Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Trellix Helix Connect comparison

The compared Amazon Web Services (AWS) and Trellix solutions aren't in the same category. Amazon Web Services (AWS) is ranked #13 in CSPM , with an average rating of 7.6, and holds a 4.1% mindshare in the category. Trellix is ranked #18 in SIEM , with an average rating of 8.5, and holds a 0.7% mindshare. Additionally, 89% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 90% of Trellix users who would recommend it.
AWS Security Hub
Read 26 AWS Security Hub reviews
  • 7,414 Views
  • 3,262 Comparison Views
89% willing to recommend
Trellix Helix Connect
Read 12 Trellix Helix Connect reviews
  • 1,130 Views
  • 893 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Trellix Helix and AWS Security Hub compete in the security management tools category. AWS Security Hub appears to have the upper hand due to its integration capabilities, while Trellix Helix is favored for support and user satisfaction.

Features: Trellix Helix features advanced threat detection, response capabilities, and a robust feature set. AWS Security Hub offers seamless integration with AWS services, automated compliance checks, and centralized security management.

Room for Improvement: Trellix Helix could enhance its reporting functions, simplify the initial setup, and improve documentation. AWS Security Hub can benefit from better documentation, more intuitive configuration options, and enhanced user interface.

Ease of Deployment and Customer Service: Trellix Helix has a straightforward deployment process but requires extensive configuration. Users report high satisfaction with Trellix’s customer service. AWS Security Hub enjoys automated deployment and benefits from AWS's extensive support infrastructure.

Pricing and ROI: Trellix Helix has a higher initial setup cost but delivers substantial ROI through comprehensive threat management. AWS Security Hub offers competitive pricing with good ROI, especially for existing AWS customers.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. Trellix Helix Connect Report (Updated: October 2024).
Buyer's Guide
AWS Security Hub vs. Trellix Helix Connect
October 2024
Download the complete report
Helped 872,098 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (13th)
Trellix Helix Connect
Average Rating
8.6
Reviews Sentiment
6.4
Number of Reviews
12
Ranking in other categories
Security Information and Event Management (SIEM) (18th), Security Incident Response (5th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.1%, down 5.0% compared to last year.
Trellix Helix Connect, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.7% mindshare, up 0.4% since last year.
Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub4.1%
Wiz20.8%
Prisma Cloud by Palo Alto Networks11.3%
Other63.8%
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Trellix Helix Connect0.7%
Wazuh10.2%
Splunk Enterprise Security9.2%
Other79.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Read full review
Daniel_Martins - PeerSpot reviewer
Experiencing frequent disconnections and support challenges but benefits from quick implementation and integration capabilities
The timeout of the tenant is an area that needs improvement. When investigating and gathering information from the Helix tenant for extended periods, disconnections occur. This results in lost work and the need to restart investigations due to disconnected sessions. It is problematic when progress is lost and investigations must be restarted, resulting in lost information and significant time wastage. The capability to integrate with other TIPs or cybersecurity intelligence sources could be improved to determine whether IOCs are malicious, similar to Mandiant's functionality. The capacity to reduce false positives needs improvement as we receive many alerts from Helix that turn out to be false positives upon investigation. Enhanced capability in this area would make the system more efficient and easier to use. The dashboards could be improved as customers frequently request real-time SOC dashboard displays for Helix.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution shows us our compliance score."
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"AWS Security Hub's unified dashboard does help streamline my process of identifying vulnerabilities, but we don't use Inspector."
More AWS Security Hub pros
"We are able to block some advanced malware and other things."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"The best feature of Trellix Helix Connect is its quick implementation."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"The most valuable features include predefined use cases and threatening states."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
More Trellix Helix Connect pros
 

Cons

"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"Many findings are too generic or irrelevant to the environment, which can lead to false positives."
"It is not flexible for multi-cloud environments."
"The solution lacks self-sufficiency."
More AWS Security Hub cons
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"While we have top customer support and this solution is highly beneficial, there is room for improvement due to the fusion of McAfee and FireEye, which has caused some lapses in support."
"We often rely on Martins to create logs and provide professional threat services rather than basic support."
"There is room for improvement in the integration capabilities of third-party tools."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"Integrations could be improved, and the dashboard could be a little better."
"It should have more cloud connectors. It could also be cheaper."
"Trellix needs to address the price for the product to be more appealing to customers."
More Trellix Helix Connect cons
 

Pricing and Cost Advice

"Security Hub is not an expensive solution."
"The price of the solution is not very competitive but it is reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"AWS Security Hub's pricing is pretty reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The price of AWS Security Hub is average compared to other solutions."
"The pricing is fine. It is not an expensive tool."
"FireEye Helix is a little expensive."
"I rate Trellix Helix a five out of ten for pricing."
"It could be cheaper, but that applies to every product."
"The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
See recommendations
872,098 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Comms Service Provider
18%
Computer Software Company
11%
Manufacturing Company
11%
Performing Arts
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise7
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfig...
See all answers
What is your experience regarding pricing and costs for FireEye Helix?
The price of Trellix Helix is competitive in the market. It is not the cheapest but also not the most expensive. As for additional costs beyond standard licensing fees, there are none.
See all answers
What needs improvement with FireEye Helix?
The timeout of the tenant is an area that needs improvement. When investigating and gathering information from the Helix tenant for extended periods, disconnections occur. This results in lost work...
See all answers
What is your primary use case for FireEye Helix?
We use Trellix Helix Connect because it is a SaaS solution. I think it has its own infrastructure rather than AWS or another provider. We use the Helix SaaS and a component called Evidence Collecto...
See all answers
 

Comparisons

Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 37% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 11% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 7% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 5% of the time
CrowdStrike Falcon Cloud Security vs AWS Security Hub Logo
CrowdStrike Falcon Cloud Security vs AWS Security Hub
Compared 3% of the time
More AWS Security Hub Competitors
Splunk Enterprise Security vs Trellix Helix Connect Logo
Splunk Enterprise Security vs Trellix Helix Connect
Compared 20% of the time
OpenText Behavioral Signals vs Trellix Helix Connect Logo
OpenText Behavioral Signals vs Trellix Helix Connect
Compared 10% of the time
USM Anywhere vs Trellix Helix Connect Logo
USM Anywhere vs Trellix Helix Connect
Compared 9% of the time
Rapid7 InsightIDR vs Trellix Helix Connect Logo
Rapid7 InsightIDR vs Trellix Helix Connect
Compared 9% of the time
Microsoft Sentinel vs Trellix Helix Connect Logo
Microsoft Sentinel vs Trellix Helix Connect
Compared 9% of the time
More Trellix Helix Connect Competitors
 

Product Reports

Buyer's Guide
AWS Security Hub
October 2025
AWS Security Hub reportDownload AWS Security Hub product report
Buyer's Guide
Trellix Helix Connect
October 2025
Trellix Helix Connect reportDownload Trellix Helix Connect product report
 

Also Known As

SQRRL
FireEye Helix, FireEye Threat Analytics
 

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Trellix Helix Connect is known for its seamless API integration, automation capabilities, and efficient data correlation. It offers robust solutions in email threat prevention and malware detection, catering to cybersecurity needs with a user-friendly query language and extensive connector support.

Trellix Helix Connect integrates incident response, centralized SIEM tasks, and data correlation using native support for FireEye products. It rapidly handles alerts, enhances ticket management, and prevents network attacks. Its XDR platform supports a wide range of environments, providing DDI and IOC feeds for comprehensive data, email, and endpoint security. Users appreciate the deployment and API integration, but improvements in graphical interface and pricing could increase satisfaction. Additional infrastructure enhancements and optimized support can address current challenges resulting from recent mergers.

What are the key features of Trellix Helix Connect?
  • API Integration: Simplifies data exchange with easy-to-use APIs.
  • Automation: Offers strong automation for efficient threat management.
  • Swift Deployment: Enables rapid setup in diverse environments.
  • XDR Platform: Facilitates data correlation for comprehensive threat insights.
  • Email Threat Prevention: Protects against phishing and email threats.
  • Advanced Malware Detection: Identifies and mitigates complex malware.
  • AI Capability: Boosts incident resolution with intelligent analysis.
Which benefits should users consider while evaluating?
  • Improved Threat Detection: Enhances security with advanced threat prevention.
  • Operational Efficiency: Streamlines incident response with automation and query enhancements.
  • Scalability: Supports broad environments with over 400 connectors.
  • Adaptability: Predefined use cases increase utilization efficiency.
  • Cost Effectiveness: Potential for ROI with streamlined operations and integration capabilities.

Enterprises utilize Trellix Helix Connect for its ability to manage managed detection and response services, logging, and ransomware/ phishing mitigation. It operates efficiently in restrictive environments, enabling cybersecurity functions in industries requiring robust data, email, and endpoint security strategies.

Trellix
 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Police Bank, Verisk Analytics, Teck Resources
Buyer's Guide
AWS Security Hub vs. Trellix Helix Connect
October 2024
Free Report: AWS Security Hub vs. Trellix Helix Connect
Find out what your peers are saying about AWS Security Hub vs. Trellix Helix Connect and other solutions. Updated: October 2024.
DOWNLOAD NOW
872,098 professionals have used our research since 2012.
See our AWS Security Hub vs. Trellix Helix Connect report.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.