Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Exabeam comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Security Orchestration Automation and Response (SOAR)
5th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Cloud Security Posture Management (CSPM) (12th)
Exabeam
Ranking in Security Orchestration Automation and Response (SOAR)
7th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
19
Ranking in other categories
Security Information and Event Management (SIEM) (15th), User Entity Behavior Analytics (UEBA) (3rd), Security Incident Response (5th), Threat Intelligence Platforms (7th), AI-Powered Cybersecurity Platforms (9th)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 9.4%, down from 9.6% compared to the previous year. The mindshare of Exabeam is 1.8%, down from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Stephen-Armstrong - PeerSpot reviewer
The SIEM provides a user-friendly UI experience
When events come into the system, the dashboard categorizes them by the highest risk score, not when they appear on the system. When you've got multiple ongoing incidents you can only see the highest risk score at the top of the list rather than the most recent detection. Exabeam's reporting dashboard could have included a filtering option to filter by the most recent detection.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Very good at detection and providing real-time alerts."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"Finding out if your infrastructure is secure is a valuable feature."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"I find all of the features to be highly valuable."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The most valuable feature of Exabeam is the timeline creation based on log sources, which helps in security investigations."
"The Exabeam SIEM has a user friendly UI interface."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The solution's automation capabilities are great."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"It's a very user-friendly product and it's a very comprehensive technology."
"Exabeam includes machine learning features and out-of-the-box rules that we rely on."
"Exabeam is very easy to use, with a straightforward platform and workflow, unlike other tools that require more expertise."
 

Cons

"The solution should be easier to learn and use"
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"There is room for improvement in implementing AI capabilities."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"We still have questions surrounding hardware deployment."
"One area that needs improvement is interacting with Exabeam's API. There was a headache regarding the API; the documentation wasn't clear, and the syntax wasn't very precise."
"Exabeam needs to improve its adaptive nature towards rules and its capability to understand the entire client environment faster."
"The solution's reporting and dashboarding could be improved."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"They should provide detailed information about detecting phishing emails."
"Exabeam should be a bit faster, especially in loading and vulnerability scanning."
 

Pricing and Cost Advice

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The price of the solution is not very competitive but it is reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"Security Hub is not an expensive solution."
"AWS Security Hub's pricing is pretty reasonable."
"They have a great model for pricing that can be based either on user count or gigabits per day."
"There is an annual license required to use Exabeam Fusion SIEM. The price of the solution should be reduced."
"The solution is expensive."
"The platform is not extremely expensive compared to its direct competitors; I would rate its pricing around six out of ten."
"Exabeam Fusion SIEM's pricing is reasonable."
"Exabeam is not a cheap solution."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
16%
Financial Services Firm
13%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What do you like most about Exabeam Fusion SIEM?
The solution's initial setup process is easy.
What is your experience regarding pricing and costs for Exabeam Fusion SIEM?
I do not have much information about the pricing. However, I am aware that Exabeam is cheaper than Palo Alto based on discussions in meetings.
 

Also Known As

SQRRL
No data available
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Hulu, ADP, Safeway, BBCN Bank
Find out what your peers are saying about AWS Security Hub vs. Exabeam and other solutions. Updated: March 2025.
845,406 professionals have used our research since 2012.