We performed a comparison between AWS Security Hub and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"Cloudposse is a valuable feature as it guarantees my security."
"Easily integrates with third-party tools"
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The platform has valuable features for security."
"Ease of deployment across various environments."
"Using the communication within the security device, it is easier to create plugins."
"The solution has all the features that we need, however they do not work correctly."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"The solution is stable."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
"OTX is a great module that lets staff maintain and monitor updates regarding events in the infrastructure and takes decision to improve the security perimeter."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The solution should be easier to learn and use"
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"It is not flexible for multi-cloud environments."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The only complex area of the setup was writing the custom scripts."
"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
"The GUI needs to improve because it's not user-friendly."
"The UI and overall processes need a little bit more love. This shows in the error banners that come up when you select certain things. There isn't a day that goes by that the UI doesn't error out and I can't view events for an alarm."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 17 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. AWS Security Hub is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud and Google Chronicle Suite, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our AWS Security Hub vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.