Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs IBM Resilient comparison

Amazon Web Services (AWS) and IBM are both solutions in the Security Orchestration Automation and Response (SOAR) category. Amazon Web Services (AWS) is ranked #5 with an average rating of 7.6, while IBM is ranked #15 with an average rating of 7.0. Amazon Web Services (AWS) holds a 8.1% mindshare in SOAR, compared to IBM’s 1.9% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 75% of IBM users who would recommend it.
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 7,414 Views
  • 2,891 Comparison Views
89% willing to recommend
IBM Resilient
Read 18 IBM Resilient reviews
  • 1,228 Views
  • 1,081 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 5, 2024

IBM Resilient and AWS Security Hub are key competitors in the incident response and cloud security sectors. AWS Security Hub holds an advantage in AWS-centric cloud environments due to its strong native integrations with AWS services, while IBM Resilient stands out with its mature SIEM capabilities and flexibility.

Features: IBM Resilient provides comprehensive incident response features with robust integration, particularly with IBM QRadar, aiding in reducing MTTE metrics. It supports dynamic playbook creation and has notable flexibility in its incident response management. AWS Security Hub, conversely, integrates seamlessly with AWS native services and offers a centralized compliance and security posture dashboard, beneficial for cloud-first organizations seeking a holistic security view.

Room for Improvement: IBM Resilient could improve its integration with third-party solutions, simplify its initial setup process, and enhance its documentation and support. AWS Security Hub might benefit from expanding its non-AWS cloud integration and offering more customization options, while users suggest making its dashboard and alert management more user-friendly.

Ease of Deployment and Customer Service: IBM Resilient primarily supports on-premises deployments with some hybrid options, though technical support is noted as inconsistent. AWS Security Hub operates effectively within AWS public and private clouds, enjoying smooth integration, though its technical support is considered average.

Pricing and ROI: IBM Resilient is generally seen as expensive, with costs varying based on users and configurations, potentially posing challenges for some business environments. Meanwhile, AWS Security Hub is often perceived as cost-effective with flexible subscription models, benefiting from its inclusion in some AWS plans, making it more readily accessible for AWS customers.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. IBM Resilient Report (Updated: September 2025).
Buyer's Guide
AWS Security Hub vs. IBM Resilient
September 2025
Download the complete report
Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Security Orchestration Automation and Response (SOAR)
5th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Cloud Security Posture Management (CSPM) (13th)
IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
15th
Average Rating
7.4
Reviews Sentiment
6.6
Number of Reviews
18
Ranking in other categories
Security Incident Response (3rd)
 

Mindshare comparison

As of October 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of AWS Security Hub is 8.1%, down from 9.8% compared to the previous year. The mindshare of IBM Resilient is 1.9%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub8.1%
IBM Resilient1.9%
Other90.0%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
Usman Bhatti - PeerSpot reviewer
Simple deployment, scalable, but lacking third-party solution compatibility
Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"Within AWS Security Hub, there is a feature for aggregating and prioritizing security findings which allows for better risk prioritization based on misconfiguration, as they know AWS thoroughly."
"I find all of the features to be highly valuable."
"I rate Security Hub ten out of ten for stability."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"Very good at detection and providing real-time alerts."
More AWS Security Hub pros
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"The solution is reliable in our usage."
"The UBA, User Behavior Analytics, is very good."
"The solution is very easy to use."
"The product is very good at incident response."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The solution is simple to use and to integrate with IBM QRadar."
"It is a stable solution...It is a scalable solution."
More IBM Resilient pros
 

Cons

"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"The solution should be easier to learn and use"
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"It is not flexible for multi-cloud environments."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
More AWS Security Hub cons
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"Its price needs improvement."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The implementation could be a bit simpler."
"IBM Resilient could integrate better with my tools."
"The initial setup is complex."
"The tool needs to improve its documentation on license scripts."
More IBM Resilient cons
 

Pricing and Cost Advice

"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub's pricing is pretty reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"There are multiple subscription models, like yearly, monthly, and packaged."
"Security Hub is not an expensive solution."
"Pricing for the solution is good, in my opinion."
"I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis."
"We could create unlimited users using the license we had purchased."
"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"There is a license you need to pay for in order to use this product."
"The cost of the product is quite high."
"The licensing cost for IBM Resilient is not too expensive, but it's not affordable, so it's moderately expensive. Regarding price, I'm rating the solution seven out of ten. The company pays for the license yearly, based on the number of users. Apart from the cost of the license you need to pay for each user, you also need to spend an initial investment for the base platform. You also have to pay for IBM Resilient support."
"It is very expensive."
More IBM Resilient pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
869,566 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Financial Services Firm
35%
Computer Software Company
8%
Comms Service Provider
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise7
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...
See all answers
What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
See all answers
What is your experience regarding pricing and costs for IBM Resilient?
I am not the one in charge of pricing, so I am not sure about the costs.
See all answers
What needs improvement with IBM Resilient?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 37% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 7% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
Google Cloud Security Command Center vs AWS Security Hub Logo
Google Cloud Security Command Center vs AWS Security Hub
Compared 3% of the time
More AWS Security Hub Competitors
Palo Alto Networks Cortex XSOAR vs IBM Resilient Logo
Palo Alto Networks Cortex XSOAR vs IBM Resilient
Compared 24% of the time
Splunk SOAR vs IBM Resilient Logo
Splunk SOAR vs IBM Resilient
Compared 18% of the time
IBM Security QRadar vs IBM Resilient Logo
IBM Security QRadar vs IBM Resilient
Compared 13% of the time
Fortinet FortiSOAR vs IBM Resilient Logo
Fortinet FortiSOAR vs IBM Resilient
Compared 9% of the time
Proofpoint Threat Response vs IBM Resilient Logo
Proofpoint Threat Response vs IBM Resilient
Compared 9% of the time
More IBM Resilient Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
October 2025
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
IBM Resilient
September 2025
IBM Resilient reportDownload IBM Resilient product report
 

Also Known As

SQRRL
No data available
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

IBM
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Golden Living, Health Equity, USA Funds
Buyer's Guide
AWS Security Hub vs. IBM Resilient
September 2025
Free Report: AWS Security Hub vs. IBM Resilient
Find out what your peers are saying about AWS Security Hub vs. IBM Resilient and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,566 professionals have used our research since 2012.
See our AWS Security Hub vs. IBM Resilient report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.