AWS Security Hub vs NetWitness NDR comparison

Amazon Web Services (AWS) and NetWitness are both solutions in the Security Orchestration Automation and Response (SOAR) category. Amazon Web Services (AWS) is ranked #5 with an average rating of 7.6, while NetWitness is ranked #27. Amazon Web Services (AWS) holds a 11.3% mindshare in SOAR, compared to NetWitness’s 0.5% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 87% of NetWitness users who would recommend it.

AWS Security Hub

Read 19 AWS Security Hub reviews

4,611 Views
3,892 Comparison Views

90% willing to recommend

NetWitness NDR

Read 15 NetWitness NDR reviews

232 Views
176 Comparison Views

87% willing to recommend

AWS Security Hub

NetWitness NDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between AWS Security Hub and NetWitness NDR based on real PeerSpot user reviews.

Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed AWS Security Hub vs. NetWitness NDR Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. NetWitness NDR

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

AWS Security Hub

Ranking in Security Orchestration Automation and Response (SOAR)

5th

Average Rating

7.6

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (7th), Cloud Security Posture Management (CSPM) (14th)

NetWitness NDR

Ranking in Security Orchestration Automation and Response (SOAR)

27th

Average Rating

8.0

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (59th), Threat Intelligence Platforms (33rd), Endpoint Detection and Response (EDR) (59th), Network Detection and Response (NDR) (18th), Extended Detection and Response (XDR) (34th)

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 11.3%, up from 10.9% compared to the previous year. The mindshare of NetWitness NDR is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Orchestration Automation and Response (SOAR)

Featured Reviews

CobusFrey

Product Owner Global Cloud at Tyme

Apr 8, 2024

Not only does it easily integrate with third-party tools but also allows auto synchronization of logs

AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.

Read full review

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Jun 23, 2022

Beneficial single unified dashboard, good native application integration, and high availability

The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good RSA NetWitness Network could improve on integration with non-native application…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"Easily integrates with third-party tools"

"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."

More AWS Security Hub pros

"The log correlation is good."

"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."

"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

"Technical support is knowledgeable."

"The stability of the RSA NetWitness Endpoint is very good."

"The interface of this solution is very flexible and easy to use."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."

More NetWitness NDR pros

Cons

"The solution should be easier to learn and use"

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."

"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."

"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."

"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."

"The solution lacks self-sufficiency."

More AWS Security Hub cons

"RSA NetWitness Network could improve on integration with non-native application integration."

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."

"The solution lacks a reporting engine."

"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

"The initial setup requires a high level of skill."

More NetWitness NDR cons

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The price of the solution is not very competitive but it is reasonable."

"Security Hub is not an expensive solution."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub's pricing is pretty reasonable."

"The pricing is fine. It is not an expensive tool."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"It is highly scalable. It can be bought based on your requirements."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"We are on a three-year contract to use RSA NetWitness Network."

"I do not have any opinion on the pricing or licensing of the product."

More NetWitness NDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Financial Services Firm

16%

Computer Software Company

16%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 11% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 6% of the time

More AWS Security Hub Competitors

Darktrace vs NetWitness NDR

Compared 13% of the time

Vectra AI vs NetWitness NDR

Compared 11% of the time

Fidelis Elevate vs NetWitness NDR

Compared 9% of the time

CrowdStrike Falcon vs NetWitness NDR

Compared 8% of the time

SentinelOne Singularity Complete vs NetWitness NDR

Compared 8% of the time

More NetWitness NDR Competitors

Product Reports

Buyer's Guide

AWS Security Hub

November 2024

Download AWS Security Hub product report

Buyer's Guide

NetWitness NDR

October 2024

Download NetWitness NDR product report

Also Known As

SQRRL

RSA ECAT, NetWitness Network

Learn More

Amazon Web Services (AWS)

Video not available

NetWitness

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

ADP, Ameritas, Partners Healthcare

Buyer's Guide

AWS Security Hub vs. NetWitness NDR

October 2024

Free Report: AWS Security Hub vs. NetWitness NDR

Find out what your peers are saying about AWS Security Hub vs. NetWitness NDR and other solutions. Updated: October 2024.

DOWNLOAD NOW

814,649 professionals have used our research since 2012.

See our AWS Security Hub vs. NetWitness NDR report.

See our list of best Security Orchestration Automation and Response (SOAR) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.