We performed a comparison between AWS Security Hub and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The platform has valuable features for security."
"Very good at detection and providing real-time alerts."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"The most valuable features are the packet inspection and the automated incident response."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable feature is the hunting ability to work in a CERT."
"The solution is really scalable for the high-end power, enterprise customer."
"It is not flexible for multi-cloud environments."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"The support must be quicker."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The solution should be easier to learn and use"
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"The solution lacks self-sufficiency."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"Security needs improvement."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The initial setup is complex. There are other solutions that are easier to implement."
"The tool's integration capability isn't so great."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The product's licensing models are complex to understand. This particular area needs improvement."
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 17 reviews while NetWitness Platform is ranked 15th in Security Information and Event Management (SIEM) with 36 reviews. AWS Security Hub is rated 7.6, while NetWitness Platform is rated 7.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud and Google Chronicle Suite, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our AWS Security Hub vs. NetWitness Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.