AWS Security Hub vs SolarWinds Security Event Manager comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between AWS Security Hub and SolarWinds Security Event Manager based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS Security Hub vs. SolarWinds Security Event Manager Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly.""Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually.""The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going.""The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it.""Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment.""The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature.""Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents.""Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."

More Microsoft Sentinel Pros →

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup.""Very good at detection and providing real-time alerts.""Cloudposse is a valuable feature as it guarantees my security.""I find all of the features to be highly valuable.""The platform has valuable features for security.""The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution.""AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard.""It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."

More AWS Security Hub Pros →

"It's extremely easy to deploy.""SolarWinds is easy to configure, and it provides timely alerts.""The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms.""The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use.""This tool is simple to use.""The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out.""It performs network behavior monitoring, log monitoring, and disaster recovery monitoring.""The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."

More SolarWinds Security Event Manager Pros →

Cons
"Microsoft Sentinel is relatively expensive, and its cost should be improved.""For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""The reporting could be more structured.""They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""They could use some kind of workbook. There is some limitation doing the editing and creating the workbook.""I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."

More Microsoft Sentinel Cons →

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.""Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.""AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time.""The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results.""The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.""Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time.""One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function.""Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."

More AWS Security Hub Cons →

"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow.""It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery.""The company had to use a third party for the implementation of the solution.""I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis.""I would like to have a more customizable dashboard.""There are no multiple dashboards which would allow you to see information side-by-side.""Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product.""The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."

More SolarWinds Security Event Manager Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "The price of the solution is not very competitive but it is reasonable."
  • "The price of AWS Security Hub is average compared to other solutions."
  • "The pricing is fine. It is not an expensive tool."
  • "AWS Security Hub's pricing is pretty reasonable."
  • "There are multiple subscription models, like yearly, monthly, and packaged."
  • "AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
  • "Security Hub is not an expensive solution."
  • More AWS Security Hub Pricing and Cost Advice →

  • "Licensing is on devices, so if you have many, then this may be high."
  • "We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
  • "The pricing model would benefit from having package deals with other SolarWinds products."
  • "Licenses can only be purchased in blocks of fifty at a time."
  • "It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
  • "The price of SolarWinds Security Event Manager is reasonable."
  • More SolarWinds Security Event Manager Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the… more »
    Top Answer:There is room for improvement in a couple of things. One is that the dashboard isn't very customizable. Another is that… more »
    Top Answer:I use it for security posture management.
    Top Answer:The solution helps you monitor database instances, application instances, other customer application things, Linux… more »
    Top Answer:The cost is exorbitantly high. The trial version lasts for thirty days, but I found a subscription plan priced at four… more »
    Top Answer:One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install… more »
    Comparisons
    Also Known As
    Azure Sentinel
    SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

    The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

    With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

    When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Edmunds, Frame.io, GoDaddy, Realtor.com
    NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm17%
    Computer Software Company17%
    Recruiting/Hr Firm8%
    Retailer8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Computer Software Company21%
    Financial Services Firm16%
    Government11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Educational Organization67%
    Computer Software Company5%
    Government4%
    Financial Services Firm3%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business40%
    Midsize Enterprise13%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business65%
    Midsize Enterprise12%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business10%
    Midsize Enterprise71%
    Large Enterprise19%
    Buyer's Guide
    AWS Security Hub vs. SolarWinds Security Event Manager
    March 2024
    Find out what your peers are saying about AWS Security Hub vs. SolarWinds Security Event Manager and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 14 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. AWS Security Hub is rated 7.4, while SolarWinds Security Event Manager is rated 7.6. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Oracle Security Monitoring and Analytics Cloud Service, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and LogRhythm SIEM. See our AWS Security Hub vs. SolarWinds Security Event Manager report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.