Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Elastic Security comparison

Amazon Web Services (AWS) and Elastic are both solutions in the Security Information and Event Management (SIEM) category. Amazon Web Services (AWS) is ranked #7 with an average rating of 7.6, while Elastic is ranked #5 with an average rating of 7.7. Amazon Web Services (AWS) holds a 4.5% mindshare in SIEM, compared to Elastic’s 7.3% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 85% of Elastic users who would recommend it.
AWS Security Hub
Read 19 AWS Security Hub reviews
  • 6,278 Views
  • 5,219 Comparison Views
90% willing to recommend
Elastic Security
Read 61 Elastic Security reviews
  • 11,545 Views
  • 9,631 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Elastic Security and AWS Security Hub are both prominent cybersecurity solutions. Elastic Security is well-regarded for its pricing and customer support, while AWS Security Hub stands out due to its extensive features and user satisfaction with the overall value it provides.

Features: Elastic Security has powerful search capabilities, comprehensive threat detection, and strong threat detection efficiency. AWS Security Hub offers seamless integration with AWS services, provides a unified view of security alerts, and emphasizes integration benefits within the AWS ecosystem.

Room for Improvement: Elastic Security users mention the need for a more intuitive setup process, more user-friendly documentation, and enhancements in user experience. AWS Security Hub users want improvements in its alerting mechanism, more customizable dashboard features, and overall flexibility in customization.

Ease of Deployment and Customer Service: Elastic Security users report complex deployment but highly responsive customer service. AWS Security Hub benefits from straightforward deployment within the AWS environment, though support experiences vary.

Pricing and ROI: Elastic Security is praised for its competitive setup costs and strong ROI. AWS Security Hub is seen as more expensive but justifiable due to its feature-rich offerings and integration capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. Elastic Security Report (Updated: October 2024).
Buyer's Guide
AWS Security Hub vs. Elastic Security
October 2024
Download the complete report
Helped 814,763 peers since 2012
 

Categories and Ranking

AWS Security Hub
Ranking in Security Information and Event Management (SIEM)
7th
Ranking in Security Orchestration Automation and Response (SOAR)
5th
Average Rating
7.6
Reviews Sentiment
7.7
Number of Reviews
19
Ranking in other categories
Cloud Security Posture Management (CSPM) (14th)
Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Ranking in Security Orchestration Automation and Response (SOAR)
6th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Endpoint Detection and Response (EDR) (16th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AWS Security Hub is 4.5%, down from 4.6% compared to the previous year. The mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Apr 8, 2024
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
Read full review
Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"Easily integrates with third-party tools"
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"Very good at detection and providing real-time alerts."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The solution shows us our compliance score."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
More AWS Security Hub pros
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Elastic is straightforward, easy to integrate, and highly customizable."
"It's open-source and free to use."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable feature is the ability to collect authentication information from service providers."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
More Elastic Security pros
 

Cons

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The support must be quicker."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
More AWS Security Hub cons
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"This solution is very hard to implement."
"The solution's query building is not that intuitive compared to other solutions."
"There isn't really a very good user experience. You need a lot of training."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
More Elastic Security cons
 

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"Security Hub is not an expensive solution."
"AWS Security Hub's pricing is pretty reasonable."
"The price of the solution is not very competitive but it is reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"This is an open-source product, so there are no costs."
"Compared to other tools, Elastic Security is a cheaper solution."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"Elastic Security is free to use."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"The solution is free."
More Elastic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
814,763 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 38% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 12% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 11% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 6% of the time
Google Chronicle Suite vs AWS Security Hub Logo
Google Chronicle Suite vs AWS Security Hub
Compared 6% of the time
More AWS Security Hub Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 33% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 8% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Compared 7% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 6% of the time
More Elastic Security Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
November 2024
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Elastic Security
November 2024
Elastic Security reportDownload Elastic Security product report
 

Also Known As

SQRRL
Elastic SIEM, ELK Logstash
 

Learn More

Amazon Web Services (AWS)
Elastic
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Buyer's Guide
AWS Security Hub vs. Elastic Security
October 2024
Free Report: AWS Security Hub vs. Elastic Security
Find out what your peers are saying about AWS Security Hub vs. Elastic Security and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,763 professionals have used our research since 2012.
See our AWS Security Hub vs. Elastic Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.