We compared Wazuh and Security Onion based on our user's reviews in several parameters.
Wazuh stands out for its flexibility in tailoring solutions, exceptional customer service, and cost-effective pricing. On the other hand, Security Onion is praised for its comprehensive network security monitoring capabilities, community support, and effective incident response tools. Wazuh could benefit from interface enhancements, while Security Onion needs better customization options and documentation clarity.
Features: Wazuh is valued for its advanced threat detection and flexible customization, whereas Security Onion is praised for its comprehensive network security monitoring, user-friendly interface, and extensive integration of open-source security tools.
Pricing and ROI: The setup_cost for Wazuh is considered straightforward and hassle-free, with reasonable pricing options. The licensing is flexible and customizable to individual needs. On the other hand, there are discussions among users about the pricing, setup cost, and licensing of Security Onion, without using the word "review.", Wazuh has shown positive ROI, with users reporting various benefits. Security Onion has also provided measurable ROI, contributing effectively to organizational security.
Room for Improvement: Wazuh could benefit from enhancing its interface and navigation, clearer documentation, and more intuitive configuration options. Users suggested improvements for system resource consumption. Security Onion needs enhanced customization options, improved user interface and interaction, detailed documentation, and scalability and performance improvements.
Deployment and customer support: The user reviews comparing Wazuh and Security Onion indicate that while some users spent three months on deployment and a week on setup for Wazuh, others spent a week on both phases, implying that they refer to the same period. For Security Onion, the feedback mentions varying timeframes, emphasizing the significance of considering the context in which terms like deployment, setup, and implementation are used., Wazuh's customer service and support are highly regarded by users. They appreciate the prompt and attentive assistance, with the team commended for their knowledge, efficiency, and helpfulness in resolving problems. On the other hand, Security Onion's customer service is consistently commendable, with customers expressing satisfaction in resolving issues and receiving prompt responses. The support is perceived as reliable, effective, and helpful throughout their experiences.
The summary above is based on 34 interviews we conducted recently with Wazuh and Security Onion users. To access the review's full transcripts, download our report.
"Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"Wazuh has very flexible and robust features."
"Wazuh is simple to use for PCI compliance."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Its cost-effectiveness is the most valuable aspect."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
"The initial setup of the solution is a little bit difficult."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"Wazuh is missing many things that a typical SIEM should have."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"While it is scalable, it can suffer from reduced latencies."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
Security Onion is ranked 33rd in Log Management with 3 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Security Onion is rated 7.6, while Wazuh is rated 7.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Security Onion is most compared with Elastic Stack, TheHive, Splunk Enterprise Security, Graylog and Kali Linux, whereas Wazuh is most compared with Elastic Security, Splunk Enterprise Security, AlienVault OSSIM, Graylog and IBM Security QRadar. See our Security Onion vs. Wazuh report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.