Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

AWS Security Hub
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
7.7
Number of Reviews
19
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AWS Security Hub is 4.5%, down from 4.6% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Apr 8, 2024
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
Daniel Durian - PeerSpot reviewer
Aug 19, 2024
Helps to monitor and detect cyberattacks
I use Trellix ESM to monitor inbound communication from known threat hosts and detect cyberattacks. It's also useful for outbound communication, but we block threat communication via a firewall The tool's effectiveness depends on how you define your log sources. To build visibility of incoming…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"Finding out if your infrastructure is secure is a valuable feature."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"Very good at detection and providing real-time alerts."
"The platform has valuable features for security."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"Compared to other solutions, the user interface is good."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"Trellix ESM utilizes fewer human resources and improves security and visibility."
 

Cons

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"It is not flexible for multi-cloud environments."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"The solution lacks self-sufficiency."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
"Product-wise, adding accounts on a single data source by batch would be a really great help."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"The product's stability is an area of concern where improvements are required."
"The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases."
"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."
"It is more difficult to operate Trellix ESM than other solutions."
 

Pricing and Cost Advice

"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of the solution is not very competitive but it is reasonable."
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub's pricing is pretty reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"Security Hub is not an expensive solution."
"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
"When compared to IBM Security QRadar and other similar platforms, the pricing of McAfee ESM is reasonable and comparatively less expensive."
"The cost is dependent on the customer's environment and requirements."
"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
"Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."
"The licensing cost is based on EPS."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Educational Organization
74%
Financial Services Firm
4%
Computer Software Company
4%
Government
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...
What do you like most about McAfee ESM?
The solution's technical support is great.
What is your experience regarding pricing and costs for McAfee ESM?
Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.
What needs improvement with McAfee ESM?
The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.
 

Also Known As

SQRRL
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Learn More

 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about AWS Security Hub vs. Trellix ESM and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.