Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Sentinel comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)
Sentinel
Average Rating
7.6
Reviews Sentiment
7.3
Number of Reviews
16
Ranking in other categories
Security Information and Event Management (SIEM) (16th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.6%, down 5.5% compared to last year.
Sentinel, on the other hand, focuses on Security Information and Event Management (SIEM), holds 3.5% mindshare, up 1.5% since last year.
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
JaideepSingh - PeerSpot reviewer
An automated solution that helped me detect threats in less than half the time it used to take
Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment. Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that. Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit. Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution shows us our compliance score."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"Finding out if your infrastructure is secure is a valuable feature."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"I find all of the features to be highly valuable."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"It makes everything easier by automating some tasks and growing with our needs."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
 

Cons

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"It is not flexible for multi-cloud environments."
"There is room for improvement in implementing AI capabilities."
"The solution should be easier to learn and use"
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"There is no integration in the web-side of the tool."
"The solution does not allow outsourced authorizations."
"It is an ancient product."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
 

Pricing and Cost Advice

"The price of the solution is not very competitive but it is reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The pricing is fine. It is not an expensive tool."
"Security Hub is not an expensive solution."
"AWS Security Hub's pricing is pretty reasonable."
"The solution’s pricing is aligned with its competitors."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"Sentinel is a subscription-based solution."
"Sentinel is moderately priced."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel's slightly on the expensive side."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
15%
Financial Services Firm
11%
Government
6%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
What needs improvement with NetIQ Sentinel?
There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices. Also, we often face region-wise outages during operation due to product team...
 

Also Known As

SQRRL
NetIQ Sentinel, Novell SIEM
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about AWS Security Hub vs. Sentinel and other solutions. Updated: October 2024.
844,944 professionals have used our research since 2012.