AWS Security Hub vs Panther comparison

The compared Amazon Web Services (AWS) and Panther solutions aren't in the same category. Amazon Web Services (AWS) is ranked #13 in CSPM , with an average rating of 7.6, and holds a 4.1% mindshare in the category. Panther is ranked #45 in SIEM , with an average rating of 8.0, and holds a 0.4% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of Panther users who would recommend it.

AWS Security Hub

Read 26 AWS Security Hub reviews

7,414 Views
3,262 Comparison Views

89% willing to recommend

Panther

Read 1 Panther review

523 Views
455 Comparison Views

100% willing to recommend

AWS Security Hub

Panther

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between AWS Security Hub and Panther based on real PeerSpot user reviews.

Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud Security Posture Management (CSPM).

To learn more, read our detailed Cloud Security Posture Management (CSPM) Report (Updated: October 2025).

Buyer's Guide

Cloud Security Posture Management (CSPM)

October 2025

Download the complete report

Helped 870,623 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (13th)

Panther

Average Rating

8.0

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (45th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.1%, down 5.0% compared to last year.
Panther, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.4% mindshare, up 0.3% since last year.

Cloud Security Posture Management (CSPM) Market Share Distribution
Product	Market Share (%)
AWS Security Hub	4.1%
Wiz	20.8%
Prisma Cloud by Palo Alto Networks	11.3%
Other	63.8%

Cloud Security Posture Management (CSPM)

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Panther	0.4%
Wazuh	10.2%
Splunk Enterprise Security	9.2%
Other	80.2%

Security Information and Event Management (SIEM)

Featured Reviews

Karthik Ekambaram

Director at Scybers

Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features

AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.

Read full review

RichardThomas

Infosec Analyst at a tech vendor with 201-500 employees

Detection capabilities and helpful support team enhance log analysis and integration flexibility

I find Panther's detection capabilities and integrations to be highly valuable. It allows integration with anything as long as I am willing to write detections, and their team is very helpful. I find its log analysis capabilities valuable. It enables me to filter down to individual roles in AWS, and if I am skilled at SQL queries, I can query anything. The infrastructure as code feature allows me to use Git repositories to manage detections and import detections from other Git repositories.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I rate Security Hub ten out of ten for stability."

"AWS Security Hub's unified dashboard does help streamline my process of identifying vulnerabilities, but we don't use Inspector."

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"Very good at detection and providing real-time alerts."

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"Finding out if your infrastructure is secure is a valuable feature."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

More AWS Security Hub pros

"I find Panther's detection capabilities and integrations to be highly valuable."

Cons

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."

"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."

"AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"It is not flexible for multi-cloud environments."

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."

"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."

"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."

More AWS Security Hub cons

"The solution could be improved by providing more built-in integrations, which would reduce the need for me to build them myself."

Pricing and Cost Advice

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"AWS Security Hub's pricing is pretty reasonable."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"The price of the solution is not very competitive but it is reasonable."

"Security Hub is not an expensive solution."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The pricing is fine. It is not an expensive tool."

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

870,623 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

11%

Government

Computer Software Company

17%

Manufacturing Company

17%

University

11%

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	5
Large Enterprise	12

No data available

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...

See all answers

What is your experience regarding pricing and costs for Panther?

I find the pricing to be reasonable, although I can't recall the exact cost.

See all answers

What needs improvement with Panther?

The solution could be improved by providing more built-in integrations, which would reduce the need for me to build them myself.

See all answers

What is your primary use case for Panther?

We use Panther ( /products/panther-reviews ) for our SIEM ( /categories/security-information-and-event-management-siem ) solution. It is used for aggregating logs and analyzing user activities. We ...

See all answers

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 37% of the time

Wiz vs AWS Security Hub

Compared 11% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 7% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 5% of the time

CrowdStrike Falcon Cloud Security vs AWS Security Hub

Compared 3% of the time

More AWS Security Hub Competitors

Anvilogic vs Panther

Compared 36% of the time

Hunters vs Panther

Compared 20% of the time

Huntress Managed SIEM vs Panther

Compared 13% of the time

Cribl vs Panther

Compared 11% of the time

Google Chronicle Suite vs Panther

Compared 11% of the time

More Panther Competitors

Product Reports

Buyer's Guide

AWS Security Hub

October 2025

Download AWS Security Hub product report

Buyer's Guide

Security Information and Event Management (SIEM)

September 2025

Download Panther product report

Also Known As

SQRRL

No data available

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Panther is a cloud-native security analytics platform that delivers code-driven detection and response at petabyte scale, eliminating the overhead and cost associated with traditional SIEMs. It empowers organizations to turn their cloud logs into actionable security insights.

Panther leverages advanced analytics and automation to provide real-time threat detection and response. The platform’s SQL-based detection-as-code approach allows security teams to write, test, and deploy detection logic efficiently, offering unmatched flexibility and customizability. With its scalable architecture, Panther handles large volumes of data seamlessly, ensuring robust security monitoring across dynamic environments. By integrating with a wide range of data sources, Panther centralizes security event data, providing comprehensive visibility and enabling proactive threat management.

What are the critical features of Panther?

Code-Driven Detection and Response: Uses SQL-based detection-as-code for customizable and efficient threat detection.
Petabyte-Scale Data Handling: Capable of managing large data volumes without performance degradation.
Real-Time Analytics: Offers immediate insights and responses to security events.
Integration: Compatible with various data sources and security tools for holistic monitoring.
Automation: Streamlines incident response processes to enhance operational efficiency.
Cost Efficiency: Reduces infrastructure and operational costs compared to traditional SIEMs.

What benefits or ROI should users look for in Panther reviews?

Enhanced Security Insights: Transforms cloud logs into actionable security information.
Scalability: Supports growing data needs with a cloud-native architecture.
Operational Efficiency: Automation and streamlined processes reduce manual effort and accelerate incident resolution.
Cost Savings: Lower total cost of ownership compared to traditional SIEM solutions.
Customizability: Flexible detection logic tailored to specific security requirements.

Panther is utilized in industries such as finance, healthcare, and technology, offering industry-specific compliance and security solutions. Its scalable and flexible nature makes it suitable for organizations with complex and evolving security needs.

Pricing and licensing for Panther are usage-based, determined by data volume, offering a cost-effective model for various organizational sizes. Customer support is tiered, providing resources and assistance tailored to specific service requirements.

In summary, Panther provides a scalable, cost-efficient, and customizable security analytics solution, transforming cloud logs into actionable security insights while avoiding the overhead of traditional SIEMs.

Panther

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Docker, Loom, Discord, Dropbox, HubSpot, Asana, GoFundMe, Zapier, Benchling, JupiterOne, Jumio, Bitstamp, Intercom, Randori, and Cedar

Buyer's Guide

Cloud Security Posture Management (CSPM)

October 2025

Download Free Report

Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud Security Posture Management (CSPM). Updated: October 2025.

DOWNLOAD NOW

870,623 professionals have used our research since 2012.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.