Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Lacework comparison

Amazon Web Services (AWS) and Fortinet are both solutions in the Cloud Security Posture Management (CSPM) category. Amazon Web Services (AWS) is ranked #14 with an average rating of 7.6, while Fortinet is ranked #12 with an average rating of 8.7. Amazon Web Services (AWS) holds a 5.8% mindshare in CSPM, compared to Fortinet’s 2.6% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 90% of Fortinet users who would recommend it.
AWS Security Hub
Read 19 AWS Security Hub reviews
  • 3,335 Views
  • 2,817 Comparison Views
90% willing to recommend
Lacework
Read 10 Lacework reviews
  • 3,158 Views
  • 2,118 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Lacework and AWS Security Hub are major competitors in the cloud security arena. AWS Security Hub seems to have the upper hand due to its comprehensive feature set and extensive integration options, justifying its higher setup costs according to user reviews.

Features: Lacework offers automated threat detection, strong integration capabilities, and positive feedback for pricing. AWS Security Hub provides a wide range of security checks, integrations with AWS services, and extensive support within the AWS ecosystem.

Room for Improvement: Lacework could enhance user documentation, offer better customization options, and improve incident response mechanisms. AWS Security Hub could benefit from more robust incident response capabilities, improvements in its setup process, and enhanced customer service response.

Ease of Deployment and Customer Service: Lacework is noted for straightforward deployment and responsive support. AWS Security Hub, while having a more involved setup, integrates seamlessly with AWS services but has mixed reviews on customer service quality.

Pricing and ROI: Lacework is viewed as having a competitive pricing model with a solid ROI. AWS Security Hub's higher initial costs are considered justified by its extensive features and integration options, offering a favorable ROI as per user feedback.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. Lacework Report (Updated: October 2024).
Buyer's Guide
AWS Security Hub vs. Lacework
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
14th
Average Rating
7.6
Reviews Sentiment
7.7
Number of Reviews
19
Ranking in other categories
Security Information and Event Management (SIEM) (7th), Security Orchestration Automation and Response (SOAR) (5th)
Lacework
Ranking in Cloud Security Posture Management (CSPM)
12th
Average Rating
8.6
Number of Reviews
10
Ranking in other categories
Vulnerability Management (13th), Container Security (12th), Cloud Workload Protection Platforms (CWPP) (10th), Cloud-Native Application Protection Platforms (CNAPP) (10th), Compliance Management (7th)
 

Mindshare comparison

As of November 2024, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 5.8%, up from 4.2% compared to the previous year. The mindshare of Lacework is 2.6%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Apr 8, 2024
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
Read full review
Robert Croteau - PeerSpot reviewer
Dec 16, 2022
It provides a good overview of our security posture
The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine. They have to go in and put their policies in place. It's hard for them to implement that, especially if they don't have a real security team. The team's policymakers don't do anything. Lacework takes out all the noise and gives them bits of things that actually matter with the application after it learns the behavior.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"Very good at detection and providing real-time alerts."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"Finding out if your infrastructure is secure is a valuable feature."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The platform has valuable features for security."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
More AWS Security Hub pros
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."
"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"The best feature, in my opinion, is the ease of use."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."
More Lacework pros
 

Cons

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"It is not flexible for multi-cloud environments."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"The support must be quicker."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
More AWS Security Hub cons
"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."
"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."
"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view. It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks. I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved. Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement."
More Lacework cons
 

Pricing and Cost Advice

"Security Hub is not an expensive solution."
"The price of AWS Security Hub is average compared to other solutions."
"The price of the solution is not very competitive but it is reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"There are multiple subscription models, like yearly, monthly, and packaged."
"AWS Security Hub's pricing is pretty reasonable."
"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."
"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."
"The licensing fee was approximately $80,000 USD, per year."
"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
18%
Financial Services Firm
14%
Manufacturing Company
6%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...
See all answers
How would you compare Wiz vs Lacework?
Wiz and Lacework sucks... Buy Orca.
See all answers
What do you like most about Lacework?
Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invalua...
See all answers
What is your experience regarding pricing and costs for Lacework?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 38% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 12% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 11% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 6% of the time
Google Chronicle Suite vs AWS Security Hub Logo
Google Chronicle Suite vs AWS Security Hub
Compared 6% of the time
More AWS Security Hub Competitors
Wiz vs Lacework Logo
Wiz vs Lacework
Compared 31% of the time
Prisma Cloud by Palo Alto Networks vs Lacework Logo
Prisma Cloud by Palo Alto Networks vs Lacework
Compared 11% of the time
AWS GuardDuty vs Lacework Logo
AWS GuardDuty vs Lacework
Compared 9% of the time
Aqua Cloud Security Platform vs Lacework Logo
Aqua Cloud Security Platform vs Lacework
Compared 6% of the time
Microsoft Defender for Cloud vs Lacework Logo
Microsoft Defender for Cloud vs Lacework
Compared 5% of the time
More Lacework Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
November 2024
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Lacework
October 2024
Lacework reportDownload Lacework product report
 

Also Known As

SQRRL
Polygraph
 

Learn More

Amazon Web Services (AWS)
Video not available
Fortinet
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

Lacework Features

Lacework has many valuable key features. Some of the most useful ones include:

  • Dashboards
  • Reports
  • Workflow management
  • Administration console
  • Governance
  • Policy enforcement
  • Auditing
  • Access control
  • Workflow management
  • Compliance monitoring
  • Anomaly detection
  • Data loss prevention
  • Cloud gap analytics
  • Host compliance

Lacework Benefits

There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

  • Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.
  • Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.
  • Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.
  • Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.
  • Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.
  • Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.
  • Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.
  • Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.
  • Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.
  • Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.
  • Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.
  • Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
Buyer's Guide
AWS Security Hub vs. Lacework
October 2024
Free Report: AWS Security Hub vs. Lacework
Find out what your peers are saying about AWS Security Hub vs. Lacework and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our AWS Security Hub vs. Lacework report.
See our list of best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.