We performed a comparison between AWS Security Hub and FileAudit based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The connectivity and analytics are great."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"I find all of the features to be highly valuable."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The platform has valuable features for security."
"Finding out if your infrastructure is secure is a valuable feature."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"Very good at detection and providing real-time alerts."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"It is a good and stable solution...It is a scalable solution."
"Alerting upon file changes is the most valuable aspect of the product."
"Our customer acquires the complete report which is kept for future auditing purposes."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The playbook is a bit difficult and could be improved."
"The on-prem log sources still require a lot of development."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The support must be quicker."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"It is not flexible for multi-cloud environments."
"The updates management and central management console could be improved."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 16 reviews while FileAudit is ranked 38th in Security Information and Event Management (SIEM) with 3 reviews. AWS Security Hub is rated 7.6, while FileAudit is rated 9.0. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of FileAudit writes "A scalable SIEM solution for monitoring a user's activity in the file server". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Google Chronicle Suite and Oracle Security Monitoring and Analytics Cloud Service, whereas FileAudit is most compared with ManageEngine File Audit Plus.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
