AWS Security Hub vs NetWitness Platform comparison

Amazon Web Services (AWS) and NetWitness are both solutions in the Security Information and Event Management (SIEM) category. Amazon Web Services (AWS) is ranked #7 with an average rating of 7.6, while NetWitness is ranked #24 with an average rating of 7.8. Amazon Web Services (AWS) holds a 4.5% mindshare in SIEM, compared to NetWitness’s 0.6% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 74% of NetWitness users who would recommend it.

AWS Security Hub

Read 19 AWS Security Hub reviews

6,278 Views
5,219 Comparison Views

90% willing to recommend

NetWitness Platform

Read 36 NetWitness Platform reviews

1,404 Views
910 Comparison Views

74% willing to recommend

AWS Security Hub

NetWitness Platform

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and AWS Security Hub are key players in the security monitoring domain. Based on user reviews, AWS Security Hub has the upper hand due to its seamless integration with AWS services and centralized security alerts, although NetWitness Platform is noted for its advanced threat detection.

Features: NetWitness Platform is recognized for its detailed packet capture and analysis capabilities, advanced threat detection, and granular threat analysis. AWS Security Hub is favored for its integration with various AWS services, aggregated security findings, and ease of use within the AWS ecosystem.

Room for Improvement: NetWitness Platform needs to enhance scalability, improve support documentation, and streamline the complexity of its tools. AWS Security Hub should offer more comprehensive out-of-the-box rules, faster alerting mechanisms, and improvements in rule comprehensiveness.

Ease of Deployment and Customer Service: NetWitness Platform provides robust deployment options but can be complex, requiring significant effort and expertise. Customer service is strong but support processes need streamlining. AWS Security Hub’s deployment is straightforward and users value its simplicity and comprehensive customer support.

Pricing and ROI: NetWitness Platform's setup costs are high, but its advanced security capabilities justify the investment. AWS Security Hub offers predictable, lower initial costs with a strong ROI driven by integration efficiencies and reduced security incidents.

To learn more, read our detailed AWS Security Hub vs. NetWitness Platform Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. NetWitness Platform

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

AWS Security Hub

Ranking in Security Information and Event Management (SIEM)

7th

Average Rating

7.6

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

NetWitness Platform

Ranking in Security Information and Event Management (SIEM)

24th

Average Rating

7.4

Number of Reviews

Ranking in other categories

Log Management (25th)

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AWS Security Hub is 4.5%, down from 4.6% compared to the previous year. The mindshare of NetWitness Platform is 0.6%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

CobusFrey

Product Owner Global Cloud at Tyme

Apr 8, 2024

Not only does it easily integrate with third-party tools but also allows auto synchronization of logs

AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.

Read full review

MdZaman

IT manager at a agriculture with 10,001+ employees

Oct 22, 2021

Really scalable for enterprise customers

The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."

"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."

"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."

"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"Very good at detection and providing real-time alerts."

More AWS Security Hub pros

"The most valuable features are the threat prediction and network forensics."

"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."

"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"Their technical support responds quickly and are knowledgable."

"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."

"The product has a user-friendly interface and a valuable feature for threat intelligence integration."

"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."

More NetWitness Platform pros

Cons

"The support must be quicker."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."

"It is not flexible for multi-cloud environments."

"Many findings are too generic or irrelevant to the environment, which can lead to false positives."

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

"The solution should be easier to learn and use"

More AWS Security Hub cons

"The product's licensing models are complex to understand. This particular area needs improvement."

"There is no support for this product in this country, so problems have to be resolved through global technical teams."

"An area for improvement would be better automation and more inbuilt use cases."

"More customizability is required, which is something that they need to improve on."

"The initial setup was complex because it takes a lot of time to complete the implementation."

"The multi-tenant capabilities are lagging compared to IBM QRadar."

"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."

"Technical support could be improved."

More NetWitness Platform cons

Pricing and Cost Advice

"Security Hub is not an expensive solution."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"The pricing is fine. It is not an expensive tool."

"AWS Security Hub's pricing is pretty reasonable."

"The price of the solution is not very competitive but it is reasonable."

"The price of AWS Security Hub is average compared to other solutions."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."

"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."

"This is a pricey solution; it's not cheap."

"Compared to the competition, the is price is not that high."

"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."

"The product is expensive."

"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."

More NetWitness Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Financial Services Firm

17%

Computer Software Company

17%

Government

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...

See all answers

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The product price was reasonable for my region and the market.

See all answers

What needs improvement with NetWitness Platform?

From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building...

See all answers

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 11% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 6% of the time

More AWS Security Hub Competitors

Splunk Enterprise Security vs NetWitness Platform

Compared 36% of the time

RSA enVision vs NetWitness Platform

Compared 17% of the time

IBM Security QRadar vs NetWitness Platform

Compared 13% of the time

Cisco Secure Network Analytics vs NetWitness Platform

Compared 12% of the time

Microsoft Sentinel vs NetWitness Platform

Compared 11% of the time

More NetWitness Platform Competitors

Product Reports

Buyer's Guide

AWS Security Hub

November 2024

Download AWS Security Hub product report

Buyer's Guide

NetWitness Platform

October 2024

Download NetWitness Platform product report

Also Known As

SQRRL

RSA Security Analytics

Learn More

Amazon Web Services (AWS)

Video not available

NetWitness

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Los Angeles World Airports, Reply

Buyer's Guide

AWS Security Hub vs. NetWitness Platform

October 2024

Free Report: AWS Security Hub vs. NetWitness Platform

Find out what your peers are saying about AWS Security Hub vs. NetWitness Platform and other solutions. Updated: October 2024.

DOWNLOAD NOW

814,649 professionals have used our research since 2012.

See our AWS Security Hub vs. NetWitness Platform report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.