AWS Security Hub vs Devo comparison

Read 22 Devo reviews

2,811 Views
1,658 Comparison Views

95% willing to recommend

AWS Security Hub

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Devo and AWS Security Hub are prominent players in the security information and event management (SIEM) market. AWS Security Hub seems to have the upper hand because of its robust cloud-native features and scalability.

Features: Devo is valued for its efficient data integration, real-time event correlation, and adaptability to various data sources. AWS Security Hub offers extensive cloud-native features, automated compliance checks, and seamless integration with other AWS services.

Room for Improvement: Devo could improve its user experience, offer more intuitive dashboards, and enhance ease-of-use. AWS Security Hub users desire enhanced customizability, better multi-account management, and more flexibility in configuration.

Ease of Deployment and Customer Service: Devo is highlighted for a straightforward deployment process and commendable customer support. AWS Security Hub has an easy deployment within the AWS ecosystem, but support responsiveness can vary.

Pricing and ROI: Devo is seen as offering good value for money with its transparent pricing model. AWS Security Hub's pricing is higher but justified by its extensive feature set and integration capabilities.

To learn more, read our detailed AWS Security Hub vs. Devo Report (Updated: October 2024).

AWS Security Hub vs. Devo

October 2024

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

Devo

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Log Management (26th), Security Information and Event Management (SIEM) (25th), IT Operations Analytics (8th), AIOps (18th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.0%, down 5.5% compared to last year.
Devo, on the other hand, focuses on Log Management, holds 0.6% mindshare, down 0.7% since last year.

Cloud Security Posture Management (CSPM)

Log Management

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"Finding out if your infrastructure is secure is a valuable feature."

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"I find all of the features to be highly valuable."

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"Cloudposse is a valuable feature as it guarantees my security."

More AWS Security Hub pros

"Devo has a really good website for creating custom configurations."

"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."

"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."

"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."

More Devo pros

Cons

"It is not flexible for multi-cloud environments."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"There is room for improvement in implementing AI capabilities."

"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."

"The solution should be easier to learn and use"

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."

"Many findings are too generic or irrelevant to the environment, which can lead to false positives."

More AWS Security Hub cons

"The price is one problem with Devo."

"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"Technical support could be better."

"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."

"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."

"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."

More Devo cons

Pricing and Cost Advice

"The price of the solution is not very competitive but it is reasonable."

"The pricing is fine. It is not an expensive tool."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"There are multiple subscription models, like yearly, monthly, and packaged."

"AWS Security Hub's pricing is pretty reasonable."

"Security Hub is not an expensive solution."

"The price of AWS Security Hub is average compared to other solutions."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"Our licensing fees are billed annually and per terabyte."

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."

"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."

More Devo pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

10%

Government

Financial Services Firm

18%

Computer Software Company

14%

University

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

Microsoft Sentinel vs AWS Security Hub

Comparisons

Compared 37% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 8% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 4% of the time

More AWS Security Hub Competitors

IBM Security QRadar vs Devo

Compared 16% of the time

Microsoft Sentinel vs Devo

Compared 15% of the time

Splunk Enterprise Security vs Devo

Compared 14% of the time

LogRhythm SIEM vs Devo

Compared 6% of the time

Wazuh vs Devo

Compared 6% of the time

More Devo Competitors

Product Reports

Download AWS Security Hub product report

AWS Security Hub

July 2025

Download Devo product report

July 2025

Also Known As

SQRRL

No data available

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel