AWS Security Hub is used to run automated security checks across Amazon AWS environments.
DevOps Engineer at United Vision
Beneficial monitoring tracking and scalable
Pros and Cons
- "The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
- "AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
What is our primary use case?
How has it helped my organization?
The solution has helped my company because I can track IMT.
What is most valuable?
The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.
What needs improvement?
AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time.
Buyer's Guide
AWS Security Hub
December 2024
Learn what your peers think about AWS Security Hub. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
I have been using AWS Security Hub for approximately two years.
What do I think about the stability of the solution?
AWS Security Hub is stable. The solution is built on top of our Amazon services which makes it reliable.
What do I think about the scalability of the solution?
The solution is highly scalable.
I rate the scalability of AWS Security Hub a seven out of ten.
How was the initial setup?
I rate the initial setup of AWS Security Hub a seven out of ten.
What was our ROI?
I have received a return on investment using AWS Security Hub.
What's my experience with pricing, setup cost, and licensing?
The price of AWS Security Hub is average compared to other solutions.
What other advice do I have?
Security is paramount when it comes to the cloud. For any company that wants to migrate to the cloud or is in the cloud already, we need to take our security into consideration. I would advise everyone this solution provides one dashboard for all the security events happening in the environment.
I rate AWS Security Hub an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Associate Cloud Solution Architect at BlazeClan Technologies
Helps understand compliance score and provides steps for remediation
Pros and Cons
- "The solution shows us our compliance score."
- "The support must be quicker."
What is our primary use case?
We use AWS Security Hub to find vulnerabilities. We can check if an IAM user has multiple policies. We can check whether it is directly attached to the user and not attached to the group.
What is most valuable?
We take precautionary steps instead of responding to vulnerabilities. We haven’t faced any security breaches or vulnerabilities yet. We use GuardDuty. It provides us with information about IPs so that we can block them. We can restrict the IP from entering our network.
The solution shows us our compliance score. Based on the score, we can check what is preventing our compliance score from becoming 100%. The tool provides an explanation and steps for remediation. We can easily assign tasks to juniors. Even people without experience can understand the remedies.
What needs improvement?
The support must be quicker.
For how long have I used the solution?
I have been using the solution for three to four years.
What do I think about the scalability of the solution?
I rate the tool’s scalability an eight out of ten. We manage various customers. We use the Security Hub in every project. Some customers do not use AWS. They use Prisma. However, Prisma has similar features.
How are customer service and support?
I raise support requests to the support team. If we raise tickets that impact services, we get quick support. If we raise a normal ticket that does not impact services, we do not get quick support.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is easy. Anyone can do it.
Which other solutions did I evaluate?
I have used Prisma and Qualys. They have the same approach as AWS. Instead of purchasing a third-party solution, we choose Security Hub. It is an in-built tool in AWS.
What other advice do I have?
We are partners. I will recommend the tool to others. It is better to use an in-built tool like AWS Security Hub than using a third-party solution. It helps with compliance. Overall, I rate the solution a ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Apr 14, 2024
Flag as inappropriateBuyer's Guide
AWS Security Hub
December 2024
Learn what your peers think about AWS Security Hub. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Cloud Security Lead at CoinSwitch
A cloud security posture management solution that can get your cloud's current security posture
Pros and Cons
- "The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
- "Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
What is our primary use case?
AWS Security Hub is a CSPM (cloud security posture management) solution where you can get your current configuration posture or the security posture of your cloud. You can scan it through multiple compliance checks like CIS Benchmark, AWS Security Best Practices, or PCI DSS.
What is most valuable?
The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture. We are currently using CIS benchmark and AWS Security Best Practices. So you'll get the score and all the findings.
What needs improvement?
Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time.
Real-time scanning should be included in the solution’s next release.
For how long have I used the solution?
I have been using AWS Security Hub for around four years.
What do I think about the stability of the solution?
AWS Security Hub is a stable solution.
What do I think about the scalability of the solution?
AWS Security Hub is a scalable solution. You can add multiple accounts to one place and monitor it from there. Around 20 people from the cloud security and DevOps teams are using the solution in our organization. We are not planning to increase the solution's usage in the future.
How are customer service and support?
AWS Security Hub's technical support is excellent because we always get a quick response from them. I rate AWS Security Hub's technical support an eight or nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Before AWS Security Hub, we used third-party tools like CloudGuard from Check Point. We decided to switch to AWS Security Hub because third-party tools provide the same capability as AWS Security Hub, and they are quite expensive.
How was the initial setup?
AWS Security Hub is easy to implement and can be done in just a few clicks.
What's my experience with pricing, setup cost, and licensing?
AWS Security Hub's pricing is pretty reasonable.
What other advice do I have?
AWS Security Hub has an updated version from AWS. So there is no version control from the customer side. It's a managed service provided by AWS.
It's easy to integrate AWS Security Hub with products by other vendors.
AWS Security Hub is the best service I could find in AWS native security service, and anyone can leverage it to get an overall view of their infrastructure posture. You can find out what is the current score of their infrastructure according to security.
Multiple findings or multiple loopholes can be fixed directly from the solution. AWS Security Hub will help improve any new organization or a new AWS account to get to an optimal security posture.
Overall, I rate AWS Security Hub a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Devops Specialist at nSearch Global
Easy to implement and has a responsive technical support team, but it needs a better dashboard and improved trigger process
Pros and Cons
- "I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
- "Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
What is our primary use case?
We use AWS Security Hub for monitoring various malware activities, DDoS attacks, and other attacks. We have a dedicated team looking after these constant issues.
What is most valuable?
I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive.
The solution is also easy to integrate with AWS Cloud because it's an AWS product. However, if my company goes for a hybrid deployment, it still needs some analysis of whether AWS Security Hub can be easily integrated with hybrid models.
What needs improvement?
Right now, there are some difficulties we're facing with AWS Security Hub, and we need our central team to mitigate the issues. Otherwise, the number of incidents will keep increasing, and monitoring will become problematic.
For example, whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved.
In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.
For how long have I used the solution?
I last worked with AWS Security Hub six months ago.
What do I think about the scalability of the solution?
We're not having any issues with AWS Security Hub, scalability-wise. We have multiple accounts on AWS Security Hub, and triggers are generated from the central account. From there, we'll accept the request so that all incidents will be diverted toward the central team that does the monitoring. We'll then receive an alarm if there's been any breach, and accordingly, we'll look into whether the concerned IP is from our set of listed IPs or not. Otherwise, we'll implement them. We're still in the analysis phase for AWS Security Hub, though, so we'll be able to give a more accurate comment on stability after we complete our report.
How are customer service and support?
Currently, I'd say AWS Security Hub technical support is good.
How was the initial setup?
There was no complaint about the implementation of AWS Security Hub. It was easy to implement.
What's my experience with pricing, setup cost, and licensing?
I'm not part of the central team, so I have no information on the pricing for AWS Security Hub.
What other advice do I have?
My company works with AWS Security Hub.
I'm working with the latest version of AWS Security Hub, deployed on the private cloud, AWS.
My team is still evaluating AWS Security Hub, as it's only been six months since my company started using it.
Around fifty to sixty projects use AWS Security Hub. In my project, there's one security staff in charge of maintenance. There'll also be a central team or a complete, dedicated security team that will oversee the maintenance of the AWS Security Hub. That team will have ten to twelve members looking after multiple company accounts.
Though I'm still in the initial evaluation phase for AWS Security Hub, I would recommend it to others because it has good features. Still, you need to understand better the various features available to get the maximum benefits from AWS Security Hub.
My rating for AWS Security Hub is seven out of ten.
My company develops products and onboards customers to AWS Security Hub.
I'm part of the implementation team.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Senior Software Engineer at a media company with 11-50 employees
Used for for cloud security posture management, but it needs more granular-level customizations
Pros and Cons
- "The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
- "We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
What is our primary use case?
We use AWS Security Hub for cloud security posture management and automated remediation.
What is most valuable?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud. We can integrate the findings of different services into AWS Security Hub and analyze our cloud infrastructure based on that. We inform the owners if we find anything that is non-compliant or does not adhere to the security best practices.
What needs improvement?
We are facing some cost-related issues with the solution. We integrated a couple of services into AWS Security Hub, and some rules are not required for our environment. However, the assessment happens based on those rules, and we have to pay some additional costs.
We need some customization into the compliances whenever we enable specific compliances. We need more granular-level customizations to enable or disable the rules in AWS Security Hub.
Suppose we enabled one of the compliances and have more than 100 rules for that compliance. If one of the customers is not using all the services, those services are not really used in the environment. We are looking for some customizations to disable that rule so that the scanning will not happen based on that rule, and we can save some cost.
For how long have I used the solution?
I have been using AWS Security Hub for four years.
What do I think about the stability of the solution?
I rate the solution a nine out of ten for stability.
What do I think about the scalability of the solution?
Not all users in my organization have access to AWS Security Hub. Our security and cloud engineering teams actively use the solution in our organization.
I rate the solution an eight out of ten for scalability.
How are customer service and support?
The technical support is good from a security perspective because AWS provides 24/7 support for all the services.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have worked with different solutions, but not for the same organization. I have worked with different third-party tools like Prisma for cloud security posture management.
How was the initial setup?
The initial setup of the solution is easy. We did some automation within the Lambda functions. If we onboard a new account, Lambda functions will help us enable AWS Security Hub into that account and send the findings to the administrator account.
What about the implementation team?
The solution can be implemented in less than five minutes.
What other advice do I have?
We integrated AWS Security Hub with Jira. If we find new findings in AWS Security Hub, the tickets get automatically created in Jira. If the automated remediation solution is available for a specific rule, it gets automatically remediated, and the ticket is closed by adding some comments. We have integrated AWS and GuardDuty into AWS Security Hub. Scanning, findings, and alerting are the most effective features of AWS Security Hub.
Integrating AWS Security Hub with other AWS services lets you see all the findings within your account from a single dashboard. I would recommend AWS Security Hub to users who don't have a multi-cloud environment.
Overall, I rate the solution a seven out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Apr 3, 2024
Flag as inappropriateHas efficient vulnerability detection features and an easy initial setup process
Pros and Cons
- "The platform has valuable features for security."
- "It is not flexible for multi-cloud environments."
What is our primary use case?
We use AWS Security Hub for vulnerability or compliance detection.
What is most valuable?
The platform has valuable features for security. It helps in identifying misconfigurations and vulnerabilities and fixing them early.
What needs improvement?
It's a dependent platform. It is not flexible for multi-cloud environments. They should add features for cloud diagnosis to analyze logs from the cloud in a standardized format. Additionally, its integration capabilities with external systems could be improved.
For how long have I used the solution?
I have been working with AWS Security Hub for two years.
How are customer service and support?
The AWS technical support is excellent. They have multiple channels of support.
How would you rate customer service and support?
Positive
How was the initial setup?
The setup is straightforward. The time taken for deployment depends on how many AWS services you are using and the complexity of your environment. But in general, it only takes a few hours. The process involves collecting logs and storing them in CloudVoice.
What's my experience with pricing, setup cost, and licensing?
There are multiple subscription models, like yearly, monthly, and packaged.
What other advice do I have?
I recommend AWS Security Hub to those who build their infrastructure only in the AWS cloud. If you don't want to spend much on adopting a new tool, I will strongly recommend the product.
I rate AWS Security an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Helps to host SaaS and PaaS applications
Pros and Cons
- "Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
- "One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
What is our primary use case?
Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup.
What needs improvement?
One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function.
For how long have I used the solution?
I have been using the solution for the past ten years.
What do I think about the stability of the solution?
The stability is good. The solution is considered one of the most stable and reliable cloud platforms globally among the three major cloud service providers.
What do I think about the scalability of the solution?
The scalability is good. It’s better than any other tool available. We have 1000 users for the solution.
How are customer service and support?
In our organization, we rely on third-party support for our cloud operations. We have a local operations team that works with various suppliers to handle our cloud-related support and maintenance needs.
How was the initial setup?
The initial setup was complex. We need 100 technical staff for deployment.
What other advice do I have?
I would definitely recommend this solution to others who are considering using it. While there might be room for improvement in the future to align with evolving technology trends, it has been a good option for us and meets our current business and technological needs. Overall, I rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager Cloud Security at Hitachi Systems, Ltd.
An easy-to-manage tool that needs to make more compliances available for its users
Pros and Cons
- "The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
- "From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
What is our primary use case?
The use case of AWS Security Hub is to manage the compliance part. It is a CSPM tool that helps you understand the compliance level of your infrastructure in the cloud. The tool gives you a score considering the levels of compliance you follow.
What is most valuable?
The most valuable feature of the solution stems from the fact that it is easy to manage, and a user of AWS does not have to log in to different consoles. If you have an AWS infrastructure, then it works fine. If you have multiple cloud infrastructures in your organization that may consist of cloud services from AWS, Azure, or GCP, then the tool may not be that effective since it can be described as a native tool for AWS.
What needs improvement?
From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool. It should be made possible to integrate some of the other tools with AWS Security Hub so that it can give you complete visibility of the product.
AWS Security Hub needs a lot of improvement since it is a native tool meant for AWS products only. For providing compliance, a number of tools are available in the market to take care of the protection part.
In the future, AWS needs to implement a single dashboard and make different kinds of modules available. To use it as a CSPM tool, you must go with AWS Security Hub, Amazon Inspector, and AWS Config. AWS Security Hub needs to introduce a single dashboard that allows a security person to go and log in, see the status, and take action if necessary.
For how long have I used the solution?
I have been using AWS Security Hub for three to four years. I work as an integrator, and my company has partnerships with many companies involved in OEM tools.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a seven out of ten.
What do I think about the scalability of the solution?
It is a scalable solution.
I have implemented AWS Security Hub for five to six customers of our company.
How are customer service and support?
AWS office has two types of support, namely business and standard. If you have opted for standard support, then it will be very complex to connect with the technical staff of AWS. If you have opted for business support, then the technical staff of AWS will connect with you within a minute. Business support is paid support.
How was the initial setup?
The initial setup of AWS Security Hub was straightforward.
The product's deployment process is very easy and can be completed within an hour. As soon as you enable the product, it works. The product doesn't require the user to undergo any other implementation phases since it is a tool that you just have to enable in your environment to make it work across your environment.
The product's deployment process is very easy since you just need to log in to the control before going to Security Hub to enable it. You may enable AWS Security Hub in which account you want to enable.
The solution is deployed on the cloud.
One or two staff members are enough to manage the solution's deployment and maintenance. If you have a bigger environment with thousands of machines, then one or two people are enough to take care of the visibility part of the solution, but the maintenance will require a large number of staff members.
What's my experience with pricing, setup cost, and licensing?
AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use.
What other advice do I have?
If a person only wants a CSPM tool, then they can go with AWS Security Hub. If a person wants the product to be more than just a CSPM tool, then they need to evaluate the solutions available in the market.
I rate the overall tool a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Buyer's Guide
Download our free AWS Security Hub Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Cloud Security Posture Management (CSPM) Security Orchestration Automation and Response (SOAR)Popular Comparisons
Datadog
Prisma Cloud by Palo Alto Networks
Microsoft Defender for Cloud
Zscaler Zero Trust Exchange Platform
Tenable Security Center
SentinelOne Singularity Cloud Security
VMware Aria Automation
Orca Security
CrowdStrike Falcon Cloud Security
Lacework FortiCNAPP
Check Point CloudGuard CNAPP
Trend Vision One - Cloud Security
Tenable Cloud Security
Rapid7 InsightCloudSec
Buyer's Guide
Download our free AWS Security Hub Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is better - Azure Sentinel or AWS Security Hub?
- AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic cloud security products and can compare them to AWS Security Hub?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- What is the minimum security features set required for Cloud Backup and Storage Software?
- What are your best practices to achieve DevOps security in the cloud?
- Is there a single tool to unify cloud compliance reporting?
- What is Unified Cloud Security? Can you define the scope and use cases of the term?
- What is an Application Security Posture Management (ASPM)?
- Which solutions offer a preventive, proactive approach to cloud security posture management?
- What are the potential PaaS attack vectors in the cloud?