AWS Security Hub vs Microsoft Defender for Cloud comparison

AWS Security Hub vs. Microsoft Defender for Cloud

Download the complete report

Helped 844,944 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Ranking in Cloud Security Posture Management (CSPM)

12th

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th)

Microsoft Defender for Cloud

Ranking in Cloud Security Posture Management (CSPM)

4th

Average Rating

8.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Vulnerability Management (7th), Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)

Mindshare comparison

As of April 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 4.6%, down from 5.5% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 10.4%, down from 12.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Security Posture Management (CSPM)

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"I find all of the features to be highly valuable."

"I rate Security Hub ten out of ten for stability."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

"Finding out if your infrastructure is secure is a valuable feature."

"Very good at detection and providing real-time alerts."

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

More AWS Security Hub pros

"My favorite part of Microsoft Defender for Cloud is the compliance features. Defender covers a wide range of workloads, on par with competing products on the market."

"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

"The solution's coordinated detection and response across devices and identities is impressive because it is complete."

"Good compliance policies."

"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."

"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."

"The most valuable feature is the recommendations provided on how to improve security."

"The solution is used for risks, vulnerabilities, and compliance."

More Microsoft Defender for Cloud pros

Cons

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."

"There is room for improvement in implementing AI capabilities."

"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."

More AWS Security Hub cons

"The user interface of Microsoft Defender for Cloud, like many Microsoft portals, undergoes frequent changes and feature relocation."

"There are challenges with the licensing policies, which are quite complicated."

"You cannot create custom use cases."

"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."

"The pricing could be improved, as it is somewhat high for smaller companies."

"Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something."

"My experience with Microsoft Defender for Cloud has been largely negative due to a poor user experience."

"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."

More Microsoft Defender for Cloud cons

Pricing and Cost Advice

"The pricing is fine. It is not an expensive tool."

"Security Hub is not an expensive solution."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub's pricing is pretty reasonable."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"The price of the solution is not very competitive but it is reasonable."

"The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering."

"The pricing is very difficult because every type of Defender for Cloud has its own metrics and pricing. If you have Cloud for Key Vault, the pricing is different than it is for storage. Every type has its own pricing list and rules."

"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."

"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."

"It is bundled with our enterprise subscription, which makes it easy to go for it. It is available by default, and there is no extra cost for using the standard features."

"Currently, Microsoft offers only one plan at the enterprise level which is $15 per machine."

"The product's pricing policy is generally favorable."

"I am not involved much with the pricing but the bundle offering is good."

More Microsoft Defender for Cloud pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

844,944 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Computer Software Company

14%

Financial Services Firm

14%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem higher than expected.

Microsoft Sentinel vs AWS Security Hub

Comparisons

Compared 39% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 9% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 5% of the time

Orca Security vs AWS Security Hub

Compared 4% of the time

More AWS Security Hub Competitors

AWS GuardDuty vs Microsoft Defender for Cloud

Compared 21% of the time

Wiz vs Microsoft Defender for Cloud

Compared 13% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 12% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 4% of the time

Azure Firewall vs Microsoft Defender for Cloud

Compared 2% of the time

More Microsoft Defender for Cloud Competitors

Product Reports

AWS Security Hub

Download AWS Security Hub product report

Microsoft Defender for Cloud

Download Microsoft Defender for Cloud product report

Also Known As

SQRRL

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

Interactive Demo

Demo not available

Amazon Web Services (AWS)

Microsoft

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

AWS Security Hub vs. Microsoft Defender for Cloud