No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Security Hub vs Microsoft Defender for Cloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
11th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
27
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (7th)
Microsoft Defender for Cloud
Ranking in Cloud Security Posture Management (CSPM)
3rd
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
89
Ranking in other categories
Vulnerability Management (5th), Container Management (6th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (1st), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (4th), Microsoft Security Suite (7th), Compliance Management (4th), Cloud Detection and Response (CDR) (3rd)
 

Mindshare comparison

As of July 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Qualys TotalCloud is 1.8%, up from 1.2% compared to the previous year. The mindshare of AWS Security Hub is 2.5%, down from 4.1% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 5.9%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Cloud5.9%
Qualys TotalCloud1.8%
AWS Security Hub2.5%
Other89.8%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Karthik Ekambaram - PeerSpot reviewer
Director at Scybers
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
RW
Head Of IT at Cirrus Response
Cloud security has cut investigation time and now reveals threats faster but needs simpler oversight
When deploying AI applications, my key security concerns with Microsoft Defender for Cloud are data loss, leakage of data, and guardrails around the actual AI, and I am hoping that this is going to help me put those guardrails in place and identify data exfiltration. Microsoft Defender for Cloud has not helped me manage and secure multi-cloud environments, as we are 100 percent Microsoft and have not really got it in any other environment at all. I am not yet using the unified AI-powered security feature offered by Microsoft Defender for Cloud, but that is coming. I am not yet using the integrated XDR feature of Microsoft Defender for Cloud, but that is coming. I am not yet utilizing the GenAI threat protection features of Microsoft Defender for Cloud. That is also coming and a lot of that will come from learning it here. I have enabled the agentless scanning in my cloud environment with Microsoft Defender for Cloud. Assessing the impact on my workload protection without needing to install agents with Microsoft Defender for Cloud makes it a lot easier, but it also identifies a lot more, which puts more load on me sometimes. I would advise another organization considering Microsoft Defender for Cloud that it is the most logical route to follow if their whole ecosystem is Microsoft. It is easy to implement and it is very self-explanatory when doing it, making sense to just follow the steps as it is too simple, really. I would rate this review a 7.5 out of 10.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"TruRisk Insights is the most important innovation they've released this year."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"This solution is for security posture management for the cloud, showing the security posture of your cloud infrastructure and giving you good insight into whether your infrastructure is secure or not."
"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"Though I'm still in the initial evaluation phase for AWS Security Hub, I would recommend it to others because it has good features."
"The platform has valuable features for security."
"Defender for Cloud provides a complete DevOps security package for cloud services."
"The solution is up-to-date with the latest updates and identified threats."
"The most valuable feature of Microsoft Defender for Cloud is its ability to assess an environment and give us a clear idea of what security components are lacking and which are not."
"Microsoft Defender for Cloud has made our environment more secure."
"It is very scalable, the product has been very easy to use and simple to set up, the maintenance and updating are part of the service so that brings great value, it's a stable product, technical support is helpful, and it's got a lot of great features."
"This solution is more cost-effective than some competing products."
"The tool's most valuable feature is its support for cloud-native services like Kubernetes, containers, managed storage, and databases. Protecting these without Microsoft Defender for Cloud would be extremely challenging. For threat protection specifically, I find the signature-based detection and heuristic detection features very effective."
"Our main use cases for Microsoft Defender for Cloud involve scanning PCs."
 

Cons

"There is room for improvement in the support."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"The support is not up to the mark and seems to be overburdened."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"Feature-wise, we are not able to do multi-cloud. We are doing individual cloud monitoring, and we see other tools are better than AWS Security Hub."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"The product's advanced analytics and reporting features could be improved."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"Microsoft has much room for improvement regarding the support for Microsoft Defender for Cloud. Their competitors are much better regarding support."
"To improve Microsoft Defender for Cloud, I think pricing-wise, the license price is a little bit higher from an ingestion cost perspective."
"Sometimes if you do not have the resources in-house, it can be difficult."
"I rate Microsoft support five out of 10. It gets better once you're escalated past the first and second levels. It's difficult to get the necessary support when tickets are first opened."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"AWS Security Hub's pricing is pretty reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"Security Hub is not an expensive solution."
"The price of the solution is not very competitive but it is reasonable."
"The pricing is fine. It is not an expensive tool."
"There are multiple subscription models, like yearly, monthly, and packaged."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."
"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."
"I rate Microsoft Defender a three out of ten for affordability. The price could be a little lower."
"Pricing is difficult because each license has its own metrics and cost."
"Microsoft's licensing and pricing are sometimes complicated. If someone is new to Microsoft's licensing, they might have difficulty with it."
"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."
"The cost of the license is based on the subscriptions that you have."
"Defender's basic version is free, which is good. Many of our teams are evaluating the paid version against third-party products."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
903,147 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
9%
Comms Service Provider
7%
Financial Services Firm
12%
Computer Software Company
10%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business31
Midsize Enterprise12
Large Enterprise49
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel...
What needs improvement with AWS Security Hub?
I do not see any areas for improvement in AWS Security Hub itself, but the cost factor is something that is the main ...
What is your primary use case for AWS Security Hub?
AWS Security Hub is something I have used daily as it is a part of my job for cloud security purposes. If you are dea...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
My experience with pricing, setup costs, and licensing was that the license cost was the only consideration. Setup an...
What needs improvement with Microsoft Defender for Cloud?
To improve Microsoft Defender for Cloud, I think pricing-wise, the license price is a little bit higher from an inges...
 

Also Known As

Qualys TotalCloud with FlexScan
SQRRL
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Edmunds, Frame.io, GoDaddy, Realtor.com
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about AWS Security Hub vs. Microsoft Defender for Cloud and other solutions. Updated: June 2026.
903,147 professionals have used our research since 2012.