Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)
LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.6%, down 5.5% compared to last year.
LogRhythm SIEM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 3.3% mindshare, down 4.5% since last year.
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"I rate Security Hub ten out of ten for stability."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Overall, my rating for LogRhythm SIEM is nine out of ten."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
"Their customer support is friendly and willing to help."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
"AXON has the ability to add and compare use cases."
"The security operation center is excellent."
"The content in the community is very helpful and useful for new users."
"It has allowed us to dive deeper into our network and figure out what is going on by parsing logs properly and being able to reduce the time it takes to work cases down from seven days to approximately two days."
 

Cons

"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"The support must be quicker."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The pricing is the only problem."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"More help and assistance with some of the open source products, everything seems to be focused on Windows versus giving some guidance and some documentation on how to use it."
"The solution is likely not the best option for a smaller organization."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
 

Pricing and Cost Advice

"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub's pricing is pretty reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"Security Hub is not an expensive solution."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"The product is inexpensive than other tools."
"I would rate the tool's pricing around eight out of ten."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"It is a very cost-effective solution."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
849,600 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
10%
Government
7%
Educational Organization
36%
Computer Software Company
10%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

SQRRL
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about AWS Security Hub vs. LogRhythm SIEM and other solutions. Updated: October 2024.
849,600 professionals have used our research since 2012.