We performed a comparison between AWS Security Hub and Exabeam Fusion SIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The main benefit is the ease of integration."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It's pretty powerful and its performance is pretty good."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The Log analytics are useful."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"Finding out if your infrastructure is secure is a valuable feature."
"Very good at detection and providing real-time alerts."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The platform has valuable features for security."
"The solution's initial setup process is easy."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The setup is not difficult. It was easy."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"It's a very user-friendly product and it's a very comprehensive technology."
"The advanced analytics has a really great overview of user behavior."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"The only thing is sometimes you can have a false positive."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"The solution should be easier to learn and use"
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The organzation is rigid and not flexible in the way they operate"
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"The only problem is that the UI is not very impressive."
"They should provide detailed information about detecting phishing emails."
"We still have questions surrounding hardware deployment."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 17 reviews while Exabeam Fusion SIEM is ranked 29th in Security Information and Event Management (SIEM) with 10 reviews. AWS Security Hub is rated 7.6, while Exabeam Fusion SIEM is rated 8.0. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Google Chronicle Suite and Oracle Security Monitoring and Analytics Cloud Service, whereas Exabeam Fusion SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Splunk User Behavior Analytics, Palo Alto Networks Cortex XSOAR and Gurucul UEBA. See our AWS Security Hub vs. Exabeam Fusion SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
