• Home
  • AWS Security Hub vs. Securonix Next-Gen SIEM

AWS Security Hub vs Securonix Next-Gen SIEM comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS Security Hub vs. Securonix Next-Gen SIEM
November 2023
Executive Summary

We performed a comparison between AWS Security Hub and Securonix Next-Gen SIEM based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS Security Hub vs. Securonix Next-Gen SIEM Report (Updated: November 2023).
Download the complete report
745,775 professionals have used our research since 2012.
Featured Review
Viraj Shinde
Researched Securonix Next-Gen SIEM but chose Microsoft Sentinel: We can easily automate rules that enable us to create playbooks, provides good visibility into our environment, and seamless integration capability
Using the Microsoft Sentinel Investigation tab, we can observe all activities related to access and unauthorized attempts taking place in our... Read more →
Anonymous User
A centralized dashboard that enables efficient monitoring and management of possible security issues
NELSON COIMBRA DA SILVA
Efficient use of resources, allowing more work to be done with fewer personnel and highly scalable solution
With Next-Gen SIEM, we are achieving more with less effort. We can gather more information from the logs and organize it in a different product... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP.""Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases.""The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native.""The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware.""I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box.""One of the most valuable features of Microsoft Sentinel is that it's cloud-based.""Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing""The product can integrate with any device."

More Microsoft Sentinel Pros →

"I find all of the features to be highly valuable.""AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS.""I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive.""The platform has valuable features for security.""The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.""Cloudposse is a valuable feature as it guarantees my security.""The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture.""Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

More AWS Security Hub Pros →

"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud.""The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry.""I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours.""SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable.""The user interface is easy to learn and navigate.""The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.""The most valuable feature is that it works on user behavior and event rarities.""The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."

More Securonix Next-Gen SIEM Pros →

Cons
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""The AI capabilities must be improved.""It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more.""Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel.""We'd like to see more connectors.""There is room for improvement in entity behavior and the integration site.""We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."

More Microsoft Sentinel Cons →

"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.""AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time.""The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results.""Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time.""One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function.""From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool.""It is not flexible for multi-cloud environments.""Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

More AWS Security Hub Cons →

"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source.""The solution could provide more automation.""Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities.""The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static.""It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud.""We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform.""It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail.""Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."

More Securonix Next-Gen SIEM Cons →

Pricing and Cost Advice
  • "I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
  • "Pricing is pay-as-you-go with Sentinel, which is good because it all depends on the number of users and the number of devices to which you connect."
  • "For us, it is not expensive at this time, but if we start to collect all logs from our on-premise SIEM solutions, it will cost more than QRadar. If we calculate its cost over the next five or ten years, it will cost more than what we paid for QRadar."
  • "I don't know yet because they gave us a 30-day test window for free."
  • "It's costly to maintain and renew."
  • "Microsoft Sentinel is expensive."
  • "Sentinel is pretty competitive. The pricing is at the level of other SIEM solutions."
  • "It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "The price of AWS Security Hub is average compared to other solutions."
  • "The pricing is fine. It is not an expensive tool."
  • "AWS Security Hub's pricing is pretty reasonable."
  • "There are multiple subscription models, like yearly, monthly, and packaged."
  • "AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

    • More AWS Security Hub Pricing and Cost Advice →

  • "I had heard that it was much cheaper than Splunk and some of the other tools, and they gave us a nice package with support. They accommodated the number of users and support very well."
  • "Its pricing is quite similar to others and is very competitive. The other solutions have different types of licensing, but when you do the math, it is competitive."
  • "Its price is fine. We found it to be cheaper than LogRhythm, Exabeam, Splunk, as well as Elastic Security. A few months ago, when we were comparing Securonix with Elastic Security, we found Securonix to be cheaper than Elasticsearch. We were pretty surprised that Elastic Security is more expensive than Securonix because Elasticsearch is just starting, and it cannot compete with Securonix at this time. So, the pricing of Securonix is pretty good for now."
  • "The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."
  • "Compared to other brands it seems more affordable to us."
  • "The pricing is good, but by adding more things, the licensing becomes more complex because an EPS license fluctuates a lot. This licensing concept is going to be problematic in the long run."
  • "Compared to other known brands in the industry, the overall cost of the licenses is a bit higher than what customers expect."
  • "I rate the pricing an eight on a scale of one to ten, where one is cheap, and ten is very expensive. It is a pretty expensive tool."

    • More Securonix Next-Gen SIEM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    745,775 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about AWS Security Hub?
    Top Answer:I find all of the features to be highly valuable.
    Read all 9 answers   →
    What needs improvement with AWS Security Hub?
    Top Answer:Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.
    Read all 9 answers   →
    What is your primary use case for AWS Security Hub?
    Top Answer:We use it to get a comprehensive view of all the processes within the company. It provides us with centralized security… more »
    Read all 9 answers   →
    Which is the best SIEM tool for a mid-sized financial services firm: Arcs...
    Top Answer:In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was… more »
    Read all 11 answers   →
    What do you like most about Securonix Security Analytics?
    Top Answer:We can customize our use cases with the tools provided by Securonix It is an excellent tool that can ingest data in… more »
    Read all 17 answers   →
    What is your experience regarding pricing and costs for Securonix Securit...
    Top Answer:The pricing is fine compared to the market but I think that at some point the competitors will catch up on price. It… more »
    Read all 10 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Securonix Security Analytics
    Learn More
    Microsoft
    Amazon
    Securonix Solutions
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

    The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

    With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

    Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.

    Securonix Security Analytics SNYPR’s unified platform can be scaled up to handle up to one million security events every second. While this load may seem heavy, SNYPR handles it with ease. It is able to reduce incidents of false security positives by 60%. The access certification workload that IT administrators and managers need to deal with can be reduced by as much as 90%.

    The model that this platform uses is based on a machine learning algorithm. This model gives Securonix Security Analytics’s SNYPR platform a number of extremely valuable capabilities. The platform gathers many different types of data and applies what it learns to threats as they arise. The system assigns threats risk values to determine where the areas of highest need are. Machine learning also allows you to respond to slow acting threats by using historical data to inform your response.

    All of the data that the system gathers is stitched together and used to create a complete picture of the risks that the system faces. Any blind spots that may exist are exposed by the collaborative UI that compiles the system data in a single location. This also increases your ability to monitor advanced application threats. 

    Key Features

    Some of Securonix Security Analytics’s SNYPR platform’s key features include:

    • The ability to enrich all data that the SNYPR platform collects. When SNYPR gathers information, it applies relevant data which can be used in the future to gauge whether or not a particular event is a threat.
    • The ability for data redundancy to automatically take place. All of the data that is gathered, analyzed, and processed by SNYPR is automatically copied and distributed across the system. If there is a failure in any particular part of the system, the information will still be preserved.
    • The ability to track historical issues and use that information to help deal with current threats. The SPOTTER feature allows analysts to look back at both old data and the contextual information that is attached to it. They can then use that data to inform their responses to similar threats that they are currently dealing with.

    Reviews from Real Users

    Securonix Security Analytics SNYPR platform stands out among its competitors for a number of reasons. Two major ones are its ability to significantly reduce the number of false positives that administrators have to deal with and the way that it incorporates contextual information into security events to reduce the time spent finding solutions to problems that arise.

    Peerspot users note the effectiveness of these features. One user wrote, “Securonix’s analytics-driven approach for helping to find sophisticated threats and reduce false positives is pretty good. We are allowed to fine-tune according to our requirements and our clients' requirements, which does reduce false positives. In the last 24 hours, the total number of policies with triggers was 233. When I started with this product, the false positives were 561. Therefore, the solution has helped by tuning or reducing false positives.”

    Another user noted, “The way that a Securonix is able to put a lot of the contextual information into the events is very helpful. That has reduced the amount of time required for investigating, ‘Hey, this might be something I need to look at,’ and then doing further research. It puts all of those violations in one event or case, so that you can look at different types of violations that all correlate. That has reduced the amount of time for researching some of those cases. It's dependent upon the scenario, but in some cases it could save an hour of going out and doing a bunch of individual searches.”

    Offer
    Learn more about Microsoft Sentinel
    Learn More
    Learn more about AWS Security Hub
    Learn More
    Learn more about Securonix Next-Gen SIEM
    Learn More
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Edmunds, Frame.io, GoDaddy, Realtor.com
    Dtex Systems Pfizer Western Union Harris ITG
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Real Estate/Law Firm6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm22%
    Recreational Facilities/Services Company11%
    Government11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company22%
    Pharma/Biotech Company11%
    Insurance Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm12%
    Comms Service Provider7%
    Government6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business18%
    Midsize Enterprise18%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise66%
    REVIEWERS
    Small Business22%
    Midsize Enterprise19%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise15%
    Large Enterprise60%
    Buyer's Guide
    AWS Security Hub vs. Securonix Next-Gen SIEM
    November 2023
    Free Report: AWS Security Hub vs. Securonix Next-Gen SIEM
    Find out what your peers are saying about AWS Security Hub vs. Securonix Next-Gen SIEM and other solutions. Updated: November 2023.
    DOWNLOAD NOW
    745,775 professionals have used our research since 2012.

    AWS Security Hub is ranked 12th in Security Information and Event Management (SIEM) with 9 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 15 reviews. AWS Security Hub is rated 7.8, while Securonix Next-Gen SIEM is rated 9.0. The top reviewer of AWS Security Hub writes "An easy-to-manage tool that needs to make more compliances available for its users". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Playbooks integrations, incident management features, and threat hunting services saved time and streamlined investigations". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Oracle Security Monitoring and Analytics Cloud Service, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Exabeam Fusion SIEM, Gurucul UEBA and Seceon Open Threat Management Platform. See our AWS Security Hub vs. Securonix Next-Gen SIEM report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.