Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

No sentiment score available
Sentiment score
7.5
LogRhythm SIEM is praised for improving visibility, reducing response times, and enhancing productivity for medium-sized organizations through automation.
 

Customer Service

Sentiment score
6.9
AWS Security Hub support is praised for its prompt technical assistance but could improve email response efficiency.
Sentiment score
6.3
LogRhythm SIEM's customer service is praised for quick, knowledgeable support, though higher-level assistance can have occasional delays.
AWS ProLogitech Support is very helpful and timely, especially at the enterprise level.
 

Scalability Issues

Sentiment score
7.4
AWS Security Hub is scalable and efficient for multi-account operations but less effective in multi-cloud environments.
Sentiment score
7.0
LogRhythm SIEM is mostly scalable but faces challenges with older models, licensing, and cloud environment costs for smaller businesses.
 

Stability Issues

Sentiment score
8.2
AWS Security Hub is highly regarded for its stability, frequent updates, and reliable performance, though improvement is suggested by some.
Sentiment score
6.1
LogRhythm SIEM is stable and reliable, though minor issues occur during upgrades or with complex queries and high event rates.
 

Room For Improvement

AWS Security Hub needs real-time scanning improvements, better integrations, enhanced compliance, cost control, and user-friendly features.
LogRhythm SIEM needs interface, integration, and performance improvements, enhanced tools, better documentation, streamlined processes, automation, and user-friendly dashboards.
A more user-friendly experience programmatically in writing queries and configuring custom security rules.
 

Setup Cost

AWS Security Hub offers flexible, cost-effective subscription models, appealing to enterprises for its affordability and included cloud security features.
LogRhythm SIEM offers transparency and competitive pricing, valued for features, despite high costs for large-scale deployments and services.
 

Valuable Features

AWS Security Hub enhances cloud security by integrating services, offering centralized management, real-time alerts, and compliance evaluations.
LogRhythm SIEM excels in threat detection with AI, ease of use, extensive log collection, and seamless integration, enhancing security visibility.
The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate.
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
20
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (13th)
LogRhythm SIEM
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th), Security Information and Event Management (SIEM) (7th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 5.6%, up 4.7% compared to last year.
LogRhythm SIEM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 3.6% mindshare, down 5.0% since last year.
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
824,053 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
Government
8%
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicke...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

SQRRL
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about AWS Security Hub vs. LogRhythm SIEM and other solutions. Updated: October 2024.
824,053 professionals have used our research since 2012.