AWS Security Hub vs Elastic Security comparison

Amazon Web Services (AWS) and Elastic are both solutions in the Security Orchestration Automation and Response (SOAR) category. Amazon Web Services (AWS) is ranked #5 with an average rating of 7.6, while Elastic is ranked #7 with an average rating of 8.0. Amazon Web Services (AWS) holds a 8.1% mindshare in SOAR, compared to Elastic’s 4.8% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 86% of Elastic users who would recommend it.

AWS Security Hub

Read 26 AWS Security Hub reviews

7,414 Views
2,891 Comparison Views

89% willing to recommend

Elastic Security

Read 66 Elastic Security reviews

11,035 Views
1,655 Comparison Views

86% willing to recommend

AWS Security Hub

Elastic Security

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Elastic Security and AWS Security Hub are both prominent cybersecurity solutions. Elastic Security is well-regarded for its pricing and customer support, while AWS Security Hub stands out due to its extensive features and user satisfaction with the overall value it provides.

Features: Elastic Security has powerful search capabilities, comprehensive threat detection, and strong threat detection efficiency. AWS Security Hub offers seamless integration with AWS services, provides a unified view of security alerts, and emphasizes integration benefits within the AWS ecosystem.

Room for Improvement: Elastic Security users mention the need for a more intuitive setup process, more user-friendly documentation, and enhancements in user experience. AWS Security Hub users want improvements in its alerting mechanism, more customizable dashboard features, and overall flexibility in customization.

Ease of Deployment and Customer Service: Elastic Security users report complex deployment but highly responsive customer service. AWS Security Hub benefits from straightforward deployment within the AWS environment, though support experiences vary.

Pricing and ROI: Elastic Security is praised for its competitive setup costs and strong ROI. AWS Security Hub is seen as more expensive but justifiable due to its feature-rich offerings and integration capabilities.

To learn more, read our detailed AWS Security Hub vs. Elastic Security Report (Updated: September 2025).

Buyer's Guide

AWS Security Hub vs. Elastic Security

September 2025

Download the complete report

Helped 872,706 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Ranking in Security Orchestration Automation and Response (SOAR)

5th

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Cloud Security Posture Management (CSPM) (13th)

Elastic Security

Ranking in Security Orchestration Automation and Response (SOAR)

7th

Average Rating

7.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Log Management (11th), Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (17th), Extended Detection and Response (XDR) (9th)

Mindshare comparison

As of October 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 8.1%, down from 9.8% compared to the previous year. The mindshare of Elastic Security is 4.8%, down from 5.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Orchestration Automation and Response (SOAR) Market Share Distribution
Product	Market Share (%)
AWS Security Hub	8.1%
Elastic Security	4.8%
Other	87.1%

Security Orchestration Automation and Response (SOAR)

Featured Reviews

Karthik Ekambaram

Director at Scybers

Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features

AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.

Read full review

SyedAli17

Assistant Director at PTA

Centralized monitoring improves security posture through rapid data processing

The processing part of Elastic Security is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Finding out if your infrastructure is secure is a valuable feature."

"Very good at detection and providing real-time alerts."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"The platform has valuable features for security."

More AWS Security Hub pros

"Enables monitoring of application performance and the ability to predict behaviors."

"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."

"It's open-source and free to use."

"The product has huge integration varieties available."

"Elastic Security is a highly flexible platform that can be implemented anywhere."

"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."

"The solution is compatible with the cloud-native environment and they can adapt to it faster."

"It's very customizable, which is quite helpful."

More Elastic Security pros

Cons

"The support must be quicker."

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."

"The solution should be easier to learn and use"

"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

"There is room for improvement in implementing AI capabilities."

"AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS."

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

More AWS Security Hub cons

"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."

"In terms of improvement, there could be more automation in responding to and evaluating detections."

"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."

"This solution is very hard to implement."

"The solution's query building is not that intuitive compared to other solutions."

"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."

"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."

"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."

More Elastic Security cons

Pricing and Cost Advice

"The price of the solution is not very competitive but it is reasonable."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"The pricing is fine. It is not an expensive tool."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub's pricing is pretty reasonable."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"Security Hub is not an expensive solution."

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"I can say that the product is cheaply priced."

"Compared to other tools, Elastic Security is a cheaper solution."

"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."

"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."

"Compared to other products such as Dynatrace, this is one of the cheaper options."

More Elastic Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

872,706 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

10%

Government

Computer Software Company

14%

Government

10%

Comms Service Provider

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	5
Large Enterprise	12

By reviewers
Company Size	Count
Small Business	40
Midsize Enterprise	11
Large Enterprise	15

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

See all answers

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.

See all answers

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 37% of the time

Wiz vs AWS Security Hub

Compared 11% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 7% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 5% of the time

CrowdStrike Falcon Cloud Security vs AWS Security Hub

Compared 3% of the time

More AWS Security Hub Competitors

Wazuh vs Elastic Security

Compared 14% of the time

Splunk Enterprise Security vs Elastic Security

Compared 7% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

CrowdStrike Falcon vs Elastic Security

Compared 6% of the time

Microsoft Defender for Endpoint vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

Product Reports

Buyer's Guide

AWS Security Hub

October 2025

Download AWS Security Hub product report

Buyer's Guide

Elastic Security

October 2025

Download Elastic Security product report

Also Known As

SQRRL

Elastic SIEM, ELK Logstash

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Buyer's Guide

AWS Security Hub vs. Elastic Security

September 2025

Free Report: AWS Security Hub vs. Elastic Security

Find out what your peers are saying about AWS Security Hub vs. Elastic Security and other solutions. Updated: September 2025.

DOWNLOAD NOW

872,706 professionals have used our research since 2012.

See our AWS Security Hub vs. Elastic Security report.

See our list of best Security Orchestration Automation and Response (SOAR) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.