AWS Security Hub vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between AWS Security Hub and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS Security Hub vs. NetWitness Platform Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."

More Sumo Logic Security Pros →

"Very good at detection and providing real-time alerts.""The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.""AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard.""I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."

More AWS Security Hub Pros →

"Offers a good wireless feature.""The software is scalable to whatever is required, and you can also put a lot of resources in the cloud.""The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools.""The newer 11.5 version that my team is using has found it to have good mapping.""It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets.""Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports.""The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.""It's quite economical compared to other solutions in the market."

More NetWitness Platform Pros →

Cons
"Sumo Logic needs to make sure integrating solutions are seamless."

More Sumo Logic Security Cons →

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.""AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time.""Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.""The solution lacks self-sufficiency."

More AWS Security Hub Cons →

"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10.""RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms.""The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too.""There are instances where you try to run the reports and then it does not give you the desired outcome.""Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.""An area for improvement would be better automation and more inbuilt use cases.""The multi-tenant capabilities are lagging compared to IBM QRadar.""Technical support could be improved."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "The pricing is good. It's not an issue for us."
  • More Sumo Logic Security Pricing and Cost Advice →

  • "The price of the solution is not very competitive but it is reasonable."
  • "The price of AWS Security Hub is average compared to other solutions."
  • More AWS Security Hub Pricing and Cost Advice →

  • "There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
  • "We are on an annual license for the use of the solution."
  • "RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
  • "We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
  • "Compared to the competition, the is price is not that high."
  • More NetWitness Platform Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos.
    Top Answer:The pricing is good. It's not an issue for us. I just haven't taken a look at the pricing model in detail. I don't know… more »
    Top Answer:There isn't anything in particular that stands out that I would say is lacking or needs adjustments. For us, the… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:Finding out if your infrastructure is secure is a valuable feature.
    Top Answer:The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and… more »
    Top Answer:I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's… more »
    Top Answer:I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on… more »
    Top Answer:We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a… more »
    Comparisons
    Also Known As
    RSA Security Analytics
    Learn More
    NetWitness
    Video Not Available
    Overview
    Sumo Logic simplifies how you collect and analyze machine data so that you can gain deep visibility across your full application and infrastructure stack. With the Sumo Logic service, you can accelerate modern application delivery, monitor and troubleshoot in real time and improve your security and compliance posture.

    AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions. AWS Security Hub continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows. You can also take action on these security and compliance findings by investigating them in Amazon Detective or by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks. Get started with AWS Security Hub in just a few clicks in the Management Console and once enabled, Security Hub will begin aggregating and prioritizing findings and conducting compliance checks.

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Offer
    Learn more about Sumo Logic Security
    Learn more about AWS Security Hub
    Learn more about NetWitness Platform
    Sample Customers
    Ooyala, Webjet, Akamai, Kaiser Permanente, Alaska Airlines, Hotel Tonight, Dollar Shave Club, Interactive Intelligence, Restoration Hardware, RingCentral, WD-40, Zillow, Sage Software, Tunein Radio, Lookout, Infor, Houzz, Estee Lauder, Brightcove, Actelion, Anki, Elance, Voxer, Cytobank, Medicom Health Interactive, Task Rabbit, Zscaler, Thred Up, Netskope, Tobi, Infoblox, Imperva, Okta, Medallia, RelateIQ, Bazaar Voice, Blurb, Guidewire, Apigee, Swipely, Progress Software, Card Spring, Ubiquiti Networks, Pager Duty, McGraw Hill, Acquia, Limelight Networks, Blucora, Scripps Networks Interactive, Orange, Medidata, 3 Share
    Edmunds, Frame.io, GoDaddy, Realtor.com
    Los Angeles World Airports, Reply
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company22%
    Financial Services Firm10%
    Government7%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm11%
    Comms Service Provider10%
    Government9%
    REVIEWERS
    Comms Service Provider31%
    Financial Services Firm25%
    Computer Software Company19%
    Manufacturing Company19%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government13%
    Financial Services Firm12%
    Comms Service Provider11%
    Company Size
    REVIEWERS
    Small Business23%
    Midsize Enterprise8%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise17%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise11%
    Large Enterprise70%
    REVIEWERS
    Small Business29%
    Midsize Enterprise11%
    Large Enterprise61%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise13%
    Large Enterprise64%
    Buyer's Guide
    AWS Security Hub vs. NetWitness Platform
    January 2023
    Find out what your peers are saying about AWS Security Hub vs. NetWitness Platform and other solutions. Updated: January 2023.
    672,411 professionals have used our research since 2012.

    AWS Security Hub is ranked 23rd in Security Information and Event Management (SIEM) with 4 reviews while NetWitness Platform is ranked 11th in Security Information and Event Management (SIEM) with 11 reviews. AWS Security Hub is rated 7.6, while NetWitness Platform is rated 7.6. The top reviewer of AWS Security Hub writes "Easy to implement and has a responsive technical support team, but it needs a better dashboard and improved trigger process". On the other hand, the top reviewer of NetWitness Platform writes "Economical with good technical support and is easily scalable". AWS Security Hub is most compared with Microsoft Sentinel, Splunk, IBM QRadar and AlienVault OSSIM, whereas NetWitness Platform is most compared with Splunk, IBM QRadar, RSA enVision, Microsoft Sentinel and LogRhythm SIEM. See our AWS Security Hub vs. NetWitness Platform report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.