Symantec XDR vs Wazuh comparison

Read 50 Wazuh reviews

35,306 Views
9,886 Comparison Views

81% willing to recommend

Symantec XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 30, 2025

Wazuh and Symantec XDR are competitors in cybersecurity solutions. Symantec XDR is often preferred due to its extensive features.

Features: Wazuh offers robust threat detection, SIEM capabilities, and file integrity monitoring. Symantec XDR provides advanced threat intelligence, automated response, and seamless integration with other Symantec products.

Ease of Deployment and Customer Service: Symantec XDR offers streamlined deployment with dedicated support. Wazuh, as open-source, requires more setup but offers extensive documentation.

Pricing and ROI: Wazuh is cost-effective due to its open-source nature, while Symantec XDR requires higher investment but promises significant long-term ROI.

To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: January 2026).

Extended Detection and Response (XDR)

Download the complete report

Helped 881,733 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Symantec XDR

Ranking in Extended Detection and Response (XDR)

46th

Average Rating

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Wazuh

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

7.4

Reviews Sentiment

6.1

Number of Reviews

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (2nd)

Mindshare comparison

As of February 2026, in the Extended Detection and Response (XDR) category, the mindshare of Symantec XDR is 0.4%, up from 0.1% compared to the previous year. The mindshare of Wazuh is 7.2%, down from 11.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR) Market Share Distribution
Product	Market Share (%)
Wazuh	7.2%
Symantec XDR	0.4%
Other	92.4%

Extended Detection and Response (XDR)

Featured Reviews

BILALRAZA

Cyber Security Consultant at I(TS)² Saudi Arabia

A scalable and stable solution with straightforward deployment

We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.

Read full review

Rajin Sandira

Engineer Information Security at N-Able (Pvt) Ltd

Has faced limitations in AI capabilities and pricing flexibility

Pricing-wise, Wazuh stands out, along with deployment flexibility and its documentation which is extremely good in comparison to Forti. The community support is also incredible. They have helped quite a bit because previously, we had a separate tool and management dashboard to do our compliance. With Wazuh, we receive that information without having to do anything extra. We just set up the SIEM and all of that information was automatically populated. The dashboards are very easy to understand and very quick with no lag or delay. I have experienced delays on Forti's dashboards, but not with Wazuh. Wazuh is quite good. In comparison to Forti, they are quite similar. They are very good at detection.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"You can advise the solution and protect your environment."

"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."

"It's stable."

"The most valuable features are the modules and metrics."

"Wazuh is simple to use for PCI compliance."

"I like that the solution is on top of the Kubernetes stack."

"If they support a solution, it is easy to do an integration."

"Overall, I rate Wazuh a nine out of ten."

"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."

More Wazuh pros

Cons

"The solution should have better reporting."

"The tool doesn't detect anomalies or new environments."

"Integration with Vyara could be better."

"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."

"The deployment is a bit complex."

"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."

"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."

"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."

"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."

More Wazuh cons

Pricing and Cost Advice

Information not available

"The product price is neither too high nor too low."

"The solution's cost is above the average."

"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."

"Wazuh is free and open source."

"There is not a license required for Wazuh."

"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."

"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."

"Wazuh is not an expensive solution."

More Wazuh pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

881,733 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

No data available

Computer Software Company

12%

Comms Service Provider

11%

University

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	27
Midsize Enterprise	15
Large Enterprise	8

Questions from the Community

Ask a question

Earn 20 points

What do you like most about Wazuh?

Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...

See all answers

What needs improvement with Wazuh?

Regarding compliance, I find it not stable. I do not recommend it for that purpose. It can comply with Wazuh NCA, which we have here in Saudi Arabia. Wazuh NCA has many frameworks starting with ECC...

See all answers

What is your primary use case for Wazuh?

I have been working with Wazuh for two years, and I can explain how I use Wazuh. I did not use Wazuh as a SIEM solution. I use Wazuh as a tool for services we provide. This service is called compro...

See all answers

Comparisons

Trellix Endpoint Security Platform vs Symantec XDR

Compared 32% of the time

Microsoft Defender XDR vs Symantec XDR

Compared 30% of the time

More Symantec XDR Competitors

Security Onion vs Wazuh

Compared 10% of the time

Elastic Stack vs Wazuh

Compared 9% of the time

Splunk Enterprise Security vs Wazuh

Compared 5% of the time

Graylog Enterprise vs Wazuh

Compared 5% of the time

Elastic Security vs Wazuh

Compared 4% of the time

More Wazuh Competitors

Product Reports

Extended Detection and Response (XDR)

Download Symantec XDR product report

Download Wazuh product report

Also Known As

No data available

Wazuh All-In-One Deployment

Overview

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Wazuh offers an open-source platform designed for seamless integration into diverse environments, making it ideal for enhancing security infrastructure. Its features include log monitoring, compliance support, and real-time threat detection, providing effective cybersecurity management.

Wazuh stands out for its ability to integrate easily with Kubernetes, cloud-native infrastructures, and various SIEM platforms like ELK. It features robust MITRE ATT&CK correlation, comprehensive log monitoring capabilities, and detailed reporting dashboards. Users benefit from its file integrity monitoring and endpoint detection and response (EDR) capabilities, which streamline compliance and vulnerability assessments. While appreciated for its customization and easy deployment, room for improvement exists in scalability, particularly in the free version, and in areas such as threat intelligence integration, cloud integration, and container security. The platform is acknowledged for its strong documentation and technical support.

What are the key features of Wazuh?

MITRE ATT&CK Correlation: Streamlines threat analysis by correlating security data with known attack patterns.
Log Monitoring: Provides continuous oversight of log data to enhance security insights.
SIEM and ELK Integration: Simplifies centralization of security events and analytics.
Kubernetes Support: Ensures security measures align with containerized environments.
File Integrity Monitoring: Alerts on unauthorized changes to critical files.
Endpoint Detection and Response: Identifies and mitigates endpoint threats efficiently.
Compliance and Benchmarking: Built-in rules assist in meeting regulatory standards.

What benefits and ROI should users look for?

Cost-Effectiveness: Offers an affordable open-source security solution tailored for extensive customization.
Customization: Users can adjust features to fit unique security requirements.
Scalability: Facilitates growth by adapting to expanding security needs.
Comprehensive Support: Backed by detailed documentation and technical expertise.
Regulatory Compliance: Helps maintain adherence to industry-specific regulations.

In industries like finance, healthcare, and technology, Wazuh is utilized for its capabilities in log aggregation, threat detection, and vulnerability management. Companies often implement its features to ensure compliance with stringent regulations and to enhance security practices across cloud environments. By leveraging its integration capabilities, organizations can achieve unified security management, ensuring comprehensive protection of their digital assets.

Extended Detection and Response (XDR)