Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs FortiCNAPP comparison

Amazon Web Services (AWS) and Fortinet are both solutions in the Cloud Security Posture Management (CSPM) category. Amazon Web Services (AWS) is ranked #15 with an average rating of 7.6, while Fortinet is ranked #27 with an average rating of 6.5. Amazon Web Services (AWS) holds a 4.0% mindshare in CSPM, compared to Fortinet’s 2.4% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 83% of Fortinet users who would recommend it.
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 6,994 Views
  • 3,007 Comparison Views
89% willing to recommend
FortiCNAPP
Read 11 FortiCNAPP reviews
  • 3,372 Views
  • 1,888 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 18, 2025

FortiCNAPP and AWS Security Hub compete in the cloud security software category. AWS Security Hub appears to have the upper hand due to its integration capabilities and affordability.

Features: FortiCNAPP offers robust anomaly detection, simplifying compliance reporting and integrating with alert channels. It helps prioritize alerts based on severity with comprehensive context. AWS Security Hub provides a unified dashboard that integrates seamlessly with AWS services and supports CIS standards, offering detailed insights into cloud configurations and streamlining security checks.

Room for Improvement: FortiCNAPP needs better visibility and data governance, especially in IAM security. Users desire simpler alert configuration and improved third-party tool integration. FedRAMP authorization is not available. AWS Security Hub struggles with open-source tool integration and cross-cloud deployments. Its dashboards require more customization, and real-time vulnerability detection needs enhancement. Its configuration and integration are seen as complex, hindering usability.

Ease of Deployment and Customer Service: FortiCNAPP is commended for responsive customer support through channels like Slack, though initial integration can be challenging. It supports public and private cloud environments. AWS Security Hub, focused on public cloud use, receives mixed support feedback, with brief initial assistance and variation in user satisfaction regarding support interactions.

Pricing and ROI: FortiCNAPP is perceived as slightly expensive but justifies its cost with reduced manual monitoring and effective detection. AWS Security Hub is generally affordable with a pay-as-you-go model, aligning cost with feature set and providing competitive security assessment tools. Users acknowledge its cost efficiency but desire more detailed ROI metrics.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. FortiCNAPP Report (Updated: December 2025).
Buyer's Guide
AWS Security Hub vs. FortiCNAPP
December 2025
Download the complete report
Helped 879,259 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
15th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (6th)
FortiCNAPP
Ranking in Cloud Security Posture Management (CSPM)
27th
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
11
Ranking in other categories
Vulnerability Management (44th), Container Security (31st), Cloud Workload Protection Platforms (CWPP) (20th), Cloud-Native Application Protection Platforms (CNAPP) (18th), Compliance Management (10th)
 

Mindshare comparison

As of December 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 4.0%, down from 4.7% compared to the previous year. The mindshare of FortiCNAPP is 2.4%, up from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub4.0%
FortiCNAPP2.4%
Other93.6%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Karthik Ekambaram
Director at Scybers
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
SK
Sai Tharun Kumar
Software Engineer at a university with 5,001-10,000 employees
Improving security insights has been helpful but inconsistent vulnerability tracking needs attention
The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly. Regarding improvements, the vulnerability part, recent changes with user management, and Fortinet IM coming into place, which is not helpful at all because it cuts out the automation part, are the most important things. Lacework FortiCNAPP should have a new clean UI and ease of access for the users as that should be the main concern. There are limitations regarding the scalability of Lacework FortiCNAPP. There are also more limitations with integrations like GitHub or any other pipeline, CI/CD, or ISD. It is glitchy and works well only sometimes, and most of the time, the reports or other things are not properly calculated or circulated with the teams.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The platform has valuable features for security."
"Cloudposse is a valuable feature as it guarantees my security."
"I find all of the features to be highly valuable."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"The solution shows us our compliance score."
More AWS Security Hub pros
"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."
"The best feature, in my opinion, is the ease of use."
"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."
"The machine learning capability in Lacework FortiCNAPP is used for threat detection, and automated policy recommendation helps to improve my security measures in general."
"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."
"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."
"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."
"Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offers, along with the ability to identify and address misconfigurations, is invaluable. When such issues arise, we promptly acknowledge and take action, effectively collaborating with our teams and the responsible parties for those assets. This enables us to promptly manage problems as soon as they arise."
More FortiCNAPP pros
 

Cons

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
More AWS Security Hub cons
"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."
"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."
"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."
"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."
"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."
"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."
"The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly."
"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."
More FortiCNAPP cons
 

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"Security Hub is not an expensive solution."
"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub's pricing is pretty reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."
"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."
"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."
"The licensing fee was approximately $80,000 USD, per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
879,259 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
it_user186927
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Computer Software Company
13%
Financial Services Firm
13%
Manufacturing Company
7%
University
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise4
Large Enterprise4
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfig...
See all answers
What is your experience regarding pricing and costs for Lacework?
My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.
See all answers
What needs improvement with Lacework?
The vulnerability part is not systematically organized; it is all clumsy in the web UI, and it is not user-friendly. Regarding improvements, the vulnerability part, recent changes with user managem...
See all answers
What is your primary use case for Lacework?
The major use case for Lacework FortiCNAPP is for security. I'm using it for security internally for my company.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 36% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 10% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 8% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
CrowdStrike Falcon Cloud Security vs AWS Security Hub Logo
CrowdStrike Falcon Cloud Security vs AWS Security Hub
Compared 3% of the time
More AWS Security Hub Competitors
Wiz vs FortiCNAPP Logo
Wiz vs FortiCNAPP
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs FortiCNAPP Logo
Prisma Cloud by Palo Alto Networks vs FortiCNAPP
Compared 8% of the time
Tenable Cloud Security vs FortiCNAPP Logo
Tenable Cloud Security vs FortiCNAPP
Compared 5% of the time
AWS GuardDuty vs FortiCNAPP Logo
AWS GuardDuty vs FortiCNAPP
Compared 4% of the time
Morphisec vs FortiCNAPP Logo
Morphisec vs FortiCNAPP
Compared 2% of the time
More FortiCNAPP Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
December 2025
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
FortiCNAPP
December 2025
FortiCNAPP reportDownload FortiCNAPP product report
 

Also Known As

SQRRL
Polygraph, FortiCNP, Lacework
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

FortiCNAPP is a comprehensive cloud security platform focusing on ease of use and machine learning-driven anomaly detection. It offers robust compliance reporting, seamless integration, and continuous monitoring, making it an essential tool for organizations managing multi-cloud environments and security configurations.

FortiCNAPP provides significant capabilities in cloud security, compliance, and vulnerability management. Designed for organizations needing efficient monitoring, it enables detection of anomalies across cloud infrastructures while optimizing security posture and ensuring compliance with environments like AWS and GCP. The platform offers in-depth insights through scanning of IAC scripts, host systems, and cloud configurations. Recognized for effectively managing security posture, it safeguards Kubernetes and container environments, providing comprehensive threat detection and response. However, some areas like visibility, IAM security controls, and compliance metrics need improvement. Users face challenges with alert setup and lack intuitive design, alongside issues like FedRAMP authorization absence and complexity in the data model.

What are the key features of FortiCNAPP?
  • Ease of Use: FortiCNAPP simplifies security management for cloud environments.
  • Machine Learning Anomaly Detection: Automatically identifies and prioritizes threats.
  • Compliance Reporting: Streamlines compliance procedures and reporting.
  • Seamless Integration: Ensures smooth operation across multi-cloud environments.
  • Continuous Monitoring: Provides ongoing oversight of security vulnerabilities.
  • Multi-Cloud Integration: Enables swift response to misconfigurations and vulnerabilities.
What benefits should users expect when evaluating FortiCNAPP?
  • Time Efficiency: Reduces time spent on compliance and threat management.
  • Improved Security Posture: Enhances protection for cloud and container environments.
  • Valuable Security Insights: Provides in-depth analysis for proactive threat response.
  • Noise Reduction: Distills security logs to minimize alert fatigue.
  • Operational Effectiveness: Facilitates seamless multi-cloud security management.

FortiCNAPP is implemented extensively by industries needing reliable cloud security, such as finance, healthcare, and technology sectors. It supports organizations in enhancing cloud infrastructure protection, ensuring compliance, and strengthening vulnerability management. By integrating with platforms like AWS and GCP, businesses can optimize security posture in their cloud deployments.

Fortinet
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
Buyer's Guide
AWS Security Hub vs. FortiCNAPP
December 2025
Free Report: AWS Security Hub vs. FortiCNAPP
Find out what your peers are saying about AWS Security Hub vs. FortiCNAPP and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,259 professionals have used our research since 2012.
See our AWS Security Hub vs. FortiCNAPP report.
See our list of best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.