility in customization based on use cases. Wazuh supports multiple use cases, allowing for in-depth customization. Additionally, Wazuh incorporates detection mechanisms such as tracing, shared internal suites, and leveraging third-party feeds. Machine learning mechanisms are also built to enhance detection capabilities, helping identify suspicious or anomalous behavior. It is open-source nature, which allows for widespread adoption and community support. The growing community contributes to its continued development and improvement.

I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system.

I have been using Wazuh as an end user since 2023.

The product is stable.

The solution is scalable. In the Bangladesh market, several banks are now actively considering Wazuh. They become fully compliant with compliance issues. Earlier, they were struggling to obtain approval and maintain compliance standards.

I have used Elastic Security. There are some customization needs in Wazuh. We cannot customize it.

The initial setup is easy. Log management plays a crucial role in using Wazuh to its full potential. Assessing the volume and nature of the data is essential to determine EPS. This calculation is pivotal, as it dictates resource allocation, such as access, RAM, and storage specifications.

The product is an open-source platform.

Wazuh can onboard multiple customers onto a single deployment through its multi-tenancy feature. Each customer can have their own interface with the same deployment location.

The solution’s maintenance is easy.

Overall, I rate the solution an eight out of ten.