We performed a comparison between AWS GuardDuty and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI is very good."
"The ease of use of the platform is very nice."
"The management console is highly intuitive to comprehend and operate."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"It's helped free up staff time so that they can work on other projects."
"With PingSafe, it's easy to onboard new accounts."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"The solution is a good alerting tool."
"AWS GuardDuty helps by providing continuous threat detection and signaling potential threats. Its most valuable feature is continuous monitoring. The tool's integration with other AWS services has improved security. It provides continuous monitoring and intelligent threat detection, quickly signaling any issues. I would rate this improvement a seven out of ten."
"Deployment is great, and we didn't face any big challenges."
"The correlation back end is the solution's most valuable feature."
"The way it monitors accounts is definitely a very important feature."
"What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"It is a highly scalable solution since it is a service by AWS. Scalability-wise, I rate the solution a ten out of ten."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"We're using it on container to see when activity involving executables happens, and that's great."
"It is scalable. It deploys easily with curl and yum."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"Technical support is very helpful."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"We'd like to have better notifications. We'd like them to happen faster."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"There is a bit of a learning curve for new users."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"They need more experienced support personnel."
"The cost has the potential for improvement."
"I'd like to see better onboarding documentation."
"For the next release, they could provide IPS features as well."
"Because it's a threat detection service, they need to keep up with the various threat factors because new threat factors and attack factors come up all the time."
"It is evolving, and at the moment, I will just need it on a larger scale. Then, it will satisfy my demand, initially."
"AWS GuardDuty needs to be more customer-oriented."
"It would be great if the solution had some automation capabilities."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"I work in a bank, and it would be good if AWS GuardDuty could be integrated with other monitoring and detection tools we use."
"Amazon GuardDuty could be better enriched in threat intelligence data."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"It shoots back a lot of alerts."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The compliance and governance need improvement."
"Some features do not work as expected."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 20 reviews while Threat Stack Cloud Security Platform is ranked 28th in Cloud Workload Protection Platforms (CWPP). AWS GuardDuty is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Aqua Cloud Security Platform, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Qualys VMDR, Check Point CloudGuard CNAPP and BMC Helix Cloud Security. See our AWS GuardDuty vs. Threat Stack Cloud Security Platform report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.