Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Elastic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Security Orchestration Automation and Response (SOAR)
5th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Cloud Security Posture Management (CSPM) (12th)
Elastic Security
Ranking in Security Orchestration Automation and Response (SOAR)
6th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 9.4%, down from 9.6% compared to the previous year. The mindshare of Elastic Security is 4.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"Easily integrates with third-party tools"
"The visualization is very good."
"Elastic Security makes data communication easier."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Elastic Security is cost-effective compared to Defender and CrowdStrike."
"Elastic Security is very easy to adapt."
"The most valuable feature for me is Discover."
"It's very customizable, which is quite helpful."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
 

Cons

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"It is not flexible for multi-cloud environments."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"We'd like better premium support."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Email notification should be done the same way as Logentries does it."
 

Pricing and Cost Advice

"The pricing is fine. It is not an expensive tool."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"AWS Security Hub's pricing is pretty reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"Security Hub is not an expensive solution."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of the solution is not very competitive but it is reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"I can say that the product is cheaply priced."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"The solution is free."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"Affordable but with additional costs"
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Elastic Security is considered cost-effective, especially at lower EPS levels. However, a direct comparison was not made due to different pricing structures.
 

Also Known As

SQRRL
Elastic SIEM, ELK Logstash
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about AWS Security Hub vs. Elastic Security and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.