No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Security Hub vs Microsoft Defender for Cloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
11th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
27
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (7th)
Microsoft Defender for Cloud
Ranking in Cloud Security Posture Management (CSPM)
3rd
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
89
Ranking in other categories
Vulnerability Management (5th), Container Management (6th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (1st), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (4th), Microsoft Security Suite (7th), Compliance Management (4th), Cloud Detection and Response (CDR) (3rd)
 

Mindshare comparison

As of July 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Qualys TotalCloud is 1.8%, up from 1.2% compared to the previous year. The mindshare of AWS Security Hub is 2.5%, down from 4.1% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 5.9%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Cloud5.9%
Qualys TotalCloud1.8%
AWS Security Hub2.5%
Other89.8%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Karthik Ekambaram - PeerSpot reviewer
Director at Scybers
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
RW
Head Of IT at Cirrus Response
Cloud security has cut investigation time and now reveals threats faster but needs simpler oversight
When deploying AI applications, my key security concerns with Microsoft Defender for Cloud are data loss, leakage of data, and guardrails around the actual AI, and I am hoping that this is going to help me put those guardrails in place and identify data exfiltration. Microsoft Defender for Cloud has not helped me manage and secure multi-cloud environments, as we are 100 percent Microsoft and have not really got it in any other environment at all. I am not yet using the unified AI-powered security feature offered by Microsoft Defender for Cloud, but that is coming. I am not yet using the integrated XDR feature of Microsoft Defender for Cloud, but that is coming. I am not yet utilizing the GenAI threat protection features of Microsoft Defender for Cloud. That is also coming and a lot of that will come from learning it here. I have enabled the agentless scanning in my cloud environment with Microsoft Defender for Cloud. Assessing the impact on my workload protection without needing to install agents with Microsoft Defender for Cloud makes it a lot easier, but it also identifies a lot more, which puts more load on me sometimes. I would advise another organization considering Microsoft Defender for Cloud that it is the most logical route to follow if their whole ecosystem is Microsoft. It is easy to implement and it is very self-explanatory when doing it, making sense to just follow the steps as it is too simple, really. I would rate this review a 7.5 out of 10.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I highly recommend Qualys TotalCloud to other users."
"The most valuable feature is the consolidated information that it provides from various platforms."
"I would definitely recommend Qualys TotalCloud to other users."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"I would definitely recommend it because it is easy to handle any cloud resources."
"I found the initial setup user-friendly."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"AWS Security Hub brings many features into one table that is quite useful, and the app team finds it easier to see what is missing."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"Finding out if your infrastructure is secure is a valuable feature."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"AWS Security Hub's unified dashboard does help streamline my process of identifying vulnerabilities, but we don't use Inspector."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"I find all of the features to be highly valuable."
"The scalability of Microsoft Defender for Cloud is very good."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"Defender is a robust platform for dealing with many kinds of threats; we're protected from various threats, like viruses, and attacks can be easily minimized with this solution defending our infrastructure."
"This solution is stable, it's 100% guaranteed and I've never had any problems with it other than some planned IT downtime."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"The dashboard is very good; it gives our clients a lot of information and allows them to have a complete overview of the system, with everything visible in one glance."
 

Cons

"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Feature-wise, we are not able to do multi-cloud. We are doing individual cloud monitoring, and we see other tools are better than AWS Security Hub."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something."
"Microsoft has much room for improvement regarding the support for Microsoft Defender for Cloud. Their competitors are much better regarding support."
"They could always work to make the pricing a bit lower."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"One of the issues with the product is that it's not possible to write or edit any capability."
"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters. It could be cheaper."
"For improvements, I'd like to see more use cases integrated with Microsoft Sentinel and support for multi-cloud environments beyond just Azure."
"The process of deploying Microsoft Defender for Cloud was not smooth. It was always a challenge migrating, as a lot of it involved application dependencies and what was required before being able to use Azure for those services."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"TotalCloud's price is about right where I would expect it to be."
"AWS Security Hub's pricing is pretty reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The pricing is fine. It is not an expensive tool."
"Security Hub is not an expensive solution."
"The price of the solution is not very competitive but it is reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The price of AWS Security Hub is average compared to other solutions."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering."
"The product's pricing policy is generally favorable."
"Azure Defender is a bit pricey. The price could be lower."
"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
"The licensing cost per server is $15 per month."
"This is a worldwide service and depending on the country, there will be different prices."
"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."
"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
9%
Comms Service Provider
7%
Financial Services Firm
12%
Computer Software Company
10%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business31
Midsize Enterprise12
Large Enterprise49
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel...
What needs improvement with AWS Security Hub?
I do not see any areas for improvement in AWS Security Hub itself, but the cost factor is something that is the main ...
What is your primary use case for AWS Security Hub?
AWS Security Hub is something I have used daily as it is a part of my job for cloud security purposes. If you are dea...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
My experience with pricing, setup costs, and licensing was that the license cost was the only consideration. Setup an...
What needs improvement with Microsoft Defender for Cloud?
To improve Microsoft Defender for Cloud, I think pricing-wise, the license price is a little bit higher from an inges...
 

Also Known As

Qualys TotalCloud with FlexScan
SQRRL
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Edmunds, Frame.io, GoDaddy, Realtor.com
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about AWS Security Hub vs. Microsoft Defender for Cloud and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.