AWS Security Hub vs Trellix ESM comparison

Amazon Web Services (AWS) and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Amazon Web Services (AWS) is ranked #7 with an average rating of 7.6, while Trellix is ranked #22 with an average rating of 7.6. Amazon Web Services (AWS) holds a 4.5% mindshare in SIEM, compared to Trellix’s 0.8% mindshare. Additionally, 90% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.

AWS Security Hub

Read 19 AWS Security Hub reviews

6,278 Views
5,219 Comparison Views

90% willing to recommend

Trellix ESM

Read 36 Trellix ESM reviews

3,011 Views
1,160 Comparison Views

75% willing to recommend

AWS Security Hub

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Trellix ESM and AWS Security Hub are both prominent digital security solutions with distinct offerings. User reviews suggest that Trellix ESM has the upper hand in comprehensive security features, while AWS Security Hub is favored for its integration within the AWS ecosystem.

Features: Trellix ESM is noted for its robust threat detection, detailed reporting, and in-depth security analytics. AWS Security Hub offers seamless integration with other AWS services, automated compliance checks, and a centralized view of security alerts across AWS accounts.

Room for Improvement: Trellix ESM could enhance scalability, reduce system complexity, and streamline its interface. AWS Security Hub could benefit from better alert customization, improved support for third-party integrations, and more granular configuration options.

Ease of Deployment and Customer Service: Trellix ESM deployment is straightforward but can be resource-intensive, with commendable customer service support. AWS Security Hub is generally easier to deploy, benefiting from AWS’s integrated environment and offering extensive documentation. Trellix ESM excels in customer support, while AWS Security Hub is superior in ease of deployment.

Pricing and ROI: Trellix ESM's pricing is slightly higher but justified by its comprehensive feature set and high ROI. AWS Security Hub is more cost-effective, especially for existing AWS users, providing good ROI through its integrated ecosystem. Trellix ESM is viewed as a premium service, while AWS Security Hub offers better cost-effectiveness in an AWS-centric environment.

To learn more, read our detailed AWS Security Hub vs. Trellix ESM Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. Trellix ESM

October 2024

Download the complete report

Helped 814,763 peers since 2012

Categories and Ranking

AWS Security Hub

Ranking in Security Information and Event Management (SIEM)

7th

Average Rating

7.6

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

Trellix ESM

Ranking in Security Information and Event Management (SIEM)

22nd

Average Rating

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AWS Security Hub is 4.5%, down from 4.6% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

CobusFrey

Product Owner Global Cloud at Tyme

Apr 8, 2024

Not only does it easily integrate with third-party tools but also allows auto synchronization of logs

AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.

Read full review

Daniel Durian

Senior Information Security Manager at a real estate/law firm with 10,001+ employees

Aug 19, 2024

Helps to monitor and detect cyberattacks

I use Trellix ESM to monitor inbound communication from known threat hosts and detect cyberattacks. It's also useful for outbound communication, but we block threat communication via a firewall The tool's effectiveness depends on how you define your log sources. To build visibility of incoming…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

"Finding out if your infrastructure is secure is a valuable feature."

"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"Very good at detection and providing real-time alerts."

"The platform has valuable features for security."

"Cloudposse is a valuable feature as it guarantees my security."

More AWS Security Hub pros

"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."

"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."

"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."

"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."

"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."

"Compared to other solutions, the user interface is good."

"The most valuable feature in ESM is its search and reporting feature. It's really nice."

"Trellix ESM utilizes fewer human resources and improves security and visibility."

More Trellix ESM pros

Cons

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"Many findings are too generic or irrelevant to the environment, which can lead to false positives."

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."

"It is not flexible for multi-cloud environments."

"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."

"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

"The solution lacks self-sufficiency."

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

More AWS Security Hub cons

"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."

"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."

"Product-wise, adding accounts on a single data source by batch would be a really great help."

"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."

"The product's stability is an area of concern where improvements are required."

"The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases."

"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."

"It is more difficult to operate Trellix ESM than other solutions."

More Trellix ESM cons

Pricing and Cost Advice

"There are multiple subscription models, like yearly, monthly, and packaged."

"The price of the solution is not very competitive but it is reasonable."

"The pricing is fine. It is not an expensive tool."

"AWS Security Hub's pricing is pretty reasonable."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"Security Hub is not an expensive solution."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"When compared to IBM Security QRadar and other similar platforms, the pricing of McAfee ESM is reasonable and comparatively less expensive."

"The cost is dependent on the customer's environment and requirements."

"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."

"Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."

"The licensing cost is based on EPS."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

814,763 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Educational Organization

74%

Financial Services Firm

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

Many findings are too generic or irrelevant to the environment, which can lead to false positives. It can be challenging to suppress or turn off these findings. Turning specific findings on or off ...

See all answers

What do you like most about McAfee ESM?

The solution's technical support is great.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.

See all answers

What needs improvement with McAfee ESM?

The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.

See all answers

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 11% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 6% of the time

More AWS Security Hub Competitors

Splunk Enterprise Security vs Trellix ESM

Compared 25% of the time

ArcSight Enterprise Security Manager (ESM) vs Trellix ESM

Compared 19% of the time

LogRhythm SIEM vs Trellix ESM

Compared 17% of the time

IBM Security QRadar vs Trellix ESM

Compared 12% of the time

Fortinet FortiSIEM vs Trellix ESM

Compared 9% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

AWS Security Hub

November 2024

Download AWS Security Hub product report

Buyer's Guide

Trellix ESM

October 2024

Download Trellix ESM product report

Also Known As

SQRRL

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Learn More

Amazon Web Services (AWS)

Video not available

Trellix

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

AWS Security Hub vs. Trellix ESM

October 2024

Free Report: AWS Security Hub vs. Trellix ESM

Find out what your peers are saying about AWS Security Hub vs. Trellix ESM and other solutions. Updated: October 2024.

DOWNLOAD NOW

814,763 professionals have used our research since 2012.

See our AWS Security Hub vs. Trellix ESM report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.