AWS Security Hub vs Netsurion comparison

Read 24 Netsurion reviews

57 Views
28 Comparison Views

92% willing to recommend

AWS Security Hub

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

AWS Security Hub and Netsurion are prominent options in security management. User reviews indicate that AWS Security Hub slightly edges out Netsurion in deployment simplicity while Netsurion offers stronger cost-effectiveness.

Features: AWS Security Hub is recognized for its integration capabilities, automated compliance checks, and straightforward deployment process. Netsurion is valued for comprehensive threat detection, response functionalities, and extensive feature set.

Room for Improvement: AWS Security Hub users seek better customizability, more detailed reporting, and enhanced integration with third-party tools. Netsurion users desire an intuitive alert system, improved integration with other tools, and streamlined user experience.

Ease of Deployment and Customer Service: AWS Security Hub is praised for straightforward deployment and responsive customer service. Netsurion also offers smooth deployment with initial complexity but high-rated customer service similar to AWS Security Hub.

Pricing and ROI: AWS Security Hub's competitive pricing provides satisfactory ROI, though it may be costly for smaller operations. Netsurion is noted for cost-effectiveness and strong return on investment, making it attractive for budget-conscious buyers.

To learn more, read our detailed AWS Security Hub vs. Netsurion Report (Updated: October 2024).

AWS Security Hub vs. Netsurion

October 2024

Download the complete report

Helped 842,672 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)

Netsurion

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (4th), Security Information and Event Management (SIEM) (17th), SOC as a Service (3rd), Managed Detection and Response (MDR) (15th), Extended Detection and Response (XDR) (19th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.7%, down 5.3% compared to last year.
Netsurion, on the other hand, focuses on Managed Security Services Providers (MSSP), holds 0.8% mindshare, down 1.1% since last year.

Cloud Security Posture Management (CSPM)

Managed Security Services Providers (MSSP)

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"Finding out if your infrastructure is secure is a valuable feature."

"I find all of the features to be highly valuable."

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

"The platform has valuable features for security."

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

More AWS Security Hub pros

"Netsurion's 24/7 monitoring has enhanced the overall security of the company. They have someone looking at the data 24/7 who will call us as needed. If their team spots a malicious process after hours, they notify the appropriate person by phone. We get a lot of actionable threat intelligence from Netsurion. For example, if a user clicks on a malicious link in a web page and starts an unusual process that isn't on the white-list, Netsurion's team can detect it and prevent it from executing. Afterward, they'll notify us by telephone, so we can respond and clean up whatever damage has occurred."

"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."

"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."

"The most valuable feature is that we get the events: the alerts about disk space and the security reports that we get once a day, including user lockouts and the like."

More Netsurion pros

Cons

"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."

"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."

"The solution should be easier to learn and use"

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."

"There is room for improvement in implementing AI capabilities."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

More AWS Security Hub cons

"I would like to see the dashboard come up more quickly."

"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."

"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."

"Netsurion's SOC can be a bit too aggressive at times."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."

"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."

More Netsurion cons

Pricing and Cost Advice

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"There are multiple subscription models, like yearly, monthly, and packaged."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"AWS Security Hub's pricing is pretty reasonable."

"Security Hub is not an expensive solution."

"The price of AWS Security Hub is average compared to other solutions."

"The pricing is fine. It is not an expensive tool."

"The price of the solution is not very competitive but it is reasonable."

"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."

"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

842,672 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

10%

Government

Computer Software Company

25%

Government

10%

Manufacturing Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...

Microsoft Sentinel vs AWS Security Hub

Comparisons

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 9% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 5% of the time

More AWS Security Hub Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 36% of the time

Devo vs Netsurion

Compared 34% of the time

Sumo Logic Security vs Netsurion

Compared 30% of the time

More Netsurion Competitors

Product Reports

Download AWS Security Hub product report

AWS Security Hub

March 2025

Download Netsurion product report

March 2025

Also Known As

SQRRL

Netsurion Managed Threat Protection, Netsurion EventTracker

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?

SIEM Integration: Centralizes security event data for easier management.
Managed Services: Provides 24/7 SOC monitoring and support.
Real-TIme Alerts: Notifies of unusual security events promptly.
Threat Intelligence: Delivers actionable insights for proactive defense.
Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.

How can companies benefit from using Netsurion?

Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores