2021-01-22T23:15:55Z

What needs improvement with AWS Security Hub?

Julia Miller - PeerSpot reviewer
  • 0
  • 7
PeerSpot user
11

11 Answers

AH
Real User
Top 20
2024-01-22T10:37:59Z
Jan 22, 2024

There is room for improvement in a couple of things. One is that the dashboard isn't very customizable. Another is that the alerting level is the same across the entire account. Every organization has different needs, like sandbox accounts. Even though they have the same alert level, it might not be critical for them. Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement.

Search for a product comparison
Shashank N - PeerSpot reviewer
Real User
Top 5Leaderboard
2024-01-16T13:41:29Z
Jan 16, 2024

It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better. There's this company called PingSafe, just acquired by SentinelOne, that has a great cloud security offering. Prisma Cloud is also a better alternative.

NK
Real User
Top 5
2023-09-05T13:45:00Z
Sep 5, 2023

Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.

Ankit Kumar - PeerSpot reviewer
Real User
Top 10
2023-07-19T06:03:38Z
Jul 19, 2023

Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time. Real-time scanning should be included in the solution’s next release.

HM
Real User
Top 5
2023-06-20T08:40:53Z
Jun 20, 2023

One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function.

Gustavo Lichti - PeerSpot reviewer
Real User
Top 10
2023-06-07T13:43:00Z
Jun 7, 2023

AWS Security Hub's configuration and integration are areas where it lacks and needs to improve.

Learn what your peers think about AWS Security Hub. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Yusuf-Hashmi - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-03-14T11:45:05Z
Mar 14, 2023

The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results.

Ekule Mbeng - PeerSpot reviewer
Real User
Top 5Leaderboard
2022-12-21T21:15:48Z
Dec 21, 2022

AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time.

VK
Real User
Top 20
2022-11-15T10:29:47Z
Nov 15, 2022

Right now, there are some difficulties we're facing with AWS Security Hub, and we need our central team to mitigate the issues. Otherwise, the number of incidents will keep increasing, and monitoring will become problematic. For example, whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.

VP
Real User
2021-10-07T13:54:31Z
Oct 7, 2021

AWS Security Hub could improve by having more integration and flexibility with other cloud security solutions on the market. They have integration with AWS solutions and other commercial solutions but not ones that are open-source. If we have more of an open-source integration availability it would be great. The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.

AK
Real User
2021-01-22T23:15:55Z
Jan 22, 2021

The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach. The product should not be a region restriction product. It should be global. It should give you the visibility of all the instances that you have for one account, be it in one region or many regions. There should be visibility of all the region in one place.

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.  The service offers a range of features including...
Download AWS Security Hub ReportRead more

Related Q&As