• Home
  • AWS GuardDuty vs. Cavirin

AWS GuardDuty vs Cavirin comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS GuardDuty
Read 20 AWS GuardDuty reviews
9,041 views|7,623 comparisons
85% willing to recommend
Cavirin Systems Logo
Cavirin
Read 1 Cavirin review
62 views|32 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cloud Workload Protection Platforms (CWPP)
April 2024
Executive Summary

We performed a comparison between AWS GuardDuty and Cavirin based on real PeerSpot user reviews.

Find out what your peers are saying about Palo Alto Networks, Microsoft, Wiz and others in Cloud Workload Protection Platforms (CWPP).
To learn more, read our detailed Cloud Workload Protection Platforms (CWPP) Report (Updated: April 2024).
Download the complete report
769,789 professionals have used our research since 2012.
Featured Review
Saurabh Khan
combines ML and integrated threat intelligence from AWS and leading third parties to help protect your AWS accounts,...
AWS GuardDuty enhances organizational security by providing automated threat detection, easy integration with other AWS services, centralized... Read more →
Kat Bluma
Cyber security solution that provides actionable reports within 30 minutes and completes auto patching
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features are the single system for data collection and the alert mechanisms.""The way it monitors accounts is definitely a very important feature.""With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks.""What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away.""We use the tool for threat detection. AWS includes AI features as well. AWS GuardDuty gives us reports.""It helps us detect brute-force attacks based on machine learning.""The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware.""Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."

More AWS GuardDuty Pros →

"Overall, this is a good solution that scales well. It is easily deployed and is non intrusive on systems."

More Cavirin Pros →

Cons
"The number of security features offered by the product is very limited, making it an area where improvements are needed.""Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense.""It is evolving, and at the moment, I will just need it on a larger scale. Then, it will satisfy my demand, initially.""I work in a bank, and it would be good if AWS GuardDuty could be integrated with other monitoring and detection tools we use.""For the next release, they could provide IPS features as well.""Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud.""AWS GuardDuty needs to be more customer-oriented.""It would be great if the solution had some automation capabilities."

More AWS GuardDuty Cons →

"The reporting for this solution could be improved. In a future release, we would like to have an extension into the on-prem for CIS in compliance reporting."

More Cavirin Cons →

Pricing and Cost Advice
  • "We use a pay-as-you-use license, which is competitively priced in the market."
  • "I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
  • "In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
  • "Pricing is determined by the number of events sent."
  • "The pricing model is pay as you go and is based on the number of events per month."
  • "On a scale of one to ten, where one is a high price, and ten is a low price, I rate the pricing a four or five, which is somewhere in the middle."
  • "GuardDuty only enables accounts in regions where you have an active workload. If there are places where you don't have an active workload, you wouldn't even enable them. That's one area where they could allow you to cut down your cost."
  • "The tool has no subscription charges."

    • More AWS GuardDuty Pricing and Cost Advice →

    Information Not Available
    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
    See Recommendations
    769,789 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Amazon GuardDuty?
    Top Answer:With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential… more »
    Read all 11 answers   →
    What is your experience regarding pricing and costs for Amazon GuardDuty?
    Top Answer:80 percent of the customers are using AWS GuardDuty, and we recommend it due to its low cost, especially for small customers, ranging from five to ten dollars a month. In our policies, we enforce the… more »
    Read all 10 answers   →
    What needs improvement with Amazon GuardDuty?
    Top Answer:One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions. It would be beneficial to have… more »
    Read all 11 answers   →
    What do you like most about Cavirin?
    Top Answer:Overall, this is a good solution that scales well. It is easily deployed and is non intrusive on systems.
    What needs improvement with Cavirin?
    Top Answer:The reporting for this solution could be improved. In a future release, we would like to have an extension into the on-prem for CIS in compliance reporting.
    What is your primary use case for Cavirin?
    Top Answer:Cavirin provides reports that are useful and actionable within 30 minutes. These reports show the configuration of servers and applications and if they're in compliance with specific standards. It… more »
    Ranking
    4th
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    9,041
    Comparisons
    7,623
    Reviews
    19
    Average Words per Review
    644
    Rating
    8.1
    27th
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    62
    Comparisons
    32
    Reviews
    1
    Average Words per Review
    229
    Rating
    7.0
    Comparisons
    Learn More
    Amazon Web Services (AWS)
    Cavirin Systems
    Overview

    Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.

    Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.

    GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.

    GuardDuty will continually alert users regarding their AWS environment status and will send the security discoveries to the GuardDuty dashboard or Amazon CloudWatch events for users to view.

    Users can access GuardDuty via:

    • AWS SDKs: Amazon provides users with several software development kits (SDKs) that are made up of libraries and sample code of numerous popular programming languages and platforms, such as Android, iOS, Java, .Net, Python, and Ruby. The SDKs make it easier to develop programmatic access to GuardDuty.

    • GuardDuty HTTPS API: This allows users to issue HTTPS requests directly to the service.

    • GuardDuty Console: This is a browser-based intuitive dashboard interface where users can access and use GuardDuty.

    Amazon Elastic Kubernetes Service (Amazon EKS)

    Kubernetes protection is an optional add-on in Amazon GuardDuty. This tool is able to discover malicious behavior and possible destabilization of an organization's Kubernetes clusters inside of Amazon Elastic Kubernetes Service (Amazon EKS).

    When Amazon EKS is activated, GuardDuty will actively use various data sources to discover potential risks against Kubernetes API. When Kubernetes protection is enabled, GuardDuty uses optional data sources to detect threats against Kubernetes API.

    Kubernetes audit logs are a Kubernetes feature that captures historical API activity from applications, the control plane, users, and endpoints. GuardDuty collates these logs from Amazon EKS to create Kubernetes discoveries for the organization's Amazon EKS assets; there is no need to store or turn on the logs.

    As long as Kubernetes protection remains activated, GuardDuty will continuously dissect Kubernetes data sources from the Amazon EKS clusters to ensure no suspicious or anomalous behavior is taking place.

    Amazon Simple Cloud Storage (S3) Protection

    Amazon S3 allows Amazon GuardDuty to actively audit object-level API processes to discover possible security threats to data inside an organization's S3 buckets. GuardDuty continually audits risk to the organization’s S3 assets by carefully dissecting AWS CloudTrail management events and AWS CloudTrail S3 data events. These tools are continually auditing various CloudTrail management events for potential suspicious activities that affect S3 buckets, such as PutBucketReplication, DeleteBucket, ListBucket, and data events for S3 object-level API processes, such as PutObject, GetObject, ListObject, and DeleteObject.

    Reviews from Real Users

    The most valuable features are the single system for data collection and the alert mechanisms. Prior to using GuardDuty, we had multiple systems to collect data and put it in a centralized location so we could look into it. Now we don't need to do that anymore as GuardDuty does it for us.” - Arunkumar A., Information Security Manager at Tata Consultancy Services

    Cavirin's software solution is deployable within minutes on-premise or within AWS, Azure, and Google Cloud, delivering first remediation guidance in under 30 minutes. It uniquely offers both cloud security posture management as well as continuous compliance for Linux, Windows, and Docker workloads (servers). Our software automates protection, monitoring, and response. Read below for some of Cavirin's industry-leading capabilities.

    Sample Customers
    autodesk, mapbox, fico, webroot
    Pacific Dental Services, AIG, Aryaka, GreenSky, Outbrain, Gusto, Proofpoint, SugarCRM, Verizon, UCSF
    Top Industries
    REVIEWERS
    Financial Services Firm43%
    Computer Software Company14%
    Media Company7%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company16%
    Manufacturing Company8%
    Healthcare Company5%
    No Data Available
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise14%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise13%
    Large Enterprise67%
    No Data Available
    Buyer's Guide
    Cloud Workload Protection Platforms (CWPP)
    April 2024
    Download Free Report
    Find out what your peers are saying about Palo Alto Networks, Microsoft, Wiz and others in Cloud Workload Protection Platforms (CWPP). Updated: April 2024.
    DOWNLOAD NOW
    769,789 professionals have used our research since 2012.

    AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 20 reviews while Cavirin is ranked 27th in Cloud Workload Protection Platforms (CWPP) with 1 review. AWS GuardDuty is rated 8.0, while Cavirin is rated 7.0. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Cavirin writes "Cyber security solution that provides actionable reports within 30 minutes and completes auto patching". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Check Point CloudGuard CNAPP, whereas Cavirin is most compared with .

    See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

    We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.