We performed a comparison between AWS Security Hub and Google Chronicle Suite based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"It's pretty powerful and its performance is pretty good."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"Cloudposse is a valuable feature as it guarantees my security."
"Very good at detection and providing real-time alerts."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"I find all of the features to be highly valuable."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The solution shows us our compliance score."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"The support team is responsive."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The log folder is fairly simple."
"Google Chronicle Suite provides useful APIs."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"We are invoiced according to the amount of data generated within each log."
"I think the number one area of improvement for Sentinel would be the cost."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"The solution lacks self-sufficiency."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"The tool is complicated for a first-time user. It should also include newer APIs."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"A few areas are difficult to understand for someone who has less experience using the product."
"The configuration is not optimal."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The product's default dashboard feature has a few limitations regarding availability."
AWS Security Hub is ranked 9th in Security Information and Event Management (SIEM) with 16 reviews while Google Chronicle Suite is ranked 29th in Security Information and Event Management (SIEM) with 8 reviews. AWS Security Hub is rated 7.6, while Google Chronicle Suite is rated 7.8. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Google Chronicle Suite writes "Swiftly navigates and analyzes extensive datasets without significant delays ". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Oracle Security Monitoring and Analytics Cloud Service, whereas Google Chronicle Suite is most compared with Splunk Enterprise Security, Sentinel, IBM Security QRadar, Rapid7 InsightIDR and Elastic Security. See our AWS Security Hub vs. Google Chronicle Suite report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
