Try our new research platform with insights from 80,000+ expert users

SentinelOne Singularity AI SIEM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity AI ...
Ranking in Security Information and Event Management (SIEM)
23rd
Average Rating
8.8
Reviews Sentiment
5.7
Number of Reviews
4
Ranking in other categories
AI Observability (22nd)
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.1
Number of Reviews
50
Ranking in other categories
Log Management (1st), Extended Detection and Response (XDR) (5th)
 

Mindshare comparison

As of March 2026, in the Security Information and Event Management (SIEM) category, the mindshare of SentinelOne Singularity AI SIEM is 1.6%, up from 0.2% compared to the previous year. The mindshare of Wazuh is 5.8%, down from 14.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Wazuh5.8%
SentinelOne Singularity AI SIEM1.6%
Other92.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

Mohan Janarthanan - PeerSpot reviewer
Associate Vice President at Novac Technology Solutions
AI-driven monitoring has improved real-time threat detection but still needs better automation
I could see some workflows, but I am unable to do automated workflows. For example, some repetitive jobs or repetitive tasks I am doing, but I am trying to have less manual intervention on the front. I am raising some issues that should be resolvable. The SentinelOne team has told me that this can be resolved within a couple of months, but they are saying that it is in future for enhancement and it may take some time. So far, the numbers are great. Regarding disadvantages or areas for improvement, I could say that 35 percent of my manual effort can be detected since I implemented it very recently. I could be able to say my current data talks about only 35 percent, and it may improve further, as I am expecting. But I can only comment based on my alerts and events. The adoption rate will be less compared to other products, as this can be a time-taken process because all my data needs to be offloaded and the system needs to understand my existing alerts, logs, and other things. This will take some more time, probably another month. Another area for improvement is that the product is somewhat expensive. Pricing could be improved as well.
RS
Engineer Information Security at N-Able (Pvt) Ltd
Has faced limitations in AI capabilities and pricing flexibility
Pricing-wise, Wazuh stands out, along with deployment flexibility and its documentation which is extremely good in comparison to Forti. The community support is also incredible. They have helped quite a bit because previously, we had a separate tool and management dashboard to do our compliance. With Wazuh, we receive that information without having to do anything extra. We just set up the SIEM and all of that information was automatically populated. The dashboards are very easy to understand and very quick with no lag or delay. I have experienced delays on Forti's dashboards, but not with Wazuh. Wazuh is quite good. In comparison to Forti, they are quite similar. They are very good at detection.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"When they face attacks such as ransomware and are dissatisfied with their existing solutions, they switch to SentinelOne Singularity AI SIEM, which is quite good in detecting unknown threats, cleaning the system, and handling ransomware."
"AI-driven capabilities will give me real-time detection and will protect my autonomous AI interruption."
"Overall, I would assess the overall security posture after implementing SentinelOne Singularity AI SIEM as significantly better."
"After using SentinelOne Singularity AI SIEM, it has reduced our incident response time by forty to fifty percent compared to other tools."
"It's stable."
"The configuration assessment and Pile integrity monitoring features are decent."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh is simple to use for PCI compliance."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"The most valuable features are the modules and metrics."
 

Cons

"SentinelOne Singularity AI SIEM has some performance and reliability issues that need improvement."
"In AI SIEM, the areas that have room for improvement are the parsers for third-party integrated data or for third-party data sources that are not native integrations, which could be made a bit easier."
"Another area for improvement is that the product is somewhat expensive. Pricing could be improved as well."
"It is quite good, but the only downside is that it is costly."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"An issue I noticed is with tag values in certain rules not functioning properly."
"There could be a hardware monitoring tool for the solution."
"Wazuh requires substantial maintenance. The indexer frequently times out, requiring system restarts. When it comes to errors, debugging takes considerable time."
"Wazuh is missing many things that a typical SIEM should have."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
 

Pricing and Cost Advice

Information not available
"It is a free-of-cost solution."
"It is a cost-effective solution."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"It is an open-source product."
"Wazuh has a community edition, and I was using that. It's free and open source."
"Wazuh is free and open source."
"The product price is neither too high nor too low."
"Wazuh is not an expensive solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
884,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Healthcare Company
10%
Comms Service Provider
9%
Transportation Company
6%
Government
6%
Computer Software Company
12%
Comms Service Provider
11%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business27
Midsize Enterprise15
Large Enterprise8
 

Questions from the Community

What needs improvement with SentinelOne Singularity AI SIEM?
In AI SIEM, the areas that have room for improvement are the parsers for third-party integrated data or for third-party data sources that are not native integrations, which could be made a bit easi...
What is your primary use case for SentinelOne Singularity AI SIEM?
Our use case with SentinelOne Singularity AI SIEM is primarily AI observability for a large part. We are using it for SIEM purposes as well. Prior to the inclusion of Purple AI, it was exclusively ...
What advice do you have for others considering SentinelOne Singularity AI SIEM?
My impression of the AI-driven threat detection capabilities of SentinelOne Singularity AI SIEM is great. I am really looking forward to the upcoming feature with agentic incident investigation. If...
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
What needs improvement with Wazuh?
Regarding compliance, I find it not stable. I do not recommend it for that purpose. It can comply with Wazuh NCA, which we have here in Saudi Arabia. Wazuh NCA has many frameworks starting with ECC...
What is your primary use case for Wazuh?
I have been working with Wazuh for two years, and I can explain how I use Wazuh. I did not use Wazuh as a SIEM solution. I use Wazuh as a tool for services we provide. This service is called compro...
 

Also Known As

No data available
Wazuh All-In-One Deployment
 

Overview

Find out what your peers are saying about SentinelOne Singularity AI SIEM vs. Wazuh and other solutions. Updated: March 2026.
884,933 professionals have used our research since 2012.