We performed a comparison between AWS Security Hub and Tenable.sc based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Tenable.sc provides precise identification of vulnerabilities, compliance and vulnerability scans, and a risk-oriented methodology. On the other hand, AWS Security Hub receives commendation for its integration capabilities, immediate alerts, and thorough notifications regarding potential compliance concerns. Tenable.sc and AWS Security Hub both have areas where they could improve. Tenable.sc needs to work on their penetration testing, pricing, ticketing, GUI, reporting, vendor training, and accuracy of vulnerability assessments. AWS Security Hub requires more integration options, better UI, multi-cloud compatibility, faster updates, and easier configuration.
Service and Support: Tenable.sc's customer service has received mixed feedback, with varying levels of helpfulness. In comparison, AWS Security Hub's support is praised for being prompt and good.
Ease of Deployment: Tenable.sc's initial setup is praised for being simple and quick, with the cloud version taking only one day and the on-prem version taking two to three weeks. Meanwhile, AWS Security Hub's setup is also considered easy, though it does involve policy configuration and some upkeep.
Pricing: Tenable.sc charges based on the number of IP addresses and has mixed opinions on pricing, while AWS Security Hub has reasonable pricing.
ROI: Tenable.sc is cost-effective and offers a guaranteed ROI with a significant reduction in manpower costs. In contrast, AWS Security Hub does not provide the same level of value, despite offering a positive outcome.
Comparison Results: Tenable.sc is seen as the superior choice when compared to AWS Security Hub by users. This is due to its extensive features, including accurate vulnerability detection, compliance and vulnerability scans, and a risk-based approach. Tenable.sc also provides advanced scanning, asset discovery, and scoring, which are not found in AWS Security Hub. Although AWS Security Hub is praised for its integration capabilities and real-time alerts, Tenable.sc's analysis, prioritization, and usability features make it a more valuable tool for vulnerability analysis and remediation progress tracking.
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The security baseline and vulnerability assessments is the valuable feature."
"The solution is very user-friendly."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The platform has valuable features for security."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"Finding out if your infrastructure is secure is a valuable feature."
"The solution shows us our compliance score."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"The solution is one of the most, if not the most, stable product available."
"The solution is completely stable and operation is user-friendly."
"We really love the Security Center dashboard. It basically performs vulnerability scanning and then outputs a vulnerability data."
"It basically reviews our threat landscape vulnerability."
"The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs."
"I think that this is a good solution for evaluating vulnerability in the network."
"The Auto-Remediate feature is good."
"The most valuable features of Tenable SC are the reports and the dashboards."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The solution's container security could be improved."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"The only thing that needs to be improved is the number of scans per day."
"The remediation workflow within the Wiz could be improved."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"It is not flexible for multi-cloud environments."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"The solution lacks self-sufficiency."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The solution should be easier to learn and use"
"The web application scanning area can be improved."
"Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."
"The user interface can be improved."
"We would like to see the inclusion of external IPs and simplified reporting that's easier to deal with"
"The solution should provide better web application features and support."
"There is not much room for improvement. However, there should be a guide that describes the step-by-step procedures for doing tasks. Otherwise, training is required from a senior guy to a junior guy."
"The product could be user-friendly, and they could enhance the web application's security features."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
AWS Security Hub is ranked 13th in Cloud Security Posture Management (CSPM) with 17 reviews while Tenable Security Center is ranked 10th in Cloud Security Posture Management (CSPM) with 48 reviews. AWS Security Hub is rated 7.6, while Tenable Security Center is rated 8.2. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Google Chronicle Suite and Wazuh, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and Prisma Cloud by Palo Alto Networks. See our AWS Security Hub vs. Tenable Security Center report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.