Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Securonix Next-Gen SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)
Securonix Next-Gen SIEM
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
33
Ranking in other categories
Security Information and Event Management (SIEM) (15th), Identity Threat Detection and Response (ITDR) (9th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.5%, down 5.6% compared to last year.
Securonix Next-Gen SIEM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 1.1% mindshare, down 1.5% since last year.
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Ibrahim Albalawi - PeerSpot reviewer
Less false positives, good detection and integration capabilities, and good pricing
The incident response area should be improved. It is more difficult than other products, but overall, it is good. The platform has a lot of options and functionality. So, you need to check almost everything. For new engineers or people who don’t have much experience with this kind of platform, it is a bit difficult, but for experienced engineers, it is not that difficult. When you have been doing a lot of work for about one or two hours, and you have a lot of tabs open, it slows down or gets stuck. There is a delay of 10 to 15 seconds in opening tabs or dashboards. I don't know why this happens, but for me, it is not a big issue. I just wait, and that's all.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Very good at detection and providing real-time alerts."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"One of the valuable features of Securonix is the auto-incident creation, which was not available two or three years ago."
"I find customer service to be very good."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
 

Cons

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"There is room for improvement in implementing AI capabilities."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"The solution should be easier to learn and use"
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"When dealing with a large amount of data, such as when firewall logs increase, queries sometimes crash or get stuck."
"The solution could provide more automation."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"The passing and setup are quite complex at the beginning, making onboarding not smooth, which is an area that needs improvement."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"In terms of improvements, SIEM could have better integration with other technologies. Additionally, it might benefit from integration with other sources, such as firewalls."
"We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything."
 

Pricing and Cost Advice

"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"AWS Security Hub's pricing is pretty reasonable."
"Security Hub is not an expensive solution."
"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"There are multiple subscription models, like yearly, monthly, and packaged."
"Compared to other known brands in the industry, the overall cost of the licenses is a bit higher than what customers expect."
"The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."
"The pricing is good, but by adding more things, the licensing becomes more complex because an EPS license fluctuates a lot. This licensing concept is going to be problematic in the long run."
"Its price is fine. We found it to be cheaper than LogRhythm, Exabeam, Splunk, as well as Elastic Security. A few months ago, when we were comparing Securonix with Elastic Security, we found Securonix to be cheaper than Elasticsearch. We were pretty surprised that Elastic Security is more expensive than Securonix because Elasticsearch is just starting, and it cannot compete with Securonix at this time. So, the pricing of Securonix is pretty good for now."
"We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
"We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000."
"The solution's price is double the competitors."
"Its pricing is quite similar to others and is very competitive. The other solutions have different types of licensing, but when you do the math, it is competitive."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
850,671 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
10%
Government
7%
Computer Software Company
21%
Financial Services Firm
12%
Government
6%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What is your primary use case for Securonix Security Analytics?
I use this solution for security monitoring and user behavior analytics. Banks, governments, and the oil and gas sector utilize it.
What do you like most about Securonix Next-Gen SIEM?
The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.
 

Also Known As

SQRRL
Securonix Security Analytics
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Dtex Systems, Pfizer, Western Union, Harris, ITG
Find out what your peers are saying about AWS Security Hub vs. Securonix Next-Gen SIEM and other solutions. Updated: October 2024.
850,671 professionals have used our research since 2012.