Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Elastic Security comparison

Amazon Web Services (AWS) and Elastic are both solutions in the Security Orchestration Automation and Response (SOAR) category. Amazon Web Services (AWS) is ranked #6 with an average rating of 7.6, while Elastic is ranked #5 with an average rating of 8.5. Amazon Web Services (AWS) holds a 7.8% mindshare in SOAR, compared to Elastic’s 4.7% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 86% of Elastic users who would recommend it.
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 7,146 Views
  • 2,787 Comparison Views
89% willing to recommend
Elastic Security
Read 66 Elastic Security reviews
  • 10,861 Views
  • 1,738 Comparison Views
86% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Elastic Security and AWS Security Hub are both prominent cybersecurity solutions. Elastic Security is well-regarded for its pricing and customer support, while AWS Security Hub stands out due to its extensive features and user satisfaction with the overall value it provides.

Features: Elastic Security has powerful search capabilities, comprehensive threat detection, and strong threat detection efficiency. AWS Security Hub offers seamless integration with AWS services, provides a unified view of security alerts, and emphasizes integration benefits within the AWS ecosystem.

Room for Improvement: Elastic Security users mention the need for a more intuitive setup process, more user-friendly documentation, and enhancements in user experience. AWS Security Hub users want improvements in its alerting mechanism, more customizable dashboard features, and overall flexibility in customization.

Ease of Deployment and Customer Service: Elastic Security users report complex deployment but highly responsive customer service. AWS Security Hub benefits from straightforward deployment within the AWS environment, though support experiences vary.

Pricing and ROI: Elastic Security is praised for its competitive setup costs and strong ROI. AWS Security Hub is seen as more expensive but justifiable due to its feature-rich offerings and integration capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. Elastic Security Report (Updated: September 2025).
Buyer's Guide
AWS Security Hub vs. Elastic Security
September 2025
Download the complete report
Helped 872,869 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Security Orchestration Automation and Response (SOAR)
6th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Cloud Security Posture Management (CSPM) (13th)
Elastic Security
Ranking in Security Orchestration Automation and Response (SOAR)
5th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of November 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 7.8%, down from 9.9% compared to the previous year. The mindshare of Elastic Security is 4.7%, down from 5.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Elastic Security4.7%
AWS Security Hub7.8%
Other87.5%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
Laurentiu Popescu - PeerSpot reviewer
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"I rate Security Hub ten out of ten for stability."
"Cloudposse is a valuable feature as it guarantees my security."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
More AWS Security Hub pros
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"The solution is quite stable. The performance has been good."
"The most valuable feature is the machine learning capability."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The most valuable feature for me is Discover."
"The stability of the solution is good."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"It's very stable and reliable."
More Elastic Security pros
 

Cons

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
More AWS Security Hub cons
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"This solution is very hard to implement."
"The initial configuration and setup are complicated and not straightforward."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Installation is a little bit overwhelming, so improvements on the installation site could make it easier."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"The solution's query building is not that intuitive compared to other solutions."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
More Elastic Security cons
 

Pricing and Cost Advice

"The price of AWS Security Hub is average compared to other solutions."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"AWS Security Hub's pricing is pretty reasonable."
"The price of the solution is not very competitive but it is reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"There are multiple subscription models, like yearly, monthly, and packaged."
"Security Hub is not an expensive solution."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"Compared to other tools, Elastic Security is a cheaper solution."
"Elastic Security is free to use."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"We use the open-source version, so there is no charge for this solution."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
More Elastic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
872,869 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Computer Software Company
14%
Government
10%
Comms Service Provider
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise11
Large Enterprise15
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfig...
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 37% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 7% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
CrowdStrike Falcon Cloud Security vs AWS Security Hub Logo
CrowdStrike Falcon Cloud Security vs AWS Security Hub
Compared 4% of the time
More AWS Security Hub Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 14% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 7% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 6% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 5% of the time
More Elastic Security Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
November 2025
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Elastic Security
November 2025
Elastic Security reportDownload Elastic Security product report
 

Also Known As

SQRRL
Elastic SIEM, ELK Logstash
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)
Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Buyer's Guide
AWS Security Hub vs. Elastic Security
September 2025
Free Report: AWS Security Hub vs. Elastic Security
Find out what your peers are saying about AWS Security Hub vs. Elastic Security and other solutions. Updated: September 2025.
DOWNLOAD NOW
872,869 professionals have used our research since 2012.
See our AWS Security Hub vs. Elastic Security report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.