Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs CRITICALSTART comparison

Amazon Web Services (AWS) and Critical Start are both solutions in the Security Orchestration Automation and Response (SOAR) category. Amazon Web Services (AWS) is ranked #6 with an average rating of 7.6, while Critical Start is ranked #27. Amazon Web Services (AWS) holds a 6.8% mindshare in SOAR, compared to Critical Start’s 0.6% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of Critical Start users who would recommend it.
Sponsored
Torq
Read 4 Torq reviews
  • 1,707 Views
  • 1,656 Comparison Views
100% willing to recommend
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 7,113 Views
  • 2,774 Comparison Views
89% willing to recommend
CRITICALSTART
Read 10 CRITICALSTART reviews
  • 946 Views
  • 227 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 5, 2024

AWS Security Hub and CRITICALSTART are competitors in the cybersecurity market. AWS Security Hub holds an edge in integration within the AWS ecosystem, while CRITICALSTART excels in advanced threat detection and response.

Features: AWS Security Hub integrates seamlessly with AWS services, offers a centralized security view, and maintains compliance checks. It acts as a one-stop dashboard for security alerts. CRITICALSTART provides real-time threat intelligence, managed detection and response services, and strong human intervention capabilities, utilizing a Zero-Trust model for security enhancements.

Room for Improvement:AWS Security Hub could improve its UI intuitiveness and support for hybrid environments and reduce complexity in dashboard usage. CRITICALSTART could enhance response times, lower the complexity of UI navigation, and refine feature tuning for better alert management.

Ease of Deployment and Customer Service: AWS Security Hub is easily deployed for AWS environments with comprehensive documentation and automation features, promoting self-reliance. CRITICALSTART offers a more hands-on deployment with personalized support, beneficial for organizations needing extensive setup assistance.

Pricing and ROI: AWS Security Hub offers cost-effective scalability, suiting organizations deeply embedded in AWS. CRITICALSTART, though potentially higher in initial costs, provides tailored security solutions and expert management that justify its pricing for businesses prioritizing security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. CRITICALSTART Report (Updated: December 2025).
Buyer's Guide
AWS Security Hub vs. CRITICALSTART
December 2025
Download the complete report
Helped 881,114 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Torq
Sponsored
Ranking in Security Orchestration Automation and Response (SOAR)
8th
Average Rating
8.8
Reviews Sentiment
5.6
Number of Reviews
4
Ranking in other categories
AI-SOC (13th), AI-Powered Security Automation (2nd)
AWS Security Hub
Ranking in Security Orchestration Automation and Response (SOAR)
6th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Cloud Security Posture Management (CSPM) (16th)
CRITICALSTART
Ranking in Security Orchestration Automation and Response (SOAR)
27th
Average Rating
9.4
Reviews Sentiment
7.3
Number of Reviews
10
Ranking in other categories
Managed Detection and Response (MDR) (30th)
 

Mindshare comparison

As of January 2026, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Torq is 4.9%, up from 4.5% compared to the previous year. The mindshare of AWS Security Hub is 6.8%, down from 10.0% compared to the previous year. The mindshare of CRITICALSTART is 0.6%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub6.8%
Torq4.9%
CRITICALSTART0.6%
Other87.7%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Nimrod Vardi - PeerSpot reviewer
Nimrod Vardi
Global IT Director at OpenWeb
Automation workflows have transformed our IT, enabling secure just-in-time access control
We work with them quite often, so we have a direct line regarding areas in Torq that have room for improvement. If we have a feature request, we can request it. I do not have anything in mind at the moment. We were a design partner for a short while, so we feel that they listen and that users of the system have an impact on the way the system is designed for the better. They have a new community, which is something that I personally suggested years ago. There are many people like me in different places and they might have already built the workflow that I need. Having the option to share workflows or to jump on a thread and say I have this need, did anyone ever build a workflow for it, is amazing. Someone would jump in and say yes, sure, here, take this workflow. I think this is an amazing thing and I really hope that the community will come alive because I think this is really powerful. This is something that I already suggested and it did happen eventually, and I am quite happy with it. I do not have any specific feature in mind that I have a need for at the moment.
Read full review
Karthik Ekambaram - PeerSpot reviewer
Karthik Ekambaram
Director at Scybers
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
JH
Justin Hadley
Sr. Manager, Security Engineering at a financial services firm with 501-1,000 employees
The transparency of data in the platform is perfect: You see everything as they are seeing it
Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives. The service's Trusted Behavior Registry helps the provider solve every alert. The way that they have it built out is very intelligent. The way every alert comes in, it gets triaged one direction or another. If it is already a false positive, then it is still getting addressed and reviewed on a regular cadence. Also, true positive alerts get escalated to the appropriate personnel. Its mobile app is great. The ability just to be able to quick reference and see what's coming in when you're on the move or go. You don't always need to have your computer or laptop handy, because you can operate it just from the mobile app. It can communicate with analysts, which is great. The mobile app is great at affecting the efficiency of our security operations. Those guys are using it throughout the day, whether that be at the office, home, or off hours. Typically, they triage from the mobile app. Then, if an escalation needs to be done on a computer, they will pull out a computer. We were on the original UI for a few years, so the updated UI has been a refreshing change. It has significantly more ability to filter and translate data, then load that data. It is rather intuitive to click through for some of our junior analysts or interns, especially as we are starting to onboard and teach them different aspects of the security operations team.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Once I started to use the system and I saw the potential, it changed all of our work in IT."
"Using that one piece of AI, we auto-closed 511 cases in quarter four alone."
"As an analyst, it has demonstrated potential to reduce workforce requirements and time needed for related activities."
"What I appreciate most about Torq is that it is an essential part of our system."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"Finding out if your infrastructure is secure is a valuable feature."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"Cloudposse is a valuable feature as it guarantees my security."
"The solution shows us our compliance score."
"Very good at detection and providing real-time alerts."
More AWS Security Hub pros
"The new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing."
"My impression of the transparency of the data is that it has good detail. It allows you to see how many events have come in, how many of those events have made it down to their analysts to review, and then however many from their analysts to be able to close out, have been able to been escalated to us. It's a good metric that we can share with my management. They see the value of what the SOC is bringing on top of what my team is already doing."
"The quick interaction between the agents is the most valuable feature. If we have questions, they're quick to answer. If we make a change to our system, they quickly make the changes that are necessary to filter the logs correctly."
"The main difference between the other options and this one is the quality of the personnel within the SOC. It's their knowledge and depth and the way they handle customers."
"The way that the user interface presents data enables our team to be able to make decisions significantly quicker, rather than have to dig into the details or go back to the original tools."
"From where we were prior to going into them, the service has increased our analysts’ efficiency to the point that they can focus on other areas of the business. It gives me the ability to allow analysts to do Level 3 and 4 work and stay out of the weeds of the alerts, where you tend to get alert fatigue. The service takes care of much of the Tier 1 and Tier 2 triage. It is more effective than what we had been used to, because it allows the filtering of Level 1 and Level 2 type alerts to be taken care of. This leaves less for us to handle, which is a good thing."
"I also use their mobile app. It's very easy to use and very convenient to be able to respond to alerts wherever you are. I love the app. You can respond and communicate, per ticket, with their SOC in near real-time. The response is very quick."
"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
More CRITICALSTART pros
 

Cons

"It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet."
"The initial deployment of Torq was not easy."
"Regarding stability, I have noticed some lagging, crashing, and downtime, which is one of my largest gripes."
"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"The support must be quicker."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
More AWS Security Hub cons
"The UI has become slower but it's not something I would call them out on."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
"It has frustrated us that they don't have a native Slack integration, because most things do now. That's something we've asked for, for years, and it just doesn't really seem like it's a priority."
"They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."
"The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."
"There is room for improvement with the new UI, and that's about it. I would like to see a more intuitive design."
More CRITICALSTART cons
 

Pricing and Cost Advice

Information not available
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub's pricing is pretty reasonable."
"The price of the solution is not very competitive but it is reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The price of AWS Security Hub is average compared to other solutions."
"Security Hub is not an expensive solution."
"There are multiple subscription models, like yearly, monthly, and packaged."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"It costs a lot for what we felt comfortable to spend."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"The pricing of other services was so insane that they weren't even an option."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
881,114 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
it_user186927
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
8%
Manufacturing Company
8%
Healthcare Company
7%
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
10%
Government
7%
Real Estate/Law Firm
17%
Healthcare Company
8%
Financial Services Firm
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise3
Large Enterprise4
 

Questions from the Community

What needs improvement with Torq?
From our research and testing with the tool, we determined there need to be modifications and changes to train the LL...
See all answers
What is your primary use case for Torq?
I used Torq for conducting one of the proof of evaluations for a vendor we are connected with. I am currently working...
See all answers
What advice do you have for others considering Torq?
One of our members uses AWS, and we receive their feed. This involves triaging AWS-related logs. While I do not have ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances...
See all answers
What needs improvement with AWS Security Hub?
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other pro...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Tines vs Torq Logo
Tines vs Torq
Compared 48% of the time
Splunk SOAR vs Torq Logo
Splunk SOAR vs Torq
Compared 13% of the time
Blink Ops vs Torq Logo
Blink Ops vs Torq
Compared 12% of the time
Palo Alto Networks Cortex XSOAR vs Torq Logo
Palo Alto Networks Cortex XSOAR vs Torq
Compared 10% of the time
Swimlane vs Torq Logo
Swimlane vs Torq
Compared 7% of the time
More Torq Competitors
Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 35% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 8% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 8% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
CrowdStrike Falcon Cloud Security vs AWS Security Hub Logo
CrowdStrike Falcon Cloud Security vs AWS Security Hub
Compared 3% of the time
More AWS Security Hub Competitors
ServiceNow Security Operations vs CRITICALSTART Logo
ServiceNow Security Operations vs CRITICALSTART
Compared 15% of the time
Red Canary vs CRITICALSTART Logo
Red Canary vs CRITICALSTART
Compared 14% of the time
Palo Alto Networks Cortex XSOAR vs CRITICALSTART Logo
Palo Alto Networks Cortex XSOAR vs CRITICALSTART
Compared 12% of the time
ReliaQuest GreyMatter vs CRITICALSTART Logo
ReliaQuest GreyMatter vs CRITICALSTART
Compared 11% of the time
Arctic Wolf Managed Detection and Response vs CRITICALSTART Logo
Arctic Wolf Managed Detection and Response vs CRITICALSTART
Compared 10% of the time
More CRITICALSTART Competitors
 

Product Reports

Buyer's Guide
Torq
January 2026
Torq reportDownload Torq product report
Buyer's Guide
AWS Security Hub
January 2026
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
CRITICALSTART
January 2026
CRITICALSTART reportDownload CRITICALSTART product report
 

Also Known As

No data available
SQRRL
Critical Start, CriticalStart
 

Overview

Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.

Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of your SecOps team, allowing them to achieve more impactful results without introducing complicated processes.

What are the key features of Torq?
  • Adaptive Agentic Insights: Provides real-time threat intelligence tailored to specific security challenges.
  • Automation: Automates responses to security incidents, minimizing manual intervention requirements.
  • Threat Lifecycle Management: Comprehensive handling of threats from detection to remediation.
  • Telemetry Aggregation: Integrates data across platforms for a unified security overview.
Why consider Torq based on reviews?
  • Efficiency: Users notice significant reductions in time spent managing threats.
  • Risk Reduction: Enhanced ability to identify and address critical threats promptly.
  • Resource Optimization: Allows teams to allocate effort to other critical tasks by reducing manual security operations.
  • Scalability: Adaptable to meet the demands of growing or changing infrastructures.

In industries like finance and healthcare, Torq shows effectiveness by adapting to specific risk scenarios often encountered in these fields. Its integration with existing infrastructures makes it a valuable asset for maintaining stringent security standards, essential for protecting critical data and operations in diverse high-stakes environments.

Torq

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.

CRITICALSTART is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. They believe that companies should never have to settle for “good enough.” Their award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). CRITICALSTART MDR puts a stop to alert fatigue by leveraging the Zero Trust Analytics Platform (ZTAP) plus the industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, their on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOC app.

Critical Start
 

Sample Customers

Information Not Available
Edmunds, Frame.io, GoDaddy, Realtor.com
Information Not Available
Buyer's Guide
AWS Security Hub vs. CRITICALSTART
December 2025
Free Report: AWS Security Hub vs. CRITICALSTART
Find out what your peers are saying about AWS Security Hub vs. CRITICALSTART and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,114 professionals have used our research since 2012.
See our AWS Security Hub vs. CRITICALSTART report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.