Symantec XDR vs Wazuh comparison

Read 50 Wazuh reviews

35,306 Views
9,886 Comparison Views

81% willing to recommend

Symantec XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 30, 2025

Wazuh and Symantec XDR are competitors in cybersecurity solutions. Symantec XDR is often preferred due to its extensive features.

Features: Wazuh offers robust threat detection, SIEM capabilities, and file integrity monitoring. Symantec XDR provides advanced threat intelligence, automated response, and seamless integration with other Symantec products.

Ease of Deployment and Customer Service: Symantec XDR offers streamlined deployment with dedicated support. Wazuh, as open-source, requires more setup but offers extensive documentation.

Pricing and ROI: Wazuh is cost-effective due to its open-source nature, while Symantec XDR requires higher investment but promises significant long-term ROI.

To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: January 2026).

Extended Detection and Response (XDR)

Download the complete report

Helped 881,665 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Symantec XDR

Ranking in Extended Detection and Response (XDR)

46th

Average Rating

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Wazuh

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

7.4

Reviews Sentiment

6.1

Number of Reviews

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (2nd)

Mindshare comparison

As of February 2026, in the Extended Detection and Response (XDR) category, the mindshare of Symantec XDR is 0.4%, up from 0.1% compared to the previous year. The mindshare of Wazuh is 7.2%, down from 11.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR) Market Share Distribution
Product	Market Share (%)
Wazuh	7.2%
Symantec XDR	0.4%
Other	92.4%

Extended Detection and Response (XDR)

Featured Reviews

BILALRAZA

Cyber Security Consultant at I(TS)² Saudi Arabia

A scalable and stable solution with straightforward deployment

We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.

Read full review

Rajin Sandira

Engineer Information Security at N-Able (Pvt) Ltd

Has faced limitations in AI capabilities and pricing flexibility

Pricing-wise, Wazuh stands out, along with deployment flexibility and its documentation which is extremely good in comparison to Forti. The community support is also incredible. They have helped quite a bit because previously, we had a separate tool and management dashboard to do our compliance. With Wazuh, we receive that information without having to do anything extra. We just set up the SIEM and all of that information was automatically populated. The dashboards are very easy to understand and very quick with no lag or delay. I have experienced delays on Forti's dashboards, but not with Wazuh. Wazuh is quite good. In comparison to Forti, they are quite similar. They are very good at detection.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"You can advise the solution and protect your environment."

"It is a stable solution."

"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."

"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."

"The configuration assessment and Pile integrity monitoring features are decent."

"The product is easy to customize."

"Wazuh is simple to use for PCI compliance."

"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."

"I like that the solution is on top of the Kubernetes stack."

More Wazuh pros

Cons

"The solution should have better reporting."

"There could be a hardware monitoring tool for the solution."

"Wazuh needs more security and features, particularly visualization features and a health monitor."

"Its configuration process is time-consuming."

"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."

"I want more support for regional compliance standards to serve my ANZ region customers better."

"It would be great if there could be customization for the decoder portion."

"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."

"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."

More Wazuh cons

Pricing and Cost Advice

Information not available

"It is a free-of-cost solution."

"They have a good pricing strategy for market expansion."

"Wazuh is a good tool, but the open-source version has scalability limitations."

"Wazuh is free and open source."

"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."

"The solution's pricing is very competitive."

"My client uses the open-source version of Wazuh."

"The solution's cost is above the average."

More Wazuh pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

881,665 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

No data available

Computer Software Company

12%

Comms Service Provider

11%

University

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	27
Midsize Enterprise	15
Large Enterprise	8

Questions from the Community

Ask a question

Earn 20 points

What do you like most about Wazuh?

Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...

See all answers

What needs improvement with Wazuh?

Regarding compliance, I find it not stable. I do not recommend it for that purpose. It can comply with Wazuh NCA, which we have here in Saudi Arabia. Wazuh NCA has many frameworks starting with ECC...

See all answers

What is your primary use case for Wazuh?

I have been working with Wazuh for two years, and I can explain how I use Wazuh. I did not use Wazuh as a SIEM solution. I use Wazuh as a tool for services we provide. This service is called compro...

See all answers

Comparisons

Microsoft Defender XDR vs Symantec XDR

Compared 32% of the time

Trellix Endpoint Security Platform vs Symantec XDR

Compared 29% of the time

More Symantec XDR Competitors

Security Onion vs Wazuh

Compared 10% of the time

Elastic Stack vs Wazuh

Compared 9% of the time

Splunk Enterprise Security vs Wazuh

Compared 5% of the time

Graylog Enterprise vs Wazuh

Compared 5% of the time

Elastic Security vs Wazuh

Compared 4% of the time

More Wazuh Competitors

Product Reports

Extended Detection and Response (XDR)

Download Symantec XDR product report

Download Wazuh product report

Also Known As

No data available

Wazuh All-In-One Deployment

Overview

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Wazuh offers an open-source platform designed for seamless integration into diverse environments, making it ideal for enhancing security infrastructure. Its features include log monitoring, compliance support, and real-time threat detection, providing effective cybersecurity management.

Wazuh stands out for its ability to integrate easily with Kubernetes, cloud-native infrastructures, and various SIEM platforms like ELK. It features robust MITRE ATT&CK correlation, comprehensive log monitoring capabilities, and detailed reporting dashboards. Users benefit from its file integrity monitoring and endpoint detection and response (EDR) capabilities, which streamline compliance and vulnerability assessments. While appreciated for its customization and easy deployment, room for improvement exists in scalability, particularly in the free version, and in areas such as threat intelligence integration, cloud integration, and container security. The platform is acknowledged for its strong documentation and technical support.

What are the key features of Wazuh?

MITRE ATT&CK Correlation: Streamlines threat analysis by correlating security data with known attack patterns.
Log Monitoring: Provides continuous oversight of log data to enhance security insights.
SIEM and ELK Integration: Simplifies centralization of security events and analytics.
Kubernetes Support: Ensures security measures align with containerized environments.
File Integrity Monitoring: Alerts on unauthorized changes to critical files.
Endpoint Detection and Response: Identifies and mitigates endpoint threats efficiently.
Compliance and Benchmarking: Built-in rules assist in meeting regulatory standards.

What benefits and ROI should users look for?

Cost-Effectiveness: Offers an affordable open-source security solution tailored for extensive customization.
Customization: Users can adjust features to fit unique security requirements.
Scalability: Facilitates growth by adapting to expanding security needs.
Comprehensive Support: Backed by detailed documentation and technical expertise.
Regulatory Compliance: Helps maintain adherence to industry-specific regulations.

In industries like finance, healthcare, and technology, Wazuh is utilized for its capabilities in log aggregation, threat detection, and vulnerability management. Companies often implement its features to ensure compliance with stringent regulations and to enhance security practices across cloud environments. By leveraging its integration capabilities, organizations can achieve unified security management, ensuring comprehensive protection of their digital assets.

Extended Detection and Response (XDR)