We performed a comparison between AWS Security Hub and Logpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The solution shows us our compliance score."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"Very good at detection and providing real-time alerts."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"The solution's user interface is quite simple, and the integration is better than other products."
"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"They basically charge you in a better way."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The only thing is sometimes you can have a false positive."
"The solution should allow for a streamlined CI/CD procedure."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"It is not flexible for multi-cloud environments."
"The solution lacks self-sufficiency."
"The support must be quicker."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"It is a good product, but its interface or GUI could be better."
"Dashboards could be developed further."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"Logpoint is not flexible. Its documentation is not user-friendly."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
AWS Security Hub is ranked 5th in Security Orchestration Automation and Response (SOAR) with 16 reviews while Logpoint is ranked 14th in Security Orchestration Automation and Response (SOAR) with 20 reviews. AWS Security Hub is rated 7.6, while Logpoint is rated 7.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Google Chronicle Suite, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, LogRhythm SIEM and Wazuh. See our AWS Security Hub vs. Logpoint report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.