Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Microsoft Defender for Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
12th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th)
Microsoft Defender for Cloud
Ranking in Cloud Security Posture Management (CSPM)
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
77
Ranking in other categories
Vulnerability Management (7th), Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
 

Mindshare comparison

As of May 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 4.5%, down from 5.6% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 10.2%, down from 12.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Finding out if your infrastructure is secure is a valuable feature."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"Very good at detection and providing real-time alerts."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"It offers virus management and addresses threats such as viruses, worms, spyware, and other critical security concerns."
"Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"The solution is quite good and addresses many security gaps."
"The most valuable feature is the recommendations provided on how to improve security. It has made the cloud environment more secure, thanks to all the recommendations we can get."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
 

Cons

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"The solution should be easier to learn and use"
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"Defender could improve how data is represented. It can be unstructured or slow to load."
"The documentation and implementation guides could be improved."
"With the new Copilot functionality available everywhere, it is challenging to pinpoint areas for improvement. If I put in a lot of thought, I might identify things, but right now, nothing significant pops into my mind, but there is always room for more transparency, especially in pricing."
"You cannot create custom use cases."
"It's hard to reach someone who understands my problems. I haven't had many issues, so I haven't called them."
"The remediation process could be improved."
"There is no perfect product in the world and there are always features that can be added."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
 

Pricing and Cost Advice

"There are multiple subscription models, like yearly, monthly, and packaged."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The price of the solution is not very competitive but it is reasonable."
"The pricing is fine. It is not an expensive tool."
"The price of AWS Security Hub is average compared to other solutions."
"Security Hub is not an expensive solution."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"AWS Security Hub's pricing is pretty reasonable."
"Currently, Microsoft offers only one plan at the enterprise level which is $15 per machine."
"I'm not privy to that information, but I know it's probably close to a million dollars a year."
"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."
"The cost is fair. There aren't any costs in addition to the standard licensing fee."
"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."
"They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."
"The tool is pretty expensive."
"I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
850,671 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
Government
7%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
The cost is generally reasonable. Microsoft Defender for Cloud Plan 2 costs $15 per server, per month. For a normal customer with ten to twenty servers, the cost is about $300 per month, which is a...
 

Also Known As

SQRRL
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Interactive Demo

 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about AWS Security Hub vs. Microsoft Defender for Cloud and other solutions. Updated: April 2025.
850,671 professionals have used our research since 2012.