We performed a comparison between AWS Security Hub and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The platform has valuable features for security."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"I find all of the features to be highly valuable."
"The solution shows us our compliance score."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"Easily integrates with third-party tools"
"The solution is very stable and works very well for what I need it to do."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"I like that it's a cloud-based solution."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"The UI is very good."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"It is a very stable solution."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The solution lacks self-sufficiency."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The main problem lies in the processes within the client's operating systems."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Inability to get access to compliance reports within the solution."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 17 reviews while Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews. AWS Security Hub is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud and Google Chronicle Suite, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our AWS Security Hub vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
