AWS Security Hub vs Netsurion comparison

Read 24 Netsurion reviews

52 Views
20 Comparison Views

92% willing to recommend

AWS Security Hub

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

AWS Security Hub and Netsurion are prominent options in security management. User reviews indicate that AWS Security Hub slightly edges out Netsurion in deployment simplicity while Netsurion offers stronger cost-effectiveness.

Features: AWS Security Hub is recognized for its integration capabilities, automated compliance checks, and straightforward deployment process. Netsurion is valued for comprehensive threat detection, response functionalities, and extensive feature set.

Room for Improvement: AWS Security Hub users seek better customizability, more detailed reporting, and enhanced integration with third-party tools. Netsurion users desire an intuitive alert system, improved integration with other tools, and streamlined user experience.

Ease of Deployment and Customer Service: AWS Security Hub is praised for straightforward deployment and responsive customer service. Netsurion also offers smooth deployment with initial complexity but high-rated customer service similar to AWS Security Hub.

Pricing and ROI: AWS Security Hub's competitive pricing provides satisfactory ROI, though it may be costly for smaller operations. Netsurion is noted for cost-effectiveness and strong return on investment, making it attractive for budget-conscious buyers.

To learn more, read our detailed AWS Security Hub vs. Netsurion Report (Updated: October 2024).

AWS Security Hub vs. Netsurion

October 2024

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

Netsurion

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (5th), Security Information and Event Management (SIEM) (18th), SOC as a Service (3rd), Managed Detection and Response (MDR) (14th), Extended Detection and Response (XDR) (18th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.2%, down 5.5% compared to last year.
Netsurion, on the other hand, focuses on Managed Security Services Providers (MSSP), holds 0.9% mindshare, up 0.8% since last year.

Cloud Security Posture Management (CSPM)

Managed Security Services Providers (MSSP)

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."

"The solution shows us our compliance score."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"The platform has valuable features for security."

More AWS Security Hub pros

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."

"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."

"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."

"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."

"What I like most about Netsurion is the level of visibility and reporting."

"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."

More Netsurion pros

Cons

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."

"The solution lacks self-sufficiency."

"The support must be quicker."

"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."

"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."

"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."

"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

More AWS Security Hub cons

"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."

"Netsurion's SOC can be a bit too aggressive at times."

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."

More Netsurion cons

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"The price of AWS Security Hub is average compared to other solutions."

"The pricing is fine. It is not an expensive tool."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The price of the solution is not very competitive but it is reasonable."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"Security Hub is not an expensive solution."

"AWS Security Hub's pricing is pretty reasonable."

"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"We have seen time and cost savings. It prevents us from having to hire specialized people for this type of work. We would need to hire six staff members to accommodate the same service."

"Our pricing for Netsurion last year was US $52,000 per year."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Computer Software Company

25%

Government

11%

Manufacturing Company

10%

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...

Microsoft Sentinel vs AWS Security Hub

Comparisons

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 8% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 4% of the time

More AWS Security Hub Competitors

Devo vs Netsurion

Compared 37% of the time

Sumo Logic Security vs Netsurion

Compared 35% of the time

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 28% of the time

More Netsurion Competitors

Product Reports

Download AWS Security Hub product report

AWS Security Hub

June 2025

Download Netsurion product report

May 2025

Also Known As

SQRRL

Netsurion Managed Threat Protection, Netsurion EventTracker

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?

SIEM Integration: Centralizes security event data for easier management.
Managed Services: Provides 24/7 SOC monitoring and support.
Real-TIme Alerts: Notifies of unusual security events promptly.
Threat Intelligence: Delivers actionable insights for proactive defense.
Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.

How can companies benefit from using Netsurion?

Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores