AWS Security Hub vs Trellix Helix Connect comparison

The compared Amazon Web Services (AWS) and Trellix solutions aren't in the same category. Amazon Web Services (AWS) is ranked #14 in CSPM , with an average rating of 7.6, and holds a 4.1% mindshare in the category. Trellix is ranked #19 in SIEM , with an average rating of 8.5, and holds a 0.7% mindshare. Additionally, 88% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 90% of Trellix users who would recommend it.

AWS Security Hub

Read 25 AWS Security Hub reviews

7,757 Views
3,413 Comparison Views

88% willing to recommend

Trellix Helix Connect

Read 12 Trellix Helix Connect reviews

1,132 Views
906 Comparison Views

90% willing to recommend

AWS Security Hub

Trellix Helix Connect

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Trellix Helix and AWS Security Hub compete in the security management tools category. AWS Security Hub appears to have the upper hand due to its integration capabilities, while Trellix Helix is favored for support and user satisfaction.

Features: Trellix Helix features advanced threat detection, response capabilities, and a robust feature set. AWS Security Hub offers seamless integration with AWS services, automated compliance checks, and centralized security management.

Room for Improvement: Trellix Helix could enhance its reporting functions, simplify the initial setup, and improve documentation. AWS Security Hub can benefit from better documentation, more intuitive configuration options, and enhanced user interface.

Ease of Deployment and Customer Service: Trellix Helix has a straightforward deployment process but requires extensive configuration. Users report high satisfaction with Trellix’s customer service. AWS Security Hub enjoys automated deployment and benefits from AWS's extensive support infrastructure.

Pricing and ROI: Trellix Helix has a higher initial setup cost but delivers substantial ROI through comprehensive threat management. AWS Security Hub offers competitive pricing with good ROI, especially for existing AWS customers.

To learn more, read our detailed AWS Security Hub vs. Trellix Helix Connect Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. Trellix Helix Connect

October 2024

Download the complete report

Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

Trellix Helix Connect

Average Rating

8.6

Reviews Sentiment

6.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (19th), Security Incident Response (5th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.1%, down 5.1% compared to last year.
Trellix Helix Connect, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.7% mindshare, up 0.4% since last year.

Cloud Security Posture Management (CSPM) Market Share Distribution
Product	Market Share (%)
AWS Security Hub	4.1%
Wiz	21.5%
Prisma Cloud by Palo Alto Networks	11.5%
Other	62.9%

Cloud Security Posture Management (CSPM)

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Trellix Helix Connect	0.7%
Wazuh	10.9%
Splunk Enterprise Security	9.3%
Other	79.1%

Security Information and Event Management (SIEM)

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Daniel_Martins

Head of Management Security Services at NetSafe Corp

Experiencing frequent disconnections and support challenges but benefits from quick implementation and integration capabilities

The timeout of the tenant is an area that needs improvement. When investigating and gathering information from the Helix tenant for extended periods, disconnections occur. This results in lost work and the need to restart investigations due to disconnected sessions. It is problematic when progress is lost and investigations must be restarted, resulting in lost information and significant time wastage. The capability to integrate with other TIPs or cybersecurity intelligence sources could be improved to determine whether IOCs are malicious, similar to Mandiant's functionality. The capacity to reduce false positives needs improvement as we receive many alerts from Helix that turn out to be false positives upon investigation. Enhanced capability in this area would make the system more efficient and easier to use. The dashboards could be improved as customers frequently request real-time SOC dashboard displays for Helix.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."

"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

"I find all of the features to be highly valuable."

"Easily integrates with third-party tools"

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."

More AWS Security Hub pros

"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."

"As far as its core functionality goes, it’s spot-on."

"I advise other customers to choose Trellix Helix, as it improves operations significantly with more efficient responses required for various scenarios they face."

"The best feature of Trellix Helix Connect is its quick implementation."

"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."

"We have started working with various customers, one of whom is particularly concerned about adjacency. We have identified several use cases where automation is possible."

"It is kind of simple and very easily deployable. You can start working with it very fast."

"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."

More Trellix Helix Connect pros

Cons

"There is room for improvement in implementing AI capabilities."

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."

"The solution lacks self-sufficiency."

"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."

"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."

"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."

"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."

"The support must be quicker."

More AWS Security Hub cons

"While we have top customer support and this solution is highly beneficial, there is room for improvement due to the fusion of McAfee and FireEye, which has caused some lapses in support."

"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."

"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."

"Trellix needs to address the price for the product to be more appealing to customers."

"We often rely on Martins to create logs and provide professional threat services rather than basic support."

"Integrations could be improved, and the dashboard could be a little better."

"The support would rate a three out of ten. It can take one to four weeks to connect with someone who truly understands Helix and can provide solutions."

"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."

More Trellix Helix Connect cons

Pricing and Cost Advice

"Security Hub is not an expensive solution."

"The pricing is fine. It is not an expensive tool."

"AWS Security Hub's pricing is pretty reasonable."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"The price of the solution is not very competitive but it is reasonable."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"The price of AWS Security Hub is average compared to other solutions."

"It could be cheaper, but that applies to every product."

"The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."

"FireEye Helix is a little expensive."

"I rate Trellix Helix a five out of ten for pricing."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

867,676 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

10%

Government

Comms Service Provider

18%

Manufacturing Company

13%

Computer Software Company

11%

Performing Arts

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	5
Large Enterprise	12

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	1
Large Enterprise	7

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...

See all answers

What is your experience regarding pricing and costs for FireEye Helix?

The price of Trellix Helix is competitive in the market. It is not the cheapest but also not the most expensive. As for additional costs beyond standard licensing fees, there are none.

See all answers

What needs improvement with FireEye Helix?

See all answers

What is your primary use case for FireEye Helix?

We use Trellix Helix Connect because it is a SaaS solution. I think it has its own infrastructure rather than AWS or another provider. We use the Helix SaaS and a component called Evidence Collecto...

See all answers

Comparisons

Microsoft Sentinel vs AWS Security Hub

Compared 36% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 7% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 5% of the time

CrowdStrike Falcon Cloud Security vs AWS Security Hub

Compared 3% of the time

More AWS Security Hub Competitors

Splunk Enterprise Security vs Trellix Helix Connect

Compared 23% of the time

Rapid7 InsightIDR vs Trellix Helix Connect

Compared 11% of the time

Microsoft Sentinel vs Trellix Helix Connect

Compared 11% of the time

USM Anywhere vs Trellix Helix Connect

Compared 9% of the time

OpenText Behavioral Signals vs Trellix Helix Connect

Compared 9% of the time

More Trellix Helix Connect Competitors

Product Reports

Buyer's Guide

AWS Security Hub

September 2025

Download AWS Security Hub product report

Buyer's Guide

Trellix Helix Connect

August 2025

Download Trellix Helix Connect product report

Also Known As

SQRRL

FireEye Helix, FireEye Threat Analytics

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Trellix Helix Connect is known for its seamless API integration, automation capabilities, and efficient data correlation. It offers robust solutions in email threat prevention and malware detection, catering to cybersecurity needs with a user-friendly query language and extensive connector support.

Trellix Helix Connect integrates incident response, centralized SIEM tasks, and data correlation using native support for FireEye products. It rapidly handles alerts, enhances ticket management, and prevents network attacks. Its XDR platform supports a wide range of environments, providing DDI and IOC feeds for comprehensive data, email, and endpoint security. Users appreciate the deployment and API integration, but improvements in graphical interface and pricing could increase satisfaction. Additional infrastructure enhancements and optimized support can address current challenges resulting from recent mergers.

What are the key features of Trellix Helix Connect?

API Integration: Simplifies data exchange with easy-to-use APIs.
Automation: Offers strong automation for efficient threat management.
Swift Deployment: Enables rapid setup in diverse environments.
XDR Platform: Facilitates data correlation for comprehensive threat insights.
Email Threat Prevention: Protects against phishing and email threats.
Advanced Malware Detection: Identifies and mitigates complex malware.
AI Capability: Boosts incident resolution with intelligent analysis.

Which benefits should users consider while evaluating?

Improved Threat Detection: Enhances security with advanced threat prevention.
Operational Efficiency: Streamlines incident response with automation and query enhancements.
Scalability: Supports broad environments with over 400 connectors.
Adaptability: Predefined use cases increase utilization efficiency.
Cost Effectiveness: Potential for ROI with streamlined operations and integration capabilities.

Enterprises utilize Trellix Helix Connect for its ability to manage managed detection and response services, logging, and ransomware/ phishing mitigation. It operates efficiently in restrictive environments, enabling cybersecurity functions in industries requiring robust data, email, and endpoint security strategies.

Trellix

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Police Bank, Verisk Analytics, Teck Resources

Buyer's Guide

AWS Security Hub vs. Trellix Helix Connect

October 2024

Free Report: AWS Security Hub vs. Trellix Helix Connect

Find out what your peers are saying about AWS Security Hub vs. Trellix Helix Connect and other solutions. Updated: October 2024.

DOWNLOAD NOW

867,676 professionals have used our research since 2012.

See our AWS Security Hub vs. Trellix Helix Connect report.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.