We just raised a $30M Series A: Read our story

AWS Security Hub OverviewUNIXBusinessApplication

AWS Security Hub is the #29 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to Azure Sentinel: AWS Security Hub vs Azure Sentinel

What is AWS Security Hub?

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions. AWS Security Hub continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows. You can also take action on these security and compliance findings by investigating them in Amazon Detective or by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks. Get started with AWS Security Hub in just a few clicks in the Management Console and once enabled, Security Hub will begin aggregating and prioritizing findings and conducting compliance checks.

Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: October 2021

AWS Security Hub Customers
Edmunds, Frame.io, GoDaddy, Realtor.com
AWS Security Hub Video

Pricing Advice

What users are saying about AWS Security Hub pricing:
  • "The price of the solution is not very competitive but it is reasonable."

AWS Security Hub Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
VP
Manager-Cloud Security Operations at a retailer with 10,001+ employees
Real User
Excellent integration features, reliable, and responsive technical support

Pros and Cons

  • "AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
  • "The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

What is our primary use case?

AWS Security Hub helps us in centralizing all the different types of findings we have. We can view all the vulnerability findings, configuration issues, or security best practices. We have a consolidated view of an AWS account from a security point of view which is very good.

What is most valuable?

AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard.

What needs improvement?

AWS Security Hub could improve by having more integration and flexibility with other cloud security solutions on the market. They have integration with AWS solutions and other commercial solutions but not ones that are open-source. If we have more of an open-source integration availability it would be great. 

The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.

For how long have I used the solution?

I have been using AWS Security Hub for approximately four years.

What do I think about the stability of the solution?

The solution is stable.

How are customer service and support?

The technical support is good in my experience, they have been prompt with their service.

How was the initial setup?

The initial setup is very easy and straightforward.

What's my experience with pricing, setup cost, and licensing?

The price of the solution is not very competitive but it is reasonable.

What other advice do I have?

I rate AWS Security Hub an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
AC
EMEA Sales Engineer- System Integrators & Service Providers at a computer software company with 10,001+ employees
MSP
Provides great detection and real-time alerts; lacks self-sufficiency

Pros and Cons

  • "Very good at detection and providing real-time alerts."
  • "The solution lacks self-sufficiency."

What is our primary use case?

I'm a user of this solution and a sales engineer.

What is most valuable?

The solution is very good at detection and providing real-time alerts.

What needs improvement?

I think post-share management can be extended further, closer to the data. The solution is not wholly self-sufficient. It would be great if they could make it a multi-cloud solution.

For how long have I used the solution?

I've been using this solution for one year. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable. 

How are customer service and support?

They provide good technical support. 

How was the initial setup?

The initial setup is simple but not overly simple. There is still some work to do there. 

What's my experience with pricing, setup cost, and licensing?

I'm satisfied with the pricing.

What other advice do I have?

I would suggest not relying on the cloud provider only. There are other third-party tools that can help with future strategies. Locking into one vendor can create problems and it's a good idea to use security tools from a third party and have multi-hybrid cloud.

I rate the solution seven out of 10. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Find out what your peers are saying about Amazon, Microsoft, Splunk and others in Security Information and Event Management (SIEM). Updated: October 2021.
540,984 professionals have used our research since 2012.
Ankit-Kumar
Engineering Manager Technology at Nykaa
Real User
Top 10
Good infrastructure insight, stable, but regional restrictions need lifting

Pros and Cons

  • "Finding out if your infrastructure is secure is a valuable feature."
  • "The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."

What is our primary use case?

This solution is for security posture management for the cloud. It will show the security posture of your cloud infrastructure. It can be used for mapping and it can give you a good insight into whether your infrastructure is secure or not. 

What is most valuable?

Finding out if your infrastructure is secure is a valuable feature.

What needs improvement?

The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach. 

The product should not be a region restriction product. It should be global. It should give you the visibility of all the instances that you have for one account, be it in one region or many regions. There should be visibility of all the region in one place.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the stability of the solution?

I had no issues with the stability of the solution.

How are customer service and technical support?

We have contacted the technical team regarding removing the global restrictions in the product. They have advised us that this is in their roadmap for the future. We have worked with them closely on many issues.

What other advice do I have?

I rate AWS Security Hub a seven out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Amazon, Microsoft, Splunk, and more!