We performed a comparison between AWS GuardDuty and Symantec Cloud Workload Protection based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Microsoft, Wiz and others in Cloud Workload Protection Platforms (CWPP)."One of the advantages of cloud services is the ability to use them on demand. There's minimal installation involved; you can check the latest offerings and make new deployments while dismantling the previous ones. This approach keeps you ahead of potential services, showcasing the agility of AWS."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"It helps us detect brute-force attacks based on machine learning."
"What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."
"With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks."
"The correlation back end is the solution's most valuable feature."
"It is a highly scalable solution since it is a service by AWS. Scalability-wise, I rate the solution a ten out of ten."
"The most valuable features are the single system for data collection and the alert mechanisms."
"It will read various logs, diagnose what is wrong, and then alert you."
"The most valuable features in Symantec Cloud Workload Protection are endpoint protection and active directory features. The active directory features in the product are very good, and in terms of security, the most valuable feature in Symantec Cloud Workload Protection is threat defense or threat protection."
"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA."
"The solution's user interface could be improved because it will help users to understand multiple options."
"It would be great if the solution had some automation capabilities."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"Because it's a threat detection service, they need to keep up with the various threat factors because new threat factors and attack factors come up all the time."
"There is currently no consolidated dashboard for AWS GuardDuty. It would be helpful if they could provide a dashboard based on severity levels (high, medium, low) and offer insights account-wise, especially for users utilizing automation structures."
"AWS GuardDuty needs to be more customer-oriented."
"In the future, we may need to use features that are only available in one of the competing products."
"One area for improvement in Symantec Cloud Workload Protection is integration. Other features that could be improved are defense control and encryption, particularly in the USB. For example, users should be able to control the USB and have the capability of blocking and allowing USB reading and writing. Having a USB encryption feature in Symantec Cloud Workload Protection would also be very useful."
More Symantec Cloud Workload Protection Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 19 reviews while Symantec Cloud Workload Protection is ranked 27th in Cloud Workload Protection Platforms (CWPP) with 2 reviews. AWS GuardDuty is rated 8.2, while Symantec Cloud Workload Protection is rated 8.0. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Symantec Cloud Workload Protection writes "Protects cloud-based workloads with antivirus and traffic analysis". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Check Point CloudGuard CNAPP, whereas Symantec Cloud Workload Protection is most compared with .
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.