Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs VMware Aria Automation comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
13th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
20
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th)
VMware Aria Automation
Ranking in Cloud Security Posture Management (CSPM)
17th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
169
Ranking in other categories
Cloud Management (1st), Configuration Management (7th), Network Automation (3rd), Cloud Infrastructure Entitlement Management (CIEM) (5th)
 

Mindshare comparison

As of December 2024, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 5.6%, up from 4.7% compared to the previous year. The mindshare of VMware Aria Automation is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM)
 

Featured Reviews

CobusFrey - PeerSpot reviewer
Not only does it easily integrate with third-party tools but also allows auto synchronization of logs
AWS Security Hub has advanced quite a bit over the last couple of years. The features are quite rich now. Before purchasing, one should develop an understanding of the product. I believe AWS Security Hub is one of the most friendly solutions for integration with third-party tools. I find the integration of AWS Security Hub to be the easiest with tools from Microsoft and a bit difficult with Google solutions. AWS Security Hub is compliant in many different ways. The development business I am part of is SOC compliant for AWS Security Hub, while the banks our organization works with have been PCI compliant for AWS Security Hub for three years. I would definitely recommend AWS Security Hub to others, yet I would also inquire about their purpose and knowledge of cloud solutions. If you know how to use AWS Security Hub, it can be a great solution to work with. The solution is more suitable for people working in the cloud instead of on-premises. I would rate AWS Security Hub a nine out of ten.
NiteshKumar1 - PeerSpot reviewer
Good stability, supports a hybrid model and easy to use
There is an area of improvement. For example, you are migrating from a customer's existing data center to a new target data center. To facilitate this transition, you'll initially need to evaluate the customer's aging hardware hosting VMware, which is nearing the end of its operational life. The customer expresses the intention to upgrade to a newer version, necessitating an overhaul of everything in the new data center. As a Systems Integrator (SI), consultant, or architect, your recommendation would be to acquire the latest hardware with a specified configuration and then install VMware on top of it. However, there's a crucial aspect related to the infrastructure requirements for VMware to run seamlessly on that hardware. If there's an opportunity to potentially reduce these infrastructure prerequisites, it would be highly beneficial. This is because a higher number of VMware licenses requires more infrastructure capacity from Original Equipment Manufacturers (OEMs) or Colocation partners. Consequently, when discussing the operation of this virtualized environment from VMware over a contractual period of five years, the overall cost to the customer is influenced by the infrastructure requirements. If there's a feasible way to decrease these prerequisites for the infrastructure supporting the virtualization layer, it would be advantageous in terms of cost for the customer. Any customer in today's world exists or wants to exist in a hybrid model, so in future releases, we would like to see this. So, going forward, if this virtualized environment would exist, it has to be a combination of on-premise plus public cloud Azure/AWS. It should be more seamless when your interface or when you are interacting with workloads running on-premise VMware/AWS VMware. So it is only there in some capacity and space, and I'm aware of it. And Azure and VMware already have a tie-up on the same lines, but at the same time, if it is more seamless, if it is more interchangeable, if you could move your workloads, or if you can access your workloads or your virtual machines irrespective of whatever platform it is running, whether it is on-premises, or cloud or public cloud, it'll be a lot more comfortable for a user than the user to consume that infrastructure. Firstly, it needs to have a combination of deployment and be more seamless for the customers. Secondly, more software-defined features, more in terms of managing the infrastructure pool in a software-defined way. Managing the infrastructure pool in a more optimized fashion is going to be the key in the upcoming times. It's not just on-premise, but at the same time, it should also be the public cloud as well. Probably because when I meet my customers, this is one thing that I always tell them. I have seen people moving from on-premise public cloud only to realize at the end of the month that they end up paying a higher bill compared to what they were paying when they were running their business on-premise. The reason is that they do not understand or do not realize the full potential of the public cloud, and the way it should be consumed, the way it should be used, and the way it should be scheduled to ensure that the billing at the end of the month is very optimal. You pay for what exactly you need, not everything that you have from the cloud. That's not a way to use the cloud, whether it is on-premise or from the cloud. For example, an enterprise has over 100 applications. Out of that 100 applications, only 25 applications are running the production instances, and the remaining 75 are running non-production instances. It can be a development environment, a test environment, a sandbox, etc. In this case, you need to run only the 25 applications on the public cloud 24/7. You do not need to run your remaining 75 applications 24/7. Because, eventually, your developers, testers, quality managers, and whoever will use the non-production environment only when they're in the office and working on those applications. Then why do we need to have those applications, which are non-production in nature, lower environments? So we're running on the public cloud all the time because, for a cloud provider, it is a virtual machine; whether you are consuming it for production work or non-production work, it is going to charge you the same bill. And if you are not optimizing, if you're not scheduling workloads, you are actually wasting money. You're wasting your money, and your bills, which you are going to pay with the public cloud provider provided, are going to be bad. It's going to be crazy. And then customers do not know what to do in this situation. And you cannot fight with the public cloud provider because they would say, "I had given you all the possibilities, all the opportunities to learn about it, the way you should be functioning it, the way you should be utilizing it. If you are not using it the way it should be used, That's not my problem."

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"Finding out if your infrastructure is secure is a valuable feature."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"The platform has valuable features for security."
"The automation of the redundant tasks and the implementation of ServiceNow are huge for us..."
"Currently, the primary feature we're using in VMware Aria Automation is its ability to execute tasks quickly. However, we haven't explored other features like workload management or the full stack yet. So it's hard to make comparisons or fully utilize its potential until we expand our usage."
"The most valuable feature that we have is that it's able to deploy several different operating systems, it's able to deploy whatever we want. We can take a template, spin it up, revise it, save it back off, and be able to have that for other departments. We can have one for our Dev team and one for our research team which has some specific requirements. We can keep track of them and deploy things automatically."
"I want to build automation that is intelligent, part of the fabric of our environment, and is somewhat self-sustaining. I think SaltStack can help me do this."
"We monitor the configurations against CIS standards. We run CIS benchmarks and maintain configurations with higher CIS values for each server."
"We had a lot of config drift before, and this really helps us keep it on track. Speed to provision is probably our biggest, significant gain."
"Our speed of provisioning has improved. We used to build systems manually, which would take four hours or a day. Nowadays we're able to spin something up off a template... and it takes about 20 minutes."
"It has definitely increased speed of VM deployment. When a normal server-request would come in, it might take anywhere from three to four days to deploy. Now, within 15 minutes, they can click and have something up and running."
 

Cons

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"The high price of the tool is an area of concern where improvements are required."
"The stability is why I rated it a seven and not higher. There were several cases where we had to restart some services because it wasn't working correctly anymore. People cannot extend their machine or replay their machine. There is no alert to say that there is a problem and that we should stop the service. The monitoring system is not very good."
"My impression of its stability is "middle of the road." We've had some issues where it seems to be a little bit sensitive, where deployments fail and we don't really know a specific reason why. We'll dig through logs and try and figure out what's going on, but it's not always apparent as to why it failed. And you can kick it off again and it'll succeed. So stability could be better."
"I would like to see more out-of-the-box blueprints and workflows for the rest of VMware's products and its portfolio."
"It has a learning curve."
"They should make it a little bit more dynamic, a little bit easier to deal with large-scale AD deployments. They need to make it a little more enterprise-ready. That is the one thing that kills us."
"I know you can spin up virtual desktops in vRA, but they're not thin-provisioned. I don't know if that's because the other product, Horizon View, is there, but it would be nice to see more integration."
"Upgrades are always a pain."
 

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"Security Hub is not an expensive solution."
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub's pricing is pretty reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"The price of the solution is not very competitive but it is reasonable."
"It made the provisioning of the virtual machines easier and faster. We can react more quickly to customers' demands."
"It is an expensive product. After VMware's acquisition by Broadcom, there was a rise in the price of VMware Aria Automation."
"As far as value is concerned, it has been essential to our environment. We have been able to deploy VMs quickly and the developers have their own sandbox, so they can spin up and destroy VMs at their own will."
"Customers say this solution is costlier compared to its competitors."
"From the customer perspective, the value was worth it."
"From a budget point of view, the pricing is a bit on the higher side."
"I would rate it high because, compared to other solutions, VMware’s pricing is quite expensive. VMware products have become significantly more costly in recent years, leading to higher costs."
"We do plan to see ROI with any new implementation of new technologies being implemented within our environment."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
824,053 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
Government
8%
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicke...
What's the difference between VMware vRA (automation) and vROps (operations)?
vROP is a virtualization management solution from VMWare. It is efficient and easy to manage. You can find anything you need from the software interface. It provides complete visibility over applic...
Is there any way to try VMware Aria Automation for free?
When it comes to VMware Aria Automation, you have three choices for free runs: Hands-on Lab (HOL) Advanced lab A free trial I cannot describe in detail the second and third options as my company ...
Which sectors can benefit the most from VMware Aria Automation?
I was looking at VMware Aria Automation case studies recently and I got the impression that three main kinds of companies were using it most often: Social organizations Financial institutions and ...
 

Also Known As

SQRRL
VMware vRealize Automation, vRA, VMware DynamicOps Cloud Suite, SaltStack
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Rent-a-Center, Amway, Vistra Energy, Liberty Mutual
Find out what your peers are saying about AWS Security Hub vs. VMware Aria Automation and other solutions. Updated: December 2024.
824,053 professionals have used our research since 2012.