Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs FileAudit vs Splunk Enterprise Security comparison

The compared Amazon Web Services (AWS) and IS Decisions solutions aren't in the same category. Amazon Web Services (AWS) is ranked #13 in CSPM , with an average rating of 7.6, and holds a 4.2% mindshare in the category. IS Decisions is ranked #64 in SIEM , and holds a 0.3% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of IS Decisions users who would recommend it.
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 7,414 Views
  • 3,262 Comparison Views
89% willing to recommend
FileAudit
Read 3 FileAudit reviews
  • 533 Views
  • 293 Comparison Views
100% willing to recommend
Splunk Enterprise Security
Read 369 Splunk Enterprise Security reviews
  • 23,960 Views
  • 12,459 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between AWS Security Hub, FileAudit, and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud Security Posture Management (CSPM).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cloud Security Posture Management (CSPM) Report (Updated: October 2025).
Buyer's Guide
Cloud Security Posture Management (CSPM)
October 2025
Download the complete report
Helped 869,202 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub4.2%
Wiz20.9%
Prisma Cloud by Palo Alto Networks11.4%
Other63.5%
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
FileAudit0.3%
Wazuh10.2%
Splunk Enterprise Security9.2%
Other80.3%
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Splunk Enterprise Security9.2%
Wazuh10.2%
IBM Security QRadar7.0%
Other73.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
AntoSebastin - PeerSpot reviewer
A scalable SIEM solution for monitoring a user's activity in the file server
The most valuable features of the solution are its quick and simple features related to advanced permissions for files, allowing for what permission needs to be granted to the users when it comes to the monitoring folder in the solution. If someone who has been denied permission to use a particular folder tries to go to that folder, then the administrator gets a notification. In general, the administrator can easily gather and maintain records if a person who has been denied permission to a particular confidential folder tries to access it.
Read full review
Kyle Vernham - PeerSpot reviewer
Built-in searches and unified data access streamline alert investigation and boosts analyst efficiency
The two features I appreciate the most in Splunk Enterprise Security are the built-in searches, which have been very easy for us to get started with right out of the box, and the fact that it accesses all of our other systems. You can access it as a pane of glass rather than having to search individually. We also have the option to compare our analysts from our service to service. Splunk Enterprise Security helps our SOC team prioritize and investigate high-fidelity alerts more effectively by providing a more in-depth look and the ability to access a lot more of our data. Instead of jumping from several segmented systems, it allows us to have everything brought together in one place. For example, you have to move from our purview to our build system and to Splunk Enterprise Security, and it enables us to streamline that process. The built-in features of Splunk Enterprise Security, which we recently procured, have given us a good starting point and demonstrated the value of the product, providing an easy way to sell it to our company. The ease of getting everything into our purview helps us, and it serves as a good start for the investigation part in one location rather than what we usually have, which is jumping from system to system to system. Splunk Enterprise Security plays a role in our company's strategy to combat insider threats and advanced persistent threats by currently being in its technical test phase. We are still rolling it out, and it should help us find any insider threats based on information that our policy states should not be present in our system. Splunk Enterprise Security's risk-based alerting (RBA) has impacted our alert volume and analyst productivity because we've got many different systems feeding into it. However, it has helped to make it easier for our analysts to go through a set of events rather than 100 alerts. RBA allows us to streamline the process and customize it for our analysts. When it comes to leveraging Splunk Enterprise Security's dashboards and visualizations to communicate security posture to executives, it's pretty straightforward for any type of information. The visualization is easy to understand, but I haven't had any direct conversations with our executives.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The platform has valuable features for security."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"The solution shows us our compliance score."
"Finding out if your infrastructure is secure is a valuable feature."
"AWS Security Hub's unified dashboard does help streamline my process of identifying vulnerabilities, but we don't use Inspector."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
More AWS Security Hub pros
"Alerting upon file changes is the most valuable aspect of the product."
"It is a good and stable solution...It is a scalable solution."
"Our customer acquires the complete report which is kept for future auditing purposes."
"The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature."
"Splunk Enterprise Security is doing its job in helping improve my organization's business resilience."
"Its compatibility with other SIEMS is very useful."
"Now with Splunk Enterprise Security, we have everything in one place—the notables are created automatically, but they can also create their own notables based on the investigation, which improved and reduced about 50% of the manual work that was done before versus what we are doing now."
"The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate."
"This solution helps us increase our productivity."
"Splunk Enterprise Security's risk-based alerting has been a game-changer for us, adding intelligence to alerts by considering behavioral or internal asset-based criteria, effectively helping us prioritize alerts and filtering out noise that can be ignored."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
More Splunk Enterprise Security pros
 

Cons

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"The solution lacks self-sufficiency."
"It is not flexible for multi-cloud environments."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"There is room for improvement in implementing AI capabilities."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
More AWS Security Hub cons
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"The updates management and central management console could be improved."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"Splunk Enterprise Security could be improved by having better role-based access controls."
"The AWS add-on is particularly problematic, with most inputs requiring manual writing due to lack of out-of-box functionality."
"The solution could improve by making it more business analysis oriented. The way it is now is designed more for developers."
"Regarding room for improvement, I expect Splunk to provide information about new features on a regular basis, such as notifications about enhancements that may improve security posture."
"While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"Splunk Enterprise Security can be improved by having more focus on the data health monitoring aspect, which will definitely be helpful."
More Splunk Enterprise Security cons
 

Pricing and Cost Advice

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The price of AWS Security Hub is average compared to other solutions."
"The price of the solution is not very competitive but it is reasonable."
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub's pricing is pretty reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"Security Hub is not an expensive solution."
"FileAudit provides a trial license for 30 days, and after that, customers can choose between perpetual licensing or the annual-based licensing option offered by FileAudit."
"Splunk is definitely not a cheap solution. It is an expensive product."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
"Our ROI is high."
"The pricing seems good relative to the other vendors that we have had here. However, they need to find ways to be more flexible with the licensing and be able to deal with situations where we start generating more logs. Maybe having some controls in the Splunk interface to turn it off, so we don't have to change anything in our application."
"The price of Splunk Enterprise Security is reasonable, falling somewhere in the middle range."
"The licensing costs are high for Splunk Enterprise Security."
"I have no opinion on pricing."
"Splunk Enterprise Security's pricing is pretty competitive."
More Splunk Enterprise Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
869,202 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
No data available
Computer Software Company
14%
Financial Services Firm
14%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
No data available
By reviewers
Company SizeCount
Small Business111
Midsize Enterprise49
Large Enterprise257
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances...
See all answers
What needs improvement with AWS Security Hub?
Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually an...
See all answers
Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingest...
See all answers
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitor...
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 36% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 7% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
Oracle Security Monitoring and Analytics Cloud Service vs AWS Security Hub Logo
Oracle Security Monitoring and Analytics Cloud Service vs AWS Security Hub
Compared 2% of the time
More AWS Security Hub Competitors
Fortinet FortiSIEM vs FileAudit Logo
Fortinet FortiSIEM vs FileAudit
Compared 54% of the time
ManageEngine File Audit Plus vs FileAudit Logo
ManageEngine File Audit Plus vs FileAudit
Compared 46% of the time
More FileAudit Competitors
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Compared 9% of the time
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Compared 6% of the time
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Compared 6% of the time
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Compared 5% of the time
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
Compared 4% of the time
More Splunk Enterprise Security Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
October 2025
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Security Information and Event Management (SIEM)
September 2025
FileAudit reportDownload FileAudit product report
Buyer's Guide
Splunk Enterprise Security
September 2025
Splunk Enterprise Security reportDownload Splunk Enterprise Security product report
 

Also Known As

SQRRL
No data available
No data available
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)
Agentless, remote and non-intrusive, FileAudit offers a simple more user-friendly way to safeguard and secure file access in a Windows environment. FileAudit provides real-time monitoring and alerting on all access (or access attempts). FileAudit also implements contextual functions such as mass access and alteration alerts, tracking source IP address information for remote data access, and providing granular time and date alerting parameters to monitor folder and file access at unusual or unexpected times.
IS Decisions

Splunk Enterprise Security delivers powerful log management, rapid searches, and intuitive dashboards, enhancing real-time analytics and security measures. Its advanced machine learning and wide system compatibility streamline threat detection and incident response across diverse IT environments.

Splunk Enterprise Security stands out in security operations with robust features like comprehensive threat intelligence and seamless data integration. Its real-time analytics and customizable queries enable proactive threat analysis and efficient incident response. Integration with multiple third-party feeds allows detailed threat correlation and streamlined data visualization. Users find the intuitive UI and broad compatibility support efficient threat detection while reducing false positives. Despite its strengths, areas such as visualization capabilities and integration processes with cloud environments need enhancement. Users face a high learning curve, and improvements in automation, AI, documentation, and training are desired to maximize its potential.

What Are the Key Features of Splunk Enterprise Security?
  • Log Management: Efficiently manages and organizes a vast amount of logs for better data handling.
  • Rapid Data Search: Quickly retrieves relevant data for fast decision-making.
  • Flexible Dashboards: Customizable dashboards provide clear data visualization.
  • Comprehensive Threat Intelligence: Offers detailed insights to preemptively defend against threats.
  • Real-Time Analytics: Analyzes data in real-time to enhance response times.
  • Integration with Third-Party Feeds: Streamlines information flow from multiple sources.
What Benefits Should Users Investigate in Reviews?
  • Efficient Incident Response: Enhances the ability to respond promptly to threats.
  • False Positive Reduction: Minimizes incorrect threat alarms, making monitoring more efficient.
  • Threat Detection Speed: Accelerates the identification and evaluation of security threats.
  • Cost-Effectiveness: Potential savings through better licensing options and operational efficiency.
  • User Adaptability: Enhancements in documentation and training resources aid in overcoming the learning curve.

In specific industries like finance and healthcare, Splunk Enterprise Security is instrumental for log aggregation, SIEM functionalities, and compliance monitoring. Companies leverage its capabilities for proactive threat analysis and response, ensuring comprehensive security monitoring and integration with various tools for heightened operational intelligence.

Splunk
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
CommuniCare Health Centre, DP World, BAE Systems, Moet Hennessy, Ernst & Young, Honda, Volswagon, VTech, GlakoSmithKline, Lockheed Martin, US Navy, University of Alabama, Ministry of Interior Saudi Arabia, Total
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Buyer's Guide
Cloud Security Posture Management (CSPM)
October 2025
Download Free Report
Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud Security Posture Management (CSPM). Updated: October 2025.
DOWNLOAD NOW
869,202 professionals have used our research since 2012.